| Message ID | 1412919926-13123-1-git-send-email-vvijayan@mvista.com (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | Anatolij Gustschin |
| Headers | show |
On Fri, 2014-10-10 at 05:45:26 UTC, Vineeth Vijayan wrote: > Right now there is no way to disable TEXT randomization on a PPC32 > machine. text randomization happens even in the case of "echo 0 > > /proc/sys/kernel/randomize_va_space" Yeah it seems to happen on ppc64 too. > This happens due to the incorrect definition of ELF_ET_DYN_BASE at > arch/powerpc/include/asm/elf.h What is incorrect about it? We are not the only arch that does that. I'm not clear on what has changed to break this? cheers
On Wed, Oct 15, 2014 at 7:38 AM, Michael Ellerman <mpe@ellerman.id.au> wrote: > On Fri, 2014-10-10 at 05:45:26 UTC, Vineeth Vijayan wrote: >> Right now there is no way to disable TEXT randomization on a PPC32 >> machine. text randomization happens even in the case of "echo 0 > >> /proc/sys/kernel/randomize_va_space" > > Yeah it seems to happen on ppc64 too. > >> This happens due to the incorrect definition of ELF_ET_DYN_BASE at >> arch/powerpc/include/asm/elf.h > > What is incorrect about it? We are not the only arch that does that. > I think we are one of the arch which does it. The same has been tested on x86 and arm, where ELF_ET_DYN_BASE doesn’t use randomize_et_dyn call, and it works properly as per the user-space definition of randomization; (i.e when at "echo 0 > /proc/sys/kernel/randomize_va_space", TEXT randomization should not happen.) > I'm not clear on what has changed to break this? > > cheers
ping ! any update on this ? As i understand, only powerpc and s390 uses the randomize_et_dyn call; for all other architecture this is an obsolete function call. this call for another patch where randomize_et_dyn is removed. Vineeth On Wed, Oct 15, 2014 at 12:08 PM, Vineeth Vijayan <vvijayan@mvista.com> wrote: > On Wed, Oct 15, 2014 at 7:38 AM, Michael Ellerman <mpe@ellerman.id.au> > wrote: > > On Fri, 2014-10-10 at 05:45:26 UTC, Vineeth Vijayan wrote: > >> Right now there is no way to disable TEXT randomization on a PPC32 > >> machine. text randomization happens even in the case of "echo 0 > > >> /proc/sys/kernel/randomize_va_space" > > > > Yeah it seems to happen on ppc64 too. > > > >> This happens due to the incorrect definition of ELF_ET_DYN_BASE at > >> arch/powerpc/include/asm/elf.h > > > > What is incorrect about it? We are not the only arch that does that. > > > > I think we are one of the arch which does it. > The same has been tested on x86 and arm, where ELF_ET_DYN_BASE doesn’t > use randomize_et_dyn call, and it works properly as per the user-space > definition of randomization; > > (i.e when at "echo 0 > /proc/sys/kernel/randomize_va_space", TEXT > randomization should not happen.) > > > I'm not clear on what has changed to break this? > > > > cheers >
ping ! any update on this ? As i understand, only powerpc and s390 uses the randomize_et_dyn call; for all other architecture this is an obsolete function call. this call for another patch where randomize_et_dyn is removed. On Wed, Oct 15, 2014 at 12:08 PM, Vineeth Vijayan <vvijayan@mvista.com> wrote: > On Wed, Oct 15, 2014 at 7:38 AM, Michael Ellerman <mpe@ellerman.id.au> wrote: >> On Fri, 2014-10-10 at 05:45:26 UTC, Vineeth Vijayan wrote: >>> Right now there is no way to disable TEXT randomization on a PPC32 >>> machine. text randomization happens even in the case of "echo 0 > >>> /proc/sys/kernel/randomize_va_space" >> >> Yeah it seems to happen on ppc64 too. >> >>> This happens due to the incorrect definition of ELF_ET_DYN_BASE at >>> arch/powerpc/include/asm/elf.h >> >> What is incorrect about it? We are not the only arch that does that. >> > > I think we are one of the arch which does it. > The same has been tested on x86 and arm, where ELF_ET_DYN_BASE doesn’t > use randomize_et_dyn call, and it works properly as per the user-space > definition of randomization; > > (i.e when at "echo 0 > /proc/sys/kernel/randomize_va_space", TEXT > randomization should not happen.) > >> I'm not clear on what has changed to break this? >> >> cheers
On Fri, 2014-11-14 at 11:03 +0530, Vineeth Vijayan wrote: > ping ! > > any update on this ? As i understand, only powerpc and s390 uses the > randomize_et_dyn call; for all other architecture this is an obsolete > function call. I asked: > >> I'm not clear on what has changed to break this? And you didn't tell me. > this call for another patch where randomize_et_dyn is removed. Patches welcome :) cheers
On Fri, Nov 14, 2014 at 11:50 AM, Michael Ellerman <mpe@ellerman.id.au> wrote: > On Fri, 2014-11-14 at 11:03 +0530, Vineeth Vijayan wrote: >> ping ! >> >> any update on this ? As i understand, only powerpc and s390 uses the >> randomize_et_dyn call; for all other architecture this is an obsolete >> function call. > > I asked: > >> >> I'm not clear on what has changed to break this? > Disabling PIE randomization was added in the commit a3defbe5c337dbc6da911f8cc49ae3cc3b49b453 (binfmt_elf: fix PIE execution with randomization disabled). The randomization is decided as per the randomize_va_space sysctl flag. As i understand, the randomization of the base address is implemented at elf_map and not from the arch/<>/include/asm/elf.h Now, for powerpc, there's no support to disable the PIE randomization, even after we disable the same form randomize_va_space sysctl.This patch gives the support to disable PIE randomization in case it is disabled from this sysctl. > And you didn't tell me. > >> this call for another patch where randomize_et_dyn is removed. > > Patches welcome :) > i will follow up with the patch. > cheers > >
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 4bc7b62..f99ddae 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -88,6 +88,7 @@ config PPC select ARCH_MIGHT_HAVE_PC_PARPORT select ARCH_MIGHT_HAVE_PC_SERIO select BINFMT_ELF + select ARCH_BINFMT_ELF_RANDOMIZE_PIE select OF select OF_EARLY_FLATTREE select OF_RESERVED_MEM diff --git a/arch/powerpc/include/asm/elf.h b/arch/powerpc/include/asm/elf.h index 888d8f3..162813b 100644 --- a/arch/powerpc/include/asm/elf.h +++ b/arch/powerpc/include/asm/elf.h @@ -29,7 +29,7 @@ that it will "exec", and that there is sufficient room for the brk. */ extern unsigned long randomize_et_dyn(unsigned long base); -#define ELF_ET_DYN_BASE (randomize_et_dyn(0x20000000)) +#define ELF_ET_DYN_BASE (0x20000000) #define ELF_CORE_EFLAGS (is_elf2_task() ? 2 : 0)
Right now there is no way to disable TEXT randomization on a PPC32 machine. text randomization happens even in the case of "echo 0 > /proc/sys/kernel/randomize_va_space" This happens due to the incorrect definition of ELF_ET_DYN_BASE at arch/powerpc/include/asm/elf.h Signed-off-by: Vineeth Vijayan <vvijayan@mvista.com> --- Test details: #include <stdio.h> int main(int argc,char *argv) { printf("main = %p\n",main); return 0; } Compile the same as position-independent executable Results without Patch: p5040ds:~# gcc test.c -o test -fPIE -pie p5040ds:~# echo 2 > /proc/sys/kernel/randomize_va_space p5040ds:~# ./test main = 0xb7e9681c p5040ds:~# ./test main = 0xb7aba81c p5040ds:~# ./test main = 0xb7fac81c p5040ds:~# ./test main = 0xb7f4c81c p5040ds:~# echo 0 > /proc/sys/kernel/randomize_va_space p5040ds:~# ./test main = 0x2010281c p5040ds:~# ./test main = 0x2018d81c p5040ds:~# ./test main = 0x206a981c p5040ds:~# ./test main = 0x2036681c Results with Patch: p5040ds:~# gcc test.c -o test -fPIE -pie p5040ds:~# p5040ds:~# echo 2 > /proc/sys/kernel/randomize_va_space p5040ds:~# p5040ds:~# ./test main = 0xb78a581c p5040ds:~# ./test main = 0xb792c81c p5040ds:~# ./test main = 0xb79de81c p5040ds:~# ./test main = 0xb78ae81c p5040ds:~# echo 0 > /proc/sys/kernel/randomize_va_space p5040ds:~# p5040ds:~# ./test main = 0x2000081c p5040ds:~# ./test main = 0x2000081c p5040ds:~# ./test main = 0x2000081c p5040ds:~# ./test main = 0x2000081c arch/powerpc/Kconfig | 1 + arch/powerpc/include/asm/elf.h | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-)