Mail Archives: cygwin/2022/11/12/09:52:30

Corinna Vinschen <corinna-cygwin AT cygwin DOT com> · Sat, 12 Nov 2022 15:50:28 +0100

On Nov 12 12:28, Christian Jullien wrote:
> Hello Cygwin team,
> 
>  
> 
> First, I would like to thank you for your efforts on Cygwin all of these
> years.
> 
>  
> 
> I'm asking if there will be an API to remove ASLR with an API as on Linux:

Please note that, for the time being, ASLR will only be enabled on the
Cygwin DLL itself.  All other DLLs as well as the Cygwin executables are
still non-ASLRed.  We're looking into introducing ASLR step by step.

Right now the Cygwin toolchain creates non-ASLRed EXEs and DLLs by
default.  This is supposed to change in a while.  Also, we might change
the auto-rebase mechanism (basically the script running as post-install
script when setup-x86_64 finishes up) to enable ASLR on DLLs.  EXEs are
not so important from my POV, but as soon as we tweaked the toolchain,
more and more EXEs will be ASLRed automagically as well.

One thing we can only use partially, because it's bound to break
Cygwin's fork and exec, is High Entropy ASLR.  Naturally, this would
only work for executables which never fork or exec other processes.

Having said that, there's no API for this yet in Cygwin.  There is an
API in Windows to control (among others) the ASLR setting of a process
at creation time, see
https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute
settings called

  PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON
  PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF

and

  PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON
  PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF

However, we don't have an API for that, yet. We could add it to Cygwin
at one point.  I'd prefer the Linux-personality call, too, but funny
enough, ADDR_NO_RANDOMIZE would be the only flag we could support.

What we *do* have already is the peflags tool from the rebase package:

  $ peflags -d0 -e0 foo.exe

This example would disable ASLR on the foo.exe executable.  Maybe that's
a workaround for the time being.

Corinna

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 89DE53842405
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1668264705;
	bh=jImJMVH1e16Qaq0VK8G5e4nAtaegK+YOAURCkhVs/2s=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:List-Id:
	List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
	Reply-To:From;
	b=ugg0zDoCF2uUw0yFzsBF0VofcfLlklseE3tZOkCUVu2iVQJbG725D6v6O9UFUPm1b
	YUneBakSWi7FapSghiHJA569gRaIdIL9xwt8ppRdMqV4N2aHDc+RimN1aKpxVZrl8l
	YJqi2gAcvLLZd2nigbaWDxg5HUVGBAyKajmLgzGQ=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.4.1 sourceware.org 21A903858C1F
Authentication-Results:	sourceware.org;
	dmarc=fail (p=none dis=none) header.from=cygwin.com
Authentication-Results:	sourceware.org; spf=fail smtp.mailfrom=cygwin.com
Date:	Sat, 12 Nov 2022 15:50:28 +0100
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Cc:	Christian Jullien <eligis AT orange DOT fr>
Subject:	Re: Is there an API to remove ALSR in Cygwin 3.4.0?
Message-ID:	<Y2+ytN1euxjLpNoo@calimero.vinschen.de>
Mail-Followup-To:	cygwin AT cygwin DOT com, Christian Jullien <eligis AT orange DOT fr>
References:	<000501d8f689$f359a300$da0ce900$@orange.fr>
MIME-Version:	1.0
In-Reply-To:	<000501d8f689$f359a300$da0ce900$@orange.fr>
X-Provags-ID:	V03:K1:dt7Fszq3o3CXpqitOTqP8Jko/pWqSA7HT5BL1c1GmUXqroyxGLO
	6Z1b1pSMgInFqrngwcIuuwUZlvlUW8akjeWtXSu9Xs4LHeMxTHySqnAAECE8usYKMsCQ160
	9cSjJPaBBbYv3Un/j0rdM9DSyFvVDiY7yRSSWUNJgXItB9e3k5MLG2WfUJQ7TEz4I1c+QX+
	pi9p2j3Y/PMx/RKfhbb2Q==
X-UI-Out-Filterresults:	notjunk:1;V03:K0:5355+WrJSgY=:Y6V1kyW9Ytr/pz6WwvsMi2
	ym2C3jdrOjOIkzVfBbY2YlpC7RpQWFRdTBVlqVrbsqMFeeJ06JER691SFZwXQ3tLvWkVR+U+F
	1j90wWSxH5p4+khoXm4pg+p5IcqTJCY3+TjWmt6BTddVqMmo++lxEvTJxOTmokw8/IBLBL4Sq
	g0wEsnAJghLJSTdk2/oIOvI7vRPpDW0DVYv0g9FTZmMnxmQBfj0ClqpKveY3/sdgaKN04dvyP
	Gl39zqeDID2fOz1lLHAvGU9Osjh64HhJ8v01C60itOoV7x71QAX1lfLxUXPzqw2JDoHuoMmUZ
	32xfy0EMEevPGQ3IrwVJ/U0eK8voTloHzBelJwX6xUc4CmHZ8h4SUqv2hYWN85NQ0O02fXoH0
	zG0x93uDbJMtSCQ4rHwfwi5duLE4hIGyocCgNRavp49dMRAajEiLfTggP6dM+Jc8N62saaLxG
	YsMUmhWbZ71B33chXr7o7/9MaMrn3iX+9aM9UvS82Q8YoHI/q7E3NDBlivmSwQPmhiO5k7+6b
	5Bq/N70VAg+WAR/ISoTVK3GhG5F+kT8tF/uazwYX0nQmW9xcUJKoXvqQl3vfEhF4Uwhj7JIiO
	FizD9KxgQOFSq4YmohVJrWjO0pDvDEtiNnt2mi8H/NwFEthmZwpnRggmML39lkP/Q9Y1zt0Kq
	m4Vcmf9n0wSLWhUdgJHGyJpwU0D0oYXMQ/r6LOJJmAOZ4wl/eOqpTTCBxAJOl7ZXIaaljN4x6
	WI5F7A4/YCFRFmsDLBBWSxfWBwblACIMxuVQa1IN0QBzFZSJ5+JVeOCFoWdKZJ7lkraf4urVl
	JBLl400/7MHxBz+HaPx2uJIl8Wlk8f/JINiV4u2RJvaf3MUxBOqjEP9nInX3lTIBaFKJIhyTj
	yXlsFZlgrZOe0Fp3j8TlpbZyH6w4s1ma73/TVi52dGJO1gfmpMejavUGpAusuhOKg28e2UYlZ
	FnKuEcrHJkG7ivU+9AYzm60YYRs1V6hnVksikNE73AFMTOOn315Vq3VnDbWDP3Dn1wICIukHs
	pI6GyhHfT+oqM+I38AT/VUnwX8OGsi1LzFmTdf+Oz3Jj52tof3zYanUunHy+ivzSE6you4NQz
	XhfwyduLpMtB1ptdwfwASEb0WznZgjQXE153bFsTtxkB+bmhWCc5oHx/uD9hlx8lt+aOjOAkT
	dmiro0vy+/hgtGtCOdLZWSlrrzqJt+5Xka8XkN89E2S9mqprF6fw3YQry0tEjJEGM5TdJvXNS
	YCZ+sIU03LWiI5lSe9Ng/TvGjri44p9Woc7AFpuuSh+hTMMjz0pXrC/GIvHYET9j6gu1B4JsD
	vVd8Id5RuS9huPoaiKfrhgAGSSIv0Q==
X-Spam-Status:	No, score=-95.9 required=5.0 tests=BAYES_00,
	GOOD_FROM_CORINNA_CYGWIN, KAM_DMARC_NONE, KAM_DMARC_STATUS, RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H2, SPF_FAIL, SPF_HELO_NONE,
	TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version:	SpamAssassin 3.4.6 (2021-04-09) on
	server2.sourceware.org
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.29
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe:	<https://cygwin.com/mailman/options/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Reply-To:	cygwin AT cygwin DOT com
Errors-To:	cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender:	"Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019