Create NOOPT compiler specific macro, and use it both in
ResetCanaryAndReturn and in ChangingStackCanaryCrashesOnReturn. For
the latter, it fixes the unit tests in GCC.
Bug: 819294
Change-Id: I1e5e9e4434728c6b1916d43fa4c8225dd71bbcb4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5014023
Reviewed-by: danakj <danakj@chromium.org>
Commit-Queue: José Dapena Paz <jdapena@igalia.com>
Cr-Commit-Position: refs/heads/main@{#1221765}
GCC does not support the attribute optnone, so ResetCanaryAndReturn
was optimized and failing to assert as expected.
For GCC it should use optimize(0) attribute.
Bug: 819294
Change-Id: I3ca2bccf1d4b0893f4b91f91c306f05454699ee4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4992982
Commit-Queue: José Dapena Paz <jdapena@igalia.com>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1218980}
Stack protectors remain the same after forking, so reading the stack
protector in one process (e.g. a renderer) reveals to an attacker the
stack protector of the ancestor zygote and its children, including
future children.
This CL adds the capability to reset stack canaries after fork, which
requires the functions already on the call stack to be compiled without
stack protectors (or else they will use the original canary and crash
on return).
A command line flag is added to enable the behavior, which will be added
by default to the chrome command line in a future CL.
Bug: 1206626
Change-Id: I26e53c91986eda2bdf238bf912832649b7a14327
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2895917
Reviewed-by: Nico Weber <thakis@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#904353}