1 files changed, 68 insertions, 11 deletions

diff --git a/libc/misc/internals/__uClibc_main.c b/libc/misc/internals/__uClibc_main.c
index c9f3d0e40..1ed05c6b2 100644
--- a/libc/misc/internals/__uClibc_main.c
+++ b/libc/misc/internals/__uClibc_main.c
@@ -3,7 +3,7 @@
  * Erik Andersen              2002-2004
  *
  * __uClibc_main is the routine to be called by all the arch-specific
- * versions of crt0.S in uClibc.
+ * versions of crt1.S in uClibc.
  *
  * It is meant to handle any special initialization needed by the library
  * such as setting the global variable(s) __environ (environ) and
@@ -26,9 +26,10 @@
 #include <sys/stat.h>
 #include <sys/sysmacros.h>
 #ifdef __UCLIBC_HAS_SSP__
-extern void __guard_setup(void);
-#endif
+#include <ssp-internal.h>
 
+unsigned long __guard = 0UL;
+#endif
 
 /*
  * Prototypes.
@@ -106,6 +107,62 @@ static int __check_suid(void)
     return 1;
 }
 
+#ifdef __UCLIBC_HAS_SSP__
+static __always_inline void __guard_setup(void)
+{
+	if (__guard != 0UL)
+		return;
+
+#ifndef __SSP_QUICK_CANARY__
+
+	size_t size;
+
+# ifdef __SSP_USE_ERANDOM__
+	{
+		int mib[3];
+		/* Random is another depth in Linux, hence an array of 3. */
+		mib[0] = CTL_KERN;
+		mib[1] = KERN_RANDOM;
+		mib[2] = RANDOM_ERANDOM;
+
+		size = sizeof(unsigned long);
+		if (SYSCTL(mib, 3, &__guard, &size, NULL, 0) != (-1))
+			if (__guard != 0UL)
+				return;
+	}
+# endif /* ifdef __SSP_USE_ERANDOM__ */
+	{
+		int fd;
+
+# ifdef __SSP_USE_ERANDOM__
+		/* 
+		 * Attempt to open kernel pseudo random device if one exists before 
+		 * opening urandom to avoid system entropy depletion.
+		 */
+		if ((fd = OPEN("/dev/erandom", O_RDONLY)) == (-1))
+# endif
+			fd = OPEN("/dev/urandom", O_RDONLY);
+		if (fd != (-1)) {
+			size = READ(fd, (char *) &__guard, sizeof(__guard));
+			CLOSE(fd);
+			if (size == sizeof(__guard))
+				return;
+		}
+	}
+#endif /* ifndef __SSP_QUICK_CANARY__ */
+
+	/* Start with the "terminator canary". */
+	__guard = 0xFF0A0D00UL;
+
+	/* Everything failed? Or we are using a weakened model of the 
+	 * terminator canary */
+	{
+		struct timeval tv;
+		GETTIMEOFDAY(&tv, NULL);
+		__guard ^= tv.tv_usec ^ tv.tv_sec;
+	}
+}
+#endif /* __UCLIBC_HAS_SSP__ */
 
 /* __uClibc_init completely initialize uClibc so it is ready to use.
  *
@@ -117,7 +174,7 @@ static int __check_suid(void)
  * uClibc is the address of __uClibc_init
  *
  * In all other cases we call it from the main stub
- * __uClibc_start_main.
+ * __uClibc_main.
  */
 
 void __uClibc_init(void)
@@ -133,7 +190,7 @@ void __uClibc_init(void)
     __pagesize = PAGE_SIZE;
 
 #ifdef __UCLIBC_HAS_THREADS__
-    /* Before we start initialzing uClibc we have to call
+    /* Before we start initializing uClibc we have to call
      * __pthread_initialize_minimal so we can use pthread_locks
      * whenever they are needed.
      */
@@ -141,6 +198,10 @@ void __uClibc_init(void)
 	__pthread_initialize_minimal();
 #endif
 
+#ifdef __UCLIBC_HAS_SSP__
+    __guard_setup ();
+#endif
+
 #ifdef __UCLIBC_HAS_LOCALE__
     /* Initialize the global locale structure. */
     if (likely(_locale_init!=NULL))
@@ -162,8 +223,8 @@ void attribute_hidden (*__app_fini)(void) = NULL;
 
 void attribute_hidden (*__rtld_fini)(void) = NULL;
 
-/* __uClibc_start_main is the new main stub for uClibc. This function is
- * called from crt0 (version 0.9.16 or newer), after ALL shared libraries
+/* __uClibc_main is the new main stub for uClibc. This function is
+ * called from crt1 (version 0.9.28 or newer), after ALL shared libraries
  * are initialized, just before we call the application's main function.
  */
 void __attribute__ ((__noreturn__))
@@ -246,10 +307,6 @@ __uClibc_main(int (*main)(int, char **, char **), int argc,
     }
 #endif
 
-#ifdef __UCLIBC_HAS_SSP__
-    __guard_setup ();
-#endif
-
     /* Note: It is possible that any initialization done above could
      * have resulted in errno being set nonzero, so set it to 0 before
      * we call main.