1 files changed, 52 insertions, 12 deletions
diff --git a/main/linux-rpi/aslr-pie.patch b/main/linux-rpi/aslr-pie.patch
index a31dba42a8..70771427db 100644
--- a/main/linux-rpi/aslr-pie.patch
+++ b/main/linux-rpi/aslr-pie.patch
@@ -1,6 +1,39 @@
---- linux-3.11/fs/binfmt_elf.c.orig
-+++ linux-3.11/fs/binfmt_elf.c
-@@ -802,21 +802,19 @@
+From 0b277f076ead47454b4438a7d20d0807acd2af6a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Tue, 1 Oct 2013 13:46:04 +0300
+Subject: [PATCH] fs/binfmt_elf: fix memory map for PIE applications
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+arch/x86/include/asm/elf.h comment says:
+"
+ELF_ET_DYN_BASE is the location that an ET_DYN program is loaded
+if exec'ed.  Typical use of this is to invoke "./ld.so someprog"
+to test out a new version of the loader.  We need to make sure
+that it is out of the way of the program that it will "exec",
+and that there is sufficient room for the brk.
+"
+
+In case we have main application linked as PIE, this will cause
+problems as the main program itself will go the memory location
+that allows very little heap.
+
+This fixes the loader to detect PIE application by checking if
+elf_interpreter is requested, and loads them to beginning of the
+address space instead of the specially crafted place for elf
+interpreter.
+
+Signed-off-by: Timo Teräs <timo.teras@iki.fi>
+---
+ fs/binfmt_elf.c | 17 +++++++++++------
+ 1 file changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
+index 78f4608..c075ace 100644
+--- a/fs/binfmt_elf.c
++++ b/fs/binfmt_elf.c
+@@ -801,6 +801,10 @@ static int load_elf_binary(struct linux_binprm *bprm)
  			 * default mmap base, as well as whatever program they
  			 * might try to exec.  This is because the brk will
  			 * follow the loader, and is not movable.  */
@@ -11,20 +44,27 @@
  #ifdef CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE
  			/* Memory randomization might have been switched off
  			 * in runtime via sysctl or explicit setting of
- 			 * personality flags.
--			 * If that is the case, retain the original non-zero
--			 * load_bias value in order to establish proper
--			 * non-randomized mappings.
+@@ -809,13 +813,14 @@ static int load_elf_binary(struct linux_binprm *bprm)
+ 			 * load_bias value in order to establish proper
+ 			 * non-randomized mappings.
  			 */
- 			if (current->flags & PF_RANDOMIZE)
+-			if (current->flags & PF_RANDOMIZE)
 -				load_bias = 0;
 -			else
 -				load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
 -#else
 -			load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
-+				load_bias += (get_random_int() & STACK_RND_MASK) << PAGE_SHIFT;
++			if (current->flags & PF_RANDOMIZE) {
++				if (elf_interpreter)
++					load_bias += (get_random_int() & STACK_RND_MASK) << PAGE_SHIFT;
++				else
++					load_bias = 0;
++			}
  #endif
 +			load_bias = ELF_PAGESTART(load_bias - vaddr);
- 		}
- 
- 		error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
+ 			total_size = total_mapping_size(elf_phdata,
+ 							loc->elf_ex.e_phnum);
+ 			if (!total_size) {
+-- 
+2.4.0
+