Print this page
Code review comments from jeffpc
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/elfdump/common/corenote.c
          +++ new/usr/src/cmd/sgs/elfdump/common/corenote.c
↓ open down ↓ 26 lines elided ↑ open up ↑
  27   27   * Copyright 2012 DEY Storage Systems, Inc.  All rights reserved.
  28   28   * Copyright (c) 2013, Joyent, Inc. All rights reserved.
  29   29   */
  30   30  
  31   31  #include <stdlib.h>
  32   32  #include <stdio.h>
  33   33  #include <string.h>
  34   34  #include <sys/types.h>
  35   35  #include <unistd.h>
  36   36  #include <sys/corectl.h>
       37 +#include <procfs.h>
  37   38  #include <msg.h>
  38   39  #include <_elfdump.h>
  39   40  #include <struct_layout.h>
  40   41  #include <conv.h>
  41   42  
  42   43  
  43   44  /*
  44   45   * This module contains the code that displays data from the note
  45   46   * sections found in Solaris core files. The format of these
  46   47   * note sections are described in the core(4) manpage.
↓ open down ↓ 112 lines elided ↑ open up ↑
 159  160  }
 160  161  
 161  162  /*
 162  163   * Convenience wrappers on top of the corresponding sl_XXX() functions.
 163  164   */
 164  165  static Word
 165  166  extract_as_word(note_state_t *state, const sl_field_t *fdesc)
 166  167  {
 167  168          return (sl_extract_as_word(state->ns_data, state->ns_swap, fdesc));
 168  169  }
 169      -static Word
      170 +static Lword
 170  171  extract_as_lword(note_state_t *state, const sl_field_t *fdesc)
 171  172  {
 172  173          return (sl_extract_as_lword(state->ns_data, state->ns_swap, fdesc));
 173  174  }
 174  175  static int
 175  176  extract_as_sword(note_state_t *state, const sl_field_t *fdesc)
 176  177  {
 177  178          return (sl_extract_as_sword(state->ns_data, state->ns_swap, fdesc));
 178  179  }
 179  180  static const char *
↓ open down ↓ 249 lines elided ↑ open up ↑
 429  430   */
 430  431  static void
 431  432  dump_auxv(note_state_t *state, const char *title)
 432  433  {
 433  434          const sl_auxv_layout_t  *layout = state->ns_arch->auxv;
 434  435          union {
 435  436                  Conv_cap_val_hw1_buf_t          hw1;
 436  437                  Conv_cap_val_hw2_buf_t          hw2;
 437  438                  Conv_cnote_auxv_af_buf_t        auxv_af;
 438  439                  Conv_ehdr_flags_buf_t           ehdr_flags;
      440 +                Conv_secflags_buf_t             secflags;
 439  441                  Conv_inv_buf_t                  inv;
 440  442          } conv_buf;
 441  443          sl_fmtbuf_t     buf;
 442  444          int             ndx, ndx_start;
 443  445          Word            sizeof_auxv;
 444  446  
 445  447          sizeof_auxv = layout->sizeof_struct.slf_eltlen;
 446  448  
 447  449          indent_enter(state, title, &layout->sizeof_struct);
 448  450  
↓ open down ↓ 371 lines elided ↑ open up ↑
 820  822          const sl_timestruc_layout_t *layout = state->ns_arch->timestruc;
 821  823  
 822  824          indent_enter(state, title, &layout->tv_sec);
 823  825  
 824  826          PRINT_DEC_2UP(MSG_ORIG(MSG_CNOTE_T_TV_SEC), tv_sec,
 825  827              MSG_ORIG(MSG_CNOTE_T_TV_NSEC), tv_nsec);
 826  828  
 827  829          indent_exit(state);
 828  830  }
 829  831  
      832 +/*
      833 + * Output information from prsecflags_t structure.
      834 + */
      835 +static void
      836 +dump_secflags(note_state_t *state, const char *title)
      837 +{
      838 +        const sl_prsecflags_layout_t *layout = state->ns_arch->prsecflags;
      839 +        Conv_secflags_buf_t inv;
      840 +        Lword lw;
      841 +        Word w;
      842 +
      843 +        indent_enter(state, title, &layout->pr_version);
      844 +
      845 +        w = extract_as_word(state, &layout->pr_version);
      846 +
      847 +        if (w != PRSECFLAGS_VERSION_1) {
      848 +                PRINT_DEC(MSG_INTL(MSG_NOTE_BAD_SECFLAGS_VER), pr_version);
      849 +                dump_hex_bytes(state->ns_data, state->ns_len, state->ns_indent,
      850 +                    4, 3);
      851 +        } else {
      852 +                PRINT_DEC(MSG_ORIG(MSG_CNOTE_T_PR_VERSION), pr_version);
      853 +                lw = extract_as_lword(state, &layout->pr_effective);
      854 +                print_str(state, MSG_ORIG(MSG_CNOTE_T_PR_EFFECTIVE),
      855 +                    conv_prsecflags(lw, 0, &inv));
      856 +
      857 +                lw = extract_as_lword(state, &layout->pr_inherit);
      858 +                print_str(state, MSG_ORIG(MSG_CNOTE_T_PR_INHERIT),
      859 +                    conv_prsecflags(lw, 0, &inv));
      860 +
      861 +                lw = extract_as_lword(state, &layout->pr_lower);
      862 +                print_str(state, MSG_ORIG(MSG_CNOTE_T_PR_LOWER),
      863 +                    conv_prsecflags(lw, 0, &inv));
      864 +
      865 +                lw = extract_as_lword(state, &layout->pr_upper);
      866 +                print_str(state, MSG_ORIG(MSG_CNOTE_T_PR_UPPER),
      867 +                    conv_prsecflags(lw, 0, &inv));
      868 +        }
      869 +
      870 +        indent_exit(state);
      871 +}
 830  872  
 831  873  /*
 832  874   * Output information from utsname structure.
 833  875   */
 834  876  static void
 835  877  dump_utsname(note_state_t *state, const char *title)
 836  878  {
 837  879          const sl_utsname_layout_t       *layout = state->ns_arch->utsname;
 838  880  
 839  881          indent_enter(state, title, &layout->sysname);
↓ open down ↓ 250 lines elided ↑ open up ↑
1090 1132          /*
1091 1133           * In order to line up all the values in a single column,
1092 1134           * we would have to set vcol to a very high value, which results
1093 1135           * in ugly looking output that runs off column 80. So, we use
1094 1136           * two levels of vcol, one for the contents so far, and a
1095 1137           * higher one for the pr_lwp sub-struct.
1096 1138           */
1097 1139          state->ns_vcol += 5;
1098 1140          state->ns_t2col += 5;
1099 1141          state->ns_v2col += 5;
     1142 +
1100 1143          PRINT_SUBTYPE(MSG_ORIG(MSG_CNOTE_T_PR_LWP), pr_lwp, dump_lwpstatus);
1101 1144          state->ns_vcol -= 5;
1102 1145          state->ns_t2col -= 5;
1103 1146          state->ns_v2col -= 5;
1104 1147  
1105 1148          indent_exit(state);
1106 1149  }
1107 1150  
1108 1151  
1109 1152  /*
↓ open down ↓ 740 lines elided ↑ open up ↑
1850 1893                  state.ns_v2col = 54;
1851 1894                  dump_prfdinfo(&state, MSG_ORIG(MSG_CNOTE_DESC_PRFDINFO_T));
1852 1895                  return (CORENOTE_R_OK);
1853 1896  
1854 1897          case NT_SPYMASTER:
1855 1898                  state.ns_vcol = 25;
1856 1899                  state.ns_t2col = 45;
1857 1900                  state.ns_v2col = 58;
1858 1901                  dump_psinfo(&state, MSG_ORIG(MSG_CNOTE_DESC_PSINFO_T));
1859 1902                  return (CORENOTE_R_OK);
     1903 +
     1904 +        case NT_SECFLAGS:
     1905 +                state.ns_vcol = 23;
     1906 +                state.ns_t2col = 41;
     1907 +                state.ns_v2col = 54;
     1908 +                dump_secflags(&state, MSG_ORIG(MSG_CNOTE_DESC_PRSECFLAGS_T));
     1909 +                return (CORENOTE_R_OK);
1860 1910          }
1861 1911  
1862 1912          return (CORENOTE_R_BADTYPE);
1863 1913  }
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX