stack_protector_test.cpp revision 7fd803cdfa873c01138dcbd614ec92418169b1c2
1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17/* 18 * Contributed by: Intel Corporation 19 */ 20 21#include <gtest/gtest.h> 22 23#include <pthread.h> 24#include <stdint.h> 25#include <stdio.h> 26#include <sys/syscall.h> 27#include <unistd.h> 28#include <set> 29 30#ifdef __GLIBC__ 31 32// glibc doesn't expose gettid(2). 33pid_t gettid() { return syscall(__NR_gettid); } 34 35#endif 36 37#ifdef __i386__ 38 39// For x86, bionic and glibc have per-thread stack guard values (all identical). 40 41static uint32_t GetGuardFromTls() { 42 uint32_t guard; 43 asm ("mov %%gs:0x14, %0": "=d" (guard)); 44 return guard; 45} 46 47struct stack_protector_checker { 48 std::set<pid_t> tids; 49 std::set<uint32_t> guards; 50 51 void Check() { 52 pid_t tid = gettid(); 53 uint32_t guard = GetGuardFromTls(); 54 55 printf("[thread %d] %%gs:0x14 = 0x%08x\n", tid, guard); 56 57 // Duplicate tid. gettid(2) bug? Seeing this would be very upsetting. 58 ASSERT_TRUE(tids.find(tid) == tids.end()); 59 60 // Uninitialized guard. Our bug. Note this is potentially flaky; we _could_ get 61 // four random zero bytes, but it should be vanishingly unlikely. 62 ASSERT_NE(guard, 0U); 63 64 tids.insert(tid); 65 guards.insert(guard); 66 } 67}; 68 69static void* ThreadGuardHelper(void* arg) { 70 stack_protector_checker* checker = reinterpret_cast<stack_protector_checker*>(arg); 71 checker->Check(); 72 return NULL; 73} 74 75TEST(stack_protector, same_guard_per_thread) { 76 stack_protector_checker checker; 77 size_t thread_count = 10; 78 for (size_t i = 0; i < thread_count; ++i) { 79 pthread_t t; 80 ASSERT_EQ(0, pthread_create(&t, NULL, ThreadGuardHelper, &checker)); 81 void* result; 82 ASSERT_EQ(0, pthread_join(t, &result)); 83 ASSERT_EQ(NULL, result); 84 } 85 ASSERT_EQ(thread_count, checker.tids.size()); 86 87 // bionic and glibc use the same guard for every thread. 88 ASSERT_EQ(1U, checker.guards.size()); 89} 90 91#endif 92 93#if defined(__BIONIC__) || defined(__arm__) || defined(__mips__) 94 95// For ARM and MIPS, glibc has a global stack check guard value. 96 97// Bionic has the global for x86 too, to support binaries that can run on 98// Android releases that didn't implement the TLS guard value. 99 100extern "C" uintptr_t __stack_chk_guard; 101 102TEST(stack_protector, global_guard) { 103 ASSERT_NE(0, gettid()); 104 ASSERT_NE(0U, __stack_chk_guard); 105} 106 107/* 108 * When this function returns, the stack canary will be inconsistent 109 * with the previous value, which will generate a call to __stack_chk_fail(), 110 * eventually resulting in a SIGABRT. 111 * 112 * This must be marked with "__attribute__ ((noinline))", to ensure the 113 * compiler generates the proper stack guards around this function. 114 */ 115__attribute__ ((noinline)) 116static void do_modify_stack_chk_guard() { 117 __stack_chk_guard = 0x12345678; 118} 119 120TEST(stack_protector_DeathTest, modify_stack_protector) { 121 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 122 ASSERT_EXIT(do_modify_stack_chk_guard(), testing::KilledBySignal(SIGSEGV), ""); 123} 124 125#endif 126