stack_protector_test.cpp revision dcab1b2c76a498c56bc00024613386de8b4b2aae
1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17/* 18 * Contributed by: Intel Corporation 19 */ 20 21#include <gtest/gtest.h> 22 23#include <pthread.h> 24#include <stdint.h> 25#include <stdio.h> 26#include <sys/syscall.h> 27#include <unistd.h> 28#include <set> 29 30#ifdef __GLIBC__ 31 32// glibc doesn't expose gettid(2). 33pid_t gettid() { return syscall(__NR_gettid); } 34 35#endif 36 37#ifdef __i386__ 38 39// For x86, bionic and glibc have per-thread stack guard values. 40 41static uint32_t GetGuardFromTls() { 42 uint32_t guard; 43 asm ("mov %%gs:0x14, %0": "=d" (guard)); 44 return guard; 45} 46 47struct stack_protector_checker { 48 std::set<pid_t> tids; 49 std::set<uint32_t> guards; 50 51 void Check() { 52 pid_t tid = gettid(); 53 uint32_t guard = GetGuardFromTls(); 54 55 printf("[thread %d] %%gs:0x14 = 0x%08x\n", tid, guard); 56 57 // Duplicate tid. gettid(2) bug? Seeing this would be very upsetting. 58 ASSERT_TRUE(tids.find(tid) == tids.end()); 59#ifdef __GLIBC__ 60 // glibc uses the same guard for every thread. bionic uses a different guard for each one. 61#else 62 // Duplicate guard. Our bug. Note this is potentially flaky; we _could_ get the 63 // same guard for two threads, but it should be vanishingly unlikely. 64 ASSERT_TRUE(guards.find(guard) == guards.end()); 65#endif 66 // Uninitialized guard. Our bug. Note this is potentially flaky; we _could_ get 67 // four random zero bytes, but it should be vanishingly unlikely. 68 ASSERT_NE(guard, 0U); 69 70 tids.insert(tid); 71 guards.insert(guard); 72 } 73}; 74 75static void* ThreadGuardHelper(void* arg) { 76 stack_protector_checker* checker = reinterpret_cast<stack_protector_checker*>(arg); 77 checker->Check(); 78 return NULL; 79} 80 81TEST(stack_protector, guard_per_thread) { 82 stack_protector_checker checker; 83 size_t thread_count = 10; 84 for (size_t i = 0; i < thread_count; ++i) { 85 pthread_t t; 86 ASSERT_EQ(0, pthread_create(&t, NULL, ThreadGuardHelper, &checker)); 87 void* result; 88 ASSERT_EQ(0, pthread_join(t, &result)); 89 ASSERT_EQ(NULL, result); 90 } 91 ASSERT_EQ(thread_count, checker.tids.size()); 92 93 // glibc uses the same guard for every thread. bionic uses a different guard for each one. 94#ifdef __BIONIC__ 95 ASSERT_EQ(thread_count, checker.guards.size()); 96#else 97 ASSERT_EQ(1U, checker.guards.size()); 98#endif 99} 100 101#endif 102 103#if defined(__BIONIC__) || defined(__arm__) || defined(__mips__) 104 105// For ARM and MIPS, glibc has a global stack check guard value. 106 107// Bionic has the global for x86 too, to support binaries that can run on 108// Android releases that didn't implement the TLS guard value. 109 110extern "C" void* __stack_chk_guard; 111 112TEST(stack_protector, global_guard) { 113 ASSERT_NE(0, gettid()); 114 ASSERT_NE(0U, reinterpret_cast<uintptr_t>(__stack_chk_guard)); 115} 116 117/* 118 * When this function returns, the stack canary will be inconsistent 119 * with the previous value, which will generate a call to __stack_chk_fail(), 120 * eventually resulting in a SIGABRT. 121 * 122 * This must be marked with "__attribute__ ((noinline))", to ensure the 123 * compiler generates the proper stack guards around this function. 124 */ 125__attribute__ ((noinline)) 126static void do_modify_stack_chk_guard() { 127 __stack_chk_guard = (void *) 0x12345678; 128} 129 130// We have to say "DeathTest" here so gtest knows to run this test (which exits) 131// in its own process. 132TEST(stack_protector_DeathTest, modify_stack_protector) { 133 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 134 ASSERT_EXIT(do_modify_stack_chk_guard(), testing::KilledBySignal(SIGABRT), ""); 135} 136 137#endif 138