From 76777b216b48a6c838a7864d953fa19fc50282ec Mon Sep 17 00:00:00 2001 From: Andrew Browne Date: Mon, 23 Aug 2021 18:33:25 -0700 Subject: [PATCH] [DFSan] Add wrapper for getentropy(). Reviewed By: morehouse Differential Revision: https://reviews.llvm.org/D108604 --- compiler-rt/lib/dfsan/dfsan_custom.cpp | 27 +++++++++++++++++++++++ compiler-rt/lib/dfsan/done_abilist.txt | 1 + compiler-rt/lib/dfsan/libc_ubuntu1404_abilist.txt | 1 + compiler-rt/test/dfsan/custom.cpp | 20 +++++++++++++++++ 4 files changed, 49 insertions(+) diff --git a/compiler-rt/lib/dfsan/dfsan_custom.cpp b/compiler-rt/lib/dfsan/dfsan_custom.cpp index 175ae69..97aa135 100644 --- a/compiler-rt/lib/dfsan/dfsan_custom.cpp +++ b/compiler-rt/lib/dfsan/dfsan_custom.cpp @@ -1026,6 +1026,33 @@ char *__dfso_get_current_dir_name(dfsan_label *ret_label, return __dfsw_get_current_dir_name(ret_label); } +// This function is only available for glibc 2.25 or newer. Mark it weak so +// linking succeeds with older glibcs. +SANITIZER_WEAK_ATTRIBUTE int getentropy(void *buffer, size_t length); + +SANITIZER_INTERFACE_ATTRIBUTE int __dfsw_getentropy(void *buffer, size_t length, + dfsan_label buffer_label, + dfsan_label length_label, + dfsan_label *ret_label) { + int ret = getentropy(buffer, length); + if (ret == 0) { + dfsan_set_label(0, buffer, length); + } + *ret_label = 0; + return ret; +} + +SANITIZER_INTERFACE_ATTRIBUTE int __dfso_getentropy(void *buffer, size_t length, + dfsan_label buffer_label, + dfsan_label length_label, + dfsan_label *ret_label, + dfsan_origin buffer_origin, + dfsan_origin length_origin, + dfsan_origin *ret_origin) { + return __dfsw_getentropy(buffer, length, buffer_label, length_label, + ret_label); +} + SANITIZER_INTERFACE_ATTRIBUTE int __dfsw_gethostname(char *name, size_t len, dfsan_label name_label, dfsan_label len_label, dfsan_label *ret_label) { diff --git a/compiler-rt/lib/dfsan/done_abilist.txt b/compiler-rt/lib/dfsan/done_abilist.txt index 3c2670e..4dd0a86 100644 --- a/compiler-rt/lib/dfsan/done_abilist.txt +++ b/compiler-rt/lib/dfsan/done_abilist.txt @@ -218,6 +218,7 @@ fun:fgets=custom fun:fstat=custom fun:getcwd=custom fun:get_current_dir_name=custom +fun:getentropy=custom fun:gethostname=custom fun:getpeername=custom fun:getrlimit=custom diff --git a/compiler-rt/lib/dfsan/libc_ubuntu1404_abilist.txt b/compiler-rt/lib/dfsan/libc_ubuntu1404_abilist.txt index a1ea0a0..433092e 100644 --- a/compiler-rt/lib/dfsan/libc_ubuntu1404_abilist.txt +++ b/compiler-rt/lib/dfsan/libc_ubuntu1404_abilist.txt @@ -1852,6 +1852,7 @@ fun:getdirentries64=uninstrumented fun:getdomainname=uninstrumented fun:getdtablesize=uninstrumented fun:getegid=uninstrumented +fun:getentropy=uninstrumented fun:getenv=uninstrumented fun:geteuid=uninstrumented fun:getfsent=uninstrumented diff --git a/compiler-rt/test/dfsan/custom.cpp b/compiler-rt/test/dfsan/custom.cpp index 99450a6..e25e1de 100644 --- a/compiler-rt/test/dfsan/custom.cpp +++ b/compiler-rt/test/dfsan/custom.cpp @@ -161,6 +161,10 @@ dfsan_label i_j_label = 0; #define ASSERT_SAVED_N_ORIGINS(val, n) #endif +#if !defined(__GLIBC_PREREQ) +# define __GLIBC_PREREQ(a, b) 0 +#endif + void test_stat() { int i = 1; dfsan_set_label(i_label, &i, sizeof(i)); @@ -944,6 +948,21 @@ void test_get_current_dir_name() { ASSERT_ZERO_LABEL(ret); } +void test_getentropy() { + char buf[64]; + dfsan_set_label(i_label, buf + 2, 2); + DEFINE_AND_SAVE_ORIGINS(buf) +#if __GLIBC_PREREQ(2, 25) + // glibc >= 2.25 has getentropy() + int ret = getentropy(buf, sizeof(buf)); + ASSERT_ZERO_LABEL(ret); + if (ret == 0) { + ASSERT_READ_ZERO_LABEL(buf + 2, 2); + ASSERT_SAVED_ORIGINS(buf) + } +#endif +} + void test_gethostname() { char buf[1024]; dfsan_set_label(i_label, buf + 2, 2); @@ -1967,6 +1986,7 @@ int main(void) { test_fstat(); test_get_current_dir_name(); test_getcwd(); + test_getentropy(); test_gethostname(); test_getpeername(); test_getpwuid_r(); -- 2.7.4