This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [PATCH] add support for high entropy ASLR on Windows
- From: Pedro Alves <palves at redhat dot com>
- To: Daniel Micay <danielmicay at gmail dot com>, gdb-patches at sourceware dot org
- Date: Tue, 19 Aug 2014 22:52:54 +0100
- Subject: Re: [PATCH] add support for high entropy ASLR on Windows
- Authentication-results: sourceware.org; auth=none
- References: <1408479009-7955-1-git-send-email-danielmicay at gmail dot com>
Hi Daniel,
Thanks for that patch, but although binutils/ld and gdb share the same
git repo, binutils has its own mailing list. You need to resend this to
the binutils at sourceware list.
--
Pedro Alves
On 08/19/2014 09:10 PM, Daniel Micay wrote:
> Enabling the HIGH_ENTROPY_VA flag allows the operating system to use
> addresses outside of the 32-bit range before memory exhaustion. This
> results in a higher entropy implementation of ASLR when used with the
> DYNAMIC_BASE flag.
>
> 2014-08-19 Daniel Micay <danielmicay@gmail.com>
>
> * include/coff/pe.h: Add HIGH_ENTROPY_VA flag
> * ld/emultempl/pep.em: Add --high-entropy-va switch
> * ld/ld.texinfo: Document the --high-entropy-va switch
> ---
> include/coff/pe.h | 1 +
> ld/emultempl/pep.em | 7 +++++++
> ld/ld.texinfo | 4 ++++
> 3 files changed, 12 insertions(+)
>
> diff --git a/include/coff/pe.h b/include/coff/pe.h
> index 0ed9dde..5ffa7c0 100644
> --- a/include/coff/pe.h
> +++ b/include/coff/pe.h
> @@ -40,6 +40,7 @@
>
> /* DllCharacteristics flag bits. The inconsistent naming may seem
> odd, but that is how they are defined in the PE specification. */
> +#define IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA 0x0020
> #define IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE 0x0040
> #define IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY 0x0080
> #define IMAGE_DLL_CHARACTERISTICS_NX_COMPAT 0x0100
> diff --git a/ld/emultempl/pep.em b/ld/emultempl/pep.em
> index 916a786..6d56bc3 100644
> --- a/ld/emultempl/pep.em
> +++ b/ld/emultempl/pep.em
> @@ -237,6 +237,7 @@ enum options
> OPTION_LEADING_UNDERSCORE,
> OPTION_ENABLE_LONG_SECTION_NAMES,
> OPTION_DISABLE_LONG_SECTION_NAMES,
> + OPTION_HIGH_ENTROPY_VA,
> OPTION_DYNAMIC_BASE,
> OPTION_FORCE_INTEGRITY,
> OPTION_NX_COMPAT,
> @@ -314,6 +315,7 @@ gld${EMULATION_NAME}_add_options
> #endif
> {"enable-long-section-names", no_argument, NULL, OPTION_ENABLE_LONG_SECTION_NAMES},
> {"disable-long-section-names", no_argument, NULL, OPTION_DISABLE_LONG_SECTION_NAMES},
> + {"high-entropy-va", no_argument, NULL, OPTION_HIGH_ENTROPY_VA},
> {"dynamicbase",no_argument, NULL, OPTION_DYNAMIC_BASE},
> {"forceinteg", no_argument, NULL, OPTION_FORCE_INTEGRITY},
> {"nxcompat", no_argument, NULL, OPTION_NX_COMPAT},
> @@ -450,6 +452,8 @@ gld_${EMULATION_NAME}_list_options (FILE *file)
> executable image files\n"));
> fprintf (file, _(" --disable-long-section-names Never use long COFF section names, even\n\
> in object files\n"));
> + fprintf (file, _(" --high-entropy-va Image is compatible with 64-bit address space\n\
> + layout randomization (ASLR)\n"));
> fprintf (file, _(" --dynamicbase Image base address may be relocated using\n\
> address space layout randomization (ASLR)\n"));
> fprintf (file, _(" --forceinteg Code integrity checks are enforced\n"));
> @@ -804,6 +808,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
> pep_use_coff_long_section_names = 0;
> break;
> /* Get DLLCharacteristics bits */
> + case OPTION_HIGH_ENTROPY_VA:
> + pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA;
> + break;
> case OPTION_DYNAMIC_BASE:
> pe_dll_characteristics |= IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE;
> break;
> diff --git a/ld/ld.texinfo b/ld/ld.texinfo
> index 718a7d0..350a48b 100644
> --- a/ld/ld.texinfo
> +++ b/ld/ld.texinfo
> @@ -2655,6 +2655,10 @@ The following options set flags in the @code{DllCharacteristics} field
> of the PE file header:
> [These options are specific to PE targeted ports of the linker]
>
> +@kindex --high-entropy-va
> +@item --high-entropy-va
> +Image is compatible with 64-bit address space layout randomization (ASLR).
> +
> @kindex --dynamicbase
> @item --dynamicbase
> The image base address may be relocated using address space layout
>