1 /*
2  * Copyright (C) 2008 The Android Open Source Project
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *  * Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *  * Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in
12  *    the documentation and/or other materials provided with the
13  *    distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include "libc_init_common.h"
30 
31 #include <async_safe/log.h>
32 
33 #include "private/KernelArgumentBlock.h"
34 #include "private/bionic_arc4random.h"
35 #include "private/bionic_defs.h"
36 #include "private/bionic_elf_tls.h"
37 #include "private/bionic_globals.h"
38 #include "private/bionic_ssp.h"
39 #include "pthread_internal.h"
40 
41 extern "C" pid_t __getpid();
42 extern "C" int __set_tid_address(int* tid_address);
43 
44 // Declared in "private/bionic_ssp.h".
45 uintptr_t __stack_chk_guard = 0;
46 
47 static pthread_internal_t main_thread;
48 
49 // Setup for the main thread. For dynamic executables, this is called by the
50 // linker _before_ libc is mapped in memory. This means that all writes to
51 // globals from this function will apply to linker-private copies and will not
52 // be visible from libc later on.
53 //
54 // Note: this function creates a pthread_internal_t for the initial thread and
55 // stores the pointer in TLS, but does not add it to pthread's thread list. This
56 // has to be done later from libc itself (see __libc_init_common).
57 //
58 // This is in a file by itself because it needs to be built with
59 // -fno-stack-protector because it's responsible for setting up the main
60 // thread's TLS (which stack protector relies on). It's also built with
61 // -ffreestanding because the early init function runs in the linker before
62 // ifunc resolvers have run.
63 
64 // Do enough setup to:
65 //  - Let the dynamic linker invoke system calls (and access errno)
66 //  - Ensure that TLS access functions (__get_{tls,thread}) never return NULL
67 //  - Allow the stack protector to work (with a zero cookie)
68 // Avoid doing much more because, when this code is called within the dynamic
69 // linker, the linker binary hasn't been relocated yet, so certain kinds of code
70 // are hazardous, such as accessing non-hidden global variables or calling
71 // string.h functions.
72 __BIONIC_WEAK_FOR_NATIVE_BRIDGE
__libc_init_main_thread_early(const KernelArgumentBlock & args,bionic_tcb * temp_tcb)73 extern "C" void __libc_init_main_thread_early(const KernelArgumentBlock& args,
74                                               bionic_tcb* temp_tcb) {
75   __libc_shared_globals()->auxv = args.auxv;
76 #if defined(__i386__)
77   __libc_init_sysinfo(); // uses AT_SYSINFO auxv entry
78 #endif
79   __init_tcb(temp_tcb, &main_thread);
80   __init_tcb_dtv(temp_tcb);
81   __set_tls(&temp_tcb->tls_slot(0));
82   main_thread.tid = __getpid();
83   main_thread.set_cached_pid(main_thread.tid);
84   main_thread.stack_top = reinterpret_cast<uintptr_t>(args.argv);
85 }
86 
87 // This code is used both by each new pthread and the code that initializes the main thread.
__init_tcb(bionic_tcb * tcb,pthread_internal_t * thread)88 void __init_tcb(bionic_tcb* tcb, pthread_internal_t* thread) {
89 #ifdef TLS_SLOT_SELF
90   // On x86, slot 0 must point to itself so code can read the thread pointer by
91   // loading %fs:0 or %gs:0.
92   tcb->tls_slot(TLS_SLOT_SELF) = &tcb->tls_slot(TLS_SLOT_SELF);
93 #endif
94   tcb->tls_slot(TLS_SLOT_THREAD_ID) = thread;
95 }
96 
__init_tcb_dtv(bionic_tcb * tcb)97 void __init_tcb_dtv(bionic_tcb* tcb) {
98   // Initialize the DTV slot to a statically-allocated empty DTV. The first
99   // access to a dynamic TLS variable allocates a new DTV.
100   static const TlsDtv zero_dtv = {};
101   __set_tcb_dtv(tcb, const_cast<TlsDtv*>(&zero_dtv));
102 }
103 
104 // This is public so that the zygote can call it too. It is not expected
105 // to be useful otherwise.
106 //
107 // Note in particular that it is not possible to return from any existing
108 // stack frame with stack protector enabled after this function is called.
android_reset_stack_guards()109 extern "C" void android_reset_stack_guards() {
110   // The TLS stack guard is set from the global, so ensure that we've initialized the global
111   // before we initialize the TLS. Dynamic executables will initialize their copy of the global
112   // stack protector from the one in the main thread's TLS.
113   __libc_safe_arc4random_buf(&__stack_chk_guard, sizeof(__stack_chk_guard));
114   __init_tcb_stack_guard(__get_bionic_tcb());
115 }
116 
117 // Finish initializing the main thread.
118 __BIONIC_WEAK_FOR_NATIVE_BRIDGE
__libc_init_main_thread_late()119 extern "C" void __libc_init_main_thread_late() {
120   __init_bionic_tls_ptrs(__get_bionic_tcb(), __allocate_temp_bionic_tls());
121 
122   // Tell the kernel to clear our tid field when we exit, so we're like any other pthread.
123   // For threads created by pthread_create, this setup happens during the clone syscall (i.e.
124   // CLONE_CHILD_CLEARTID).
125   __set_tid_address(&main_thread.tid);
126 
127   pthread_attr_init(&main_thread.attr);
128   // We don't want to explicitly set the main thread's scheduler attributes (http://b/68328561).
129   pthread_attr_setinheritsched(&main_thread.attr, PTHREAD_INHERIT_SCHED);
130   // The main thread has no guard page.
131   pthread_attr_setguardsize(&main_thread.attr, 0);
132   // User code should never see this; we'll compute it when asked.
133   pthread_attr_setstacksize(&main_thread.attr, 0);
134 
135   android_reset_stack_guards();
136 
137   __init_thread(&main_thread);
138 
139   __init_additional_stacks(&main_thread);
140 }
141 
142 // Once all ELF modules are loaded, allocate the final copy of the main thread's
143 // static TLS memory.
144 __BIONIC_WEAK_FOR_NATIVE_BRIDGE
__libc_init_main_thread_final()145 extern "C" void __libc_init_main_thread_final() {
146   bionic_tcb* temp_tcb = __get_bionic_tcb();
147   bionic_tls* temp_tls = &__get_bionic_tls();
148 
149   // Allocate the main thread's static TLS. (This mapping doesn't include a
150   // stack.)
151   ThreadMapping mapping = __allocate_thread_mapping(0, PTHREAD_GUARD_SIZE);
152   if (mapping.mmap_base == nullptr) {
153     async_safe_fatal("failed to mmap main thread static TLS: %m");
154   }
155 
156   const StaticTlsLayout& layout = __libc_shared_globals()->static_tls_layout;
157   auto new_tcb = reinterpret_cast<bionic_tcb*>(mapping.static_tls + layout.offset_bionic_tcb());
158   auto new_tls = reinterpret_cast<bionic_tls*>(mapping.static_tls + layout.offset_bionic_tls());
159 
160   __init_static_tls(mapping.static_tls);
161   new_tcb->copy_from_bootstrap(temp_tcb);
162   new_tls->copy_from_bootstrap(temp_tls);
163   __init_tcb(new_tcb, &main_thread);
164   __init_bionic_tls_ptrs(new_tcb, new_tls);
165 
166   main_thread.mmap_base = mapping.mmap_base;
167   main_thread.mmap_size = mapping.mmap_size;
168   main_thread.mmap_base_unguarded = mapping.mmap_base_unguarded;
169   main_thread.mmap_size_unguarded = mapping.mmap_size_unguarded;
170 
171   __set_tls(&new_tcb->tls_slot(0));
172 
173   __set_stack_and_tls_vma_name(true);
174   __free_temp_bionic_tls(temp_tls);
175 }
176