Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 18 Dec 2020 23:14:40 +0000 (UTC)
From:      Konstantin Belousov <kib@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r368772 - in head: sys/compat/freebsd32 sys/kern sys/sys usr.bin/elfctl
Message-ID:  <202012182314.0BINEeA3010657@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: kib
Date: Fri Dec 18 23:14:39 2020
New Revision: 368772
URL: https://svnweb.freebsd.org/changeset/base/368772

Log:
  Add ELF flag to disable ASLR stack gap.
  
  Also centralize and unify checks to enable ASLR stack gap in a new
  helper exec_stackgap().
  
  PR:	239873
  Sponsored by:	The FreeBSD Foundation
  MFC after:	1 week

Modified:
  head/sys/compat/freebsd32/freebsd32_misc.c
  head/sys/kern/imgact_elf.c
  head/sys/kern/kern_exec.c
  head/sys/sys/elf_common.h
  head/sys/sys/imgact.h
  head/usr.bin/elfctl/elfctl.c

Modified: head/sys/compat/freebsd32/freebsd32_misc.c
==============================================================================
--- head/sys/compat/freebsd32/freebsd32_misc.c	Fri Dec 18 23:11:27 2020	(r368771)
+++ head/sys/compat/freebsd32/freebsd32_misc.c	Fri Dec 18 23:14:39 2020	(r368772)
@@ -3424,8 +3424,7 @@ freebsd32_copyout_strings(struct image_params *imgp, u
 	destp = rounddown2(destp, sizeof(uint32_t));
 	ustringp = destp;
 
-	if (imgp->sysent->sv_stackgap != NULL)
-		imgp->sysent->sv_stackgap(imgp, &destp);
+	exec_stackgap(imgp, &destp);
 
 	if (imgp->auxargs) {
 		/*

Modified: head/sys/kern/imgact_elf.c
==============================================================================
--- head/sys/kern/imgact_elf.c	Fri Dec 18 23:11:27 2020	(r368771)
+++ head/sys/kern/imgact_elf.c	Fri Dec 18 23:14:39 2020	(r368772)
@@ -2818,8 +2818,6 @@ __elfN(stackgap)(struct image_params *imgp, uintptr_t 
 	uintptr_t range, rbase, gap;
 	int pct;
 
-	if ((imgp->map_flags & MAP_ASLR) == 0)
-		return;
 	pct = __elfN(aslr_stack_gap);
 	if (pct == 0)
 		return;

Modified: head/sys/kern/kern_exec.c
==============================================================================
--- head/sys/kern/kern_exec.c	Fri Dec 18 23:11:27 2020	(r368771)
+++ head/sys/kern/kern_exec.c	Fri Dec 18 23:14:39 2020	(r368772)
@@ -1534,6 +1534,17 @@ exec_args_get_begin_envv(struct image_args *args)
 	return (args->endp);
 }
 
+void
+exec_stackgap(struct image_params *imgp, uintptr_t *dp)
+{
+	if (imgp->sysent->sv_stackgap == NULL ||
+	    (imgp->proc->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE |
+	    NT_FREEBSD_FCTL_ASG_DISABLE)) != 0 ||
+	    (imgp->map_flags & MAP_ASLR) == 0)
+		return;
+	imgp->sysent->sv_stackgap(imgp, dp);
+}
+
 /*
  * Copy strings out to the new process address space, constructing new arg
  * and env vector tables. Return a pointer to the base so that it can be used
@@ -1624,8 +1635,7 @@ exec_copyout_strings(struct image_params *imgp, uintpt
 	destp = rounddown2(destp, sizeof(void *));
 	ustringp = destp;
 
-	if (imgp->sysent->sv_stackgap != NULL)
-		imgp->sysent->sv_stackgap(imgp, &destp);
+	exec_stackgap(imgp, &destp);
 
 	if (imgp->auxargs) {
 		/*

Modified: head/sys/sys/elf_common.h
==============================================================================
--- head/sys/sys/elf_common.h	Fri Dec 18 23:11:27 2020	(r368771)
+++ head/sys/sys/elf_common.h	Fri Dec 18 23:14:39 2020	(r368772)
@@ -797,6 +797,7 @@ typedef struct {
 #define	NT_FREEBSD_FCTL_STKGAP_DISABLE	0x00000004
 #define	NT_FREEBSD_FCTL_WXNEEDED	0x00000008
 #define	NT_FREEBSD_FCTL_LA48		0x00000010
+#define	NT_FREEBSD_FCTL_ASG_DISABLE	0x00000020 /* ASLR STACK GAP Disable */
 
 /* Values for n_type.  Used in core files. */
 #define	NT_PRSTATUS	1	/* Process status. */

Modified: head/sys/sys/imgact.h
==============================================================================
--- head/sys/sys/imgact.h	Fri Dec 18 23:11:27 2020	(r368771)
+++ head/sys/sys/imgact.h	Fri Dec 18 23:14:39 2020	(r368772)
@@ -122,6 +122,7 @@ int	exec_copyin_args(struct image_args *, const char *
 	char **, char **);
 int	exec_copyin_data_fds(struct thread *, struct image_args *, const void *,
 	size_t, const int *, size_t);
+void	exec_stackgap(struct image_params *imgp, uintptr_t *dp);
 int	pre_execve(struct thread *td, struct vmspace **oldvmspace);
 void	post_execve(struct thread *td, int error, struct vmspace *oldvmspace);
 #endif

Modified: head/usr.bin/elfctl/elfctl.c
==============================================================================
--- head/usr.bin/elfctl/elfctl.c	Fri Dec 18 23:11:27 2020	(r368771)
+++ head/usr.bin/elfctl/elfctl.c	Fri Dec 18 23:14:39 2020	(r368772)
@@ -68,6 +68,7 @@ static struct ControlFeatures featurelist[] = {
 	{ "stackgap",	NT_FREEBSD_FCTL_STKGAP_DISABLE, "Disable stack gap" },
 	{ "wxneeded",	NT_FREEBSD_FCTL_WXNEEDED, "Requires W+X mappings" },
 	{ "la48",	NT_FREEBSD_FCTL_LA48, "amd64: Limit user VA to 48bit" },
+	{ "aslrstkgap", NT_FREEBSD_FCTL_ASG_DISABLE, "Disable ASLR stack gap" },
 };
 
 static struct option long_opts[] = {



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202012182314.0BINEeA3010657>