search for: disable_aslr

...to disable ASLR (address space layout randomization) on Darwin at link time instead of doing setenv("DYLD_NO_PIE", "1", 1); and reexec? Thanks, --kcc On Fri, Dec 9, 2011 at 4:28 AM, Alexander Potapenko <glider at google.com>wrote: > The attached patch introduces the disable_aslr option (off by default) > and the corresponding AsanDisableAslr function that should disable the > address space randomization. > This is now implemented for Mac OS 10.6 only. > In order to do this we add DYLD_NO_PIE=1 to the env and restart the > program. > > Next steps to be...

...able ASLR. But I'm not sure whether it won't disable the PIE > behavior at all. > Also, we'll need some special tool for that. > > > 2. doing setenv+reexec. This will be a debugging nightmare for us and > for > > users. > One can avoid setenv+exec by setting disable_aslr to 0. In this case > we can print the big warning (if someone wants to run the binary under > GDB, ASLR will anyway be disabled). > > > > I would prefer just to print a descriptive warning message and exit: > > ==123== ERROR: AddressSanitizer on MacOS requires to disable...

...O header, which we can flip to disable ASLR. But I'm not sure whether it won't disable the PIE behavior at all. Also, we'll need some special tool for that. >   2. doing setenv+reexec. This will be a debugging nightmare for us and for > users. One can avoid setenv+exec by setting disable_aslr to 0. In this case we can print the big warning (if someone wants to run the binary under GDB, ASLR will anyway be disabled). > > I would prefer just to print a descriptive warning message and exit: >    ==123== ERROR: AddressSanitizer on MacOS requires to disable ASRL for the > executa...

...andomization) on Darwin at link time > instead of doing setenv("DYLD_NO_PIE", "1", 1); and reexec? > > Thanks, > > --kcc > > On Fri, Dec 9, 2011 at 4:28 AM, Alexander Potapenko <glider at google.com> wrote: > The attached patch introduces the disable_aslr option (off by default) > and the corresponding AsanDisableAslr function that should disable the > address space randomization. > This is now implemented for Mac OS 10.6 only. > In order to do this we add DYLD_NO_PIE=1 to the env and restart the program. > > Next steps to be done...

...ndomization) on Darwin at link time > instead of doing setenv("DYLD_NO_PIE", "1", 1); and reexec? > > Thanks, > > --kcc > > On Fri, Dec 9, 2011 at 4:28 AM, Alexander Potapenko <glider at google.com>wrote: > >> The attached patch introduces the disable_aslr option (off by default) >> and the corresponding AsanDisableAslr function that should disable the >> address space randomization. >> This is now implemented for Mac OS 10.6 only. >> In order to do this we add DYLD_NO_PIE=1 to the env and restart the >> program. >&gt...

On Fri, Dec 9, 2011 at 11:24 AM, Eric Christopher <echristo at apple.com>wrote: > > On Dec 9, 2011, at 11:23 AM, Kostya Serebryany wrote: > > > > On Fri, Dec 9, 2011 at 11:16 AM, Eric Christopher <echristo at apple.com>wrote: > >> >> On Dec 9, 2011, at 11:12 AM, Kostya Serebryany wrote: >> >> > Yes, we have no ASRL with -no_pie. >>

On Dec 9, 2011, at 11:12 AM, Kostya Serebryany wrote: > Yes, we have no ASRL with -no_pie. > Can we disable ASRL even with -pie? > On linux we can do it with "setarch x86_64 -R". > You asked about link time. Now it sounds like you're talking about runtime? > Another question: if asan would require -no_pie on Mac, will this be a serious limitation? > If asan

> Link time is of course better. > But if there is a syscall (like the one used by setarch) we could call it > and reexec. > Using setenv("DYLD_NO_PIE")+reexec looks gross to me. There's posix_spawnattr_setflags() that can do the job (http://reverse.put.as/2011/08/11/how-gdb-disables-aslr-in-mac-os-x-lion/), but the necessary flag appeared only in Lion. To the best of my

On Dec 9, 2011, at 11:23 AM, Kostya Serebryany wrote: > > > On Fri, Dec 9, 2011 at 11:16 AM, Eric Christopher <echristo at apple.com> wrote: > > On Dec 9, 2011, at 11:12 AM, Kostya Serebryany wrote: > > > Yes, we have no ASRL with -no_pie. > > Can we disable ASRL even with -pie? > > On linux we can do it with "setarch x86_64 -R". > >

On Dec 9, 2011, at 11:46 AM, Alexander Potapenko wrote: >> Link time is of course better. >> But if there is a syscall (like the one used by setarch) we could call it >> and reexec. >> Using setenv("DYLD_NO_PIE")+reexec looks gross to me. > There's posix_spawnattr_setflags() that can do the job >

On Fri, Dec 9, 2011 at 11:16 AM, Eric Christopher <echristo at apple.com>wrote: > > On Dec 9, 2011, at 11:12 AM, Kostya Serebryany wrote: > > > Yes, we have no ASRL with -no_pie. > > Can we disable ASRL even with -pie? > > On linux we can do it with "setarch x86_64 -R". > > > > You asked about link time. Now it sounds like you're talking