On Thu, 17 May 2007 22:24:11 +0200 (CEST)
Jan Kratochvil <[email protected]> wrote:
> This patch is using mmap()'s randomization functionality in such a way
> that it maps the main executable of (specially compiled/linked -pie/-fpie)
> ET_DYN binaries onto a random address (in cases in which mmap() is allowed
> to perform a randomization).
>
> Origin of this patch is in exec-shield (http://people.redhat.com/mingo/exec-shield/)
From: Andrew Morton <[email protected]>
- the compiler knows how to inline things
- return -EINVAL on zero-size, not -EIO
- reduce scope of local `interp_map_addr', remove unneeded initialisation,
add needed comment.
- coding-style repairs
Cc: Jan Kratochvil <[email protected]>
Cc: Jiri Kosina <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Roland McGrath <[email protected]>
Cc: Jakub Jelinek <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
---
fs/binfmt_elf.c | 26 +++++++++++++++++---------
1 files changed, 17 insertions(+), 9 deletions(-)
diff -puN fs/binfmt_elf.c~pie-randomization-fix fs/binfmt_elf.c
--- a/fs/binfmt_elf.c~pie-randomization-fix
+++ a/fs/binfmt_elf.c
@@ -322,17 +322,17 @@ static unsigned long elf_map(struct file
#endif /* !elf_map */
-static inline unsigned long total_mapping_size(struct elf_phdr *cmds, int nr)
+static unsigned long total_mapping_size(struct elf_phdr *cmds, int nr)
{
int i, first_idx = -1, last_idx = -1;
- for (i = 0; i < nr; i++)
+ for (i = 0; i < nr; i++) {
if (cmds[i].p_type == PT_LOAD) {
last_idx = i;
if (first_idx == -1)
first_idx = i;
}
-
+ }
if (first_idx == -1)
return 0;
@@ -396,8 +396,10 @@ static unsigned long load_elf_interp(str
}
total_size = total_mapping_size(elf_phdata, interp_elf_ex->e_phnum);
- if (!total_size)
+ if (!total_size) {
+ error = -EINVAL;
goto out_close;
+ }
eppnt = elf_phdata;
for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
@@ -586,7 +588,8 @@ static int load_elf_binary(struct linux_
int elf_exec_fileno;
int retval, i;
unsigned int size;
- unsigned long elf_entry, interp_load_addr = 0, interp_map_addr = 0;
+ unsigned long elf_entry;
+ unsigned long interp_load_addr = 0;
unsigned long start_code, end_code, start_data, end_data;
unsigned long reloc_func_desc = 0;
char passed_fileno[6];
@@ -908,7 +911,7 @@ static int load_elf_binary(struct linux_
* default mmap base, as well as whatever program they
* might try to exec. This is because the brk will
* follow the loader, and is not movable. */
-#if defined(__i386__) || defined(__x86_64__)
+#ifdef CONFIG_X86
load_bias = 0;
#else
load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
@@ -992,16 +995,21 @@ static int load_elf_binary(struct linux_
}
if (elf_interpreter) {
- if (interpreter_type == INTERPRETER_AOUT)
+ if (interpreter_type == INTERPRETER_AOUT) {
elf_entry = load_aout_interp(&loc->interp_ex,
interpreter);
- else {
+ } else {
+ unsigned long interp_map_addr; /* unused */
+
elf_entry = load_elf_interp(&loc->interp_elf_ex,
interpreter,
&interp_map_addr,
load_bias);
if (!BAD_ADDR(elf_entry)) {
- /* load_elf_interp() returns relocation adjustment */
+ /*
+ * load_elf_interp() returns relocation
+ * adjustment
+ */
interp_load_addr = elf_entry;
elf_entry += loc->interp_elf_ex.e_entry;
}
_
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]