| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8e9db4d6ff614006869eaa412a536fa0@AcuMS.aculab.com>
Date: Wed, 16 Mar 2022 17:05:07 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Kees Cook' <keescook@...omium.org>,
James Jones <linux@...innocuous.com>
CC: "bp@...en8.de" <bp@...en8.de>, "x86@...nel.org" <x86@...nel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] x86: Remove a.out support
From: Kees Cook
> Sent: 16 March 2022 16:11
>
> On Wed, Mar 16, 2022 at 05:06:10AM +0000, James Jones wrote:
> > I dug the scripts up in the state they were in when I gave up (September
> > 2020 according to mtime), and put them on github in case anyone wants to
> > have a go at it:
> >
> > https://github.com/cubanismo/aout-to-elf/
> >
> > It was an interesting problem in its own right, and I'd be curious to
> > know what I missed.
>
> Yeah, this is a good start. I think the main problem is with how program
> entry works, specifically that %esp is pointing to argc (with all the
> args in memory above there), which isn't the way ELF sets %esp.
>
> It might be possible to make a userspace loader, though. Hmm.
Could it be fixed up by a small bit of code that the elf interpreter
runs just before jumping the a.out entry point?
Depending on the elf layout it might be enough to just reset %esp.
But if the strings are the wrong side of argv[] and enpv[] the
vectors themselves might need copying further down the stack.
Should be possible to do it as PIC code.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists