[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <545C2A02.8090206@amacapital.net>
Date: Thu, 06 Nov 2014 18:10:10 -0800
From: Andy Lutomirski <luto@...capital.net>
To: musl@...ts.openwall.com
Subject: Re: fixing -fPIE + -fstack-protector-all
On 11/06/2014 03:45 AM, Anthony G. Basile wrote:
> On 11/05/14 10:43, Rich Felker wrote:
>> On Wed, Nov 05, 2014 at 04:25:03PM +0100, John Spencer wrote:
>>> using -fPIE + -fstack-protector-all is currently broken for a number
>>> of architectures (most notably i386) in the default gcc setup
>>> (including the musl-cross patches), as it depends on a
>>> libssp_nonshared.a which provides __stack_chk_fail_local().
>>
>> As discussed on IRC, I would _like_ to be able to simply add the
>> following to crt/i386/crti.s:
>>
>> __stack_chk_fail_local: hlt
>>
>> and equivalent for other archs. This has the added benefit of
>> effecting a crash without going through the PLT (whereas
>> libssp_nonshared.a's __stack_chk_fail_local calls __stack_chk_fail via
>> the PLT) so it's not vulnerable to attacks that have overwritten the
>> GOT with malicious pointers.
>
> For what its worth, hardening in gentoo (PaX kernel + userland hardening
> with relro and bindnow) tries to prevent this kind of attack by making
> the GOT read only after initial linking.
What does the PaX kernel have to do with this?
--Andy
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
