This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
[PATCH] add support for high entropy ASLR on Windows
- From: Daniel Micay <danielmicay at gmail dot com>
- To: gdb-patches at sourceware dot org
- Cc: Daniel Micay <danielmicay at gmail dot com>
- Date: Tue, 19 Aug 2014 16:10:09 -0400
- Subject: [PATCH] add support for high entropy ASLR on Windows
- Authentication-results: sourceware.org; auth=none
Enabling the HIGH_ENTROPY_VA flag allows the operating system to use
addresses outside of the 32-bit range before memory exhaustion. This
results in a higher entropy implementation of ASLR when used with the
DYNAMIC_BASE flag.
2014-08-19 Daniel Micay <danielmicay@gmail.com>
* include/coff/pe.h: Add HIGH_ENTROPY_VA flag
* ld/emultempl/pep.em: Add --high-entropy-va switch
* ld/ld.texinfo: Document the --high-entropy-va switch
---
include/coff/pe.h | 1 +
ld/emultempl/pep.em | 7 +++++++
ld/ld.texinfo | 4 ++++
3 files changed, 12 insertions(+)
diff --git a/include/coff/pe.h b/include/coff/pe.h
index 0ed9dde..5ffa7c0 100644
--- a/include/coff/pe.h
+++ b/include/coff/pe.h
@@ -40,6 +40,7 @@
/* DllCharacteristics flag bits. The inconsistent naming may seem
odd, but that is how they are defined in the PE specification. */
+#define IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA 0x0020
#define IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE 0x0040
#define IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY 0x0080
#define IMAGE_DLL_CHARACTERISTICS_NX_COMPAT 0x0100
diff --git a/ld/emultempl/pep.em b/ld/emultempl/pep.em
index 916a786..6d56bc3 100644
--- a/ld/emultempl/pep.em
+++ b/ld/emultempl/pep.em
@@ -237,6 +237,7 @@ enum options
OPTION_LEADING_UNDERSCORE,
OPTION_ENABLE_LONG_SECTION_NAMES,
OPTION_DISABLE_LONG_SECTION_NAMES,
+ OPTION_HIGH_ENTROPY_VA,
OPTION_DYNAMIC_BASE,
OPTION_FORCE_INTEGRITY,
OPTION_NX_COMPAT,
@@ -314,6 +315,7 @@ gld${EMULATION_NAME}_add_options
#endif
{"enable-long-section-names", no_argument, NULL, OPTION_ENABLE_LONG_SECTION_NAMES},
{"disable-long-section-names", no_argument, NULL, OPTION_DISABLE_LONG_SECTION_NAMES},
+ {"high-entropy-va", no_argument, NULL, OPTION_HIGH_ENTROPY_VA},
{"dynamicbase",no_argument, NULL, OPTION_DYNAMIC_BASE},
{"forceinteg", no_argument, NULL, OPTION_FORCE_INTEGRITY},
{"nxcompat", no_argument, NULL, OPTION_NX_COMPAT},
@@ -450,6 +452,8 @@ gld_${EMULATION_NAME}_list_options (FILE *file)
executable image files\n"));
fprintf (file, _(" --disable-long-section-names Never use long COFF section names, even\n\
in object files\n"));
+ fprintf (file, _(" --high-entropy-va Image is compatible with 64-bit address space\n\
+ layout randomization (ASLR)\n"));
fprintf (file, _(" --dynamicbase Image base address may be relocated using\n\
address space layout randomization (ASLR)\n"));
fprintf (file, _(" --forceinteg Code integrity checks are enforced\n"));
@@ -804,6 +808,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
pep_use_coff_long_section_names = 0;
break;
/* Get DLLCharacteristics bits */
+ case OPTION_HIGH_ENTROPY_VA:
+ pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA;
+ break;
case OPTION_DYNAMIC_BASE:
pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE;
break;
diff --git a/ld/ld.texinfo b/ld/ld.texinfo
index 718a7d0..350a48b 100644
--- a/ld/ld.texinfo
+++ b/ld/ld.texinfo
@@ -2655,6 +2655,10 @@ The following options set flags in the @code{DllCharacteristics} field
of the PE file header:
[These options are specific to PE targeted ports of the linker]
+@kindex --high-entropy-va
+@item --high-entropy-va
+Image is compatible with 64-bit address space layout randomization (ASLR).
+
@kindex --dynamicbase
@item --dynamicbase
The image base address may be relocated using address space layout
--
2.0.4