From nobody Mon Jan 17 21:13:08 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id BEFAC19768FD; Mon, 17 Jan 2022 21:13:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jd4Pc6qgMz3FYy; Mon, 17 Jan 2022 21:13:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642453989; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Kjvqxl7kkmMhCtXa7k1ERsQqY0OYG3RRITu/pVj5DBg=; b=K1e+vkjkVWDcFwqP17N7FJza3+j7p3lSkEsK4lXpzU6MrfY8B4Qd0XX8FD5nlLgWsqd7uK Z6Ka/gIHoiaj75uYobksnxb2qzGe5P4WspfHWt7dzNc8fxm0eQ967XN8LwggfbrV6iImLx g11CY/YCinqHyC1AZIDJIaULSrPSbXjHsHs9Wpg5pAme7ydNOopeQi2OtL0zBpOq4ixxjl gRX9/TJO1oQZ+Lnn+ZDYjjpt0i2qfEKLuEwh66kZaii4w8r78hG6rDUrWColdV5Tc9m6lI RsgUQmjG3qdItM0ZGnfofoR23DmBtdJCHO1PQy6DHrIwG8I7aUUioj8wsvJQMA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id ADF4114DEB; Mon, 17 Jan 2022 21:13:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20HLD8Qf006956; Mon, 17 Jan 2022 21:13:08 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20HLD8CQ006955; Mon, 17 Jan 2022 21:13:08 GMT (envelope-from git) Date: Mon, 17 Jan 2022 21:13:08 GMT Message-Id: <202201172113.20HLD8CQ006955@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 758d98debec4 - main - exec: Remove the stack gap implementation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 758d98debec43ff83b8a1ed9a3d3a8441b83b3cc Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642453989; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Kjvqxl7kkmMhCtXa7k1ERsQqY0OYG3RRITu/pVj5DBg=; b=wKYS677hKe5TaB1uSFI6jttNiKsvbqll/VDz2aoF910TLVUUMc/2t+ku7JBC3anzXKt6h3 Zft28IDL+lw7baNztH48JTau0HuQSf1fy5iRQH24XvOh8pQL4iR5ZB+DTVdzMO+Apy+pxr SnbuH8BEGmYmH8FS3EPRvkX87wNtkGZInog+uTpZw37HwcHsv9a3DkHN8y/JG7DvrIg79s KHKAhnAFZxbiBZOi25iFhn7w6XBd/IJUCRMTgBnGD0hEtlo546+3W0cxVjaZy4VGQw0sRn 44ASUUOZqC+NqkwtPk3XmJK7yCZtX9um9U6rvOfRaodR+7w/XdDn5NGxA+/NGQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642453989; a=rsa-sha256; cv=none; b=dKLwpzv0mhFqhgH6g4uk/jSlU1hYwyopaHIL3JADktL3uLzTxglcokV+C9G8SlV6+k9404 f6o0jfVz3pnuxnY4sW5gXt6JqvpuBgr4iRu52mdp3oUQxdW8ti89aMhIWLcbrB9XQGz/IG A/L3VlfYOSQKYIfsEiIwJkVwUVAuu5lfwyd3Ljqy1GK1jGeBOAznLMFonAJMV9oXEcrYCi AFJ/L5Xveg9UsNqNTpQhVm3C3xU6WW58Ft1ngXbvBYlhaY4VnZhjoZ8rXeZcLPoLYHqnSN 6SfFadovs5D9GivvqfkNnoOxhBHj2AcGHI4ho0uT1DoyhAL8VuDCtuNB92GwjQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=758d98debec43ff83b8a1ed9a3d3a8441b83b3cc commit 758d98debec43ff83b8a1ed9a3d3a8441b83b3cc Author: Mark Johnston AuthorDate: 2022-01-17 16:42:46 +0000 Commit: Mark Johnston CommitDate: 2022-01-17 21:11:54 +0000 exec: Remove the stack gap implementation ASLR stack randomization will reappear in a forthcoming commit. Rather than inserting a random gap into the stack mapping, the entire stack mapping itself will be randomized in the same way that other mappings are when ASLR is enabled. No functional change intended, as the stack gap implementation is currently disabled by default. Reviewed by: kib MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D33704 --- contrib/elftoolchain/readelf/readelf.c | 1 - sys/amd64/amd64/elf_machdep.c | 2 -- sys/arm64/arm64/elf_machdep.c | 1 - sys/compat/freebsd32/freebsd32_misc.c | 2 -- sys/compat/ia32/ia32_sysvec.c | 1 - sys/kern/imgact_elf.c | 19 ------------------- sys/kern/kern_exec.c | 20 -------------------- sys/sys/elf_common.h | 2 +- sys/sys/imgact.h | 2 -- sys/sys/imgact_elf.h | 1 - sys/sys/sysent.h | 1 - usr.bin/elfctl/elfctl.c | 2 -- 12 files changed, 1 insertion(+), 53 deletions(-) diff --git a/contrib/elftoolchain/readelf/readelf.c b/contrib/elftoolchain/readelf/readelf.c index 987a2ffb128b..84855038d0ef 100644 --- a/contrib/elftoolchain/readelf/readelf.c +++ b/contrib/elftoolchain/readelf/readelf.c @@ -3755,7 +3755,6 @@ static struct flag_desc note_feature_ctl_flags[] = { { NT_FREEBSD_FCTL_STKGAP_DISABLE, "STKGAP_DISABLE" }, { NT_FREEBSD_FCTL_WXNEEDED, "WXNEEDED" }, { NT_FREEBSD_FCTL_LA48, "LA48" }, - { NT_FREEBSD_FCTL_ASG_DISABLE, "ASG_DISABLE" }, { 0, NULL } }; diff --git a/sys/amd64/amd64/elf_machdep.c b/sys/amd64/amd64/elf_machdep.c index 645b9c08ea38..192a73e0a7df 100644 --- a/sys/amd64/amd64/elf_machdep.c +++ b/sys/amd64/amd64/elf_machdep.c @@ -92,7 +92,6 @@ struct sysentvec elf64_freebsd_sysvec_la48 = { .sv_schedtail = NULL, .sv_thread_detach = NULL, .sv_trap = NULL, - .sv_stackgap = elf64_stackgap, .sv_onexec_old = exec_onexec_old, .sv_onexit = exit_onexit, .sv_set_fork_retval = x86_set_fork_retval, @@ -135,7 +134,6 @@ struct sysentvec elf64_freebsd_sysvec_la57 = { .sv_schedtail = NULL, .sv_thread_detach = NULL, .sv_trap = NULL, - .sv_stackgap = elf64_stackgap, .sv_onexec_old = exec_onexec_old, .sv_onexit = exit_onexit, .sv_set_fork_retval= x86_set_fork_retval, diff --git a/sys/arm64/arm64/elf_machdep.c b/sys/arm64/arm64/elf_machdep.c index 09cd72b864c2..3de0f82839e6 100644 --- a/sys/arm64/arm64/elf_machdep.c +++ b/sys/arm64/arm64/elf_machdep.c @@ -94,7 +94,6 @@ static struct sysentvec elf64_freebsd_sysvec = { .sv_schedtail = NULL, .sv_thread_detach = NULL, .sv_trap = NULL, - .sv_stackgap = elf64_stackgap, .sv_hwcap = &elf_hwcap, .sv_hwcap2 = &elf_hwcap2, .sv_onexec_old = exec_onexec_old, diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c index cc191d7ba753..60f46ad2cfba 100644 --- a/sys/compat/freebsd32/freebsd32_misc.c +++ b/sys/compat/freebsd32/freebsd32_misc.c @@ -3464,8 +3464,6 @@ freebsd32_copyout_strings(struct image_params *imgp, uintptr_t *stack_base) destp = rounddown2(destp, sizeof(uint32_t)); ustringp = destp; - exec_stackgap(imgp, &destp); - if (imgp->auxargs) { /* * Allocate room on the stack for the ELF auxargs diff --git a/sys/compat/ia32/ia32_sysvec.c b/sys/compat/ia32/ia32_sysvec.c index 7364a51a24af..540c2ef6fdaf 100644 --- a/sys/compat/ia32/ia32_sysvec.c +++ b/sys/compat/ia32/ia32_sysvec.c @@ -138,7 +138,6 @@ struct sysentvec ia32_freebsd_sysvec = { .sv_schedtail = NULL, .sv_thread_detach = NULL, .sv_trap = NULL, - .sv_stackgap = elf32_stackgap, .sv_onexec_old = exec_onexec_old, .sv_onexit = exit_onexit, .sv_set_fork_retval = x86_set_fork_retval, diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index 8852b47681f3..c3d19064f6e5 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -2757,22 +2757,3 @@ __elfN(untrans_prot)(vm_prot_t prot) flags |= PF_W; return (flags); } - -vm_size_t -__elfN(stackgap)(struct image_params *imgp, uintptr_t *stack_base) -{ - uintptr_t range, rbase, gap; - int pct; - - pct = __elfN(aslr_stack_gap); - if (pct == 0) - return (0); - if (pct > 50) - pct = 50; - range = imgp->eff_stack_sz * pct / 100; - arc4rand(&rbase, sizeof(rbase), 0); - gap = rbase % range; - gap &= ~(sizeof(u_long) - 1); - *stack_base -= gap; - return (gap); -} diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index ee0209c6afae..09d2461e4053 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -1200,9 +1200,6 @@ exec_new_vmspace(struct image_params *imgp, struct sysentvec *sv) } else { ssiz = maxssiz; } - imgp->eff_stack_sz = lim_cur(curthread, RLIMIT_STACK); - if (ssiz < imgp->eff_stack_sz) - imgp->eff_stack_sz = ssiz; stack_addr = sv->sv_usrstack - ssiz; stack_prot = obj != NULL && imgp->stack_prot != 0 ? imgp->stack_prot : sv->sv_stackprot; @@ -1557,21 +1554,6 @@ exec_args_get_begin_envv(struct image_args *args) return (args->endp); } -void -exec_stackgap(struct image_params *imgp, uintptr_t *dp) -{ - struct proc *p = imgp->proc; - - if (imgp->sysent->sv_stackgap == NULL || - (p->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE | - NT_FREEBSD_FCTL_ASG_DISABLE)) != 0 || - (imgp->map_flags & MAP_ASLR) == 0) { - p->p_vmspace->vm_stkgap = 0; - return; - } - p->p_vmspace->vm_stkgap = imgp->sysent->sv_stackgap(imgp, dp); -} - /* * Copy strings out to the new process address space, constructing new arg * and env vector tables. Return a pointer to the base so that it can be used @@ -1651,8 +1633,6 @@ exec_copyout_strings(struct image_params *imgp, uintptr_t *stack_base) destp = rounddown2(destp, sizeof(void *)); ustringp = destp; - exec_stackgap(imgp, &destp); - if (imgp->auxargs) { /* * Allocate room on the stack for the ELF auxargs diff --git a/sys/sys/elf_common.h b/sys/sys/elf_common.h index de09a2172f81..b8629fec8cbc 100644 --- a/sys/sys/elf_common.h +++ b/sys/sys/elf_common.h @@ -804,7 +804,7 @@ typedef struct { #define NT_FREEBSD_FCTL_STKGAP_DISABLE 0x00000004 #define NT_FREEBSD_FCTL_WXNEEDED 0x00000008 #define NT_FREEBSD_FCTL_LA48 0x00000010 -#define NT_FREEBSD_FCTL_ASG_DISABLE 0x00000020 /* ASLR STACK GAP Disable */ +/* was ASG_DISABLE, do not reuse 0x00000020 */ /* Values for n_type. Used in core files. */ #define NT_PRSTATUS 1 /* Process status. */ diff --git a/sys/sys/imgact.h b/sys/sys/imgact.h index 0e99737a84a7..70e5c2e81579 100644 --- a/sys/sys/imgact.h +++ b/sys/sys/imgact.h @@ -83,7 +83,6 @@ struct image_params { int pagesizeslen; vm_prot_t stack_prot; u_long stack_sz; - u_long eff_stack_sz; struct ucred *newcred; /* new credentials if changing */ #define IMGACT_SHELL 0x1 #define IMGACT_BINMISC 0x2 @@ -119,7 +118,6 @@ void exec_setregs(struct thread *, struct image_params *, uintptr_t); int exec_shell_imgact(struct image_params *); int exec_copyin_args(struct image_args *, const char *, enum uio_seg, char **, char **); -void exec_stackgap(struct image_params *imgp, uintptr_t *dp); int pre_execve(struct thread *td, struct vmspace **oldvmspace); void post_execve(struct thread *td, int error, struct vmspace *oldvmspace); #endif diff --git a/sys/sys/imgact_elf.h b/sys/sys/imgact_elf.h index 67b95207ec33..6890df5c1500 100644 --- a/sys/sys/imgact_elf.h +++ b/sys/sys/imgact_elf.h @@ -118,7 +118,6 @@ int __elfN(remove_brand_entry)(Elf_Brandinfo *entry); int __elfN(freebsd_fixup)(uintptr_t *, struct image_params *); int __elfN(coredump)(struct thread *, struct vnode *, off_t, int); size_t __elfN(populate_note)(int, void *, void *, size_t, void **); -vm_size_t __elfN(stackgap)(struct image_params *, uintptr_t *); int __elfN(freebsd_copyout_auxargs)(struct image_params *, uintptr_t); void __elfN(puthdr)(struct thread *, void *, size_t, int, size_t, int); void __elfN(prepare_notes)(struct thread *, struct note_info_list *, diff --git a/sys/sys/sysent.h b/sys/sys/sysent.h index c401a0f5b3e1..9883870891da 100644 --- a/sys/sys/sysent.h +++ b/sys/sys/sysent.h @@ -120,7 +120,6 @@ struct sysentvec { void (*sv_elf_core_prepare_notes)(struct thread *, struct note_info_list *, size_t *); int (*sv_imgact_try)(struct image_params *); - vm_size_t (*sv_stackgap)(struct image_params *, uintptr_t *); int (*sv_copyout_auxargs)(struct image_params *, uintptr_t); int sv_minsigstksz; /* minimum signal stack size */ diff --git a/usr.bin/elfctl/elfctl.c b/usr.bin/elfctl/elfctl.c index ef7f915ded30..de14551f76d9 100644 --- a/usr.bin/elfctl/elfctl.c +++ b/usr.bin/elfctl/elfctl.c @@ -71,8 +71,6 @@ static struct ControlFeatures featurelist[] = { { "nostackgap", NT_FREEBSD_FCTL_STKGAP_DISABLE, "Disable stack gap" }, { "wxneeded", NT_FREEBSD_FCTL_WXNEEDED, "Requires W+X mappings" }, { "la48", NT_FREEBSD_FCTL_LA48, "amd64: Limit user VA to 48bit" }, - { "noaslrstkgap", NT_FREEBSD_FCTL_ASG_DISABLE, - "Disable ASLR stack gap" }, }; static struct option long_opts[] = {