Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 59994fb0 authored by Vineeth Vijayan's avatar Vineeth Vijayan Committed by Michael Ellerman
Browse files

powerpc: Use generic PIE randomization 



Back in 2009 we merged 501cb16d "Randomise PIEs", which added support for
randomizing PIE (Position Independent Executable) binaries.

That commit added randomize_et_dyn(), which correctly randomized the addresses,
but failed to honor PF_RANDOMIZE. That means it was not possible to disable PIE
randomization via the personality flag, or /proc/sys/kernel/randomize_va_space.

Since then there has been generic support for PIE randomization added to
binfmt_elf.c, selectable via ARCH_BINFMT_ELF_RANDOMIZE_PIE.

Enabling that allows us to drop randomize_et_dyn(), which means we start
honoring PF_RANDOMIZE correctly.

It also causes a fairly major change to how we layout PIE binaries.

Currently we will place the binary at 512MB-520MB for 32 bit binaries, or
512MB-1.5GB for 64 bit binaries, eg:

    $ cat /proc/$$/maps
    4e550000-4e580000 r-xp 00000000 08:02 129813       /bin/dash
    4e580000-4e590000 rw-p 00020000 08:02 129813       /bin/dash
    10014110000-10014140000 rw-p 00000000 00:00 0      [heap]
    3fffaa3f0000-3fffaa5a0000 r-xp 00000000 08:02 921  /lib/powerpc64le-linux-gnu/libc-2.19.so
    3fffaa5a0000-3fffaa5b0000 rw-p 001a0000 08:02 921  /lib/powerpc64le-linux-gnu/libc-2.19.so
    3fffaa5c0000-3fffaa5d0000 rw-p 00000000 00:00 0
    3fffaa5d0000-3fffaa5f0000 r-xp 00000000 00:00 0    [vdso]
    3fffaa5f0000-3fffaa620000 r-xp 00000000 08:02 1246 /lib/powerpc64le-linux-gnu/ld-2.19.so
    3fffaa620000-3fffaa630000 rw-p 00020000 08:02 1246 /lib/powerpc64le-linux-gnu/ld-2.19.so
    3ffffc340000-3ffffc370000 rw-p 00000000 00:00 0    [stack]

With this commit applied we don't do any special randomisation for the binary,
and instead rely on mmap randomisation. This means the binary ends up at high
addresses, eg:

    $ cat /proc/$$/maps
    3fff99820000-3fff999d0000 r-xp 00000000 08:02 921    /lib/powerpc64le-linux-gnu/libc-2.19.so
    3fff999d0000-3fff999e0000 rw-p 001a0000 08:02 921    /lib/powerpc64le-linux-gnu/libc-2.19.so
    3fff999f0000-3fff99a00000 rw-p 00000000 00:00 0
    3fff99a00000-3fff99a20000 r-xp 00000000 00:00 0      [vdso]
    3fff99a20000-3fff99a50000 r-xp 00000000 08:02 1246   /lib/powerpc64le-linux-gnu/ld-2.19.so
    3fff99a50000-3fff99a60000 rw-p 00020000 08:02 1246   /lib/powerpc64le-linux-gnu/ld-2.19.so
    3fff99a60000-3fff99a90000 r-xp 00000000 08:02 129813 /bin/dash
    3fff99a90000-3fff99aa0000 rw-p 00020000 08:02 129813 /bin/dash
    3fffc3de0000-3fffc3e10000 rw-p 00000000 00:00 0      [stack]
    3fffc55e0000-3fffc5610000 rw-p 00000000 00:00 0      [heap]

Although this should be OK, it's possible it might break badly written
binaries that make assumptions about the address space layout.

Signed-off-by: default avatarVineeth Vijayan <vvijayan@mvista.com>
[mpe: Rewrite changelog]
Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
parent cf2b1e0e

arch/powerpc/Kconfig

+1 −0
Original line number Original line Diff line number Diff line
@@ -88,6 +88,7 @@ config PPC 
	select ARCH_MIGHT_HAVE_PC_PARPORT

	select ARCH_MIGHT_HAVE_PC_PARPORT

	select ARCH_MIGHT_HAVE_PC_SERIO

	select ARCH_MIGHT_HAVE_PC_SERIO

	select BINFMT_ELF

	select BINFMT_ELF

	select ARCH_BINFMT_ELF_RANDOMIZE_PIE

	select OF

	select OF

	select OF_EARLY_FLATTREE

	select OF_EARLY_FLATTREE

	select OF_RESERVED_MEM

	select OF_RESERVED_MEM

arch/powerpc/include/asm/elf.h

+1 −2
Original line number Original line Diff line number Diff line
@@ -28,8 +28,7 @@ 
   the loader.  We need to make sure that it is out of the way of the program

   the loader.  We need to make sure that it is out of the way of the program

   that it will "exec", and that there is sufficient room for the brk.  */

   that it will "exec", and that there is sufficient room for the brk.  */





extern unsigned long randomize_et_dyn(unsigned long base);

#define ELF_ET_DYN_BASE	0x20000000

#define ELF_ET_DYN_BASE		(randomize_et_dyn(0x20000000))





#define ELF_CORE_EFLAGS (is_elf2_task() ? 2 : 0)

#define ELF_CORE_EFLAGS (is_elf2_task() ? 2 : 0)

arch/powerpc/kernel/process.c

+0 −9
Original line number Original line Diff line number Diff line
@@ -1654,12 +1654,3 @@ unsigned long arch_randomize_brk(struct mm_struct *mm) 
	return ret;

	return ret;

}

}

unsigned long randomize_et_dyn(unsigned long base)

{

	unsigned long ret = PAGE_ALIGN(base + brk_rnd());



	if (ret < base)

		return base;



	return ret;

}