1 |
On 17 Oct 2006 at 15:47, Alejo Sanchez wrote: |
2 |
|
3 |
> Now to the question. I was wondering if there is a way to protect GOT |
4 |
> (besides having ET_DYN) in the way OpenBSD does |
5 |
> (http://undeadly.org/cgi?action=article&sid=20030126143902). If not, |
6 |
> what would you think on a similar patch for Hardened? |
7 |
|
8 |
the GNU toolchain has provided -z relro -z now for 2 years now, it's |
9 |
the proper implementation of GOT protection and is used by the hardened |
10 |
gcc specs. OpenBSD's method is rather awkward as they mprotect the GOT |
11 |
on each lazily resolved symbol. |
12 |
|
13 |
> Also for some reason the ET_DYN on my amd64/hardened does only 40bit |
14 |
> (paxtest reports as guessed). Is there something that needs touching |
15 |
> in the toolchain to improve it? |
16 |
|
17 |
i assume you mean the heap/stack randomization values. the reason for |
18 |
not using anything close to 64 bits is that while the CPU architecture |
19 |
works with 64 bit pointers in general, the actual CPU implementations |
20 |
don't implement all of those 64 bits. the virtual address space size |
21 |
is 48 bits currently, of which we randomize 'only' 40, leaving the 4 |
22 |
MSBs and LSBs alone. |
23 |
|
24 |
-- |
25 |
gentoo-hardened@g.o mailing list |