From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Cc: Christian Jullien <eligis@orange.fr>
Subject: Re: Is there an API to remove ALSR in Cygwin 3.4.0?
Date: Sat, 12 Nov 2022 15:50:28 +0100 [thread overview]
Message-ID: <Y2+ytN1euxjLpNoo@calimero.vinschen.de> (raw)
In-Reply-To: <000501d8f689$f359a300$da0ce900$@orange.fr>
On Nov 12 12:28, Christian Jullien wrote:
> Hello Cygwin team,
>
>
>
> First, I would like to thank you for your efforts on Cygwin all of these
> years.
>
>
>
> I'm asking if there will be an API to remove ASLR with an API as on Linux:
Please note that, for the time being, ASLR will only be enabled on the
Cygwin DLL itself. All other DLLs as well as the Cygwin executables are
still non-ASLRed. We're looking into introducing ASLR step by step.
Right now the Cygwin toolchain creates non-ASLRed EXEs and DLLs by
default. This is supposed to change in a while. Also, we might change
the auto-rebase mechanism (basically the script running as post-install
script when setup-x86_64 finishes up) to enable ASLR on DLLs. EXEs are
not so important from my POV, but as soon as we tweaked the toolchain,
more and more EXEs will be ASLRed automagically as well.
One thing we can only use partially, because it's bound to break
Cygwin's fork and exec, is High Entropy ASLR. Naturally, this would
only work for executables which never fork or exec other processes.
Having said that, there's no API for this yet in Cygwin. There is an
API in Windows to control (among others) the ASLR setting of a process
at creation time, see
https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute
settings called
PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON
PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF
and
PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON
PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF
However, we don't have an API for that, yet. We could add it to Cygwin
at one point. I'd prefer the Linux-personality call, too, but funny
enough, ADDR_NO_RANDOMIZE would be the only flag we could support.
What we *do* have already is the peflags tool from the rebase package:
$ peflags -d0 -e0 foo.exe
This example would disable ASLR on the foo.exe executable. Maybe that's
a workaround for the time being.
Corinna
prev parent reply other threads:[~2022-11-12 14:50 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-12 11:28 Christian Jullien
2022-11-12 14:50 ` Corinna Vinschen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y2+ytN1euxjLpNoo@calimero.vinschen.de \
--to=corinna-cygwin@cygwin.com \
--cc=cygwin@cygwin.com \
--cc=eligis@orange.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).