This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

PATCH: BP startup

2000-06-07  Greg McGary  <greg@mcgary.org>

	* sysdeps/generic/bp-sym.h: New file.
	* sysdeps/generic/bp-start.h: New file.
	* sysdeps/i386/elf/start.S: Designate BP symbols.
	* sysdeps/generic/libc-start.c: Wrap bounds around
	argv & envp and each of their string members.

Index: sysdeps/generic/bp-sym.h
===================================================================
RCS file: bp-sym.h
diff -N bp-sym.h
--- /dev/null	Tue May  5 13:32:27 1998
+++ bp-sym.h	Wed Jun  7 17:17:35 2000
@@ -0,0 +1,28 @@
+/* Bounded-pointer symbol modifier.
+   Copyright (C) 2000 Free Software Foundation, Inc.
+   Contributed by Greg McGary <greg@mcgary.org>
+
+   This file is part of the GNU C Library.  Its master source is NOT part of
+   the C library, however.  The master source lives in the GNU MP Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public License as
+   published by the Free Software Foundation; either version 2 of the
+   License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with the GNU C Library; see the file COPYING.LIB.  If not,
+   write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+   Boston, MA 02111-1307, USA.  */
+
+#define BP_SYM(name) _BP_SYM (name)
+#if __BOUNDED_POINTERS__
+# define _BP_SYM(name) __BP_##name
+#else
+# define _BP_SYM(name) name
+#endif
Index: sysdeps/generic/bp-start.h
===================================================================
RCS file: bp-start.h
diff -N bp-start.h
--- /dev/null	Tue May  5 13:32:27 1998
+++ bp-start.h	Wed Jun  7 17:16:09 2000
@@ -0,0 +1,69 @@
+/* Copyright (C) 2000 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public License as
+   published by the Free Software Foundation; either version 2 of the
+   License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with the GNU C Library; see the file COPYING.LIB.  If not,
+   write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+   Boston, MA 02111-1307, USA.  */
+
+
+#if __BOUNDED_POINTERS__
+
+  /* The command-line arg vector and environment vector come to us from
+     the OS as an unbounded pointer to an array of unbounded strings.
+     The user's main expects argv and __environ to be bounded pointers
+     to arrays of bounded strings.  */
+#define INIT_ARGV_and_ENVIRON							\
+  do {										\
+    int envc;									\
+    for (envc = 0; *ubp_ev; ubp_ev++, envc++)					\
+      ;										\
+    ubp_ev -= envc;								\
+										\
+    /* GKM FIXME: we could save some space by allocating only enough for	\
+       the additional low & high words, and destructively rewriting		\
+       argv in place.  */							\
+    __ptrvalue (argv) = __ptrlow (argv)						\
+      = alloca ((argc + envc + 2) * sizeof (*argv));				\
+    __ptrhigh (argv) = __ptrvalue (argv) + argc + 1;				\
+    __ptrvalue (__environ) = __ptrlow (__environ) = __ptrhigh (argv);		\
+    __ptrhigh (__environ) = __ptrvalue (__environ) + envc + 1;			\
+    boundify_vector (__environ, ubp_ev);					\
+    boundify_vector (argv, ubp_av);						\
+  } while (0)
+
+
+/* Copy an unbounded vector of unbounded strings into a bounded counterpart.  */
+
+static void
+boundify_vector (char **dest, char *__unbounded *__unbounded src)
+{
+  char *__unbounded s;
+  for (; *src; src++, dest++)
+    {
+      __ptrvalue (*dest) = __ptrlow (*dest) = *src;
+      __ptrhigh (*dest) = src[1];
+    }
+  *dest = 0;
+  /* The OS lays out strings contiguously in vector order,
+     so  */
+  for (s = __ptrvalue (dest[-1]); *s; s++)
+    ;
+  __ptrhigh (dest[-1]) = ++s;
+}
+
+#else
+
+# define INIT_ARGV_and_ENVIRON __environ = ubp_ev
+
+#endif
Index: sysdeps/i386/elf/start.S
===================================================================
RCS file: /cvs/glibc/libc/sysdeps/i386/elf/start.S,v
retrieving revision 1.12
diff -u -p -r1.12 start.S
--- start.S	1998/06/18 17:28:59	1.12
+++ start.S	2000/06/08 00:16:09
@@ -1,5 +1,5 @@
 /* Startup code compliant to the ELF i386 ABI.
-   Copyright (C) 1995, 1996, 1997, 1998 Free Software Foundation, Inc.
+   Copyright (C) 1995, 1996, 1997, 1998, 2000 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -36,6 +36,8 @@
 					NULL
 */
 
+#include "bp-sym.h"
+
 	.text
 	.globl _start
 _start:
@@ -70,11 +72,11 @@ _start:
 	pushl %ecx		/* Push second argument: argv.  */
 	pushl %esi		/* Push first argument: argc.  */
 
-	pushl $main
+	pushl $BP_SYM (main)
 
 	/* Call the user's main function, and exit with its value.
 	   But let the libc call main.    */
-	call __libc_start_main
+	call BP_SYM (__libc_start_main)
 
 	hlt			/* Crash if somehow `exit' does return.  */
 
Index: sysdeps/generic/libc-start.c
===================================================================
RCS file: /cvs/glibc/libc/sysdeps/generic/libc-start.c,v
retrieving revision 1.17
diff -u -p -r1.17 libc-start.c
--- libc-start.c	2000/05/25 04:59:39	1.17
+++ libc-start.c	2000/06/08 00:16:55
@@ -19,22 +19,34 @@
 #include <stdlib.h>
 #include <unistd.h>
 #include <ldsodefs.h>
+#include <bp-start.h>
+#include <bp-sym.h>
 
 extern void __libc_init_first (int argc, char **argv, char **envp);
 
 extern int _dl_starting_up;
 weak_extern (_dl_starting_up)
 extern int __libc_multiple_libcs;
-extern void *__libc_stack_end;
+extern void *__unbounded __libc_stack_end;
 
 /* Prototype for local function.  */
 extern void __libc_check_standard_fds (void);
 
 int
-__libc_start_main (int (*main) (int, char **, char **), int argc,
-		   char **argv, void (*init) (void), void (*fini) (void),
-		   void (*rtld_fini) (void), void *stack_end)
+/* GKM FIXME: GCC: this should get __BP_ prefix by virtue of the
+   BPs in the arglist of startup_info.main and startup_info.init. */
+BP_SYM (__libc_start_main) (int (*main) (int, char **, char **),
+		   int argc, char *__unbounded *__unbounded ubp_av,
+		   void (*init) (void), void (*fini) (void),
+		   void (*rtld_fini) (void), void *__unbounded stack_end)
 {
+  char *__unbounded *__unbounded ubp_ev = &ubp_av[argc + 1];
+#if __BOUNDED_POINTERS__
+  char **argv;
+#else
+# define argv ubp_av
+#endif
+
 #ifndef SHARED
   /* The next variable is only here to work around a bug in gcc <= 2.7.2.2.
      If the address would be taken inside the expression the optimizer
@@ -44,11 +56,10 @@ __libc_start_main (int (*main) (int, cha
   __libc_multiple_libcs = dummy_addr && !_dl_starting_up;
 #endif
 
+  INIT_ARGV_and_ENVIRON;
+
   /* Store the lowest stack address.  */
   __libc_stack_end = stack_end;
-
-  /* Set the global _environ variable correctly.  */
-  __environ = &argv[argc + 1];
 
 #ifndef SHARED
   /* Some security at this point.  Prevent starting a SUID binary where
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]