Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The bin/distro-features/aslr tests artificial parameters, not what the distro does #2

Open
adelton opened this issue Nov 9, 2022 · 1 comment
Open

The bin/distro-features/aslr tests artificial parameters, not what the distro does #2

adelton opened this issue Nov 9, 2022 · 1 comment

Comments

@adelton
Copy link

adelton commented Nov 9, 2022

The https://github.com/stevegrubb/distro-elf-inspector/blob/main/bin/distro-features/aslr/Makefile defines a bunch of PIE-related compiler parameters. However, if this is focused on the distro functionality, checking the behaviour with the compiler parameters defined by the distros might be more relevant.

I'm thinking about something like

diff --git a/bin/distro-features/aslr/Makefile b/bin/distro-features/aslr/Makefile
index ddd68e0..588c0cd 100644
--- a/bin/distro-features/aslr/Makefile
+++ b/bin/distro-features/aslr/Makefile
@@ -3,6 +3,7 @@ LIBS=
 CC=gcc
 
 all:
+	rpm -q redhat-rpm-config
 	$(CC) $(CFLAGS) exec.c -o exec $(LIBS)
 	$(CC) $(CFLAGS) heap.c -o heap $(LIBS)
 	$(CC) $(CFLAGS) mmap.c -o mmap $(LIBS)
@@ -14,6 +15,11 @@ all:
 	$(CC) $(CFLAGS) -DPIE -fPIE heap.c -o pie-heap -pie $(LIBS)
 	$(CC) $(CFLAGS) -DPIE -fPIE stack.c -o pie-stack $(LIBS)
 	$(CC) $(CFLAGS) -DPIE -fPIE mmap.c -o pie-mmap $(LIBS)
+	$(CC) $$( rpm -E %build_cflags -E %build_ldflags ) exec.c -o distro-exec -pie $(LIBS)
+	$(CC) $$( rpm -E %build_cflags -E %build_ldflags ) so.c -o distro-so -pie $(LIBS)
+	$(CC) $$( rpm -E %build_cflags -E %build_ldflags ) heap.c -o distro-heap -pie $(LIBS)
+	$(CC) $$( rpm -E %build_cflags -E %build_ldflags ) stack.c -o distro-stack $(LIBS)
+	$(CC) $$( rpm -E %build_cflags -E %build_ldflags ) mmap.c -o distro-mmap $(LIBS)
 
 	$(CC) $(CFLAGS) bits.c -o bits $(LIBS)
 
diff --git a/bin/distro-features/aslr/tests.conf b/bin/distro-features/aslr/tests.conf
index ed475bc..0d486fd 100644
--- a/bin/distro-features/aslr/tests.conf
+++ b/bin/distro-features/aslr/tests.conf
@@ -1,2 +1,2 @@
-TESTS="heap exec mmap so stack pie-exec pie-heap pie-so pie-mmap pie-stack"
+TESTS="heap exec mmap so stack pie-exec pie-heap pie-so pie-mmap pie-stack distro-exec distro-heap distro-so distro-mmap distro-stack"
 PASSES=1024

but I'd like to hear about other potential ways of using the values configured via redhat-rpm-config.
@stevegrubb
Copy link
Owner

What this test is doing is check the PIE and non-PIE values to determine what the potential range of ASLR is. Because ASLR is determined by the combination of the kernel and compiler/runtime linker, we do not need to use the distro settings. We are checking the default kernel capability. The -fPIE flag tells gcc and the runtime linker to maximize ASLR opportunities. This generally means to use mmap, which has the most bits of ASLR, to allocate memory objects. The kernel side is controlled by /proc/sys/kernel/randomize_va_space. As long as it is set to 2, it will maximize everything. But it might not be and this test will show you what you get by default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@adelton @stevegrubb