diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-02 07:40:13 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-02 07:41:40 +0000 |
| commit | 543ea1b7436f575c6125a8b33b2547e9bbcc2a39 (patch) | |
| tree | 9076a75f5df55502a0e8e555ff010c55047b6700 | |
| parent | b4eba2d94d705e2daac763ebde16ac8785d0a2ea (diff) | |
| download | aports-543ea1b7436f575c6125a8b33b2547e9bbcc2a39.tar.bz2 aports-543ea1b7436f575c6125a8b33b2547e9bbcc2a39.tar.xz | |
main/linux-vserver: fix memory map on PIE executables
| -rw-r--r-- | main/linux-vserver/APKBUILD | 6 | ||||
| -rw-r--r-- | main/linux-vserver/aslr-pie.patch | 68 |
2 files changed, 73 insertions, 1 deletions
diff --git a/main/linux-vserver/APKBUILD b/main/linux-vserver/APKBUILD index 297e8b1912..25a80ef3fb 100644 --- a/main/linux-vserver/APKBUILD +++ b/main/linux-vserver/APKBUILD @@ -3,7 +3,7 @@ _flavor=vserver pkgname=linux-${_flavor} pkgver=3.4.63 -pkgrel=0 +pkgrel=1 _vsver=vs2.3.3.9 if [ "${pkgver##*.*.*}" = "$pkgver" ]; then @@ -22,6 +22,7 @@ install= source="http://www.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz http://www.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz patch-$pkgver-$_vsver.diff + aslr-pie.patch kernelconfig.x86 kernelconfig.x86_64 " @@ -138,15 +139,18 @@ dev() { md5sums="967f72983655e2479f951195953e8480 linux-3.4.tar.xz 44a633f8494b3e3008ace9e74c6b9e75 patch-3.4.63.xz 296bcb44cdc4e776a938e203cbbd5151 patch-3.4.63-vs2.3.3.9.diff +5901bfca41ac6a557e12b48115d3d1b2 aslr-pie.patch 1fce2ef2e47d19c150ab0b2df3373a57 kernelconfig.x86 b6a18f4cb2523bbd2500809e61172f8f kernelconfig.x86_64" sha256sums="ff3dee6a855873d12487a6f4070ec2f7996d073019171361c955639664baa0c6 linux-3.4.tar.xz 436422cc2c0ac6243632561955c3ecefd3150d0ba061943f45600c0674e4da89 patch-3.4.63.xz 2d722df186395a3592928a7166962d503ae5bd726b47ee5eb9a60d39c39f159a patch-3.4.63-vs2.3.3.9.diff +37ad5b5f44fcc119f71c81e8cda376c13ecc04f785bd2e1892782def6f5cfae3 aslr-pie.patch e97b45a117671c5a87a9ba4a1f946125053eac078d297f61f9c8d4594acbf830 kernelconfig.x86 d44d1a1be3402847f540cc0cfb201deec7084b4c516e592b92e115ab3f71d4b5 kernelconfig.x86_64" sha512sums="1c49b336750c9c2b49d21e54126f22a800367296be0d57e6df28b1532cbeba7fc3bdf4cfe27d9810576e76c2db2e9c2493f0804451c915137cb78d7aa61f236c linux-3.4.tar.xz c8d4e56062e3f1bdbb3c3b46cd6db42f63e6b86c6a1a45d181eb0160a1c7ecca13928f61484f949d6c968e437f275d43bca035a44c742f78d2cf77db1bcca1aa patch-3.4.63.xz 26623fca09815baee653a8da5af46797bc0b54f250a09401ede64c71ad2c844a1b59e7a0c7fc024e5c9025ddf3109ef2d2aa49c3866daa9288861d0d326d7f83 patch-3.4.63-vs2.3.3.9.diff +0314ff29551dfde45fe05d43cb571348d955b5338b33acb26e29fa80f73ef28f34bbdf01006e4aecee372f3863517357a99cdec08b183a8dd9121ee9d0314b2e aslr-pie.patch f12f999c84f724a4ac20a736c7f56671e23b2a9ddce4b0576dc17d0b3e8f319f5c4bc40b58992eba75ace44148018d85de24b2516d0a83240cd0ca3803606eae kernelconfig.x86 4cf43a7fc609e9822919e5706f38c03ef72deae2eae6b7d4c4ca7f9f29bccd1f01c0d65660a0c5234df6c2123a1d0c797dbdcb57ca5559e39644704426657f3e kernelconfig.x86_64" diff --git a/main/linux-vserver/aslr-pie.patch b/main/linux-vserver/aslr-pie.patch new file mode 100644 index 0000000000..8b907e447e --- /dev/null +++ b/main/linux-vserver/aslr-pie.patch @@ -0,0 +1,68 @@ +From a72b1fccf6c7c54c7a3ceef525b615b26b38f4a4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Tue, 1 Oct 2013 13:46:04 +0300 +Subject: [PATCH 3.4.63-vanilla] fs/binfmt_elf: fix memory map for PIE applications +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +arch/x86/include/asm/elf.h comment says: +" +ELF_ET_DYN_BASE is the location that an ET_DYN program is loaded +if exec'ed. Typical use of this is to invoke "./ld.so someprog" +to test out a new version of the loader. We need to make sure +that it is out of the way of the program that it will "exec", +and that there is sufficient room for the brk. +" + +In case we have main application linked as PIE, this will cause +problems as the main program itself will go the memory location +that allows very little heap. + +This fixes the loader to detect PIE application by checking if +elf_interpreter is requested, and loads them to beginning of the +address space instead of the specially crafted place for elf +interpreter. + +Signed-off-by: Timo Teräs <timo.teras@iki.fi> +--- + fs/binfmt_elf.c | 17 ++++++++--------- + 1 file changed, 8 insertions(+), 9 deletions(-) + +diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c +index a009b9e..b3723a2 100644 +--- a/fs/binfmt_elf.c ++++ b/fs/binfmt_elf.c +@@ -790,20 +790,19 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) + * default mmap base, as well as whatever program they + * might try to exec. This is because the brk will + * follow the loader, and is not movable. */ ++ if (elf_interpreter) ++ load_bias = 0x00400000UL; ++ else ++ load_bias = ELF_ET_DYN_BASE; + #ifdef CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE + /* Memory randomization might have been switched off +- * in runtime via sysctl. +- * If that is the case, retain the original non-zero +- * load_bias value in order to establish proper +- * non-randomized mappings. ++ * in runtime via sysctl or explicit setting of ++ * ersonality flags. + */ + if (current->flags & PF_RANDOMIZE) +- load_bias = 0; +- else +- load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); +-#else +- load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); ++ load_bias += (get_random_int() & STACK_RND_MASK) << PAGE_SHIFT; + #endif ++ load_bias = ELF_PAGESTART(vaddr + load_bias); + } + + error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, +-- +1.8.4 + + |