Date: Sat, 3 Dec 2022 17:25:00 GMT From: Lorenzo Salvadore <salvadore@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: a051e5a32dd9 - main - lang/gcc11: Re-execute program with ASLR disabled when necessary Message-ID: <202212031725.2B3HP0kl021246@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by salvadore: URL: https://cgit.FreeBSD.org/ports/commit/?id=a051e5a32dd9b36fe2b03fe152b94ee2cdce4926 commit a051e5a32dd9b36fe2b03fe152b94ee2cdce4926 Author: Lorenzo Salvadore <salvadore@FreeBSD.org> AuthorDate: 2022-11-26 22:13:47 +0000 Commit: Lorenzo Salvadore <salvadore@FreeBSD.org> CommitDate: 2022-12-03 17:24:17 +0000 lang/gcc11: Re-execute program with ASLR disabled when necessary Software compiled with -fsanitize=address needs ASLR to be disabled to run successfully. Add patches taken from the commits listed below that improve ASLR detection and re-execute the program with ASLR disabled if necessary. https://cgit.freebsd.org/src/commit/?id=7cafe89f9ce33effe6e471b185339d413da1ca46 https://cgit.freebsd.org/src/commit/?id=930a7c2ac67e1e8e511aa1d0a31a16c632060ebb https://cgit.freebsd.org/src/commit/?id=96fe7c8ab0f65cf829619abd74ae6c126b21e15f PR: 267751 --- lang/gcc11/Makefile | 2 +- ...anitizer_sanitizer__common_sanitizer__linux.cpp | 61 ++++++++++++++++++++++ ...sanitizer__common_sanitizer__linux__libcdep.cpp | 32 ++++++++++++ 3 files changed, 94 insertions(+), 1 deletion(-) diff --git a/lang/gcc11/Makefile b/lang/gcc11/Makefile index 2e9c25e83c4f..0dc1f02f0803 100644 --- a/lang/gcc11/Makefile +++ b/lang/gcc11/Makefile @@ -1,6 +1,6 @@ PORTNAME= gcc PORTVERSION= 11.3.0 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= lang MASTER_SITES= GCC PKGNAMESUFFIX= ${SUFFIX} diff --git a/lang/gcc11/files/patch-libsanitizer_sanitizer__common_sanitizer__linux.cpp b/lang/gcc11/files/patch-libsanitizer_sanitizer__common_sanitizer__linux.cpp new file mode 100644 index 000000000000..bf9b0df79e0b --- /dev/null +++ b/lang/gcc11/files/patch-libsanitizer_sanitizer__common_sanitizer__linux.cpp @@ -0,0 +1,61 @@ +Patch taken from the following commits: + +- https://cgit.freebsd.org/src/commit/?id=7cafe89f9ce33effe6e471b185339d413da1ca46 +- https://cgit.freebsd.org/src/commit/?id=930a7c2ac67e1e8e511aa1d0a31a16c632060ebb + +--- libsanitizer/sanitizer_common/sanitizer_linux.cpp.orig 2022-11-26 10:40:30 UTC ++++ libsanitizer/sanitizer_common/sanitizer_linux.cpp +@@ -80,6 +80,7 @@ + + #if SANITIZER_FREEBSD + #include <sys/exec.h> ++#include <sys/procctl.h> + #include <sys/sysctl.h> + #include <machine/atomic.h> + extern "C" { +@@ -2171,33 +2172,20 @@ void CheckASLR() { + ReExec(); + } + #elif SANITIZER_FREEBSD +- int aslr_pie; +- uptr len = sizeof(aslr_pie); +-#if SANITIZER_WORDSIZE == 64 +- if (UNLIKELY(internal_sysctlbyname("kern.elf64.aslr.pie_enable", +- &aslr_pie, &len, NULL, 0) == -1)) { +- // We're making things less 'dramatic' here since +- // the OID is not necessarily guaranteed to be here ++ int aslr_status; ++ if (UNLIKELY(procctl(P_PID, 0, PROC_ASLR_STATUS, &aslr_status) == -1)) { ++ // We're making things less 'dramatic' here since ++ // the cmd is not necessarily guaranteed to be here + // just yet regarding FreeBSD release + return; +- } +- +- if (aslr_pie > 0) { +- Printf("This sanitizer is not compatible with enabled ASLR " +- "and binaries compiled with PIE\n"); +- Die(); +- } +-#endif +- // there might be 32 bits compat for 64 bits +- if (UNLIKELY(internal_sysctlbyname("kern.elf32.aslr.pie_enable", +- &aslr_pie, &len, NULL, 0) == -1)) { +- return; +- } +- +- if (aslr_pie > 0) { +- Printf("This sanitizer is not compatible with enabled ASLR " +- "and binaries compiled with PIE\n"); +- Die(); ++ } ++ if ((aslr_status & PROC_ASLR_ACTIVE) != 0) { ++ VReport(1, "This sanitizer is not compatible with enabled ASLR " ++ "and binaries compiled with PIE\n" ++ "ASLR will be disabled and the program re-executed.\n"); ++ int aslr_ctl = PROC_ASLR_FORCE_DISABLE; ++ CHECK_NE(procctl(P_PID, 0, PROC_ASLR_CTL, &aslr_ctl), -1); ++ ReExec(); + } + #else + // Do nothing diff --git a/lang/gcc11/files/patch-libsanitizer_sanitizer__common_sanitizer__linux__libcdep.cpp b/lang/gcc11/files/patch-libsanitizer_sanitizer__common_sanitizer__linux__libcdep.cpp new file mode 100644 index 000000000000..7f13f8591313 --- /dev/null +++ b/lang/gcc11/files/patch-libsanitizer_sanitizer__common_sanitizer__linux__libcdep.cpp @@ -0,0 +1,32 @@ +Patch taken from + +https://cgit.freebsd.org/src/commit/?id=96fe7c8ab0f65cf829619abd74ae6c126b21e15f + +--- libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cpp.orig 2022-11-26 09:47:34 UTC ++++ libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cpp +@@ -45,7 +45,9 @@ + + #if SANITIZER_FREEBSD + #include <pthread_np.h> ++#include <stdlib.h> + #include <osreldate.h> ++#include <sys/auxv.h> + #include <sys/sysctl.h> + #define pthread_getattr_np pthread_attr_get_np + #endif +@@ -857,7 +859,14 @@ void ReExec() { + void ReExec() { + const char *pathname = "/proc/self/exe"; + +-#if SANITIZER_NETBSD ++#if SANITIZER_FREEBSD ++ char exe_path[PATH_MAX]; ++ if (elf_aux_info(AT_EXECPATH, exe_path, sizeof(exe_path)) == 0) { ++ char link_path[PATH_MAX]; ++ if (realpath(exe_path, link_path)) ++ pathname = link_path; ++ } ++#elif SANITIZER_NETBSD + static const int name[] = { + CTL_KERN, + KERN_PROC_ARGS,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202212031725.2B3HP0kl021246>