Re: ASLR for golang on OpenBSD

Juan Francisco Cantero Hurtado Fri, 09 Jun 2017 18:30:06 -0700

On Fri, Jun 09, 2017 at 06:37:51PM +0000, ra...@openmailbox.org wrote:
> Hello!
> 
> Here is a patch that lets you use `go build -buildmode=pie file.go` to
> compile golang binaries on OpenBSD and get ASLR.
> 
> By default all the golang binaries compiled on openbsd are not randomized,
> only linux and android have that feature.
> 
> This patch is against go1.8.3.src.tar.gz


You should send the patch to the golang project. If we only patch the
port, then the users from other platforms generating OpenBSD binaries
will not be able to use the pie mode.

> 
> 
> 
> diff -Naur go/src/cmd/go/build.go go-aslr/src/cmd/go/build.go
> --- go/src/cmd/go/build.go      2017-05-24 18:15:12.000000000 +0000
> +++ go-aslr/src/cmd/go/build.go 2017-06-09 18:26:12.740449349 +0000
> @@ -383,8 +383,11 @@
>                 } else {
>                         switch platform {
>                         case "linux/386", "linux/amd64", "linux/arm",
> "linux/arm64", "linux/ppc64le", "linux/s390x",
> -                               "android/amd64", "android/arm",
> "android/arm64", "android/386":
> +                               "android/amd64", "android/arm",
> "android/arm64", "android/386", "openbsd/amd64":
>                                 codegenArg = "-shared"
> +                               if platform == "openbsd/amd64" {
> +                                       ldBuildmode = "pie"
> +                               }
>                         default:
>                                 fatalf("-buildmode=pie not supported on
> %s\n", platform)
>                         }
> diff -Naur go/src/cmd/link/internal/ld/config.go
> go-aslr/src/cmd/link/internal/ld/config.go
> --- go/src/cmd/link/internal/ld/config.go       2017-05-24
> 18:15:12.000000000 +0000
> +++ go-aslr/src/cmd/link/internal/ld/config.go  2017-06-09
> 18:26:37.820448527 +0000
> @@ -43,7 +43,7 @@
>                 *mode = BuildmodeExe
>         case "pie":
>                 switch obj.GOOS {
> -               case "android", "linux":
> +               case "android", "linux", "openbsd":
>                 default:
>                         return badmode()
>                 }
> diff -Naur go/src/cmd/link/internal/ld/lib.go
> go-aslr/src/cmd/link/internal/ld/lib.go
> --- go/src/cmd/link/internal/ld/lib.go  2017-05-24 18:15:12.000000000 +0000
> +++ go-aslr/src/cmd/link/internal/ld/lib.go     2017-06-09
> 18:26:56.903781235 +0000
> @@ -1019,7 +1019,9 @@
>                         argv = append(argv, "-Wl,-no_pie")
>                 }
>         case obj.Hopenbsd:
> -               argv = append(argv, "-Wl,-nopie")
> +               if Buildmode != BuildmodePIE {
> +                       argv = append(argv, "-Wl,-nopie")
> +               }
>         case obj.Hwindows:
>                 argv = append(argv, "-mconsole")
>         case obj.Hwindowsgui:
> 

-- 
Juan Francisco Cantero Hurtado http://juanfra.info

Re: ASLR for golang on OpenBSD

Reply via email to