Bump to version 0.9.15

Signed-off-by: Loic <loic.f@hardenedbsd.org>

Makefile

@@ -23,5 +23,5 @@ freebsd:
 	make -f Makefile.FreeBSD
 
 clean:
-	make -f Makefile.FreeBSD clean
+	make -f Makefile.psm clean
 

Makefile.FreeBSD

 #!/usr/bin/env make
 
-CC?=		cc
+CC=cc
 ASFLAGS=
 CC_PIE=
 CFLAGS=

Makefile.OpenBSD

@@ -154,10 +154,6 @@ randstack1: randbody.o randstack1.o
 
 randstack2: randbody.o randstack2.o
 
-randarg1: randbody.o randarg1.o
-
-randarg2: randbody.o randarg2.o
-
 rettofunc1: body.o rettofunc1.o
 
 rettofunc1x: body.o rettofunc1x.o

Makefile.psm

@@ -65,7 +65,7 @@ endif
 # The Hardened GCC compiler has stack protector on by default, this
 # could interfere with the results of this test.
 
-CFLAGS	:= $(OPT_FLAGS) -D_FORTIFY_SOURCE=0 -DRUNDIR=\"${RUNDIR}\" $(CC_SSP) $(CC_TRAMPOLINES)
+CFLAGS	:= $(OPT_FLAGS) -U_FORTIFY_SOURCE -DRUNDIR=\"${RUNDIR}\" $(CC_SSP) $(CC_TRAMPOLINES)
 
 ifneq ($(THEARCH),)
 CFLAGS += $(THEARCH)
@@ -77,14 +77,14 @@ EXEC_TESTS = anonmap execbss execdata execheap execstack
 MPROT_TESTS = mprotanon mprotbss mprotdata mprotheap mprotstack
 SHLIB_TESTS = shlibbss shlibdata
 MPROTSH_TESTS = mprotshbss mprotshdata writetext
-RAND_TESTS = randamap randheap1 randheap2 randmain1 randmain2 randshlib randvdso randstack1 randstack2 randarg1 randarg2
+RAND_TESTS = randamap randheap1 randheap2 randmain1 randmain2 randshlib randvdso randstack1 randstack2 randarg1 randarg2 randshlibdelta1 randshlibdelta2
 FAST_RAND_TESTS = randexhaust1 randexhaust2
 RET_TESTS = rettofunc1 rettofunc2
 RETX_TESTS = rettofunc1x rettofunc2x
 
 TESTS = $(EXEC_TESTS) $(SHLIB_TESTS) $(MPROT_TESTS) $(MPROTSH_TESTS) $(RAND_TESTS) $(FAST_RAND_TESTS) $(RET_TESTS) $(RETX_TESTS)
 
-UTILS=	getamap getheap1 getheap2 getmain1 getmain2 getshlib getvdso getstack1 getstack2 getarg1 getarg2 getexhaust1 getexhaust2
+UTILS=	getamap getheap1 getheap2 getmain1 getmain2 getshlib getvdso getstack1 getstack2 getarg1 getarg2 getexhaust1 getexhaust2 getshlibdelta1 getshlibdelta2
 
 SHLIBS=	shlibtest.so shlibtest2.so
 
@@ -168,9 +168,17 @@ getmain1: getmain1.o
 	-$(PAXBIN) -C $@
 	$(PAXBIN) -SPRXM $@
 
+getshlibdelta1: getshlibdelta1.o
+	$(CC) $(LDFLAGS) $(LD_ETEXEC) -o $@ $< $(DL)
+	-$(PAXBIN) -C $@
+	$(PAXBIN) -SPRXM $@
+
 getheap2 getmain2: getheap2.o getmain2.o
 	$(CC) $(LDFLAGS) $(LD_PIE) -o $@ $@.o || (echo -e "#!/bin/sh\necho $@ pie not implemented" > $@; chmod +x $@)
 
+getshlibdelta2: getshlibdelta2.o
+	$(CC) $(LDFLAGS) $(LD_PIE) -o $@ $@.o $(DL) || (echo -e "#!/bin/sh\necho $@ pie not implemented" > $@; chmod +x $@)
+
 getshlib: getshlib.o
 	$(CC) $(LDFLAGS) -o $@ $< $(DL)
 

body.c

@@ -16,6 +16,7 @@
 #include <sys/wait.h>
 #include <pthread.h>
 #include <unistd.h>
+#include <string.h>
 #include "body.h"
 
 
@@ -50,7 +51,7 @@ int main( int argc, char *argv[] )
 			paxtest_mode = 0;
 		} else if( strcmp(mode,"1") == 0 ) {
 #ifdef __clang__
-			printf("INFO: The blackhat mode not supported, due missing nested functions support in clang.\n");
+			printf("INFO: The blackhat mode not supported due to missing nested function support in clang.\n");
 			paxtest_mode = 0;
 #else
 			paxtest_mode = 1;

debian/changelog

+paxtest (0.9.15-1) stable; urgency=low
+  * Change default location of logfile & add info to log file,
+    from Javier Fernandez-Sanguino (jfs@debian.org)
+  * Squelch _FORTIFY_SOURCE redefinition warning and various other
+    compiler warnings, from Kees Cook
+    (keescook@chromium.org)
+  * Validate that ET_DYN is separately randomized from shlibs
+    From Kees Cook (with fixes from Brad Spengler)
+  * Show output during result collection, from Kees Cook
+  * Free/HardenedBSD support, from Oliver Pinter (oliver.pinter@hardenedbsd.org)
+  * Two build fixes from David Sterba (dave@jikos.cz)
+  * Use correct address for PIE, didn't affect PaX results as it uses the same
+    entropy levels for PIE and mmap, from Ismael Ripoll and Hector Marco-Gisbert
+
+paxtest (0.9.14-1) stable; urgency=low
+  * Various fixes/cleanups including ensuring an overflowing strcpy/memcpy isn't
+    optimized away, from Mathias Krause (mathias.krause@secunet.com)
+  * Updated the representative results
+
 paxtest (0.9.13-1) stable; urgency=low
   * Added VDSO randomization test
   * Added basic entropy quality testing, subtracts weak bits from entropy count

genpaxtest

@@ -27,7 +27,7 @@ then
 	if [ "\$1" = "kiddie" ]
 	then
 		PAXTEST_MODE=0
-                shift
+		shift
 	elif [ "\$1" = "blackhat" ]
 	then
 __here__
@@ -40,7 +40,7 @@ __here__
 else
 	cat << __here__ >>paxtest
 		PAXTEST_MODE=1
-                shift
+		shift
 __here__
 fi
 	cat << __here__ >>paxtest
@@ -54,11 +54,11 @@ else
 fi
 
 LOG=\$HOME/paxtest.log
-[ -n "\$1" ]  && LOG=\$1
+[ -n "\$1" ] && LOG=\$1
 touch "\$LOG"
-if [ ! -e "\$LOG" ] ; then
-    echo "Could not create logfile in \$LOG" >&2
-    exit 1
+if [ ! -e "\$LOG" ]; then
+	echo "Could not create logfile in \$LOG" >&2
+	exit 1
 fi
 export PAXTEST_MODE
 
@@ -72,24 +72,39 @@ export LD_LIBRARY_PATH
 
 cat <<__end__ | tee \$LOG
 PaXtest
-Copyright(c) 2003-2014 by Peter Busser <peter@adamantix.org> and Brad Spengler <spender@grsecurity.net>
+Copyright(c) 2003-2016 by Peter Busser <peter@adamantix.org> and Brad Spengler <spender@grsecurity.net>
 Copyright(c) 2015 by Oliver Pinter <op@hardenedbsd.org>
 Released under the GNU Public Licence version 2 or later
 
 __end__
 
-echo "Mode: \$1" >>\$LOG 2>&1
-echo "Uname: `uname -a`" >>\$LOG 2>&1
-echo "Compiler: ${COMPILER_VERSION}" >>\$LOG 2>&1
-echo >>\$LOG 2>&1
+echo "Mode: \$PAXTEST_MODE" >>\$LOG
+if [ "\$PAXTEST_MODE" -eq 0 ]; then
+	echo -n "Kiddie" >>\$LOG
+fi
+if [ "\$PAXTEST_MODE" -eq 1 ]; then
+	echo -n "Blackhat" >>\$LOG
+fi
+echo >>\$LOG
+
+echo "Kernel: " >>\$LOG
+uname -a >>\$LOG
+echo "Compiler: ${COMPILER_VERSION}" >>\$LOG
+echo >>\$LOG
+if [ -e /usr/bin/lsb_release ]; then
+	echo "Relase information: " >>\$LOG
+	lsb_release -a 2>/dev/null >>\$LOG
+fi
+echo "Test results:" >>\$LOG
 
 echo "Writing output to \$LOG"
 echo 'It may take a while for the tests to complete'
+echo "Test results:"
 
 for i in $*
 do
 	${RUNDIR}/\$i || echo
-done >>\$LOG 2>&1
+done 2>&1 | tee -a \$LOG
 __here__
 
 if [ ${OS_TYPE} = "FreeBSD" ]
@@ -97,8 +112,8 @@ then
 	cat << __here__ >>paxtest
 if [ "$USER" != "root" ] && [ \`sysctl -n security.bsd.unprivileged_proc_debug\` = 0 ]
 then
-	echo >>\$LOG 2>&1
-	echo "warning: the randvdso test may be invalid, try to retest with the security.bsd.unprivileged_proc_debug=1 sysctl setting" >>\$LOG 2>&1
+	echo >>\$LOG
+	echo "warning: the randvdso test may be invalid, try to retest with the security.bsd.unprivileged_proc_debug=1 sysctl setting" >>\$LOG
 fi
 __here__
 fi

getmain.c

@@ -7,7 +7,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-void foo(void)
+void __attribute__ ((noinline)) foo(void)
 {
 	printf( "%p\n", __builtin_return_address(0) );
 }

getshlib.c

@@ -14,7 +14,7 @@
 #ifdef __OpenBSD__
 #undef RTLD_DEFAULT
 #define RTLD_DEFAULT "libc.so"
-#elif defined __FreeBSD__ || defined __HardenedBSD__
+#elif defined(__FreeBSD__) || defined __HardenedBSD__
 #undef RTLD_DEFAULT
 #define RTLD_DEFAULT "libc.so.7"
 #endif

getshlibdelta.c

+/* getshlibdelta.c - Get the delta between a function in .text and a function in a
+ *                   shared library and print it
+ *
+ * Copyright (c)2003 by Peter Busser <peter@adamantix.org>
+ * Copyright (c)2014 by Kees Cook <keescook@chromium.org>
+ * This file has been released under the GNU Public Licence version 2 or later
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <dlfcn.h>
+
+/* OpenBSD 3.5 doesn't define RTLD_DEFAULT */
+/* OpenBSD 3.6 does but it doesn't actually handle (segfaults on) RTLD_DEFAULT, sigh... */
+#ifdef __OpenBSD__
+#undef RTLD_DEFAULT
+#define RTLD_DEFAULT "libc.so"
+#endif
+
+void __attribute__ ((noinline)) foo(void)
+{
+	unsigned long ptr = (unsigned long)__builtin_return_address(0);
+	void *handle;
+
+	handle = dlopen( RTLD_DEFAULT, RTLD_LAZY );
+	if (handle != NULL) {
+		unsigned long sprintf;
+
+		dlerror(); /* clear any errors */
+		sprintf = (unsigned long)dlsym( handle, "sprintf" );
+		if (dlerror() == NULL) {
+			printf( "%p\n", (void *)(ptr - sprintf) );
+
+		}
+
+		dlclose( handle );
+	}
+}
+
+int main(int argc, char *argv[])
+{
+	foo();
+	exit(0);
+}

getvdso.c

@@ -46,7 +46,7 @@ int main( int argc, char *argv[] )
 	Elf_Auxinfo	*aux, *auxv;
 	int		name[4];
 	size_t		len;
-	int 		ret = 0;
+	int		ret = 0;
 
 	name[0] = CTL_KERN;
 	name[1] = KERN_PROC;
@@ -68,15 +68,15 @@ int main( int argc, char *argv[] )
 	for (aux = auxv; aux->a_type != AT_NULL; aux++) {
 		if (aux->a_type == AT_TIMEKEEP) {
 			printf("%p\n", aux->a_un.a_ptr);
-			return (0);
+			return 0;
 		}
 	}
 
 out:
 	if (auxv != NULL)
 		free(auxv);
-	printf("%p\n", (void *)0UL);
-	return (ret);
+	printf("%p\n", NULL);
+	return ret;
 #else
 #error	unsupported OS
 #endif

paxtest.h

@@ -2,8 +2,16 @@
 #define _PAXTEST_H_
 
 #include <string.h>
+#include <unistd.h>
 
+/*
+ * ARMv6 and ARMv7 do not like 64k alignment, 32k is ok
+ */
+#if defined(__arm__) && __ARM_ARCH >= 6 && __ARM_ARCH <= 7
+#define PAGE_SIZE_MAX  (32768)
+#else
 #define PAGE_SIZE_MAX	0x10000	/* 64k should cover most arches */
+#endif
 #ifndef __aligned
 #define __aligned(x)	__attribute__((aligned(x)))
 #endif

randbody.c

@@ -27,6 +27,7 @@ int main( int argc, char *argv[] )
 	int ret;
 
 	printf( "%s: ", testname );
+	fflush(NULL);
 
 	and = ~0L;
 	or = 0L;

randshlibdelta1.c

+/* randshlibdelta1.c - Tests the randomisation of delta between ET_EXEC main
+ *     executable and shared libraries (should match randshlib)
+ *
+ * Copyright (c)2014 by Kees Cook <keescook@chromium.org>
+ * This file has been released under the GNU Public Licence version 2 or later
+ */
+
+#ifndef RUNDIR
+#error RUNDIR not defined
+#endif
+
+const char testname[] = "Offset to library randomisation (ET_EXEC)";
+const char testprog[] = RUNDIR"/getshlibdelta1";

randshlibdelta2.c

+/* randshlibdelta2.c - Tests the randomisation of delta between ET_DYN main
+ *     executable and shared libraries
+ *
+ * Copyright (c)2014 by Kees Cook <keescook@chromium.org>
+ * This file has been released under the GNU Public Licence version 2 or later
+ */
+
+#ifndef RUNDIR
+#error RUNDIR not defined
+#endif
+
+const char testname[] = "Offset to library randomisation (ET_DYN) ";
+const char testprog[] = RUNDIR"/getshlibdelta2";