diff options
| author | Philip Guenther <guenther@cvs.openbsd.org> | 2015-09-01 05:40:07 +0000 |
|---|---|---|
| committer | Philip Guenther <guenther@cvs.openbsd.org> | 2015-09-01 05:40:07 +0000 |
| commit | 6552896c83d8e0c94ad668c1e07eec78a5035820 (patch) | |
| tree | d856dc9a981eb7f505c48e9852ed0636e4fb6f76 | |
| parent | 49917aa9a3d7bc9525154ccaed369d2ce4311649 (diff) | |
In static binaries, invoke kbind() once to disable it.
With much assistance from miod@
ok deraadt@@
| -rw-r--r-- | lib/csu/alpha/md_init.h | 13 | ||||
| -rw-r--r-- | lib/csu/amd64/md_init.h | 10 | ||||
| -rw-r--r-- | lib/csu/arm/md_init.h | 11 | ||||
| -rw-r--r-- | lib/csu/crt0.c | 9 | ||||
| -rw-r--r-- | lib/csu/hppa/md_init.h | 14 | ||||
| -rw-r--r-- | lib/csu/hppa64/md_init.h | 4 | ||||
| -rw-r--r-- | lib/csu/i386/md_init.h | 11 | ||||
| -rw-r--r-- | lib/csu/m88k/md_init.h | 11 | ||||
| -rw-r--r-- | lib/csu/mips64/md_init.h | 12 | ||||
| -rw-r--r-- | lib/csu/powerpc/md_init.h | 7 | ||||
| -rw-r--r-- | lib/csu/sh/md_init.h | 11 | ||||
| -rw-r--r-- | lib/csu/sparc/md_init.h | 11 | ||||
| -rw-r--r-- | lib/csu/sparc64/md_init.h | 11 | ||||
| -rw-r--r-- | lib/csu/vax/md_init.h | 4 |
14 files changed, 122 insertions, 17 deletions
diff --git a/lib/csu/alpha/md_init.h b/lib/csu/alpha/md_init.h index 9526e212566..35b73406d85 100644 --- a/lib/csu/alpha/md_init.h +++ b/lib/csu/alpha/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.3 2014/12/27 13:17:52 kettenis Exp $ */ +/* $OpenBSD: md_init.h,v 1.4 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey * All rights reserved. @@ -116,3 +116,14 @@ argc = *(long *)sp; \ argv = sp + 1; \ environ = envp = sp + 2 + argc; /* 2: argc + NULL ending argv */ + +#include <sys/syscall.h> +#include <machine/pal.h> + +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("$0") /* v0 */ = SYS_kbind;\ + register void *arg1 __asm("$16") /* a0 */ = NULL; \ + __asm volatile("call_pal %1" : "+r" (syscall_num) \ + : "i" (PAL_OSF1_callsys), "r" (arg1) : "$19", "$20");\ + } while (0) diff --git a/lib/csu/amd64/md_init.h b/lib/csu/amd64/md_init.h index 05c2eb4b222..8d2175216df 100644 --- a/lib/csu/amd64/md_init.h +++ b/lib/csu/amd64/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.4 2014/12/22 03:51:08 kurt Exp $ */ +/* $OpenBSD: md_init.h,v 1.5 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey @@ -115,7 +115,6 @@ " .align 8 \n" \ "_dl_exit: \n" \ " movl $(1), %eax \n" \ - " movq %rcx, %r10 \n" \ " syscall \n" \ " jb 1f \n" \ " ret \n" \ @@ -124,3 +123,10 @@ " ret \n" \ " .previous") +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("rax") = SYS_kbind; \ + __asm volatile("syscall" : "+r" (syscall_num) : \ + "D" (0) : "cc", "rdx", "rcx", "r11", "memory"); \ + } while (0) diff --git a/lib/csu/arm/md_init.h b/lib/csu/arm/md_init.h index e7ea1499315..9f92fc0cf03 100644 --- a/lib/csu/arm/md_init.h +++ b/lib/csu/arm/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.4 2013/12/03 06:21:40 guenther Exp $ */ +/* $OpenBSD: md_init.h,v 1.5 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey @@ -100,3 +100,12 @@ " \n" \ " b ___start \n" \ ".previous"); + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("r12") = SYS_kbind; \ + register void *arg1 __asm("r0") = NULL; \ + __asm volatile("swi 0" : "+r" (arg1) \ + : "r" (syscall_num) : "r1", "cc"); \ + } while (0) diff --git a/lib/csu/crt0.c b/lib/csu/crt0.c index f130e57af6a..9589b9009ac 100644 --- a/lib/csu/crt0.c +++ b/lib/csu/crt0.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crt0.c,v 1.4 2014/12/27 16:04:22 kettenis Exp $ */ +/* $OpenBSD: crt0.c,v 1.5 2015/09/01 05:40:06 guenther Exp $ */ /* * Copyright (c) 1995 Christopher G. Demetriou @@ -104,8 +104,11 @@ MD_START(MD_START_ARGS) atexit(cleanup); else #endif - if (__init_tcb != NULL) - __init_tcb(envp); + { + MD_DISABLE_KBIND; + if (__init_tcb != NULL) + __init_tcb(envp); + } #ifdef MCRT0 atexit(_mcleanup); diff --git a/lib/csu/hppa/md_init.h b/lib/csu/hppa/md_init.h index 8604c5d0844..92a01cde756 100644 --- a/lib/csu/hppa/md_init.h +++ b/lib/csu/hppa/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.6 2014/12/23 12:25:43 kettenis Exp $ */ +/* $OpenBSD: md_init.h,v 1.7 2015/09/01 05:40:06 guenther Exp $ */ /* * Copyright (c) 2003 Dale Rahn. All rights reserved. @@ -174,3 +174,15 @@ environ = envp = arginfo->ps_envstr; #define MD_EPROL_LABEL __asm (".export _eprol, entry\n\t.label _eprol") + +#include <sys/syscall.h> +#include <machine/vmparam.h> /* SYSCALLGATE */ +#define MD_DISABLE_KBIND \ +do { \ + register long r1 __asm__("r1") = SYSCALLGATE; \ + register void *arg0 __asm__("r26") = NULL; \ + __asm__ __volatile__ ("ble 4(%%sr7, %%r1) ! ldi %0, %%r22" \ + : \ + : "i" (SYS_kbind), "r" (r1), "r"(arg0) \ + : "r22", "r28", "r29", "cc", "memory"); \ +} while (0) diff --git a/lib/csu/hppa64/md_init.h b/lib/csu/hppa64/md_init.h index 25a8f8be489..9f5fa5ff5b1 100644 --- a/lib/csu/hppa64/md_init.h +++ b/lib/csu/hppa64/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.5 2013/12/20 16:23:43 tobiasu Exp $ */ +/* $OpenBSD: md_init.h,v 1.6 2015/09/01 05:40:06 guenther Exp $ */ /* * Copyright (c) 2003 Dale Rahn. All rights reserved. @@ -63,6 +63,8 @@ /* XXX no cleanup() callback passed to __start yet? */ #define MD_NO_CLEANUP +/* kbind disabled in the kernel for hppa64 until we do dynamic linking */ +#define MD_DISABLE_KBIND do { } while (0) #define MD_CRT0_START \ __asm( \ diff --git a/lib/csu/i386/md_init.h b/lib/csu/i386/md_init.h index 11a84c367f1..9e1606fa5f1 100644 --- a/lib/csu/i386/md_init.h +++ b/lib/csu/i386/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.5 2014/12/22 21:58:25 kurt Exp $ */ +/* $OpenBSD: md_init.h,v 1.6 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey @@ -133,3 +133,12 @@ " int $0x80 \n" \ " ret \n" \ " .previous") + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("eax") = SYS_kbind; \ + __asm volatile("pushl $0; push %%eax; int $0x80;" \ + " addl $8, %%esp" : "+a" (syscall_num) : \ + : "edx", "cc"); \ + } while (0) diff --git a/lib/csu/m88k/md_init.h b/lib/csu/m88k/md_init.h index 09bced2614b..a1d13552da7 100644 --- a/lib/csu/m88k/md_init.h +++ b/lib/csu/m88k/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.2 2013/12/03 06:21:41 guenther Exp $ */ +/* $OpenBSD: md_init.h,v 1.3 2015/09/01 05:40:06 guenther Exp $ */ /* * Copyright (c) 2012 Miodrag Vallat. @@ -64,3 +64,12 @@ " addu %r4, %r4, 4 \n" \ " /* envp = argv + argc + 1 */ \n" \ " .previous"); + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("r13") = SYS_kbind; \ + register void *arg1 __asm("r2") = NULL; \ + __asm volatile("tb0 0, %%r0, 450; or %%r0, %%r0, %%r0" \ + : "+r" (arg1) : "r" (syscall_num) : "r3", "cc"); \ + } while (0) diff --git a/lib/csu/mips64/md_init.h b/lib/csu/mips64/md_init.h index 8e97febe614..37625421c11 100644 --- a/lib/csu/mips64/md_init.h +++ b/lib/csu/mips64/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.10 2015/02/07 04:57:22 miod Exp $ */ +/* $OpenBSD: md_init.h,v 1.11 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey @@ -66,6 +66,7 @@ #entry_pt": \n" \ MD_FUNCTION_PROLOGUE(entry_pt) \ " /* fall thru */ \n" \ + ".end "#entry_pt" \n" \ ".previous") #define MD_SECTION_EPILOGUE(sect) \ @@ -165,3 +166,12 @@ struct kframe { argc = kfp->kargc; \ argv = &kfp->kargv[0]; \ environ = envp = argv + argc + 1; + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("v0") = SYS_kbind; \ + register void *arg1 __asm("a0") = NULL; \ + __asm volatile("syscall" : "+r" (syscall_num) \ + : "r" (arg1) : "v1", "a3"); \ + } while (0) diff --git a/lib/csu/powerpc/md_init.h b/lib/csu/powerpc/md_init.h index 8625ce57cf1..1a6cadec427 100644 --- a/lib/csu/powerpc/md_init.h +++ b/lib/csu/powerpc/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.3 2014/12/26 13:52:01 kurt Exp $ */ +/* $OpenBSD: md_init.h,v 1.4 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey @@ -246,3 +246,8 @@ __asm( \ "_dl_printf: \n" \ " blr \n" \ ) + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + __asm volatile("li %%r3, 0; li %%r0, %0; sc" : \ + : "i" (SYS_kbind) : "r0", "r3", "r4", "cc") diff --git a/lib/csu/sh/md_init.h b/lib/csu/sh/md_init.h index 7a1b5d971b2..359b5ac7347 100644 --- a/lib/csu/sh/md_init.h +++ b/lib/csu/sh/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.4 2014/12/30 19:26:38 miod Exp $ */ +/* $OpenBSD: md_init.h,v 1.5 2015/09/01 05:40:06 guenther Exp $ */ /* $NetBSD: dot_init.h,v 1.3 2005/12/24 22:02:10 perry Exp $ */ /*- @@ -147,3 +147,12 @@ __asm(".section " #section "\n" \ /* no ASM stub for __start; the C routine can be called directly */ #define MD_START ___start + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("r0") = SYS_kbind; \ + register void *arg1 __asm("r4") = NULL; \ + __asm volatile("trapa #0x80" : "+r" (syscall_num) \ + : "r" (arg1) : "r1", "cc"); \ + } while (0) diff --git a/lib/csu/sparc/md_init.h b/lib/csu/sparc/md_init.h index 4eda521741e..23fdfc7b0cc 100644 --- a/lib/csu/sparc/md_init.h +++ b/lib/csu/sparc/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.3 2015/07/03 11:17:25 miod Exp $ */ +/* $OpenBSD: md_init.h,v 1.4 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey @@ -136,3 +136,12 @@ " neg %o0 \n" \ \ " .previous") + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("g1") = SYS_kbind; \ + register void *arg1 __asm("o0") = NULL; \ + __asm volatile("t 0" : "+r" (arg1) : "r" (syscall_num) \ + : "o1", "cc"); \ + } while (0) diff --git a/lib/csu/sparc64/md_init.h b/lib/csu/sparc64/md_init.h index 7eab8fcb733..e9507b58579 100644 --- a/lib/csu/sparc64/md_init.h +++ b/lib/csu/sparc64/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.3 2014/12/22 13:53:01 kettenis Exp $ */ +/* $OpenBSD: md_init.h,v 1.4 2015/09/01 05:40:06 guenther Exp $ */ /*- * Copyright (c) 2001 Ross Harvey @@ -124,3 +124,12 @@ argc = *(long *)sp; \ argv = sp + 1; \ environ = envp = sp + 2 + argc; /* 2: argc + NULL ending argv */ + +#include <sys/syscall.h> +#define MD_DISABLE_KBIND \ + do { \ + register long syscall_num __asm("g1") = SYS_kbind; \ + register void *arg1 __asm("o0") = NULL; \ + __asm volatile("t 0" : "+r" (arg1) : "r" (syscall_num) \ + : "o1", "cc"); \ + } while (0) diff --git a/lib/csu/vax/md_init.h b/lib/csu/vax/md_init.h index cad67623fad..653192a3ba5 100644 --- a/lib/csu/vax/md_init.h +++ b/lib/csu/vax/md_init.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md_init.h,v 1.2 2013/12/03 06:21:41 guenther Exp $ */ +/* $OpenBSD: md_init.h,v 1.3 2015/09/01 05:40:06 guenther Exp $ */ /* * Copyright (c) 2008 Miodrag Vallat. @@ -61,6 +61,8 @@ struct kframe { /* no cleanup() callback passed to ___start, because no ld.so */ #define MD_NO_CLEANUP +/* kbind disabled in the kernel for vax until we do dynamic linking */ +#define MD_DISABLE_KBIND do { } while (0) #define MD_START_ARGS struct kframe *kfp #define MD_START_SETUP \ |