kern/181497: [kernel] [patch] Add ASLR feature to kernel
Shawn Webb
lattera at gmail.com
Mon Feb 10 00:40:01 UTC 2014
The following reply was made to PR kern/181497; it has been noted by GNATS.
From: Shawn Webb <lattera at gmail.com>
To: bug-followup at FreeBSD.org,
steven at roothosts.com
Cc:
Subject: Re: kern/181497: [kernel] [patch] Add ASLR feature to kernel
Date: Sun, 9 Feb 2014 19:37:03 -0500
--Apple-Mail=_C84F0573-719D-4AC2-8D2A-DD418EFCAAE8
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
Attached is a patch that applies on top of the existing patch to fix a =
few minor bugs.
Thanks,
Shawn
--Apple-Mail=_C84F0573-719D-4AC2-8D2A-DD418EFCAAE8
Content-Disposition: attachment;
filename=aslr-2014-02-09.patch.txt
Content-Type: text/plain;
x-unix-mode=0644;
name="aslr-2014-02-09.patch.txt"
Content-Transfer-Encoding: quoted-printable
diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
index 3f9487c..3a36f20 100644
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@@ -603,7 +603,9 @@ __elfN(load_file)(struct proc *p, const char *file, =
u_long *addr,
u_long rbase;
u_long base_addr =3D 0;
int error, i, numsegs;
- struct prison *pr; /* For ASLR */
+#ifdef PAX_ASLR
+ struct prison *pr;
+#endif
=20
#ifdef CAPABILITY_MODE
/*
@@ -659,22 +661,21 @@ __elfN(load_file)(struct proc *p, const char =
*file, u_long *addr,
hdr =3D (const Elf_Ehdr *)imgp->image_header;
if ((error =3D __elfN(check_header)(hdr)) !=3D 0)
goto fail;
- if (hdr->e_type =3D=3D ET_DYN)
+ if (hdr->e_type =3D=3D ET_DYN) {
rbase =3D *addr;
- else if (hdr->e_type =3D=3D ET_EXEC)
+#ifdef PAX_ASLR
+ pr =3D pax_aslr_get_prison(NULL, imgp->proc);
+ if (pax_aslr_active(NULL, imgp->proc)) {
+ rbase +=3D round_page(PAX_ASLR_DELTA(arc4random(), =
PAX_ASLR_DELTA_EXEC_LSB, pr->pr_pax_aslr_exec_len));
+ }
+#endif
+ } else if (hdr->e_type =3D=3D ET_EXEC) {
rbase =3D 0;
- else {
+ } else {
error =3D ENOEXEC;
goto fail;
}
=20
-#ifdef PAX_ASLR
- pr =3D pax_aslr_get_prison(NULL, imgp->proc);
- if (pax_aslr_active(NULL, imgp->proc)) {
- rbase +=3D round_page(PAX_ASLR_DELTA(arc4random(), =
PAX_ASLR_DELTA_EXEC_LSB, pr->pr_pax_aslr_exec_len));
- }
-#endif
-
/* Only support headers that fit within first page for now =
*/
if ((hdr->e_phoff > PAGE_SIZE) ||
(u_int)hdr->e_phentsize * hdr->e_phnum > PAGE_SIZE - =
hdr->e_phoff) {
diff --git a/sys/kern/kern_pax.c b/sys/kern/kern_pax.c
index 9182606..7654e5b 100644
--- a/sys/kern/kern_pax.c
+++ b/sys/kern/kern_pax.c
@@ -528,7 +528,6 @@ pax_aslr_init(struct thread *td, struct image_params =
*imgp)
vm->vm_aslr_delta_stack =3D PAX_ASLR_DELTA(arc4random(),
PAX_ASLR_DELTA_STACK_LSB, (pr !=3D NULL) ? =
pr->pr_pax_aslr_stack_len : pax_aslr_stack_len);
vm->vm_aslr_delta_stack =3D ALIGN(vm->vm_aslr_delta_stack);
- vm->vm_aslr_delta_exec =3D round_page(PAX_ASLR_DELTA(arc4random(), =
PAX_ASLR_DELTA_EXEC_LSB, (pr !=3D NULL) ? pr->pr_pax_aslr_exec_len : =
pax_aslr_exec_len));
#else /* COMPAT_FREEBSD32 */
if ((sv_flags & SV_LP64) !=3D 0) {
vm->vm_aslr_delta_mmap =3D PAX_ASLR_DELTA(arc4random(),
--Apple-Mail=_C84F0573-719D-4AC2-8D2A-DD418EFCAAE8--
More information about the freebsd-bugs
mailing list