Date: Fri, 13 Mar 2015 12:43:45 -0700 From: Nick Kralevich <nnk@...gle.com> To: oss-security@...ts.openwall.com Subject: Re: Vendor adoption of PIE INFO#934476 oss-security On Fri, Mar 13, 2015 at 10:19 AM, Daniel Micay <danielmicay@...il.com> wrote: > On 13/03/15 11:05 AM, Solar Designer wrote: >> On Thu, Mar 12, 2015 at 08:31:42PM -0700, Nick Kralevich wrote: >>> I wanted to provide a followup on this year-old thread. >> >> Thank you! >> >>> With the release of Android 5.0, Android has removed support for >>> non-PIE binaries  . Attempting to run a non-PIE binary will >>> generate an error on Android. In this way, we ensure that all binaries >>> take full advantage of Android's ASLR implementation. >>> >>> This is just one of the many security enhancements added in Android >>> 5.*, and one that I hope other Linux distributions will pick up. >>> >>>  https://source.android.com/devices/tech/security/enhancements/enhancements50.html >>>  https://android.googlesource.com/platform/bionic/+/76e289c026f11126fc88841b3019fd5bb419bb67 > > Sadly, PIE is much less useful on Android right now. Every app and many > services are spawned from an initial zygote process without an exec, so > nearly everything has the same ASLR bases. It is great to see progress > in this space though. I hope to see the zygote process go away now that > ART and modern hardware makes it much less necessary - especially if a > process (or a pool) is pre-spawned during idle time. > > AFAIK, the change forbidding non-PIE binaries was backed out for the > official 5.0 release > (https://android.googlesource.com/platform/bionic/+/d81b3b275dff99561cbe5905ca63a1c72fa54a17). > I guess that was fixed in 5.1? I haven't looked into it yet. You are getting the dates of your patches out of order. There were three patches submitted in the following order: 2014-05-08: Remove support for non-PIE executables https://android.googlesource.com/platform/bionic/+/2aebf5429bb1241a3298b5b642d38f73124c2026 2014-06-19: Reenable support for non-PIE executables https://android.googlesource.com/platform/bionic/+/d81b3b275dff99561cbe5905ca63a1c72fa54a17 2014-07-03: Revert "Reenable support for non-PIE executables" https://android.googlesource.com/platform/bionic/+/76e289c026f11126fc88841b3019fd5bb419bb67 The last patch is definitely in Android 5.0, and was never backed out. ~/aosp/bionic/linker$ git tag --contains 76e289c026f11126fc88841b3019fd5bb419bb67 android-5.0.0_r1 android-5.0.0_r2 android-5.0.0_r3 android-5.0.0_r4 android-5.0.0_r5 android-5.0.0_r5.1 android-5.0.0_r6 android-5.0.0_r7 android-5.0.1_r1 android-5.0.2_r1 android-5.1.0_r1 android-l-preview_r2 android-wear-5.0.0_r1 > >> I brought this to Twitter, and here's a comment by Rich Felker: >> >> <solardiz> Android 5.0 "has removed support for non-PIE binaries. Attempting to run a non-PIE binary will generate an error" http://www.openwall.com/lists/oss-security/2015/03/13/1 >> <@RichFelker> @solardiz Guess that means no emacs on Android... >> <@solardiz> @RichFelker Why, can't one build Emacs as PIE? >> <@RichFelker> @solardiz The whole dumper issue. The final emacs binary is a dump of an emacs with a lisp heap full of pointers and no relocation data. > > FWIW, I think various distributions are going to enable it once the PIE > by default patches land: > > https://email@example.com/msg105030.html > > There has been no luck getting someone to review them, so they missed > the GCC 5 freeze deadline despite being ready before then. > > I proposed that we enable it by default on Arch via wrapper scripts, but > it was rejected in favour of waiting for this patch to land. An OpenSUSE > developer also voiced interest in the patches on the GCC mailing list. > It just needs a committer who feels like reviewing it. > -- Nick Kralevich | Android Security | nnk@...gle.com | 650.214.4037
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.