Hi
I'm using FC2 with 2.6.5-1.358 and 2.6.6-1.435 kernels (same behavior)
exec-shield enables (If I understand correctly):
[root@pc-16 te]# cat /proc/sys/kernel/exec-shield
1
[root@pc-16 te]# cat /proc/sys/kernel/exec-shield-randomize
1
Have a little test program that print out the addresses of a couple of
symbols:
#include <strings.h>
#include <stdlib.h>
#include <unistd.h>
main()
{
char * a = "hei hei";
char * b = "hei hei alle sammen";
int rc;
rc = strcmp(a, b);
printf ("main %p strcmp %p\n", main, strcmp);
printf ("getpid %p malloc %p\n", getpid, malloc);
printf ("stack syms: a = %p b = %p rc = %p\n", &a, &b, &rc);
};
Now I run it several times and while the stack addrs is randiomized,
libc only alternate between two addresses and main() is always at the
same place, I though part of the idea was to really randomize the shared
lib addrs as well as the main prog sym addrs? :
te pc-16 ~ 70> !gcc
gcc -fPIE -fpic -o ./testsc ./testsc.c
te pc-16 ~ 71> ./testsc
main 0x80483f8 strcmp 0x4b91e0
getpid 0x4d9ea0 malloc 0x4b3010
stack syms: a = 0xfef7eb20 b = 0xfef7eb1c rc = 0xfef7eb18
te pc-16 ~ 72> ./testsc
main 0x80483f8 strcmp 0x4b91e0
getpid 0x4d9ea0 malloc 0x4b3010
stack syms: a = 0xfee4dd80 b = 0xfee4dd7c rc = 0xfee4dd78
te pc-16 ~ 73> ./testsc
main 0x80483f8 strcmp 0x4b91e0
getpid 0x4d9ea0 malloc 0x4b3010
stack syms: a = 0xfee49dd0 b = 0xfee49dcc rc = 0xfee49dc8
te pc-16 ~ 74> ./testsc
main 0x80483f8 strcmp 0x1771e0
getpid 0x197ea0 malloc 0x171010
stack syms: a = 0xfef68540 b = 0xfef6853c rc = 0xfef68538
te pc-16 ~ 75> ./testsc
main 0x80483f8 strcmp 0x4b91e0
getpid 0x4d9ea0 malloc 0x4b3010
stack syms: a = 0xfef4c980 b = 0xfef4c97c rc = 0xfef4c978
te pc-16 ~ 76> ./testsc
main 0x80483f8 strcmp 0x4b91e0
getpid 0x4d9ea0 malloc 0x4b3010
stack syms: a = 0xfef4bd40 b = 0xfef4bd3c rc = 0xfef4bd38
te pc-16 ~ 77> ./testsc
main 0x80483f8 strcmp 0x1771e0
getpid 0x197ea0 malloc 0x171010
stack syms: a = 0xfef44620 b = 0xfef4461c rc = 0xfef44618
te pc-16 ~ 78>
--
Terje Eggestad
Senior Software Engineer
dir. +47 22 62 89 61
mob. +47 975 31 57
fax. +47 22 62 89 51
[email protected]
Scali - http://www.scali.com
High Performance Clustering
> te pc-16 ~ 70> !gcc
> gcc -fPIE -fpic -o ./testsc ./testsc.c
>
you need to pass -pie as option as well; -fpie for the compiler, -pie for the linker,
eg
gcc -fPIE -pie -o ./testsc ./testsc.c
On Tue, Jun 15, 2004 at 10:05:23AM +0200, Terje Eggestad wrote:
> te pc-16 ~ 70> !gcc
> gcc -fPIE -fpic -o ./testsc ./testsc.c
This is not a command to build a PIE.
You need
gcc -fpie -pie -o ./testsc ./testsc.c
instead (or s/-fpie/-fPIE/).
Furthermore, I don't think lkml is the right mailing list to ask about this.
Jakub
Thx Arjan
That did it!
TJ
On Tue, 2004-06-15 at 10:33, Arjan van de Ven wrote:
> > te pc-16 ~ 70> !gcc
> > gcc -fPIE -fpic -o ./testsc ./testsc.c
> >
>
> you need to pass -pie as option as well; -fpie for the compiler, -pie for the linker,
> eg
>
> gcc -fPIE -pie -o ./testsc ./testsc.c
--
Terje Eggestad
Senior Software Engineer
dir. +47 22 62 89 61
mob. +47 975 31 57
fax. +47 22 62 89 51
[email protected]
Scali - http://www.scali.com
High Performance Clustering