lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.64.0707311326090.26532@jikos.suse.cz>
Date:	Tue, 31 Jul 2007 13:30:00 +0200 (CEST)
From:	Jiri Kosina <jkosina@...e.cz>
To:	Ulrich Kunitz <kune@...ne-taler.de>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	Chuck Ebbert <cebbert@...hat.com>,
	linux-kernel@...r.kernel.org, Jan Kratochvil <honza@...os.cz>,
	jakub@...hat.com
Subject: Re: Is PIE randomization breaking klibc binaries?

On Wed, 25 Jul 2007, Ulrich Kunitz wrote:

> The message looks like:
> sleep[7888]: segfault at 000000000004001C rip 000000000004001C rsp 
> 00007fff14776468 error 14
> Repeated calls get the same message with the stack pointer changing. 
> Other binaries (mount) have a segmentation fault at another addressi 
> (0x400184). It appears that the instruction pointer fails at the start 
> address of the klibc binary. Notify that this lies in the binary itself 
> and not in the /lib/klibc*.so object, so it appears that the klibc 
> binary sections are loaded at randomized addresses.

Hi Ulrich,

I just now quickly tried to with klibc-1.5 on i386 with the 
PIE-randomization patched kernel, and it seems to load static libraries 
fine.

I just downloaded klibc-1.5, built it, and executed a few of the programs 
in usr/utils/static, all of them worked. Does this also work for you and 
you are experiencing the problems solely when the binaries are being run 
from initramfs during boot?

I will test more shortly (on x86_64, directly from initramfs) in order to 
reproduce.

Thanks,

-- 
Jiri Kosina
SUSE Labs
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ