This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

new ELF marking

From: "Kees Cook via binutils" <binutils at sourceware dot org>
To: LKML <linux-kernel at vger dot kernel dot org>, binutils at sourceware dot org
Date: Wed, 9 Aug 2017 10:07:54 -0700
Subject: new ELF marking
Authentication-results: sourceware.org; auth=none
Reply-to: Kees Cook <keescook at google dot com>

Hi,

I'd like to be able to mark an ELF binary in such a way that Linux's
binfmt_elf.c will collapse a PIE text area into the mmap region
(currently they are separately randomized in memory). This is desired
by AddressSanitizer to avoid having an ASan-built binary have its text
area moving into an unexpected location[1] (ASLR is still desired, but
doesn't need to have a PIE/mmap split).

I see a few ways:

- Add parsing for NOTE program headers and add a new NOTE type
(NT_GNU_EXEC_FLAGS), though notes tend to be strings...

- Add a new Program Header (GNU_EXEC_FLAGS), which is similar to how
GNU_STACK and GNU_RELRO were handled. This could sort of be like NOTE
except just lots of bit flags.

- Use a filesystem xattr. This is fragile, in the case of copying
binaries between systems or filesystems.

Thoughts?

-Kees

[1] https://lkml.org/lkml/2017/8/7/770

-- 
Kees Cook
Pixel Security

Follow-Ups:
- Re: new ELF marking
  - From: H.J. Lu

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]