compilation - ELF, PIE ASLR and everything in between, specifically within Linux -

-

alrighty before asking question cover few technical details want make sure i've got correct:

a position independent executable - pie, code able execute regardless of memory address loaded into, right?

aslr ------ address space layout randomization, pretty states in order keep addresses static randomize them in manner,

i've read within linux , unix based systems implementing aslr possible regardless of if our code pie, if pie, jumps, calls , offsets relative hence have no problem if it's not, code how gets modified , addresses edited regardless of whether code executable or shared object....

right.... leads me ask few questions

  1. if aslr possible implement within codes aren't pie , executables , not shared / relocatable object ( i know how relocation works within relocateable objects !!!! ) how done?, elf format should hold no section states within code sections functions kernel loader modify it, right? aslr should kernel functionality how on earth example executable containing example these instructions

    psuedo code: 

    inc_eax:  add eax, 5  ret  main:  mov eax, 5  mov ebx, 6  call absolute_addres{inc_eax}

    how kernel executable loader know how change addresses if aren't stored in relocatable table within elf file , aren't relative in order load executable random address?

  2. let's i'm wrong, , in order implement aslr must have pie executable, segments relative how 1 compile c++ oop code , make work, example, if have instance of class using pointer virtual table within it's struct, , virtual table should hold absolute addresses, hence wouldn't able compile pure pie c++ programs have usage of run time virtual tables, , again aslr isn't possible.... doubt virtual tables contain relative addresses , there different virtual table each call of virtual function...

  3. my last , least significant question regarding elf , pie, there special way detect elf executable pie?, i'm familiar elf format doubt there way might wrong, anyways if there isn't way how kernel loader know if our executable pie hence use aslr on it

i've got messed in head , i'd love if me here, in advance

your question appears mish-mash of confusion , misunderstanding.

position independent executable - pie, code able execute regardless of memory address loaded into, right?

almost. pie binary can not loaded memory @ arbitrary address, pt_load segments have alignment requirements (e.g. 0x400, or 0x10000). can loaded , run correctly if loaded memory @ address satisfying alignment requirements.

aslr ------ address space layout randomization, pretty states in order keep addresses static randomize them in manner,

i can't parse above statement in meaningful way.

aslr technique randomizing various parts of address space, in order make "known address" attacks more difficult.

note aslr predates pie binaries, , not in way require pie. when aslr introduced, randomized placement of stack, heap, , shared libraries. placement of (non-pie) main executable not randomized.

aslr has been considered success, , therefore extended support pie main binary, specially crafted shared library (and has et_dyn file type).

  1. call absolute_addres{inc_eax} how kernel executable loader know how change addresses if > aren't stored in relocatable table

simple: on x86, there no instruction call absolute_address -- calls relative.

2 ... wouldn't able compile pure pie c++ programs have usage of run time virtual tables, , again aslr isn't possible..

pie binary requires relocation, shared library. virtual tables in pie binaries work exactly same way work in shared libraries: ld-linux.so.2 updates got (global offset table) before transferring control pie binary.

3 ... there special way detect elf executable pie

simple: pie binary has elf file type set et_dyn (a non-pie binary have type et_exec). if run file a.out on pie executable, you'll see it's "shared library".


Comments

Post a Comment

Popular posts from this blog

matlab - error with cyclic autocorrelation function -

-
Image
i'm trying code cyclic autocorrelation function in matlab follows: t=0:(n-1); t=t*te; i_alpha=0; tau=-n2*te:te:n2*te; alpha=-1/2:1/n:1/2; ryy_cl=zeros(length(alpha),length(tau)); alpha=alpha/te ind_tau=0; i_alpha=i_alpha+1; k=tau ind_tau=ind_tau+1; if k>0 % ryy_cl(i_alpha,ind_tau)=1/length(sig_bin_syl_mod(1:end- k))*sum((sig_bin_syl_mod(1:end-k)).*sig_bin_syl_mod(k+1:end)).*exp(1i*2*pi*alpha*t(1+k:length(sig_bin_syl_mod(1:end)))); ryy_cl(i_alpha,ind_tau)=(1/n)*sum((sig_bin_syl_mod(1:end-k)).*sig_bin_syl_mod(k+1:end)).*exp(-1i*2*pi*alpha*t(1:end-k)); else ryy_cl(i_alpha,ind_tau)=(1/n)*sum((sig_bin_syl_mod(1-k:end)).*sig_bin_syl_mod(1:end+k)).*exp(-1i*2*pi*alpha*t(1-k:end)); end end end i'm getting errors, , doesn't show expecting. according below formulae, how can fix it? the code provided incomplete, difficult confidently reproduce error. in particular, haven't de...
Read more

django - (fields.E300) Field defines a relation with model 'AbstractEmailUser' which is either not installed, or is abstract -

-
i trying create customuser django project email username , add radio button truck , company. in registration process email-id registered per truck or company. mentioned radio button 'tag' , add manytomany field tag in emailuser model. when makemigrations, raising error : (fields.e300) field defines relation model 'abstractemailuser' either not installed, or abstract. i quite new django , not sure whether have created correct code wants. please me solving this. here code, models.py: import django django.contrib.auth.models import ( abstractbaseuser, baseusermanager, permissionsmixin) django.core.mail import send_mail django.db import models django.utils import timezone django.utils.translation import ugettext_lazy _ class emailusermanager(baseusermanager): """custom manager emailuser.""" def _create_user(self, email, password, is_staff, is_superuser, **extra_fields): """create , save emailus...
Read more

c# - What is a good .Net RefEdit control to use with ExcelDna? -

-
i using exceldna , c# build suite of tools. part of forms i'd want user select cells/ranges workbook. i've got application.inputbox route working...but doesn't cool... i haven't read many things excel's refedit control, , see many have in past written workarounds, in (shudder) vba or vb.net. however, none of these seem recent... best approach/control refedit functionality on form run via exceldna (if applicable)? the refedit sample project of github explores different ways of dealing threading when showing form excel add-in, main issue making refedit control .net add-in. check page links various other implementations: https://github.com/excel-dna/exceldna/wiki/links-about-refedit
Read more