Expanding the list of "Hardened Packages"

[David Howells]

John Reiser <jreiser at bitwagon.com> wrote:

> It's also easy to see the mechanism:
> $ cat foo.c
> extern int a[];
> 
> void foo(int j) { a[j]=j; }
> $ gcc -m32 -fPIE -O -S foo.c
> $ cat foo.s  # edited for brevity
> foo:  # 25 bytes; about 15 cycles  (incl. 3*3 cycles data cache fetch latency)
> 	call	__x86.get_pc_thunk.cx
> 	addl	$_GLOBAL_OFFSET_TABLE_, %ecx
> 	movl	4(%esp), %eax
> 	movl	a at GOT(%ecx), %edx
> 	movl	%eax, (%edx,%eax,4)
> 	ret

Yes, but...  Am I right in thinking that a page containing the above can be
shared, but...

> $ gcc -m32 -O -S foo.c
> $ cat foo.s  # edited for brevity
> foo:  # 12 bytes; about 6 cycles  (incl. 1*3 cycles data cache fetch latency)
> 	movl	4(%esp), %eax
> 	movl	%eax, a(,%eax,4)
> 	ret
> $

... a page containing this cannot because it must be relocated prior to
execution?

Admittedly, it is possible that if the address stored by the linker for 'a' is
the same as 'a' is loaded at, then the loader might not need to adjust the
instruction - but if we randomise the load addresses of various binaries, then
that is unlikely to be true.

David