Re: revert PIE randomization?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Kees Cook <kees@outflux.net>
To: Hugh Dickins <hugh@veritas.com>
Cc: Andrew Morton <akpm@osdl.org>, Linus Torvalds <torvalds@osdl.org>,
	Marcus Meissner <meissner@suse.de>, Andi Kleen <ak@suse.de>,
	Ingo Molnar <mingo@elte.hu>, Dave Jones <davej@codemonkey.org.uk>,
	Arjan van de Ven <arjan@linux.intel.com>,
	linux-kernel@vger.kernel.org
Subject: Re: revert PIE randomization?
Date: Wed, 21 Mar 2007 11:17:30 -0700	[thread overview]
Message-ID: <20070321181730.GV22797@outflux.net> (raw)
In-Reply-To: <Pine.LNX.4.64.0701062005001.22171@blonde.wat.veritas.com>

Hi Hugh,

Hugh Dickins said:
> Inconsistency detected by ld.so: rtld.c: 1217: dl_main:
>  Assertion `_rtld_local._dl_rtld_map.l_libname' failed!

I'm trying to reproduce the problem you saw (so that I can then test 
your proposed fix).  However, I haven't had any luck.  I've got a 
pie-compiled version of bash, and I've been running it in a loop for a 
while now with the original randomization patch.  (I can clearly see the 
base address bouncing around.)

I'm at just over 10 million exec's, and I haven't hit the problem.  :(

Do you have any clues on how to trigger this more reliably?

Also, does anyone have any thoughts on why x86 uses a ELF_ET_DYN_BASE 
below the libraries, where as x86_64 uses one above them?  From this, 
I'd expect x86_64 to collide with the libraries at times.  I need more 
help understanding the memory layouts, I guess.  :)

Thanks,

-- 
Kees Cook                                            @outflux.net

next prev parent reply	other threads:[~2007-03-21 18:18 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-01-06 20:11 revert PIE randomization? Hugh Dickins
2007-01-06 21:04 ` Linus Torvalds
2007-01-06 21:08   ` Marcus Meissner
2007-01-06 21:45     ` Ingo Molnar
2007-01-06 21:54       ` Marcus Meissner
2007-01-06 22:42 ` David Woodhouse
2007-03-21 18:17 ` Kees Cook [this message]
2007-03-21 20:01   ` Hugh Dickins
2007-03-26 20:17     ` Kees Cook

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070321181730.GV22797@outflux.net \
    --to=kees@outflux.net \
    --cc=ak@suse.de \
    --cc=akpm@osdl.org \
    --cc=arjan@linux.intel.com \
    --cc=davej@codemonkey.org.uk \
    --cc=hugh@veritas.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=meissner@suse.de \
    --cc=mingo@elte.hu \
    --cc=torvalds@osdl.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.