Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753907AbdHIRRC (ORCPT ); Wed, 9 Aug 2017 13:17:02 -0400 Received: from mail-oi0-f43.google.com ([209.85.218.43]:35588 "EHLO mail-oi0-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753188AbdHIRQ6 (ORCPT ); Wed, 9 Aug 2017 13:16:58 -0400 MIME-Version: 1.0 In-Reply-To: References: From: "H.J. Lu" Date: Wed, 9 Aug 2017 10:16:57 -0700 Message-ID: Subject: Re: new ELF marking To: Kees Cook Cc: LKML , Binutils Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1004 Lines: 31 On Wed, Aug 9, 2017 at 10:07 AM, Kees Cook via binutils wrote: > Hi, > > I'd like to be able to mark an ELF binary in such a way that Linux's > binfmt_elf.c will collapse a PIE text area into the mmap region > (currently they are separately randomized in memory). This is desired > by AddressSanitizer to avoid having an ASan-built binary have its text > area moving into an unexpected location[1] (ASLR is still desired, but > doesn't need to have a PIE/mmap split). > > I see a few ways: > > - Add parsing for NOTE program headers and add a new NOTE type > (NT_GNU_EXEC_FLAGS), though notes tend to be strings... > > - Add a new Program Header (GNU_EXEC_FLAGS), which is similar to how > GNU_STACK and GNU_RELRO were handled. This could sort of be like NOTE > except just lots of bit flags. > > - Use a filesystem xattr. This is fragile, in the case of copying > binaries between systems or filesystems. > > Thoughts? > > Why don't you use NT_GNU_PROPERTY_TYPE_0? -- H.J.