Print this page
Code review comments from jeffpc
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/libconv/common/corenote.c
          +++ new/usr/src/cmd/sgs/libconv/common/corenote.c
↓ open down ↓ 29 lines elided ↑ open up ↑
  30   30  
  31   31  /*
  32   32   * String conversion routines the system structs found in
  33   33   * Solaris core file note sections. These items are not
  34   34   * ELF constructs. However, elfdump contains code for decoding
  35   35   * them, and therefore requires formatting support.
  36   36   */
  37   37  #include        <stdio.h>
  38   38  #include        <procfs.h>
  39   39  #include        <sys/corectl.h>
       40 +#include        <sys/secflags.h>
  40   41  #include        <string.h>
  41   42  #include        <_conv.h>
  42   43  #include        <corenote_msg.h>
  43   44  
  44   45  const char *
  45   46  conv_cnote_type(Word type, Conv_fmt_flags_t fmt_flags,
  46   47      Conv_inv_buf_t *inv_buf)
  47   48  {
  48   49          static const Msg        types[] = {
  49   50                  MSG_NT_PRSTATUS,        MSG_NT_PRFPREG,
  50   51                  MSG_NT_PRPSINFO,        MSG_NT_PRXREG,
  51   52                  MSG_NT_PLATFORM,        MSG_NT_AUXV,
  52   53                  MSG_NT_GWINDOWS,        MSG_NT_ASRS,
  53   54                  MSG_NT_LDT,             MSG_NT_PSTATUS,
  54   55                  0,                      0,
  55   56                  MSG_NT_PSINFO,          MSG_NT_PRCRED,
  56   57                  MSG_NT_UTSNAME,         MSG_NT_LWPSTATUS,
  57   58                  MSG_NT_LWPSINFO,        MSG_NT_PRPRIV,
  58   59                  MSG_NT_PRPRIVINFO,      MSG_NT_CONTENT,
  59   60                  MSG_NT_ZONENAME,        MSG_NT_FDINFO,
  60      -                MSG_NT_SPYMASTER
       61 +                MSG_NT_SPYMASTER,       MSG_NT_SECFLAGS
  61   62          };
  62      -#if NT_NUM != NT_SPYMASTER
       63 +#if NT_NUM != NT_SECFLAGS
  63   64  #error "NT_NUM has grown. Update core note types[]"
  64   65  #endif
  65   66          static const conv_ds_msg_t ds_types = {
  66   67              CONV_DS_MSG_INIT(NT_PRSTATUS, types) };
  67   68          static const conv_ds_t  *ds[] = { CONV_DS_ADDR(ds_types), NULL };
  68   69  
  69   70  
  70   71          return (conv_map_ds(ELFOSABI_NONE, EM_NONE, type, ds, fmt_flags,
  71   72              inv_buf));
  72   73  }
↓ open down ↓ 29 lines elided ↑ open up ↑
 102  103                  MSG_AUXV_AT_SUN_IFLUSH,         MSG_AUXV_AT_SUN_CPU
 103  104          };
 104  105          static const conv_ds_msg_t ds_types_2000_2011 = {
 105  106              CONV_DS_MSG_INIT(2000, types_2000_2011) };
 106  107  
 107  108          static const Msg        types_2014_2023[] = {
 108  109                  MSG_AUXV_AT_SUN_EXECNAME,       MSG_AUXV_AT_SUN_MMU,
 109  110                  MSG_AUXV_AT_SUN_LDDATA,         MSG_AUXV_AT_SUN_AUXFLAGS,
 110  111                  MSG_AUXV_AT_SUN_EMULATOR,       MSG_AUXV_AT_SUN_BRANDNAME,
 111  112                  MSG_AUXV_AT_SUN_BRAND_AUX1,     MSG_AUXV_AT_SUN_BRAND_AUX2,
 112      -                MSG_AUXV_AT_SUN_BRAND_AUX3,     MSG_AUXV_AT_SUN_HWCAP2
      113 +                MSG_AUXV_AT_SUN_BRAND_AUX3,     MSG_AUXV_AT_SUN_HWCAP2,
 113  114          };
 114  115          static const conv_ds_msg_t ds_types_2014_2023 = {
 115  116              CONV_DS_MSG_INIT(2014, types_2014_2023) };
 116  117  
 117  118          static const conv_ds_t  *ds[] = {
 118  119                  CONV_DS_ADDR(ds_types_0_22), CONV_DS_ADDR(ds_types_2000_2011),
 119  120                  CONV_DS_ADDR(ds_types_2014_2023), NULL };
 120  121  
 121  122          return (conv_map_ds(ELFOSABI_NONE, EM_NONE, type, ds, fmt_flags,
 122  123              inv_buf));
↓ open down ↓ 2452 lines elided ↑ open up ↑
2575 2576          } else {
2576 2577                  arg.rflags = mode;
2577 2578          }
2578 2579  
2579 2580          if (mode == 0)
2580 2581                  return (MSG_ORIG(MSG_GBL_ZERO));
2581 2582  
2582 2583          (void) conv_expn_field(&arg, vda, fmt_flags);
2583 2584          return (buf);
2584 2585  }
     2586 +
     2587 +
     2588 +#define PROCSECFLGSZ    CONV_EXPN_FIELD_DEF_PREFIX_SIZE +               \
     2589 +        MSG_ASLR_SIZE           + CONV_EXPN_FIELD_DEF_SEP_SIZE +        \
     2590 +        MSG_FORBIDNULLMAP_SIZE  + CONV_EXPN_FIELD_DEF_SEP_SIZE +        \
     2591 +        MSG_NOEXECSTACK_SIZE    + CONV_EXPN_FIELD_DEF_SEP_SIZE +        \
     2592 +        CONV_INV_BUFSIZE        + CONV_EXPN_FIELD_DEF_SUFFIX_SIZE
     2593 +
     2594 +/*
     2595 + * Ensure that Conv_cnote_pr_secflags_buf_t is large enough:
     2596 + *
     2597 + * PROCSECFLGSZ is the real minimum size of the buffer required by
     2598 + * conv_prsecflags(). However, Conv_cnote_pr_secflags_buf_t uses
     2599 + * CONV_CNOTE_PSECFLAGS_FLAG_BUFSIZE to set the buffer size. We do things this
     2600 + * way because the definition of PROCSECFLGSZ uses information that is not
     2601 + * available in the environment of other programs that include the conv.h
     2602 + * header file.
     2603 + */
     2604 +#if (CONV_PRSECFLAGS_BUFSIZE != PROCSECFLGSZ) && !defined(__lint)
     2605 +#define REPORT_BUFSIZE PROCSECFLGSZ
     2606 +#include "report_bufsize.h"
     2607 +#error "CONV_PRSECFLAGS_BUFSIZE does not match PROCSECFLGSZ"
     2608 +#endif
     2609 +
     2610 +const char *
     2611 +conv_prsecflags(secflagset_t flags, Conv_fmt_flags_t fmt_flags,
     2612 +    Conv_secflags_buf_t *secflags_buf)
     2613 +{
     2614 +        /*
     2615 +         * The values are initialized later, based on position in this array
     2616 +         */
     2617 +        static Val_desc vda[] = {
     2618 +                { 0, MSG_ASLR },
     2619 +                { 0, MSG_FORBIDNULLMAP },
     2620 +                { 0, MSG_NOEXECSTACK },
     2621 +                { 0, 0 }
     2622 +        };
     2623 +        static CONV_EXPN_FIELD_ARG conv_arg = {
     2624 +            NULL, sizeof (secflags_buf->buf)
     2625 +        };
     2626 +        int i;
     2627 +
     2628 +        for (i = 0; vda[i].v_msg != 0; i++)
     2629 +                vda[i].v_val = secflag_to_bit(i);
     2630 +
     2631 +        if (flags == 0)
     2632 +                return (MSG_ORIG(MSG_GBL_ZERO));
     2633 +
     2634 +        conv_arg.buf = secflags_buf->buf;
     2635 +        conv_arg.oflags = conv_arg.rflags = flags;
     2636 +        (void) conv_expn_field(&conv_arg, vda, fmt_flags);
     2637 +
     2638 +        return ((const char *)secflags_buf->buf);
     2639 +}
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX