[PATCH] add support for high entropy ASLR on Windows

Mirror of the gdb-patches mailing list
 help / color / mirror / Atom feed

* [PATCH] add support for high entropy ASLR on Windows
@ 2014-08-19 20:10 Daniel Micay
  2014-08-19 21:53 ` Pedro Alves
  0 siblings, 1 reply; 3+ messages in thread
From: Daniel Micay @ 2014-08-19 20:10 UTC (permalink / raw)
  To: gdb-patches; +Cc: Daniel Micay

Enabling the HIGH_ENTROPY_VA flag allows the operating system to use
addresses outside of the 32-bit range before memory exhaustion. This
results in a higher entropy implementation of ASLR when used with the
DYNAMIC_BASE flag.

2014-08-19  Daniel Micay  <danielmicay@gmail.com>

	* include/coff/pe.h: Add HIGH_ENTROPY_VA flag
	* ld/emultempl/pep.em: Add --high-entropy-va switch
	* ld/ld.texinfo: Document the --high-entropy-va switch
---
 include/coff/pe.h   | 1 +
 ld/emultempl/pep.em | 7 +++++++
 ld/ld.texinfo       | 4 ++++
 3 files changed, 12 insertions(+)

diff --git a/include/coff/pe.h b/include/coff/pe.h
index 0ed9dde..5ffa7c0 100644
--- a/include/coff/pe.h
+++ b/include/coff/pe.h
@@ -40,6 +40,7 @@
 
 /* DllCharacteristics flag bits.  The inconsistent naming may seem
    odd, but that is how they are defined in the PE specification.  */
+#define IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA       0x0020
 #define IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE          0x0040
 #define IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY       0x0080
 #define IMAGE_DLL_CHARACTERISTICS_NX_COMPAT             0x0100
diff --git a/ld/emultempl/pep.em b/ld/emultempl/pep.em
index 916a786..6d56bc3 100644
--- a/ld/emultempl/pep.em
+++ b/ld/emultempl/pep.em
@@ -237,6 +237,7 @@ enum options
   OPTION_LEADING_UNDERSCORE,
   OPTION_ENABLE_LONG_SECTION_NAMES,
   OPTION_DISABLE_LONG_SECTION_NAMES,
+  OPTION_HIGH_ENTROPY_VA,
   OPTION_DYNAMIC_BASE,
   OPTION_FORCE_INTEGRITY,
   OPTION_NX_COMPAT,
@@ -314,6 +315,7 @@ gld${EMULATION_NAME}_add_options
 #endif
     {"enable-long-section-names", no_argument, NULL, OPTION_ENABLE_LONG_SECTION_NAMES},
     {"disable-long-section-names", no_argument, NULL, OPTION_DISABLE_LONG_SECTION_NAMES},
+    {"high-entropy-va", no_argument, NULL, OPTION_HIGH_ENTROPY_VA},
     {"dynamicbase",no_argument, NULL, OPTION_DYNAMIC_BASE},
     {"forceinteg", no_argument, NULL, OPTION_FORCE_INTEGRITY},
     {"nxcompat", no_argument, NULL, OPTION_NX_COMPAT},
@@ -450,6 +452,8 @@ gld_${EMULATION_NAME}_list_options (FILE *file)
                                        executable image files\n"));
   fprintf (file, _("  --disable-long-section-names       Never use long COFF section names, even\n\
                                        in object files\n"));
+  fprintf (file, _("  --high-entropy-va                  Image is compatible with 64-bit address space\n\
+                                       layout randomization (ASLR)\n"));
   fprintf (file, _("  --dynamicbase			 Image base address may be relocated using\n\
 				       address space layout randomization (ASLR)\n"));
   fprintf (file, _("  --forceinteg		 Code integrity checks are enforced\n"));
@@ -804,6 +808,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
       pep_use_coff_long_section_names = 0;
       break;
     /*  Get DLLCharacteristics bits  */
+    case OPTION_HIGH_ENTROPY_VA:
+      pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA;
+      break;
     case OPTION_DYNAMIC_BASE:
       pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE;
       break;
diff --git a/ld/ld.texinfo b/ld/ld.texinfo
index 718a7d0..350a48b 100644
--- a/ld/ld.texinfo
+++ b/ld/ld.texinfo
@@ -2655,6 +2655,10 @@ The following options set flags in the @code{DllCharacteristics} field
 of the PE file header:
 [These options are specific to PE targeted ports of the linker]
 
+@kindex --high-entropy-va
+@item --high-entropy-va
+Image is compatible with 64-bit address space layout randomization (ASLR).
+
 @kindex --dynamicbase
 @item --dynamicbase
 The image base address may be relocated using address space layout
-- 
2.0.4


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] add support for high entropy ASLR on Windows
  2014-08-19 20:10 [PATCH] add support for high entropy ASLR on Windows Daniel Micay
@ 2014-08-19 21:53 ` Pedro Alves
  2014-08-19 22:05   ` Daniel Micay
  0 siblings, 1 reply; 3+ messages in thread
From: Pedro Alves @ 2014-08-19 21:53 UTC (permalink / raw)
  To: Daniel Micay, gdb-patches

Hi Daniel,

Thanks for that patch, but although binutils/ld and gdb share the same
git repo, binutils has its own mailing list.  You need to resend this to
the binutils at sourceware list.

-- 
Pedro Alves

On 08/19/2014 09:10 PM, Daniel Micay wrote:
> Enabling the HIGH_ENTROPY_VA flag allows the operating system to use
> addresses outside of the 32-bit range before memory exhaustion. This
> results in a higher entropy implementation of ASLR when used with the
> DYNAMIC_BASE flag.
> 
> 2014-08-19  Daniel Micay  <danielmicay@gmail.com>
> 
> 	* include/coff/pe.h: Add HIGH_ENTROPY_VA flag
> 	* ld/emultempl/pep.em: Add --high-entropy-va switch
> 	* ld/ld.texinfo: Document the --high-entropy-va switch
> ---
>  include/coff/pe.h   | 1 +
>  ld/emultempl/pep.em | 7 +++++++
>  ld/ld.texinfo       | 4 ++++
>  3 files changed, 12 insertions(+)
> 
> diff --git a/include/coff/pe.h b/include/coff/pe.h
> index 0ed9dde..5ffa7c0 100644
> --- a/include/coff/pe.h
> +++ b/include/coff/pe.h
> @@ -40,6 +40,7 @@
>  
>  /* DllCharacteristics flag bits.  The inconsistent naming may seem
>     odd, but that is how they are defined in the PE specification.  */
> +#define IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA       0x0020
>  #define IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE          0x0040
>  #define IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY       0x0080
>  #define IMAGE_DLL_CHARACTERISTICS_NX_COMPAT             0x0100
> diff --git a/ld/emultempl/pep.em b/ld/emultempl/pep.em
> index 916a786..6d56bc3 100644
> --- a/ld/emultempl/pep.em
> +++ b/ld/emultempl/pep.em
> @@ -237,6 +237,7 @@ enum options
>    OPTION_LEADING_UNDERSCORE,
>    OPTION_ENABLE_LONG_SECTION_NAMES,
>    OPTION_DISABLE_LONG_SECTION_NAMES,
> +  OPTION_HIGH_ENTROPY_VA,
>    OPTION_DYNAMIC_BASE,
>    OPTION_FORCE_INTEGRITY,
>    OPTION_NX_COMPAT,
> @@ -314,6 +315,7 @@ gld${EMULATION_NAME}_add_options
>  #endif
>      {"enable-long-section-names", no_argument, NULL, OPTION_ENABLE_LONG_SECTION_NAMES},
>      {"disable-long-section-names", no_argument, NULL, OPTION_DISABLE_LONG_SECTION_NAMES},
> +    {"high-entropy-va", no_argument, NULL, OPTION_HIGH_ENTROPY_VA},
>      {"dynamicbase",no_argument, NULL, OPTION_DYNAMIC_BASE},
>      {"forceinteg", no_argument, NULL, OPTION_FORCE_INTEGRITY},
>      {"nxcompat", no_argument, NULL, OPTION_NX_COMPAT},
> @@ -450,6 +452,8 @@ gld_${EMULATION_NAME}_list_options (FILE *file)
>                                         executable image files\n"));
>    fprintf (file, _("  --disable-long-section-names       Never use long COFF section names, even\n\
>                                         in object files\n"));
> +  fprintf (file, _("  --high-entropy-va                  Image is compatible with 64-bit address space\n\
> +                                       layout randomization (ASLR)\n"));
>    fprintf (file, _("  --dynamicbase			 Image base address may be relocated using\n\
>  				       address space layout randomization (ASLR)\n"));
>    fprintf (file, _("  --forceinteg		 Code integrity checks are enforced\n"));
> @@ -804,6 +808,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
>        pep_use_coff_long_section_names = 0;
>        break;
>      /*  Get DLLCharacteristics bits  */
> +    case OPTION_HIGH_ENTROPY_VA:
> +      pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA;
> +      break;
>      case OPTION_DYNAMIC_BASE:
>        pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE;
>        break;
> diff --git a/ld/ld.texinfo b/ld/ld.texinfo
> index 718a7d0..350a48b 100644
> --- a/ld/ld.texinfo
> +++ b/ld/ld.texinfo
> @@ -2655,6 +2655,10 @@ The following options set flags in the @code{DllCharacteristics} field
>  of the PE file header:
>  [These options are specific to PE targeted ports of the linker]
>  
> +@kindex --high-entropy-va
> +@item --high-entropy-va
> +Image is compatible with 64-bit address space layout randomization (ASLR).
> +
>  @kindex --dynamicbase
>  @item --dynamicbase
>  The image base address may be relocated using address space layout
> 



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] add support for high entropy ASLR on Windows
  2014-08-19 21:53 ` Pedro Alves
@ 2014-08-19 22:05   ` Daniel Micay
  0 siblings, 0 replies; 3+ messages in thread
From: Daniel Micay @ 2014-08-19 22:05 UTC (permalink / raw)
  To: Pedro Alves, gdb-patches

[-- Attachment #1: Type: text/plain, Size: 316 bytes --]

On 19/08/14 05:52 PM, Pedro Alves wrote:
> Hi Daniel,
> 
> Thanks for that patch, but although binutils/ld and gdb share the same
> git repo, binutils has its own mailing list.  You need to resend this to
> the binutils at sourceware list.

No problem, I misread the MAINTAINERS file when I glanced at it.


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2014-08-19 22:05 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-08-19 20:10 [PATCH] add support for high entropy ASLR on Windows Daniel Micay
2014-08-19 21:53 ` Pedro Alves
2014-08-19 22:05   ` Daniel Micay

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox