This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: stack guard updating source
- From: Sergey Melnikov <sergey dot devel at gmail dot com>
- To: Andrew Pinski <pinskia at gmail dot com>
- Cc: libc-alpha at sourceware dot org, Roland McGrath <roland at hack dot frob dot com>, Mike Frysinger <vapier at gentoo dot org>
- Date: Tue, 6 Nov 2012 10:04:32 +0400
- Subject: Re: stack guard updating source
- References: <CAOGNF=nX0AsKekYdzU5ugshitZg+FXHC=0TxiBFu8uYQrE_6TQ@mail.gmail.com><20121009204443.083392C0A7@topped-with-meat.com><CAOGNF==05YA0LAmm_1VsQuDfSrqGkFmmvhN+FwzhsnH6xp0org@mail.gmail.com><201210101407.27556.vapier@gentoo.org><CAOGNF==3HbdhVxBszCUbsOin=gjbdqf9mfvepwPOi7+Xs4ELTQ@mail.gmail.com><CA+=Sn1k3ucyTmT0PiAfr2fOHJuT4S4f4kvj6nf=qnPj9HZ0TWQ@mail.gmail.com><CAOGNF==mcyFJfZ4jZN=H24igU4boCY0Mwtr6ZM_JarwBit4Kbg@mail.gmail.com>
Is it necessary? Is makes glibc more secure.
Any additional idea?
2012/10/29 Sergey Melnikov <sergey.devel@gmail.com>:
> I think we can redefine THREAD_COPY_STACK_GUARD macro, which used in
> __pthread_create_2_1 function.
> This macro has value:
> #define THREAD_COPY_STACK_GUARD(descr) \
> ((descr)->header.stack_guard \
> = THREAD_GETMEM (THREAD_SELF, header.stack_guard))
>
> We can override macro for reading new random value from /dev/random,
> it target supports it:
>
> #define THREAD_COPY_STACK_GUARD(descr) \
> ((descr)->header.stack_guard \
> = get_new_guard_value(header.stack_guard)
>
> Also, I'll implement function get_new_guard_value (reading new random
> value from /dev/urandom).
>
> Changes don't change the previous semantics. I think, changes don't
> affect setcontent/getcontent. Am I right?
>
>
> 2012/10/26 Andrew Pinski <pinskia@gmail.com>:
>> On Fri, Oct 26, 2012 at 1:24 AM, Sergey Melnikov <sergey.devel@gmail.com> wrote:
>>> Is is necessary to implement guard value randomization for every
>>> thread? It will be more securely.
>>
>> I don't think that will work correctly with things like
>> setcontent/getcontent and threads then.
>>
>> Thanks,
>> Andrew
>>
>>
>>>
>>> 2012/10/10 Mike Frysinger <vapier@gentoo.org>:
>>>> On Wednesday 10 October 2012 02:12:41 Sergey Melnikov wrote:
>>>>> The guard value is identical for any thread, the guard value isn't
>>>>> thread specific.
>>>>
>>>> please re-read what Roland said. the gs:0x14 access is purely for speed, not
>>>> because we want the value to be different for each thread.
>>>> -mike