[Pal/Linux] Disable host-level ASLR in PAL Linux

Gramine fork() emulation does fork()+execve() on the host system which
effectively remaps PAL executable to a new address if ASLR is on. The
new location could collide with other mappings that are later on sent to
the child process via checkpointing mechanism (user mapped regions).

Signed-off-by: Borys Popławski <borysp@invisiblethingslab.com>

Pal/src/host/Linux/db_main.c

@@ -9,6 +9,7 @@
 #include <asm/errno.h>
 #include <asm/ioctls.h>
 #include <asm/mman.h>
+#include <linux/personality.h>
 
 #include "api.h"
 #include "elf/elf.h"
@@ -195,6 +196,24 @@ noreturn void pal_linux_main(void* initial_rsp, void* fini_callback) {
         print_usage_and_exit(argv[0]);
     }
 
+    if (first_process) {
+        ret = DO_SYSCALL(personality, 0xffffffffu);
+        if (ret < 0) {
+            INIT_FAIL(unix_to_pal_error(-ret), "retrieving personality failed");
+        }
+        if (!(ret & ADDR_NO_RANDOMIZE)) {
+            /* Gramine fork() emulation does fork()+execve() on host and then sends all necessary
+             * data, including memory content, to the child process. Disable ASLR to prevent memory
+             * colliding with PAL executable (as it would get a new random address in the child). */
+            ret = DO_SYSCALL(personality, (unsigned int)ret | ADDR_NO_RANDOMIZE);
+            if (ret < 0) {
+                INIT_FAIL(unix_to_pal_error(-ret), "setting personality failed");
+            }
+            ret = DO_SYSCALL(execve, "/proc/self/exe", argv, envp);
+            INIT_FAIL(unix_to_pal_error(-ret), "execve to disable ASLR failed");
+        }
+    }
+
     g_linux_state.host_environ = envp;
 
     init_slab_mgr(g_page_size);