sys/targets: enable ASLR on most targets

The -static-pie flag enables us to build static binaries with ASLR support. Local testing demonstrated that enabling ASLR on syz-executor eliminates (almost all?) memory corruptions and significantly reduces the number of "no output from test machine" errors. Enable ASLR by default for Linux and *BSD targets. Replace -static-pie by -static when -static-pie is not supported. Update cover report_test to properly handle ASLR binaries.
author: Aleksandr Nogikh <nogikh@google.com> 2021-09-15 09:27:18 +0000
committer: Aleksandr Nogikh <wp32pw@gmail.com> 2021-09-16 15:21:21 +0200
commit: aae492f20ef39f5f5e91c82092156d458f000d3d (patch)
tree: 346ed6a1b21dd1f4fe46a39cca0f6b33e2284c18 /sys/targets
parent: 20497e8e232a2f190f5fc182a0ab45c814c0968f (diff)
1 files changed, 33 insertions, 11 deletions
diff --git a/sys/targets/targets.go b/sys/targets/targets.go
index ed3348fa4..0ae185554 100644
--- a/sys/targets/targets.go
+++ b/sys/targets/targets.go
@@ -205,7 +205,7 @@ var List = map[string]map[string]*Target{
 		TestArch32ForkShmem: {
 			PtrSize:  4,
 			PageSize: 4 << 10,
-			CFlags:   []string{"-m32", "-static"},
+			CFlags:   []string{"-m32", "-static-pie"},
 			osCommon: osCommon{
 				SyscallNumbers:         true,
 				Int64SyscallArgs:       true,
@@ -355,7 +355,7 @@ var List = map[string]map[string]*Target{
 			LittleEndian: true,
 			CFlags: []string{
 				"-m64",
-				"-static",
+				"-static-pie",
 				"--sysroot", sourceDirVar + "/dest/",
 			},
 			CCompiler: sourceDirVar + "/tools/bin/x86_64--netbsd-g++",
@@ -367,7 +367,7 @@ var List = map[string]map[string]*Target{
 			PageSize:     4 << 10,
 			LittleEndian: true,
 			CCompiler:    "c++",
-			CFlags:       []string{"-m64", "-static", "-lutil"},
+			CFlags:       []string{"-m64", "-static-pie", "-lutil"},
 			NeedSyscallDefine: func(nr uint64) bool {
 				switch nr {
 				case 8: // SYS___tfork
@@ -453,7 +453,7 @@ var oses = map[string]osCommon{
 		ExecutorUsesShmem:      true,
 		ExecutorUsesForkServer: true,
 		KernelObject:           "vmlinux",
-		cflags:                 []string{"-static"},
+		cflags:                 []string{"-static-pie"},
 	},
 	FreeBSD: {
 		SyscallNumbers:         true,
@@ -463,7 +463,7 @@ var oses = map[string]osCommon{
 		ExecutorUsesForkServer: true,
 		KernelObject:           "kernel.full",
 		CPP:                    "g++",
-		cflags:                 []string{"-static", "-lc++"},
+		cflags:                 []string{"-static-pie", "-lc++"},
 	},
 	Darwin: {
 		SyscallNumbers:    true,
@@ -545,9 +545,13 @@ var (
 	}
 	optionalCFlags = map[string]bool{
 		"-static":                 true, // some distributions don't have static libraries
+		"-static-pie":             true, // this flag is also not supported everywhere
 		"-Wunused-const-variable": true, // gcc 5 does not support this flag
 		"-fsanitize=address":      true, // some OSes don't have ASAN
 	}
+	fallbackCFlags = map[string]string{
+		"-static-pie": "-static", // if an ASLR static binary is impossible, build just a static one
+	}
 )
 
 func fuchsiaCFlags(arch, clangArch string) []string {
@@ -786,12 +790,22 @@ func (target *Target) lazyInit() {
 			return
 		}
 	}
+
+	flagsToCheck := append([]string{}, target.CFlags...)
+	for _, value := range fallbackCFlags {
+		flagsToCheck = append(flagsToCheck, value)
+	}
+
 	flags := make(map[string]*bool)
 	var wg sync.WaitGroup
-	for _, flag := range target.CFlags {
+	for _, flag := range flagsToCheck {
 		if !optionalCFlags[flag] {
 			continue
 		}
+		_, exists := flags[flag]
+		if exists {
+			continue
+		}
 		res := new(bool)
 		flags[flag] = res
 		wg.Add(1)
@@ -801,13 +815,21 @@ func (target *Target) lazyInit() {
 		}(flag)
 	}
 	wg.Wait()
-	for i := 0; i < len(target.CFlags); i++ {
-		if res := flags[target.CFlags[i]]; res != nil && !*res {
-			copy(target.CFlags[i:], target.CFlags[i+1:])
-			target.CFlags = target.CFlags[:len(target.CFlags)-1]
-			i--
+	newCFlags := []string{}
+	for _, flag := range target.CFlags {
+		for {
+			if res := flags[flag]; res == nil || *res {
+				// The flag is either verified to be supported or must be supported.
+				newCFlags = append(newCFlags, flag)
+			} else if fallback := fallbackCFlags[flag]; fallback != "" {
+				// The flag is not supported, but probably we can replace it by another one.
+				flag = fallback
+				continue
+			}
+			break
 		}
 	}
+	target.CFlags = newCFlags
 	// Check that the compiler is actually functioning. It may be present, but still broken.
 	// Common for Linux distros, over time we've seen:
 	//	Error: alignment too large: 15 assumed
author	Aleksandr Nogikh <nogikh@google.com>	2021-09-15 09:27:18 +0000
committer	Aleksandr Nogikh <wp32pw@gmail.com>	2021-09-16 15:21:21 +0200
commit	aae492f20ef39f5f5e91c82092156d458f000d3d (patch)
tree	346ed6a1b21dd1f4fe46a39cca0f6b33e2284c18 /sys/targets
parent	20497e8e232a2f190f5fc182a0ab45c814c0968f (diff)