The patch titled
binfmt_elf: randomize PIE binaries (2nd try)
has been added to the -mm tree. Its filename is
binfmt_elf-randomize-pie-binaries.patch
See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this
------------------------------------------------------
Subject: binfmt_elf: randomize PIE binaries (2nd try)
From: Marcus Meissner <meissner@xxxxxxx>
Randomizes -pie compiled binaries from 64k (0x10000) up to ELF_ET_DYN_BASE.
0 -> 64k is excluded to allow NULL ptr accesses to fail.
Signed-off-by: Marcus Meissner <meissner@xxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxx>
Cc: Dave Jones <davej@xxxxxxxxxxxxxxxxx>
Cc: Arjan van de Ven <arjan@xxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---
fs/binfmt_elf.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletion(-)
diff -puN fs/binfmt_elf.c~binfmt_elf-randomize-pie-binaries fs/binfmt_elf.c
--- a/fs/binfmt_elf.c~binfmt_elf-randomize-pie-binaries
+++ a/fs/binfmt_elf.c
@@ -856,7 +856,13 @@ static int load_elf_binary(struct linux_
* default mmap base, as well as whatever program they
* might try to exec. This is because the brk will
* follow the loader, and is not movable. */
- load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
+ if (current->flags & PF_RANDOMIZE)
+ load_bias = randomize_range(0x10000,
+ ELF_ET_DYN_BASE,
+ 0);
+ else
+ load_bias = ELF_ET_DYN_BASE;
+ load_bias = ELF_PAGESTART(load_bias - vaddr);
}
error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
_
Patches currently in -mm which might be from meissner@xxxxxxx are
binfmt_elf-randomize-pie-binaries.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
