gdb/gdb-6.8-disable-randomization.patch

545 lines
17 KiB
Diff

2008-06-08 Jan Kratochvil <jan.kratochvil@redhat.com>
* configure.ac: Add check for HAVE_PERSONALITY and
HAVE_DECL_ADDR_NO_RANDOMIZE.
* configure, config.in: Regenerate.
* fork-child.c: New include <errno.h>.
[HAVE_PERSONALITY]: New include <sys/personality.h>.
[HAVE_PERSONALITY] (set_disable_randomization): New function.
(disable_randomization, show_disable_randomization): New.
(fork_inferior) [HAVE_PERSONALITY] [!HAVE_DECL_ADDR_NO_RANDOMIZE]: Set
ADDR_NO_RANDOMIZE.
(fork_inferior) [HAVE_PERSONALITY]: Disable randomization upon the
variable DISABLE_RANDOMIZATION.
(_initialize_fork_child): Call ADD_SETSHOW_BOOLEAN_CMD for the variable
DISABLE_RANDOMIZATION.
2008-06-08 Jan Kratochvil <jan.kratochvil@redhat.com>
* gdb.texinfo (Starting): Document "set disable-randomization".
2008-06-08 Jan Kratochvil <jan.kratochvil@redhat.com>
* gdb.base/randomize.exp, gdb.base/randomize.c: New files.
[ Ported for Fedora GDB. ]
Index: gdb-6.8/gdb/config.in
===================================================================
--- gdb-6.8.orig/gdb/config.in 2008-07-14 10:27:27.000000000 +0200
+++ gdb-6.8/gdb/config.in 2008-07-14 10:28:50.000000000 +0200
@@ -64,6 +64,10 @@
/* Define to 1 if you have the <curses.h> header file. */
#undef HAVE_CURSES_H
+/* Define to 1 if you have the declaration of `ADDR_NO_RANDOMIZE', and to 0 if
+ you don't. */
+#undef HAVE_DECL_ADDR_NO_RANDOMIZE
+
/* Define to 1 if you have the declaration of `free', and to 0 if you don't.
*/
#undef HAVE_DECL_FREE
@@ -203,6 +207,9 @@
/* Define to 1 if you have the <nlist.h> header file. */
#undef HAVE_NLIST_H
+/* Define if you support the personality syscall. */
+#undef HAVE_PERSONALITY
+
/* Define to 1 if you have the `poll' function. */
#undef HAVE_POLL
Index: gdb-6.8/gdb/configure
===================================================================
--- gdb-6.8.orig/gdb/configure 2008-07-14 10:27:27.000000000 +0200
+++ gdb-6.8/gdb/configure 2008-07-14 10:28:50.000000000 +0200
@@ -22911,6 +22911,188 @@ _ACEOF
fi
+echo "$as_me:$LINENO: checking whether ADDR_NO_RANDOMIZE is declared" >&5
+echo $ECHO_N "checking whether ADDR_NO_RANDOMIZE is declared... $ECHO_C" >&6
+if test "${ac_cv_have_decl_ADDR_NO_RANDOMIZE+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/personality.h>
+
+int
+main ()
+{
+#ifndef ADDR_NO_RANDOMIZE
+ char *p = (char *) ADDR_NO_RANDOMIZE;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_have_decl_ADDR_NO_RANDOMIZE=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_have_decl_ADDR_NO_RANDOMIZE=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_have_decl_ADDR_NO_RANDOMIZE" >&5
+echo "${ECHO_T}$ac_cv_have_decl_ADDR_NO_RANDOMIZE" >&6
+if test $ac_cv_have_decl_ADDR_NO_RANDOMIZE = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_ADDR_NO_RANDOMIZE 1
+_ACEOF
+
+
+else
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_ADDR_NO_RANDOMIZE 0
+_ACEOF
+
+
+fi
+
+
+
+if test "$cross_compiling" = yes; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/personality.h>
+int
+main ()
+{
+
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
+# define ADDR_NO_RANDOMIZE 0x0040000
+# endif
+ /* Test the flag could be set and stays set. */
+ personality (personality (0xffffffff) | ADDR_NO_RANDOMIZE);
+ if (!(personality (personality (0xffffffff)) & ADDR_NO_RANDOMIZE))
+ return 1
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ have_personality=true
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+have_personality=false
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/personality.h>
+int
+main ()
+{
+
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
+# define ADDR_NO_RANDOMIZE 0x0040000
+# endif
+ /* Test the flag could be set and stays set. */
+ personality (personality (0xffffffff) | ADDR_NO_RANDOMIZE);
+ if (!(personality (personality (0xffffffff)) & ADDR_NO_RANDOMIZE))
+ return 1
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ have_personality=true
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+( exit $ac_status )
+have_personality=false
+fi
+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+if $have_personality
+then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_PERSONALITY 1
+_ACEOF
+
+fi
+
# Check whether --with-sysroot or --without-sysroot was given.
Index: gdb-6.8/gdb/configure.ac
===================================================================
--- gdb-6.8.orig/gdb/configure.ac 2008-07-14 10:27:27.000000000 +0200
+++ gdb-6.8/gdb/configure.ac 2008-07-14 10:28:50.000000000 +0200
@@ -1254,6 +1254,29 @@ if test "x$gdb_cv_sys_syscall_h_has_tkil
AC_DEFINE(HAVE_TKILL_SYSCALL, 1, [Define if you support the tkill syscall.])
fi
+dnl Check if we can disable the virtual address space randomization.
+dnl The functionality of setarch -R.
+AC_CHECK_DECLS([ADDR_NO_RANDOMIZE],,, [#include <sys/personality.h>])
+define([PERSONALITY_TEST], [AC_LANG_PROGRAM([#include <sys/personality.h>], [
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
+# define ADDR_NO_RANDOMIZE 0x0040000
+# endif
+ /* Test the flag could be set and stays set. */
+ personality (personality (0xffffffff) | ADDR_NO_RANDOMIZE);
+ if (!(personality (personality (0xffffffff)) & ADDR_NO_RANDOMIZE))
+ return 1])])
+AC_RUN_IFELSE([PERSONALITY_TEST],
+ [have_personality=true],
+ [have_personality=false],
+ [AC_LINK_IFELSE([PERSONALITY_TEST],
+ [have_personality=true],
+ [have_personality=false])])
+if $have_personality
+then
+ AC_DEFINE([HAVE_PERSONALITY], 1,
+ [Define if you support the personality syscall.])
+fi
+
dnl Handle optional features that can be enabled.
AC_ARG_WITH(sysroot,
Index: gdb-6.8/gdb/fork-child.c
===================================================================
--- gdb-6.8.orig/gdb/fork-child.c 2008-01-29 22:11:24.000000000 +0100
+++ gdb-6.8/gdb/fork-child.c 2008-07-14 10:28:50.000000000 +0200
@@ -32,12 +32,45 @@
#include "gdbthread.h"
#include "command.h" /* for dont_repeat () */
#include "solib.h"
+#include "gdbcmd.h"
#include <signal.h>
+#include <errno.h>
+#ifdef HAVE_PERSONALITY
+# include <sys/personality.h>
+#endif
/* This just gets used as a default if we can't find SHELL. */
#define SHELL_FILE "/bin/sh"
+static int disable_randomization =
+#ifdef HAVE_PERSONALITY
+ 1;
+#else
+ 0;
+#endif
+
+#ifndef HAVE_PERSONALITY
+static void
+set_disable_randomization (char *args, int from_tty, struct cmd_list_element *c)
+{
+ if (disable_randomization)
+ {
+ disable_randomization = 0;
+ error (_("Unsupported on this platform."));
+ }
+}
+#endif
+
+static void
+show_disable_randomization (struct ui_file *file, int from_tty,
+ struct cmd_list_element *c, const char *value)
+{
+ fprintf_filtered (file, _("\
+Disabling randomization of debuggee's virtual address space is %s.\n"),
+ value);
+}
+
extern char **environ;
/* Break up SCRATCH into an argument vector suitable for passing to
@@ -289,6 +322,24 @@ fork_inferior (char *exec_file_arg, char
if (debug_fork)
sleep (debug_fork);
+#ifdef HAVE_PERSONALITY
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
+# define ADDR_NO_RANDOMIZE 0x0040000
+# endif
+ if (disable_randomization)
+ {
+ int val;
+
+ errno = 0;
+ val = personality (0xffffffff);
+ if (errno == 0)
+ personality (val | ADDR_NO_RANDOMIZE);
+ if (errno != 0 || !(personality (0xffffffff) & ADDR_NO_RANDOMIZE))
+ warning (_("Currently enabled disable-randomization is unsupported "
+ "on this platform."));
+ }
+#endif /* HAVE_PERSONALITY */
+
/* Run inferior in a separate process group. */
debug_setpgrp = gdb_setpgid ();
if (debug_setpgrp == -1)
@@ -446,3 +497,23 @@ startup_inferior (int ntraps)
}
stop_soon = NO_STOP_QUIETLY;
}
+
+void
+_initialize_fork_child (void)
+{
+
+ add_setshow_boolean_cmd ("disable-randomization", class_support,
+ &disable_randomization, _("\
+Set disabling of debuggee's virtual address space randomization."), _("\
+Show disabling of debuggee's virtual address space randomization."), _("\
+When this mode is on (which is the default), the randomization of\n\
+the virtual address space is disabled. Standalone programs run with the\n\
+randomization enabled by default on some platforms."),
+#ifdef HAVE_PERSONALITY
+ NULL,
+#else
+ &set_disable_randomization,
+#endif
+ &show_disable_randomization,
+ &setlist, &showlist);
+}
Index: gdb-6.8/gdb/doc/gdb.texinfo
===================================================================
--- gdb-6.8.orig/gdb/doc/gdb.texinfo 2008-07-14 10:28:36.000000000 +0200
+++ gdb-6.8/gdb/doc/gdb.texinfo 2008-07-14 10:28:50.000000000 +0200
@@ -1820,6 +1820,57 @@ argument to @value{GDBN} (@pxref{Invocat
@value{GDBN}}), or by using the @code{file} or @code{exec-file} command
(@pxref{Files, ,Commands to Specify Files}).
+@kindex set disable-randomization
+@item set disable-randomization
+@itemx set disable-randomization on
+This option (enabled by default in @value{GDBN}) will turn off the native
+randomization of the virtual address space of the started program. This option
+is useful for multiple debugging sessions to make the execution better
+reproducible and memory addresses reusable across debugging sessions.
+
+This feature is implemented at least on @sc{gnu}/Linux and OpenBSD. You can
+get the same behavior using
+
+@smallexample
+(@value{GDBP}) set exec-wrapper setarch `uname -m` -R
+@end smallexample
+
+@item set disable-randomization off
+Leave the behavior of the started executable unchanged. Some bugs rear their
+ugly heads only when the program is loaded at certain addresses. If your bug
+disappears when you run the program under @value{GDBN}, that might be because
+@value{GDBN} by default disables the address randomization on platforms, such
+as @sc{gnu}/Linux, which do that for stand-alone programs. Use @kbd{set
+disable-randomization off} to try to reproduce such elusive bugs.
+
+The virtual address space randomization is implemented at least on
+@sc{gnu}/Linux and OpenBSD. It protects the programs against some kinds of
+security attacks. In these cases the attacker needs to know the exact location
+of a concrete executable code. Randomizing its location makes it impossible to
+inject jumps misusing a code at its expected addresses.
+
+Prelinking shared libraries provides a startup performance advantage but it
+makes addresses in these libraries predictable for privileged processes by
+having just unprivileged access at the target system. Reading the shared
+library binary gives enough information for assembling the malicious code
+misusing it. Still even a prelinked shared library can get loaded a a new
+random address just requiring the regular relocation process during the
+startup. Shared libraries not already prelinked are always loaded at
+a randomly chosen address.
+
+Position independent executables (PIE) contain position independent code
+similar to the shared libraries and therefore such executables get loaded at
+a randomly chosen address upon startup. PIE executables always load even
+already prelinked shared libraries at a random address. You can build such
+executable using @command{gcc -fPIE -pie}.
+
+Heap (malloc storage), stack and custom mmap areas are always placed randomly
+(as long as the randomization is enabled).
+
+@item show disable-randomization
+Show the current setting of the explicit disable of the native randomization of
+the virtual address space of the started program.
+
@end table
If you are running your program in an execution environment that
Index: gdb-6.8/gdb/testsuite/gdb.base/randomize.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ gdb-6.8/gdb/testsuite/gdb.base/randomize.c 2008-07-14 10:28:50.000000000 +0200
@@ -0,0 +1,32 @@
+/* This testcase is part of GDB, the GNU debugger.
+
+ Copyright 2008 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ Please email any bugs, comments, and/or additions to this file to:
+ bug-gdb@prep.ai.mit.edu */
+
+#include <stdlib.h>
+#include <stdio.h>
+
+int main()
+{
+ void *p;
+
+ p = malloc (1);
+ printf ("address = %p\n", p);
+
+ return 0;
+}
Index: gdb-6.8/gdb/testsuite/gdb.base/randomize.exp
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ gdb-6.8/gdb/testsuite/gdb.base/randomize.exp 2008-07-14 10:28:50.000000000 +0200
@@ -0,0 +1,63 @@
+# Copyright 2008 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+set testfile randomize
+set srcfile ${testfile}.c
+set binfile ${objdir}/${subdir}/${testfile}
+if { [gdb_compile "${srcdir}/${subdir}/${srcfile}" "${binfile}" executable {debug}] != "" } {
+ untested "Couldn't compile test program"
+ return -1
+}
+
+# Get things started.
+
+gdb_exit
+gdb_start
+gdb_reinitialize_dir $srcdir/$subdir
+gdb_load ${binfile}
+
+proc address_get { testname } {
+ global gdb_prompt
+
+ if {![runto_main]} {
+ return -1
+ }
+ gdb_test_multiple "continue" $testname {
+ -re "address = (0x\[0-9a-f\]*).*Program exited normally..*$gdb_prompt $" {
+ pass $testname
+ return $expect_out(1,string)
+ }
+ }
+}
+
+gdb_test "set disable-randomization off"
+set addr1 [address_get "randomized first address"]
+set addr2 [address_get "randomized second address"]
+set test "randomized addresses should not match"
+if {$addr1 eq $addr2} {
+ fail $test
+} else {
+ pass $test
+}
+
+gdb_test "set disable-randomization on"
+set addr1 [address_get "fixed first address"]
+set addr2 [address_get "fixed second address"]
+set test "fixed addresses should match"
+if {$addr1 eq $addr2} {
+ pass $test
+} else {
+ fail $test
+}