From df0b5a49406763aa4719dfad561a5de8924ecd59 Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Tue, 23 Aug 2011 09:37:39 -0400
Subject: security hardening: ensure suid programs have valid stdin/out/err

this behavior (opening fds 0-2 for a suid program) is explicitly
allowed (but not required) by POSIX to protect badly-written suid
programs from clobbering files they later open.

this commit does add some cost in startup code, but the availability
of auxv and the security flag will be useful elsewhere in the future.
in particular auxv is needed for static-linked vdso support, which is
still waiting to be committed (sorry nik!)
---
 arch/i386/atomic.h | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'arch/i386/atomic.h')

diff --git a/arch/i386/atomic.h b/arch/i386/atomic.h
index 66059af9..77b0b3b7 100644
--- a/arch/i386/atomic.h
+++ b/arch/i386/atomic.h
@@ -119,5 +119,10 @@ static inline void a_spin()
 	__asm__ __volatile__( "pause" : : : "memory" );
 }
 
+static inline void a_crash()
+{
+	__asm__ __volatile__( "hlt" : : : "memory" );
+}
+
 
 #endif
-- 
cgit v1.2.1