From: "Christian Jullien" <eligis@orange.fr>
To: "'Corinna Vinschen'" <corinna-cygwin@cygwin.com>,
<cygwin-announce@cygwin.com>
Subject: Is there an API to remove ALSR in Cygwin 3.4.0?
Date: Sat, 12 Nov 2022 09:45:15 +0100 [thread overview]
Message-ID: <000001d8f673$1664b400$432e1c00$@orange.fr> (raw)
[-- Attachment #1: Type: text/plain, Size: 3259 bytes --]
Hello Cygwin team,
First, I would like to thank you for your efforts on Cygwin all of these
years.
I'm asking if there will be an API to remove ASLR with an API as on Linux:
#if defined(__linux__)
/*
* ADDR_NO_RANDOMIZE exists since Linux 2.6.12
* With this flag set, disable address-space-layout randomization.
*
* Not tested but gcc could remove ALSR with the following flags:
* gcc -fno-stack-protector -z execstack -no-pie ...
*/
const int oldpersonality = personality(ADDR_NO_RANDOMIZE);
/*
* It's important to use non-zero-ness of & ADDR_NO_RANDOMIZE
* and not equality tests other we may go to infinite loop
* with execv.
*/
if (!(oldpersonality & ADDR_NO_RANDOMIZE)) {
/*
* ASLR has been asked by first personality call but an
error
* may have been returned. Call personality a second time
* to verify it has really been removed.
*/
const int newpersonality = personality(ADDR_NO_RANDOMIZE);
if (newpersonality & ADDR_NO_RANDOMIZE) {
execv(argv[0], argv);
}
}
#endif
Or as on macOS:
if (spawned == 0) {
short ps_flags = 0;
pid_t pid;
posix_spawn_file_actions_t actions;
posix_spawnattr_t attrs;
cargv[cargc++] = (char *)"--noaslr";
cargv[cargc] = NULL;
(void)posix_spawn_file_actions_init(&actions);
(void)posix_spawnattr_init(&attrs);
ps_flags |= POSIX_SPAWN_SETEXEC;
ps_flags |= _POSIX_SPAWN_DISABLE_ASLR;
ret = posix_spawnattr_setflags(&attrs, ps_flags);
if (ret != 0) {
(void)fprintf(stderr,
"%s: cannot set posix_spawn flags.\n",
argv[0]);
free(cargv);
return ret;
}
(void)posix_spawnp(&pid,
cargv[0],
&actions,
&attrs,
cargv,
envp);
/*
* returns only if posix_spawnp fails.
*/
(void)posix_spawnattr_destroy(&attrs);
}
Allowing to remove ALSR with an API, allows an application to decide what to
do (from command line for example: ./myapp --no-alsr --save-core
saved-image.cor; ./myapp --no-alsr --use-core saved-image.cor)
My preference goes to personality support the way it is done on Linux. If a
gcc flag already exists, it will force a mode instead of leaving this option
to end user.
My Lisp (OpenLisp) has an optional feature name 'execore' which combines
lisp binary and a saved image into a single executable which fails to run of
course if ALSR is on.
For me, it's a wish not a strong request.
Christian
reply other threads:[~2022-11-12 8:45 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='000001d8f673$1664b400$432e1c00$@orange.fr' \
--to=eligis@orange.fr \
--cc=corinna-cygwin@cygwin.com \
--cc=cygwin-announce@cygwin.com \
--cc=jullien@eligis.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).