Hi Maintainers,

Attached is RFC patch that adds stack guard support in glibc for
Aarch64 for review.

The TCB is 16 bytes in Aarch64 and tp points to the dtvt. Before the
TCB, the pthread structure is placed. This patch places the stack
guard (SG) and pointer gaurd variable (PG) between the TCB and pthread
structures.

We can access thread pointer using "msr" instruction, the compiler
will generate the following assembly to access the stack guard placed
before the TCB .

msr tpidr_el0, x0
ldr x1, [x0-8]


                       tp
                        |
 pthread            v
 -----------------------------
|         |PG|SG| dtvt|  |
 ------------------------------
                       TCB


I did a quick check by building eglibc and moving the built runtime
linker ld-linux-aarch64.so,1 and libc "libc.so.2.17.90" to the V8
model running open embedded image.

And ran the following test case using "ld-linux-aarch64.so.1 --library
./libc.so test.out 1" where libc.so points to newly built one.

---test.c---
#include <string.h>
#include <stdio.h>

void test_stack_smashing(int corrupt)
{
    long stack_val,temp;

    char arr[5];
    char * ptr = arr;

    if (!corrupt)

    {
        strcpy( ptr,"abcd");
        printf("copied string is %s\n",ptr);
    }
    else
    {

        printf("overflowing the buffer and hitting the canary now\n");
            memset (ptr,0,12);
        printf("Overwritten the buffer\n" );

              asm("mrs %0, tpidr_el0\n" "ldr %1, [%0,-8]\n" : "=r"
(stack_val) : "r" (temp));
        printf(" Canary value is %x\n", stack_val);

    }

}

int main(char *argc, char *argv[])
{

    if (0 == strcmp(argv[1],"0"))
    {
        test_stack_smashing(0);
        printf("Passed Canary test\n");
    }
    else
    {
        test_stack_smashing(1);
        printf("Failed Canary test\n");
    }
    return 0;
}

And without patch I got:

(Snip)
overflowing the buffer and hitting the canary now
Overwritten the buffer
 Canary value is 0
Failed Canary test
(Snip)

Canary value is zero and this happens without my change because I
believe there is already space between TCB and pthread nodes due to
alignment enforcement.

With the path:

(Snip)
overflowing the buffer and hitting the canary now
Overwritten the buffer
 Canary value is 9900cf00
*** stack smashing detected ***: ./a.out terminated
Aborted
(Snip)

I also checked the canary value and keeps changing from run to run.

regards,
Venkat.