From owner-dev-commits-src-branches@freebsd.org Sat Dec 26 00:04:51 2020 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DCF6C4CD479; Sat, 26 Dec 2020 00:04:51 +0000 (UTC) (envelope-from bdragon@imap.cc) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4D2kZm5QYkz4XVj; Sat, 26 Dec 2020 00:04:48 +0000 (UTC) (envelope-from bdragon@imap.cc) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id D3AEF5C00B9; Fri, 25 Dec 2020 19:04:47 -0500 (EST) Received: from imap1 ([10.202.2.51]) by compute5.internal (MEProxy); Fri, 25 Dec 2020 19:04:47 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=imap.cc; h= mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm2; bh=eo2pGbBSJInuh8JxedamiJz1dOHLZqD +00yl2LtNs5c=; b=harIzyUwnYa1eyvZIoTa2AvyGkixmlsWOOF7cXDAsOTvHv7 KNSjPCnrio1uvcza06aSR0DdTgxXEEXghqFcwxexbl8Ug/l8WLURERGQw9yeGdjf GhbJIcVbI7zp2X9P3tmM8cKlEJ2jlre8SLjD3eB4kX44V+FhsyPwXgs223I1Kh9Z tzBDBQ5zW0xHP+1UXKPWOMXz3h7ECG8kd9/0W6Jk6x7sai9djMYctZMdDKCqWke/ TELgsyKwb/yLGiReopEhPqkTyikA9DUnMqTAlFWPEVqD3aCMAtcj+7SktHumo0lK LkadzOM4DJuIugd4SkMGpZZID714uQhjYGzyv5Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=eo2pGb BSJInuh8JxedamiJz1dOHLZqD+00yl2LtNs5c=; b=jp5gnIN24d9TtDbK5r7Vik qt+wG1kVNkRyGCeB/nY8pD3JxPDH63vN3CvVoTERnGy1y3TGBxHQjYofycO/giq/ 0pExweJpOfRUeRP41ewPPeubGt4CkloO+ZD3xBmq82dGHzTdb3CvfdxUb98C12jg ArqPJmBNmV5yAAzKSCPouYepx4+4Ac3QLWPmxXcZERYMQSCcGSQB9f74Mg6bnODj qS0GDYcgI1iRdayflbKJHdmlWkurtaZTZ+jMR0CmZJDRnlYUAxxp7tJhswdSUNVL tc3FQSmSr8oi3HrWBtPpqHVilfi4kxZtKmFgBrS/M+S1lRvuQNZV/U+QSxM1NfKQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrvdduvddgudehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucgfrhhlucfvnfffucdluddtmdenucfjughrpefofg ggkfgjfhffhffvufgtsehttdertderreejnecuhfhrohhmpedfuehrrghnughonhcuuegv rhhgrhgvnhdfuceosggurhgrghhonhesihhmrghprdgttgeqnecuggftrfgrthhtvghrnh epgfffieeihedugfffhfehjeetfeekuedvgefgjefhhffhiefhfeejledtieejjeffnecu ffhomhgrihhnpehfrhgvvggsshgurdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomhepsggurhgrghhonhesihhmrghprdgttg X-ME-Proxy: Received: by mailuser.nyi.internal (Postfix, from userid 501) id ED15DC200A5; Fri, 25 Dec 2020 19:04:47 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.3.1-61-gb52c239-fm-20201210.001-gb52c2396 Mime-Version: 1.0 Message-Id: <0daef1d3-4b70-430e-acfe-5c881a53341c@www.fastmail.com> In-Reply-To: <202012251347.0BPDlc8U082236@gitrepo.freebsd.org> References: <202012251347.0BPDlc8U082236@gitrepo.freebsd.org> Date: Fri, 25 Dec 2020 18:04:27 -0600 From: "Brandon Bergren" To: "Konstantin Belousov" , src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: =?UTF-8?Q?Re:_git:_ed52452d6e52_-_MFC_r368772:_Add_ELF_flag_to_disable_A?= =?UTF-8?Q?SLR_stack_gap.?= Content-Type: text/plain X-Rspamd-Queue-Id: 4D2kZm5QYkz4XVj X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Commit messages for the stable branches of the src repository." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Dec 2020 00:04:51 -0000 Build broken on stable-12 i386 (detected by my local CI where I'm testing git CI): 17:26:24 --- kern_exec.o --- 17:26:24 /usr/src/sys/kern/kern_exec.c:1508:34: error: incompatible pointer types passing 'uintptr_t *' (aka 'unsigned int *') to parameter of type 'u_long *' (aka 'unsigned long *') [-Werror,-Wincompatible-pointer-types] 17:26:24 imgp->sysent->sv_stackgap(imgp, dp); 17:26:24 ^~ On Fri, Dec 25, 2020, at 7:47 AM, Konstantin Belousov wrote: > The branch stable/12 has been updated by kib: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=ed52452d6e52a37409c15b13c0efca8d0b28c44e > > commit ed52452d6e52a37409c15b13c0efca8d0b28c44e > Author: Konstantin Belousov > AuthorDate: 2020-12-18 23:14:39 +0000 > Commit: Konstantin Belousov > CommitDate: 2020-12-25 13:44:33 +0000 > > MFC r368772: > Add ELF flag to disable ASLR stack gap. > > PR: 239873 > > (cherry picked from commit 673e2dd652156342009930cf1f7d15623e4a543a) > --- > sys/compat/freebsd32/freebsd32_misc.c | 3 +-- > sys/kern/imgact_elf.c | 2 -- > sys/kern/kern_exec.c | 14 ++++++++++++-- > sys/sys/elf_common.h | 1 + > sys/sys/imgact.h | 1 + > usr.bin/elfctl/elfctl.c | 1 + > 6 files changed, 16 insertions(+), 6 deletions(-) > > diff --git a/sys/compat/freebsd32/freebsd32_misc.c > b/sys/compat/freebsd32/freebsd32_misc.c > index 76054c8046a0..6c9ede34c1dc 100644 > --- a/sys/compat/freebsd32/freebsd32_misc.c > +++ b/sys/compat/freebsd32/freebsd32_misc.c > @@ -3224,9 +3224,8 @@ freebsd32_copyout_strings(struct image_params > *imgp) > destp -= ARG_MAX - imgp->args->stringspace; > destp = rounddown2(destp, sizeof(uint32_t)); > > + exec_stackgap(imgp, &destp); > vectp = (uint32_t *)destp; > - if (imgp->sysent->sv_stackgap != NULL) > - imgp->sysent->sv_stackgap(imgp, (u_long *)&vectp); > > if (imgp->auxargs) { > /* > diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c > index b1828591fc33..e436c34d1d1b 100644 > --- a/sys/kern/imgact_elf.c > +++ b/sys/kern/imgact_elf.c > @@ -2757,8 +2757,6 @@ __elfN(stackgap)(struct image_params *imgp, > u_long *stack_base) > u_long range, rbase, gap; > int pct; > > - if ((imgp->map_flags & MAP_ASLR) == 0) > - return; > pct = __elfN(aslr_stack_gap); > if (pct == 0) > return; > diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c > index cd6c231479bb..812d5e827093 100644 > --- a/sys/kern/kern_exec.c > +++ b/sys/kern/kern_exec.c > @@ -1497,6 +1497,17 @@ exec_free_args(struct image_args *args) > fdescfree_remapped(args->fdp); > } > > +void > +exec_stackgap(struct image_params *imgp, uintptr_t *dp) > +{ > + if (imgp->sysent->sv_stackgap == NULL || > + (imgp->proc->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE | > + NT_FREEBSD_FCTL_ASG_DISABLE)) != 0 || > + (imgp->map_flags & MAP_ASLR) == 0) > + return; > + imgp->sysent->sv_stackgap(imgp, dp); > +} > + > /* > * Copy strings out to the new process address space, constructing new arg > * and env vector tables. Return a pointer to the base so that it can be used > @@ -1574,9 +1585,8 @@ exec_copyout_strings(struct image_params *imgp) > destp -= ARG_MAX - imgp->args->stringspace; > destp = rounddown2(destp, sizeof(void *)); > > + exec_stackgap(imgp, &destp); > vectp = (char **)destp; > - if (imgp->sysent->sv_stackgap != NULL) > - imgp->sysent->sv_stackgap(imgp, (u_long *)&vectp); > > if (imgp->auxargs) { > /* > diff --git a/sys/sys/elf_common.h b/sys/sys/elf_common.h > index b31ee6db7179..c469557a96e1 100644 > --- a/sys/sys/elf_common.h > +++ b/sys/sys/elf_common.h > @@ -791,6 +791,7 @@ typedef struct { > #define NT_FREEBSD_FCTL_STKGAP_DISABLE 0x00000004 > #define NT_FREEBSD_FCTL_WXNEEDED 0x00000008 > #define NT_FREEBSD_FCTL_LA48 0x00000010 > +#define NT_FREEBSD_FCTL_ASG_DISABLE 0x00000020 /* ASLR STACK GAP Disable */ > > /* Values for n_type. Used in core files. */ > #define NT_PRSTATUS 1 /* Process status. */ > diff --git a/sys/sys/imgact.h b/sys/sys/imgact.h > index a89907e7b60d..44bf8a1359c9 100644 > --- a/sys/sys/imgact.h > +++ b/sys/sys/imgact.h > @@ -110,6 +110,7 @@ int exec_copyin_args(struct image_args *, char *, > enum uio_seg, > char **, char **); > int exec_copyin_data_fds(struct thread *, struct image_args *, const > void *, > size_t, const int *, size_t); > +void exec_stackgap(struct image_params *imgp, uintptr_t *dp); > int pre_execve(struct thread *td, struct vmspace **oldvmspace); > void post_execve(struct thread *td, int error, struct vmspace > *oldvmspace); > #endif > diff --git a/usr.bin/elfctl/elfctl.c b/usr.bin/elfctl/elfctl.c > index ccc1c85007ce..d18d828e151c 100644 > --- a/usr.bin/elfctl/elfctl.c > +++ b/usr.bin/elfctl/elfctl.c > @@ -70,6 +70,7 @@ static struct ControlFeatures featurelist[] = { > #ifdef NT_FREEBSD_FCTL_LA48 > { "la48", NT_FREEBSD_FCTL_LA48, "amd64: Limit user VA to 48bit" }, > #endif > + { "aslrstkgap", NT_FREEBSD_FCTL_ASG_DISABLE, "Disable ASLR stack gap" > }, > }; > > static struct option long_opts[] = { > -- Brandon Bergren bdragon@imap.cc