Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 2 Feb 2022 01:13:56 GMT
From:      Ed Maste <emaste@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: fd1501dcf0e8 - stable/13 - sanitizers: Improve FreeBSD ASLR detection
Message-ID:  <202202020113.2121DuTP042494@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=fd1501dcf0e88cb2c273a3de7710ef0fbd3fca43

commit fd1501dcf0e88cb2c273a3de7710ef0fbd3fca43
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-01-18 00:00:35 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-02-02 01:13:30 +0000

    sanitizers: Improve FreeBSD ASLR detection
    
    The kern.elf64.aslr.pie_enable and kern.elf32.aslr.pie_enable sysctls
    control the default setting for PIE binary address randomization, but
    it is possible to enable or disable ASLR on a per-process basis.  Use
    procctl(2) to query whether ASLR is enabled.
    
    (Note that with ASLR enabled but sysctl kern.elf64.aslr.pie_enable=0
    a PIE binary will in effect have randomization disabled, and be
    functional with msan.  This is not intended as as a user-facing control
    though.  The user can use proccontrol(1) to disable aslr for the
    process.)
    
    Approved by:    dim
    Obtained from:  LLVM 64de0064f315f57044294879d9ff4eacb454d45b
    MFC after:      2 weeks
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D33933
    
    (cherry picked from commit 7cafe89f9ce33effe6e471b185339d413da1ca46)
---
 .../lib/sanitizer_common/sanitizer_linux.cpp       | 25 +++++-----------------
 1 file changed, 5 insertions(+), 20 deletions(-)

diff --git a/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp b/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp
index 9b7d87eb85e1..09b3f31831df 100644
--- a/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp
+++ b/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp
@@ -80,6 +80,7 @@
 
 #if SANITIZER_FREEBSD
 #include <sys/exec.h>
+#include <sys/procctl.h>
 #include <sys/sysctl.h>
 #include <machine/atomic.h>
 extern "C" {
@@ -2187,30 +2188,14 @@ void CheckASLR() {
     ReExec();
   }
 #elif SANITIZER_FREEBSD
-  int aslr_pie;
-  uptr len = sizeof(aslr_pie);
-#if SANITIZER_WORDSIZE == 64
-  if (UNLIKELY(internal_sysctlbyname("kern.elf64.aslr.pie_enable",
-      &aslr_pie, &len, NULL, 0) == -1)) {
+  int aslr_status;
+  if (UNLIKELY(procctl(P_PID, 0, PROC_ASLR_STATUS, &aslr_status) == -1)) {
     // We're making things less 'dramatic' here since
-    // the OID is not necessarily guaranteed to be here
+    // the cmd is not necessarily guaranteed to be here
     // just yet regarding FreeBSD release
     return;
   }
-
-  if (aslr_pie > 0) {
-    Printf("This sanitizer is not compatible with enabled ASLR "
-           "and binaries compiled with PIE\n");
-    Die();
-  }
-#endif
-  // there might be 32 bits compat for 64 bits
-  if (UNLIKELY(internal_sysctlbyname("kern.elf32.aslr.pie_enable",
-      &aslr_pie, &len, NULL, 0) == -1)) {
-    return;
-  }
-
-  if (aslr_pie > 0) {
+  if ((aslr_status & PROC_ASLR_ACTIVE) != 0) {
     Printf("This sanitizer is not compatible with enabled ASLR "
            "and binaries compiled with PIE\n");
     Die();



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202202020113.2121DuTP042494>