From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:51516) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QRmZf-0007Od-5l for qemu-devel@nongnu.org; Wed, 01 Jun 2011 10:39:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QRmZd-0002Fv-9w for qemu-devel@nongnu.org; Wed, 01 Jun 2011 10:39:06 -0400 Received: from eu1sys200aog106.obsmtp.com ([207.126.144.121]:52384) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QRmZd-0002Fk-0l for qemu-devel@nongnu.org; Wed, 01 Jun 2011 10:39:05 -0400 From: =?UTF-8?q?C=C3=A9dric=20VINCENT?= Date: Wed, 1 Jun 2011 16:35:28 +0200 Message-ID: <1306938928-6804-1-git-send-email-cedric.vincent@st.com> In-Reply-To: <20110601134734.GA10150@gnx2503> References: <20110601134734.GA10150@gnx2503> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Subject: [Qemu-devel] [PATCH v2] linux-user: Define AT_RANDOM to support target dynamic linkers that do ASLR List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Laurent ALFONSI , =?UTF-8?q?C=C3=A9dric=20VINCENT?= , Riku Voipio , Richard Henderson From: Laurent ALFONSI The dynamic linker of the GNU C library v2.10+ uses the ELF auxialiary vector AT_RANDOM as a pointer to a word with random value. Prior this patch the value of AT_RANDOM was not defined by the ELF loader of QEMU so the GNU dynamic linker de-referenced the NULL pointer instead. As a consequence any target program linked to the GNU C library v2.10+ crashed due to a SEGFAULT. Note AT_RANDOM now points to the start of the text segment thus the value is not random at all, however it is definitively readable. This "dummy" behavior could be improved later. Signed-off-by: Laurent ALFONSI Signed-off-by: Cédric VINCENT --- linux-user/elfload.c | 9 ++++++++- 1 files changed, 8 insertions(+), 1 deletions(-) diff --git a/linux-user/elfload.c b/linux-user/elfload.c index dcfeb7a..111128c 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -927,7 +927,7 @@ struct exec #define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1)) #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) -#define DLINFO_ITEMS 12 +#define DLINFO_ITEMS 13 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) { @@ -1271,6 +1271,13 @@ static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); + + /* The dynamic linker of the GNU C library v2.10+ uses the ELF + * auxiliary vector AT_RANDOM as a pointer to a word with random + * value. Note the start of the text segment is not random at + * all, however it is definitively readable. */ + NEW_AUX_ENT(AT_RANDOM, (abi_ulong) info->start_code); + if (k_platform) NEW_AUX_ENT(AT_PLATFORM, u_platform); #ifdef ARCH_DLINFO -- 1.7.5.1