1#! /usr/bin/ksh 2# 3# 4# This file and its contents are supplied under the terms of the 5# Common Development and Distribution License ("CDDL"), version 1.0. 6# You may only use this file in accordance with the terms of version 7# 1.0 of the CDDL. 8# 9# A full copy of the text of the CDDL should have accompanied this 10# source. A copy of the CDDL is also available via the Internet at 11# http://www.illumos.org/license/CDDL. 12# 13 14# Copyright 2015, Richard Lowe. 15# Copyright 2019 Joyent, Inc. 16 17tmpdir=/tmp/test.$$ 18mkdir $tmpdir 19cd $tmpdir 20 21cleanup() { 22 cd / 23 rm -fr $tmpdir 24} 25 26trap 'cleanup' EXIT 27 28cat > tester.c <<EOF 29#include <stdio.h> 30#include <unistd.h> 31 32int 33main(int argc, char **argv) 34{ 35 sleep(10000); 36 return (0); 37} 38EOF 39 40gcc -o tester-aslr tester.c -Wl,-z,aslr=enabled 41gcc -o tester-noaslr tester.c -Wl,-z,aslr=disabled 42 43# This is the easiest way I've found to get many many DTs, but it's gross 44gcc -o many-dts-aslr tester.c -Wl,-z,aslr=enabled $(for elt in /usr/lib/lib*.so; do echo -Wl,-N,$(basename $elt); done) 45gcc -o many-dts-noaslr tester.c -Wl,-z,aslr=disabled $(for elt in /usr/lib/lib*.so; do echo -Wl,-N,$(basename $elt); done) 46 47check() { 48 bin=$1 49 state=$2 50 set=$3 51 ret=0 52 53 $bin & 54 pid=$! 55 sleep 1 56 psecflags $pid | grep -q "${set}:.*aslr" 57 (( $? != $state )) && ret=1 58 kill -9 $pid 59 return $ret 60} 61 62fail() { 63 echo $@ 64 exit 1 65} 66 67psecflags -s none $$ 68check ./tester-aslr 0 E || fail "DT_SUNW_ASLR 1 failed" 69check ./many-dts-aslr 0 E || fail "DT_SUNW_ASLR 1 with many DTs failed" 70check ./tester-aslr 1 I || fail "DT_SUNW_ASLR 1 incorrectly set the inheritable flag" 71 72psecflags -s aslr $$ 73check ./tester-noaslr 1 E || fail "DT_SUNW_ASLR 0 failed" 74check ./many-dts-noaslr 1 E || fail "DT_SUNW_ASLR 0 with many DTs failed" 75 76