Closed GoogleCodeExporter closed 9 years ago
Does this mean that on 10.7 the only two choices are --no_pie and fork+exec?
Original comment by konstant...@gmail.com
on 18 Jan 2012 at 5:45
Exactly.
Original comment by ramosian.glider@gmail.com
on 19 Jan 2012 at 8:06
I completely forgot about another method suggested by Mark Mentovai that works
reliably on all OS X versions. One can unset the MH_PIE bit in an already
linked executable, using e.g. this script:
http://src.chromium.org/viewvc/chrome/trunk/src/build/mac/change_mach_o_flags.py
?view=markup
This method is less convenient to integrate with every build process. To do
that we'll need to make Clang run this script after every ld invocation, which
is in fact similar to adding the --no_pie flag.
Original comment by ramosian.glider@gmail.com
on 19 Jan 2012 at 8:32
I'm now considering the following roadmap:
1. Introduce the disable_aslr runtime flag that will tell ASan to do fork+exec.
Set disable_aslr=0 on Snow Leopard and disable_aslr=1 on Lion by default.
2. If MH_PIE bit is set and any of the current mappings is going to intersect
with the shadow, do the following:
-- if disable_aslr is 0, print a warning and die;
-- if disable_aslr is 1, fix ASLR by doing fork+exec
3. Make sure Clang doesn't set MH_PIE for executables built with
-faddress-sanitizer.
Step 1 is mainly needed to start running Chrome on Lion without additional GYP
hackery. We can also skip Step 2 and pass to Step 3 if we finally want to get
rid of disable_aslr.
Original comment by ramosian.glider@gmail.com
on 1 Feb 2012 at 10:57
I've spent some time playing with ASLR on Lion and here are two conclusions:
-- doing posix_spawn with POSIX_SPAWN_SETEXEC and _POSIX_SPAWN_DISABLE_ASLR is equal to exec() without fork() and should disable ASLR as well;
-- I haven't managed to trigger any ASLR problems on Lion for the binaries built with -fpie. This is probably because ASLR is much smarter on Lion.
Attached is the patch that disables ASLR on Lion, but I'm not going to commit
it until I notice any problems with ASLR on Lion.
Original comment by ramosian.glider@gmail.com
on 1 Feb 2012 at 2:21
Attachments:
As Snow Leopard will be obsolete soon, the issue becomes less (if at all)
important.
The reliable workaround is to set DYLD_NO_PIE=1.
Original comment by ramosian.glider@gmail.com
on 29 Oct 2012 at 11:11
Do we still need to support 10.6?
Can we close this bug?
Original comment by konstant...@gmail.com
on 18 Feb 2013 at 7:15
We still need to support 10.6 for some time, yet we don't want to fix ASLR on
10.6.
Will reopen if we ever have problems with newer OS X versions.
Original comment by ramosian.glider@gmail.com
on 18 Feb 2013 at 11:13
Original issue reported on code.google.com by
ramosian.glider@gmail.com
on 18 Jan 2012 at 1:21