* [PATCH v2] malloc: Fix clobbered errno when getrandom failed [BZ #29624] @ 2022-09-29 11:13 Yu Chien Peter Lin 2022-09-29 11:39 ` Adhemerval Zanella Netto 0 siblings, 1 reply; 4+ messages in thread From: Yu Chien Peter Lin @ 2022-09-29 11:13 UTC (permalink / raw) To: libc-alpha; +Cc: alankao, ycliang, fw, dylan, Yu Chien Peter Lin Save and restore errno when getrandom failed. On failure it will result in errno clobbered at statically linked program startup. This scenario is possible if getrandom is called by tcache_key_initialize when crng is not ready thus EAGAIN is returned. Fixes bug 29624. Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com> --- malloc/malloc.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/malloc/malloc.c b/malloc/malloc.c index 953183e956..823d454c99 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -3133,9 +3133,11 @@ static uintptr_t tcache_key; static void tcache_key_initialize (void) { + int saved_errno = errno; if (__getrandom_nocancel (&tcache_key, sizeof(tcache_key), GRND_NONBLOCK) != sizeof (tcache_key)) { + __set_errno(saved_errno); tcache_key = random_bits (); #if __WORDSIZE == 64 tcache_key = (tcache_key << 32) | random_bits (); -- 2.34.1 ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2] malloc: Fix clobbered errno when getrandom failed [BZ #29624] 2022-09-29 11:13 [PATCH v2] malloc: Fix clobbered errno when getrandom failed [BZ #29624] Yu Chien Peter Lin @ 2022-09-29 11:39 ` Adhemerval Zanella Netto 2022-09-29 13:31 ` Florian Weimer 0 siblings, 1 reply; 4+ messages in thread From: Adhemerval Zanella Netto @ 2022-09-29 11:39 UTC (permalink / raw) To: Yu Chien Peter Lin, libc-alpha; +Cc: fw, ycliang, dylan, alankao On 29/09/22 08:13, Yu Chien Peter Lin wrote: > Save and restore errno when getrandom failed. On failure it will result > in errno clobbered at statically linked program startup. This scenario > is possible if getrandom is called by tcache_key_initialize when crng is > not ready thus EAGAIN is returned. > > Fixes bug 29624. > > Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com> > --- > malloc/malloc.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/malloc/malloc.c b/malloc/malloc.c > index 953183e956..823d454c99 100644 > --- a/malloc/malloc.c > +++ b/malloc/malloc.c > @@ -3133,9 +3133,11 @@ static uintptr_t tcache_key; > static void > tcache_key_initialize (void) > { > + int saved_errno = errno; > if (__getrandom_nocancel (&tcache_key, sizeof(tcache_key), GRND_NONBLOCK) > != sizeof (tcache_key)) > { > + __set_errno(saved_errno); > tcache_key = random_bits (); > #if __WORDSIZE == 64 > tcache_key = (tcache_key << 32) | random_bits (); I think it would be better to just use INTERNAL_SYSCALL now that we have all architecture to return a negative value in case of error: diff --git a/stdlib/arc4random.c b/stdlib/arc4random.c index e417ef624d..20886e0445 100644 --- a/stdlib/arc4random.c +++ b/stdlib/arc4random.c @@ -34,7 +34,7 @@ void __arc4random_buf (void *p, size_t n) { static int seen_initialized; - size_t l; + int l; int fd; if (n == 0) @@ -51,7 +51,7 @@ __arc4random_buf (void *p, size_t n) n -= l; continue; /* Interrupted by a signal; keep going. */ } - else if (l < 0 && errno == ENOSYS) + else if (l < 0 && l == -ENOSYS) break; /* No syscall, so fallback to /dev/urandom. */ arc4random_getrandom_failure (); } diff --git a/sysdeps/unix/sysv/linux/not-cancel.h b/sysdeps/unix/sysv/linux/not-cancel.h index a263d294b1..00ab75a405 100644 --- a/sysdeps/unix/sysv/linux/not-cancel.h +++ b/sysdeps/unix/sysv/linux/not-cancel.h @@ -71,7 +71,7 @@ __writev_nocancel_nostatus (int fd, const struct iovec *iov, int iovcnt) static inline int __getrandom_nocancel (void *buf, size_t buflen, unsigned int flags) { - return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags); + return INTERNAL_SYSCALL_CALL (getrandom, buf, buflen, flags); } static inline int ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2] malloc: Fix clobbered errno when getrandom failed [BZ #29624] 2022-09-29 11:39 ` Adhemerval Zanella Netto @ 2022-09-29 13:31 ` Florian Weimer 2022-09-29 13:51 ` Adhemerval Zanella Netto 0 siblings, 1 reply; 4+ messages in thread From: Florian Weimer @ 2022-09-29 13:31 UTC (permalink / raw) To: Adhemerval Zanella Netto Cc: Yu Chien Peter Lin, libc-alpha, ycliang, dylan, alankao * Adhemerval Zanella Netto: > diff --git a/sysdeps/unix/sysv/linux/not-cancel.h b/sysdeps/unix/sysv/linux/not-cancel.h > index a263d294b1..00ab75a405 100644 > --- a/sysdeps/unix/sysv/linux/not-cancel.h > +++ b/sysdeps/unix/sysv/linux/not-cancel.h > @@ -71,7 +71,7 @@ __writev_nocancel_nostatus (int fd, const struct iovec *iov, int iovcnt) > static inline int > __getrandom_nocancel (void *buf, size_t buflen, unsigned int flags) > { > - return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags); > + return INTERNAL_SYSCALL_CALL (getrandom, buf, buflen, flags); > } > > static inline int Doesn't this need a matching change to sysdeps/mach/hurd/not-cancel.h? ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2] malloc: Fix clobbered errno when getrandom failed [BZ #29624] 2022-09-29 13:31 ` Florian Weimer @ 2022-09-29 13:51 ` Adhemerval Zanella Netto 0 siblings, 0 replies; 4+ messages in thread From: Adhemerval Zanella Netto @ 2022-09-29 13:51 UTC (permalink / raw) To: Florian Weimer; +Cc: Yu Chien Peter Lin, libc-alpha, ycliang, dylan, alankao On 29/09/22 10:31, Florian Weimer wrote: > * Adhemerval Zanella Netto: > >> diff --git a/sysdeps/unix/sysv/linux/not-cancel.h b/sysdeps/unix/sysv/linux/not-cancel.h >> index a263d294b1..00ab75a405 100644 >> --- a/sysdeps/unix/sysv/linux/not-cancel.h >> +++ b/sysdeps/unix/sysv/linux/not-cancel.h >> @@ -71,7 +71,7 @@ __writev_nocancel_nostatus (int fd, const struct iovec *iov, int iovcnt) >> static inline int >> __getrandom_nocancel (void *buf, size_t buflen, unsigned int flags) >> { >> - return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags); >> + return INTERNAL_SYSCALL_CALL (getrandom, buf, buflen, flags); >> } >> >> static inline int > > Doesn't this need a matching change to sysdeps/mach/hurd/not-cancel.h? Yeah, it will to make __arc4random_buf use the /dev/random fallback. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-09-29 13:51 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-09-29 11:13 [PATCH v2] malloc: Fix clobbered errno when getrandom failed [BZ #29624] Yu Chien Peter Lin 2022-09-29 11:39 ` Adhemerval Zanella Netto 2022-09-29 13:31 ` Florian Weimer 2022-09-29 13:51 ` Adhemerval Zanella Netto
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).