Date: Fri, 4 Feb 2022 17:40:25 -0800 From: Mark Millard <marklmi@yahoo.com> To: bob prohaska <fbsd@www.zefox.net> Cc: freebsd-arm@freebsd.org Subject: Re: Troubles building world on stable/13 [How to set just the compiler to avoid ASLR being enabled for it: DOES NOT WORK] Message-ID: <1B332BCA-B296-4DB6-96E5-272B6062ECA6@yahoo.com> In-Reply-To: <0E1C03AD-7600-4680-A27A-985E6DC64B0C@yahoo.com> References: <20220124165449.GA39982@www.zefox.net> <5FAC2B2C-7740-435E-A183-FB3EF1FCE7F9@yahoo.com> <20220202223208.GA78110@www.zefox.net> <70550346-BC53-458F-B01B-68559E5C9847@yahoo.com> <20220203015149.GA78722@www.zefox.net> <8A85F917-F4E8-4382-B777-15AF7401E616@yahoo.com> <D93232D9-BCBF-4C65-B984-D95CB12ADFCD@yahoo.com> <C3D8ABCB-C7CC-4D88-B648-7C31C5BCC96E@yahoo.com> <20220204214403.GA85107@www.zefox.net> <B5FD0DF9-283E-49F1-BF73-2D8675B3E72E@yahoo.com> <20220205000800.GA85644@www.zefox.net> <51D494E4-6D8D-49C7-8F0C-FD53311264A5@yahoo.com> <0E1C03AD-7600-4680-A27A-985E6DC64B0C@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2022-Feb-4, at 17:34, Mark Millard <marklmi@yahoo.com> wrote: > The following shows how to examine and control the compiler's ASLR > status (notation shown presumes first cd'ing to where the c++ file > is): > > # elfctl c++ > File 'c++' features: > noaslr 'Disable ASLR' is unset. > noprotmax 'Disable implicit PROT_MAX' is unset. > nostackgap 'Disable stack gap' is unset. > wxneeded 'Requires W+X mappings' is unset. > la48 'amd64: Limit user VA to 48bit' is unset. > noaslrstkgap 'Disable ASLR stack gap' is unset. > > # elfctl -e +noaslr c++ > > # elfctl c++ > File 'c++' features: > noaslr 'Disable ASLR' is set. > noprotmax 'Disable implicit PROT_MAX' is unset. > nostackgap 'Disable stack gap' is unset. > wxneeded 'Requires W+X mappings' is unset. > la48 'amd64: Limit user VA to 48bit' is unset. > noaslrstkgap 'Disable ASLR stack gap' is unset. > > (noaslrstkgap may be fairly specific to the vintage of > main [so: 14] that I'm at and so might not show up.) > > Being tied to the file, this survives reboots. > > This should avoid needing the system wide disable > that I'd previously listed. In other words: no need > for: > > # sysctl kern.elf64.aslr.enable=0 > > (which would not survive a reboot). > Well, on testing, this did not work in my context: still can fail and still shows vm.aslr_restarts increasing the same way as before I updated the c++ file: success increments by 1 and failure increments by 2. So I'm back to indicating to use: # sysctl kern.elf64.aslr.enable=0 === Mark Millard marklmi at yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1B332BCA-B296-4DB6-96E5-272B6062ECA6>