git: 2b4f6e6f7a0b - main - lang/gcc11-devel: Re-execute program with ASLR disabled when necessary

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Lorenzo Salvadore <salvadore_at_FreeBSD.org>
Date: Sat, 26 Nov 2022 15:04:38 UTC
The branch main has been updated by salvadore:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2b4f6e6f7a0b36f4592dc0058e12f55b668d6be2

commit 2b4f6e6f7a0b36f4592dc0058e12f55b668d6be2
Author:     Lorenzo Salvadore <salvadore@FreeBSD.org>
AuthorDate: 2022-11-25 22:52:13 +0000
Commit:     Lorenzo Salvadore <salvadore@FreeBSD.org>
CommitDate: 2022-11-26 15:02:45 +0000

    lang/gcc11-devel: Re-execute program with ASLR disabled when necessary
    
    Software compiled with -fsanitize=address needs ASLR to be disabled to
    run successfully.
    
    Add patches taken from the commits listed below that improve ASLR
    detection and re-execute the program with ASLR disabled if necessary.
    
    https://cgit.freebsd.org/src/commit/?id=7cafe89f9ce33effe6e471b185339d413da1ca46
    https://cgit.freebsd.org/src/commit/?id=930a7c2ac67e1e8e511aa1d0a31a16c632060ebb
    https://cgit.freebsd.org/src/commit/?id=96fe7c8ab0f65cf829619abd74ae6c126b21e15f
    
    PR:             267751
---
 lang/gcc11-devel/Makefile                          |  2 +-
 ...anitizer_sanitizer__common_sanitizer__linux.cpp | 61 ++++++++++++++++++++++
 ...sanitizer__common_sanitizer__linux__libcdep.cpp | 32 ++++++++++++
 3 files changed, 94 insertions(+), 1 deletion(-)

diff --git a/lang/gcc11-devel/Makefile b/lang/gcc11-devel/Makefile
index cde3eccb4a71..cc7612307799 100644
--- a/lang/gcc11-devel/Makefile
+++ b/lang/gcc11-devel/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	gcc
 PORTVERSION=	11.3.1.s20221118
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	lang
 MASTER_SITES=	GCC/snapshots/${DIST_VERSION}
 PKGNAMESUFFIX=	${SUFFIX}-devel
diff --git a/lang/gcc11-devel/files/patch-libsanitizer_sanitizer__common_sanitizer__linux.cpp b/lang/gcc11-devel/files/patch-libsanitizer_sanitizer__common_sanitizer__linux.cpp
new file mode 100644
index 000000000000..bf9b0df79e0b
--- /dev/null
+++ b/lang/gcc11-devel/files/patch-libsanitizer_sanitizer__common_sanitizer__linux.cpp
@@ -0,0 +1,61 @@
+Patch taken from the following commits:
+
+- https://cgit.freebsd.org/src/commit/?id=7cafe89f9ce33effe6e471b185339d413da1ca46
+- https://cgit.freebsd.org/src/commit/?id=930a7c2ac67e1e8e511aa1d0a31a16c632060ebb
+
+--- libsanitizer/sanitizer_common/sanitizer_linux.cpp.orig	2022-11-26 10:40:30 UTC
++++ libsanitizer/sanitizer_common/sanitizer_linux.cpp
+@@ -80,6 +80,7 @@
+ 
+ #if SANITIZER_FREEBSD
+ #include <sys/exec.h>
++#include <sys/procctl.h>
+ #include <sys/sysctl.h>
+ #include <machine/atomic.h>
+ extern "C" {
+@@ -2171,33 +2172,20 @@ void CheckASLR() {
+     ReExec();
+   }
+ #elif SANITIZER_FREEBSD
+-  int aslr_pie;
+-  uptr len = sizeof(aslr_pie);
+-#if SANITIZER_WORDSIZE == 64
+-  if (UNLIKELY(internal_sysctlbyname("kern.elf64.aslr.pie_enable",
+-      &aslr_pie, &len, NULL, 0) == -1)) {
+-    // We're making things less 'dramatic' here since
+-    // the OID is not necessarily guaranteed to be here
++  int aslr_status;                                                                             
++  if (UNLIKELY(procctl(P_PID, 0, PROC_ASLR_STATUS, &aslr_status) == -1)) {
++    // We're making things less 'dramatic' here since  
++    // the cmd is not necessarily guaranteed to be here
+     // just yet regarding FreeBSD release
+     return;
+-  }
+-
+-  if (aslr_pie > 0) {
+-    Printf("This sanitizer is not compatible with enabled ASLR "
+-           "and binaries compiled with PIE\n");
+-    Die();
+-  }
+-#endif
+-  // there might be 32 bits compat for 64 bits
+-  if (UNLIKELY(internal_sysctlbyname("kern.elf32.aslr.pie_enable",
+-      &aslr_pie, &len, NULL, 0) == -1)) {
+-    return;
+-  }
+-
+-  if (aslr_pie > 0) {
+-    Printf("This sanitizer is not compatible with enabled ASLR "
+-           "and binaries compiled with PIE\n");
+-    Die();
++  }                                            
++  if ((aslr_status & PROC_ASLR_ACTIVE) != 0) {                                                 
++    VReport(1, "This sanitizer is not compatible with enabled ASLR "
++               "and binaries compiled with PIE\n"                      
++               "ASLR will be disabled and the program re-executed.\n");
++    int aslr_ctl = PROC_ASLR_FORCE_DISABLE;                                                    
++    CHECK_NE(procctl(P_PID, 0, PROC_ASLR_CTL, &aslr_ctl), -1);
++    ReExec();
+   }
+ #else
+   // Do nothing
diff --git a/lang/gcc11-devel/files/patch-libsanitizer_sanitizer__common_sanitizer__linux__libcdep.cpp b/lang/gcc11-devel/files/patch-libsanitizer_sanitizer__common_sanitizer__linux__libcdep.cpp
new file mode 100644
index 000000000000..7f13f8591313
--- /dev/null
+++ b/lang/gcc11-devel/files/patch-libsanitizer_sanitizer__common_sanitizer__linux__libcdep.cpp
@@ -0,0 +1,32 @@
+Patch taken from
+
+https://cgit.freebsd.org/src/commit/?id=96fe7c8ab0f65cf829619abd74ae6c126b21e15f
+
+--- libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cpp.orig	2022-11-26 09:47:34 UTC
++++ libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cpp
+@@ -45,7 +45,9 @@
+ 
+ #if SANITIZER_FREEBSD
+ #include <pthread_np.h>
++#include <stdlib.h>
+ #include <osreldate.h>
++#include <sys/auxv.h>
+ #include <sys/sysctl.h>
+ #define pthread_getattr_np pthread_attr_get_np
+ #endif
+@@ -857,7 +859,14 @@ void ReExec() {
+ void ReExec() {
+   const char *pathname = "/proc/self/exe";
+ 
+-#if SANITIZER_NETBSD
++#if SANITIZER_FREEBSD
++  char exe_path[PATH_MAX];
++  if (elf_aux_info(AT_EXECPATH, exe_path, sizeof(exe_path)) == 0) {
++    char link_path[PATH_MAX];
++    if (realpath(exe_path, link_path))
++      pathname = link_path;
++  }
++#elif SANITIZER_NETBSD
+   static const int name[] = {
+       CTL_KERN,
+       KERN_PROC_ARGS,