linux-user: Define AT_RANDOM to support target stack protection mechanism.
The dynamic linker from the GNU C library v2.10+ uses the ELF
auxiliary vector AT_RANDOM [1] as a pointer to 16 bytes with random
values to initialize the stack protection mechanism. Technically the
emulated GNU dynamic linker crashes due to a NULL pointer
derefencement if it is built with stack protection enabled and if
AT_RANDOM is not defined by the QEMU ELF loader.
[1] This ELF auxiliary vector was introduced in Linux v2.6.29.
/* *envp = NULL marks end of envp. */
while (*envp++ != NULL);
/* auxv->a_type = AT_NULL marks the end of auxv. */
for (auxv = (Elf_auxv_t *)envp; auxv->a_type != AT_NULL; auxv++) {
if (auxv->a_type == AT_RANDOM) {
int i;
uint8_t rand_bytes[16];
printf("AT_RANDOM is: 0x%x\n", auxv->a_un.a_val);
memcpy(rand_bytes, (const uint8_t *)auxv->a_un.a_val, sizeof(rand_bytes));
printf("it points to: ");
for (i = 0; i < 16; i++) {
printf("0x%02x ", rand_bytes[i]);
}
printf("\n");
exit(EXIT_SUCCESS);
}
}
exit(EXIT_FAILURE);
}
Changes introduced in v2 and v3:
* Fix typos + thinko (AT_RANDOM is used for stack canary, not for
ASLR)
* AT_RANDOM points to 16 random bytes stored inside the user
stack.
projects / qemu.git / commit