17fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao/*
27fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * Copyright (C) 2015 The Android Open Source Project
37fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * All rights reserved.
47fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *
57fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * Redistribution and use in source and binary forms, with or without
67fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * modification, are permitted provided that the following conditions
77fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * are met:
87fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *  * Redistributions of source code must retain the above copyright
97fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *    notice, this list of conditions and the following disclaimer.
107fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *  * Redistributions in binary form must reproduce the above copyright
117fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *    notice, this list of conditions and the following disclaimer in
127fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *    the documentation and/or other materials provided with the
137fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *    distribution.
147fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao *
157fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
167fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
177fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
187fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
197fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
207fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
217fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
227fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
237fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
247fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
257fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
267fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao * SUCH DAMAGE.
277fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao */
287fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
297fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao#include <assert.h>
307fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao#include <errno.h>
317fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao#include <stddef.h>
327fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao#include <stdlib.h>
337fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao#include <string.h>
347fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao#include <sys/auxv.h>
357fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao#include <sys/cdefs.h>
367fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
377a3681e5b6c39bc2b3b62031ca5941dbf7bc4e63Christopher Ferris#include <async_safe/log.h>
387a3681e5b6c39bc2b3b62031ca5941dbf7bc4e63Christopher Ferris
39a170d9bfc5fd34097a184bb0ca4d2b459fd93bd1Josh Gao#include "private/bionic_arc4random.h"
40fe9d0ed6cb10d5403e54d2dd12628a0ec345ae6eJosh Gao#include "private/bionic_globals.h"
41fe9d0ed6cb10d5403e54d2dd12628a0ec345ae6eJosh Gao#include "private/KernelArgumentBlock.h"
427fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
43a170d9bfc5fd34097a184bb0ca4d2b459fd93bd1Josh Gaovoid __libc_init_setjmp_cookie(libc_globals* globals, KernelArgumentBlock& args) {
44a170d9bfc5fd34097a184bb0ca4d2b459fd93bd1Josh Gao  long value;
45a170d9bfc5fd34097a184bb0ca4d2b459fd93bd1Josh Gao  __libc_safe_arc4random_buf(&value, sizeof(value), args);
467fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
477fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao  // Mask off the last bit to store the signal flag.
48fe9d0ed6cb10d5403e54d2dd12628a0ec345ae6eJosh Gao  globals->setjmp_cookie = value & ~1;
497fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao}
507fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
51fe9d0ed6cb10d5403e54d2dd12628a0ec345ae6eJosh Gaoextern "C" __LIBC_HIDDEN__ long __bionic_setjmp_cookie_get(long sigflag) {
527fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao  if (sigflag & ~1) {
537a3681e5b6c39bc2b3b62031ca5941dbf7bc4e63Christopher Ferris    async_safe_fatal("unexpected sigflag value: %ld", sigflag);
547fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao  }
557fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
56fe9d0ed6cb10d5403e54d2dd12628a0ec345ae6eJosh Gao  return __libc_globals->setjmp_cookie | sigflag;
577fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao}
587fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
597fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao// Aborts if cookie doesn't match, returns the signal flag otherwise.
60fe9d0ed6cb10d5403e54d2dd12628a0ec345ae6eJosh Gaoextern "C" __LIBC_HIDDEN__ long __bionic_setjmp_cookie_check(long cookie) {
61fe9d0ed6cb10d5403e54d2dd12628a0ec345ae6eJosh Gao  if (__libc_globals->setjmp_cookie != (cookie & ~1)) {
627a3681e5b6c39bc2b3b62031ca5941dbf7bc4e63Christopher Ferris    async_safe_fatal("setjmp cookie mismatch");
637fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao  }
647fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao
657fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao  return cookie & 1;
667fda8d2aa4d24ab400f6f0cb9f792488b634afaeJosh Gao}
67a4c69137c693c45fce4010ba61d69d7147f5dd9aJosh Gao
68a4c69137c693c45fce4010ba61d69d7147f5dd9aJosh Gaoextern "C" __LIBC_HIDDEN__ long __bionic_setjmp_checksum_mismatch() {
697a3681e5b6c39bc2b3b62031ca5941dbf7bc4e63Christopher Ferris  async_safe_fatal("setjmp checksum mismatch");
70a4c69137c693c45fce4010ba61d69d7147f5dd9aJosh Gao}
71