aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarcus Meissner <meissner@suse.de>2006-12-06 20:36:24 -0800
committerLinus Torvalds <torvalds@woody.osdl.org>2006-12-07 08:39:33 -0800
commit59287c0913cc9a6c75712a775f6c1c1ef418ef3b (patch)
tree0f1c12edec9496275e2b2a373a12b1e9e2e91173
parentb23984d0a12a4821b2e9712c71550f321eb88bb5 (diff)
[PATCH] binfmt_elf: randomize PIE binaries (2nd try)
Randomizes -pie compiled binaries from 64k (0x10000) up to ELF_ET_DYN_BASE. 0 -> 64k is excluded to allow NULL ptr accesses to fail. Signed-off-by: Marcus Meissner <meissner@suse.de> Cc: Ingo Molnar <mingo@elte.hu> Cc: Dave Jones <davej@codemonkey.org.uk> Cc: Arjan van de Ven <arjan@linux.intel.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--fs/binfmt_elf.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index cc72bb43061..b2efbaead6c 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -856,7 +856,13 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
* default mmap base, as well as whatever program they
* might try to exec. This is because the brk will
* follow the loader, and is not movable. */
- load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
+ if (current->flags & PF_RANDOMIZE)
+ load_bias = randomize_range(0x10000,
+ ELF_ET_DYN_BASE,
+ 0);
+ else
+ load_bias = ELF_ET_DYN_BASE;
+ load_bias = ELF_PAGESTART(load_bias - vaddr);
}
error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,