1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 /* 18 * Contributed by: Intel Corporation 19 */ 20 21 #include <gtest/gtest.h> 22 #include "BionicDeathTest.h" 23 24 #include <pthread.h> 25 #include <stdint.h> 26 #include <stdio.h> 27 #include <unistd.h> 28 #include <set> 29 30 #include "private/bionic_tls.h" 31 32 extern "C" pid_t gettid(); // glibc defines this but doesn't declare it anywhere. 33 34 #if defined(__BIONIC__) 35 extern uintptr_t __stack_chk_guard; 36 #endif 37 38 struct stack_protector_checker { 39 std::set<pid_t> tids; 40 std::set<void*> guards; 41 42 void Check() { 43 pid_t tid = gettid(); 44 void* guard = __get_tls()[TLS_SLOT_STACK_GUARD]; 45 46 printf("[thread %d] TLS stack guard = %p\n", tid, guard); 47 48 // Duplicate tid. gettid(2) bug? Seeing this would be very upsetting. 49 ASSERT_TRUE(tids.find(tid) == tids.end()); 50 51 // Uninitialized guard. Our bug. Note this is potentially flaky; we _could_ 52 // get four random zero bytes, but it should be vanishingly unlikely. 53 ASSERT_NE(guard, nullptr); 54 55 #if defined(__BIONIC__) 56 // bionic always has the global too. 57 ASSERT_EQ(__stack_chk_guard, reinterpret_cast<uintptr_t>(guard)); 58 #endif 59 60 tids.insert(tid); 61 guards.insert(guard); 62 } 63 }; 64 65 TEST(stack_protector, same_guard_per_thread) { 66 // Everyone has the TLS slot set, even if their stack protector 67 // implementation doesn't yet use it. 68 stack_protector_checker checker; 69 70 // Check the main thread. 71 ASSERT_EQ(getpid(), gettid()); // We are the main thread, right? 72 checker.Check(); 73 74 size_t thread_count = 9; 75 for (size_t i = 1; i < thread_count; ++i) { 76 pthread_t t; 77 ASSERT_EQ(0, pthread_create(&t, NULL, [](void* arg) -> void* { 78 stack_protector_checker* checker = reinterpret_cast<stack_protector_checker*>(arg); 79 checker->Check(); 80 return nullptr; 81 }, &checker)); 82 void* result; 83 ASSERT_EQ(0, pthread_join(t, &result)); 84 ASSERT_EQ(NULL, result); 85 } 86 ASSERT_EQ(thread_count, checker.tids.size()); 87 88 // Both bionic and glibc use the same guard for every thread. 89 ASSERT_EQ(1U, checker.guards.size()); 90 } 91 92 TEST(stack_protector, global_guard) { 93 #if defined(__BIONIC__) 94 // Bionic always has a global, even if it's using TLS. 95 ASSERT_NE(0, gettid()); 96 ASSERT_NE(0U, __stack_chk_guard); 97 #else 98 GTEST_LOG_(INFO) << "glibc doesn't have a global __stack_chk_guard.\n"; 99 #endif 100 } 101 102 class stack_protector_DeathTest : public BionicDeathTest {}; 103 104 TEST_F(stack_protector_DeathTest, modify_stack_protector) { 105 // In another file to prevent inlining, which removes stack protection. 106 extern void modify_stack_protector_test(); 107 ASSERT_EXIT(modify_stack_protector_test(), 108 testing::KilledBySignal(SIGABRT), "stack corruption detected"); 109 } 110
