struct cleanup *
maybe_disable_address_space_randomization (int disable_randomization)
{
int personality_orig = 0;
int personality_set = 0;
#ifdef HAVE_PERSONALITY
if (disable_randomization)
{
errno = 0;
personality_orig = personality (0xffffffff);
if (errno == 0 && !(personality_orig & ADDR_NO_RANDOMIZE))
{
personality_set = 1;
personality (personality_orig | ADDR_NO_RANDOMIZE);
}
if (errno != 0 || (personality_set
&& !(personality (0xffffffff) & ADDR_NO_RANDOMIZE)))
warning (_("Error disabling address space randomization: %s"),
safe_strerror (errno));
}
#endif /* HAVE_PERSONALITY */
return make_disable_asr_cleanup (personality_set,
personality_orig);
}
/**
* This function configures the process for recording/replay. In particular:
* (1) address space randomization is disabled
* (2) rdtsc is disabled
*/
static void set_up_process()
{
/* disable address space randomization */
int orig_pers;
if (0 > (orig_pers = personality(0xffffffff))) {
fatal("error getting personaity");
}
if (0 > personality(orig_pers | ADDR_NO_RANDOMIZE)) {
fatal("error disabling randomization");
}
if (0 > prctl(PR_SET_TSC, PR_TSC_SIGSEGV, 0, 0, 0)) {
fatal("error setting up prctl -- bailing out");
}
/* If rr goes down, there's nothing more useful we can do.
* Time for seppuku.
*
* XXX the tracee can reset or change this ...*/
if (0 > prctl(PR_SET_PDEATHSIG, SIGKILL)) {
fatal("Couldn't set parent-death signal");
}
/* XXX is it faster to mask off a CPU affinity when this
* process is the only intensive one in the system? */
}
static void __initialize_personality() {
#if !defined(__LP64__)
int old_value = personality(0xffffffff);
if (old_value == -1) {
__libc_fatal("error getting old personality value: %s", strerror(errno));
}
if (personality((static_cast<unsigned int>(old_value) & ~PER_MASK) | PER_LINUX32) == -1) {
__libc_fatal("error setting PER_LINUX32 personality: %s", strerror(errno));
}
#endif
}
static int set_personality(unsigned long mask)
{
unsigned long per;
per = personality(0xffffffff) | mask;
logger(3, 0, "Set personality %#10.8lx", per);
if (personality(per) == -1) {
logger(-1, errno, "Unable to set personality PER_LINUX32");
return -1;
}
return 0;
}
static int set_personality(unsigned long mask)
{
unsigned long per;
per = personality(0xffffffff) | mask;
printf("Set personality %#10.8lx", per);
if (personality(per) == -1) {
perror("Unable to set personality PER_LINUX32");
return -1;
}
return 0;
}
SYSCALL_DEFINE1(sparc64_personality, unsigned long, personality)
{
int ret;
if (personality(current->personality) == PER_LINUX32 &&
personality(personality) == PER_LINUX)
personality |= PER_LINUX32;
ret = sys_personality(personality);
if (personality(ret) == PER_LINUX32)
ret &= ~PER_LINUX32;
return ret;
}
int main(int ac, char **av)
{
int lc; /* loop counter */
char *msg; /* message returned from parse_opts */
int start_pers;
/* parse standard options */
if ((msg = parse_opts(ac, av, (option_t *)NULL, NULL)) != (char *)NULL){
tst_brkm(TBROK, cleanup, "OPTION PARSING ERROR - %s", msg);
}
setup(); /* global setup */
start_pers = personality(PER_LINUX);
if (start_pers == -1) {
printf("personality01: Test Failed\n");
exit(-1);
}
/* The following checks the looping state if -i option given */
for (lc = 0; TEST_LOOPING(lc); lc++) {
/* reset Tst_count in case we are looping */
Tst_count = 0;
TEST(personality(PER_BAD));
if (TEST_RETURN != 0) {
tst_brkm(TFAIL, cleanup, "call failed - errno = %d "
"- %s", TEST_ERRNO, strerror(TEST_ERRNO));
} else {
tst_resm(TPASS, "call to personality() with a "
"bad personality passed");
}
TEST_ERROR_LOG(TEST_ERRNO);
/*
* set our personality back to PER_LINUX
*/
if (personality(start_pers) == -1) {
tst_brkm(TBROK, cleanup, "personality reset failed");
}
}
cleanup();
/*NOTREACHED*/
return(0);
}
// ---------------------------------------------------------------------------
void disable_aslr() {
if(personality(ADDR_NO_RANDOMIZE) == -1) {
log("{red}Could not turn off ASLR: %s{/red}", strerror(errno));
} else {
log("ASLR turned off successfully");
}
}
// TODO: move into r_util? r_run_... ? with the rest of funcs?
static void setASLR(int enabled) {
#if __linux__
#define RVAS "/proc/sys/kernel/randomize_va_space"
if (enabled) {
system ("echo 2 > "RVAS);
} else {
#if __ANDROID__
system ("echo 0 > "RVAS);
#else
#ifdef ADDR_NO_RANDOMIZE
if (personality (ADDR_NO_RANDOMIZE) == -1)
#endif
system ("echo 0 > "RVAS);
#endif
}
#elif __APPLE__
// TOO OLD setenv ("DYLD_NO_PIE", "1", 1);
// disable this because its
//eprintf ("Patch mach0.hdr.flags with:\n"
// "f MH_PIE=0x00200000; wB-MH_PIE @ 24\n");
// for osxver>=10.7
// "unset the MH_PIE bit in an already linked executable" with --no-pie flag of the script
// the right way is to disable the aslr bit in the spawn call
#else
// not supported for this platform
#endif
}
static struct exec_domain *
lookup_exec_domain(u_long personality)
{
struct exec_domain * ep;
u_long pers = personality(personality);
read_lock(&exec_domains_lock);
for (ep = exec_domains; ep; ep = ep->next) {
if (pers >= ep->pers_low && pers <= ep->pers_high)
if (try_module_get(ep->module))
goto out;
}
#ifdef CONFIG_KMOD
read_unlock(&exec_domains_lock);
request_module("personality-%ld", pers);
read_lock(&exec_domains_lock);
for (ep = exec_domains; ep; ep = ep->next) {
if (pers >= ep->pers_low && pers <= ep->pers_high)
if (try_module_get(ep->module))
goto out;
}
#endif
ep = &default_exec_domain;
out:
read_unlock(&exec_domains_lock);
return (ep);
}
int setarch_main(int argc ATTRIBUTE_UNUSED, char **argv)
{
int pers = -1;
/* Figure out what personality we are supposed to switch to ...
* we can be invoked as either:
* argv[0],argv[1] -> "setarch","personality"
* argv[0] -> "personality"
*/
retry:
if (argv[0][5] == '6') /* linux64 */
pers = PER_LINUX;
else if (argv[0][5] == '3') /* linux32 */
pers = PER_LINUX32;
else if (pers == -1 && argv[1] != NULL) {
pers = PER_LINUX32;
++argv;
goto retry;
}
/* make user actually gave us something to do */
++argv;
if (argv[0] == NULL)
bb_show_usage();
/* Try to set personality */
if (personality(pers) >= 0) {
/* Try to execute the program */
BB_EXECVP(argv[0], argv);
}
bb_simple_perror_msg_and_die(argv[0]);
}
SYSCALL_DEFINE1(arm64_personality, unsigned int, personality)
{
if (personality(personality) == PER_LINUX32 &&
!system_supports_32bit_el0())
return -EINVAL;
return ksys_personality(personality);
}
int main(void)
{
int ret;
struct stat fstat;
ret = personality(PER_SVR4);
if (ret == -1) {
fprintf(stderr, "Unable to set personality!\n");
return 3;
}
fprintf(stdout, " [+] Personality set to: PER_SVR4\n");
if (stat(PULSEAUDIO_PATH, &fstat)) {
fprintf(stderr, "Pulseaudio does not exist!\n");
return 3;
}
if (!(fstat.st_mode & S_ISUID) || fstat.st_uid != 0) {
fprintf(stderr, "Pulseaudio is not suid root!\n");
return 3;
}
execl(PULSEAUDIO_PATH, PULSEAUDIO_PATH, "--log-level=0", "-L", PATH_TO_EXPLOIT, NULL);
return 3;
}
int do_test_misc(const char *test_parm)
{
(void) test_parm;
char buf[BSIZE];
int rc;
test_check_eq(getpagesize(),4096);
test_check_eq(personality(0xffffffff), 0);
{
struct utsname phantom_uname;
test_check_eq(uname(&phantom_uname), 0);
printf("uland: uname sys '%s'\n\tnode %s\n\trel %s\n\tver %s\n\tmachine %s\n\tdomain %s\n",
phantom_uname.sysname,
phantom_uname.nodename,
phantom_uname.release,
phantom_uname.version,
phantom_uname.machine,
phantom_uname.domainname
);
}
rc = gethostname(buf, BSIZE);
test_check_ge(rc,0);
printf("uland: hostname %s\n", buf );
return 0;
}
int main(int ac, char **av)
{
int leaked;
leaked = dump_uts();
if (leaked) {
printf("Leaked %d bytes even without UNAME26!?\n", leaked);
return 1;
}
if (personality(PER_LINUX | UNAME26) < 0) {
perror("personality");
exit(1);
}
leaked = dump_uts();
if (leaked) {
printf("Leaked %d bytes!\n", leaked);
return 1;
} else {
printf("Seems safe.\n");
return 0;
}
}
// TODO: move into r_util? r_run_... ? with the rest of funcs?
static void setASLR(RRunProfile *r, int enabled) {
#if __linux__
if (enabled) {
setRVA ("2\n");
} else {
#if __ANDROID__
setRVA ("0\n");
#else
#if HAVE_DECL_ADDR_NO_RANDOMIZE
if (personality (ADDR_NO_RANDOMIZE) == -1) {
#endif
setRVA ("0\n");
}
#endif
}
#elif __APPLE__
// TOO OLD setenv ("DYLD_NO_PIE", "1", 1);
// disable this because its
const char *argv0 = r->_system ? r->_system
: r->_program ? r->_program
: r->_args[0] ? r->_args[0]
: "/path/to/exec";
eprintf ("To disable aslr patch mach0.hdr.flags with:\n"
"r2 -qwnc 'wx 000000 @ 0x18' %s\n", argv0);
// f MH_PIE=0x00200000; wB-MH_PIE @ 24\n");
// for osxver>=10.7
// "unset the MH_PIE bit in an already linked executable" with --no-pie flag of the script
// the right way is to disable the aslr bit in the spawn call
#else
// not supported for this platform
#endif
}
CfgMgrBldr::CfgMgrBldr() : doc(nullptr), volatile_doc(nullptr), r(false)
{
TiXmlBase::SetCondenseWhiteSpace(false);
wxString personality(Manager::Get()->GetPersonalityManager()->GetPersonality());
if (personality.StartsWith(_T("http://")))
{
SwitchToR(personality);
return;
}
cfg = FindConfigFile(personality + _T(".conf"));
if (cfg.IsEmpty())
{
#ifdef __WINDOWS__
cfg = GetPortableConfigDir() + wxFILE_SEP_PATH + personality + _T(".conf");
#else
cfg = wxStandardPathsBase::Get().GetUserDataDir() + wxFILE_SEP_PATH + personality + _T(".conf");
#endif
doc = new TiXmlDocument();
doc->InsertEndChild(TiXmlDeclaration("1.0", "UTF-8", "yes"));
doc->InsertEndChild(TiXmlElement("CodeBlocksConfig"));
doc->FirstChildElement("CodeBlocksConfig")->SetAttribute("version", CfgMgrConsts::version);
return;
}
SwitchTo(cfg);
}
static struct exec_domain *
lookup_exec_domain(unsigned int personality)
{
unsigned int pers = personality(personality);
struct exec_domain *ep;
read_lock(&exec_domains_lock);
for (ep = exec_domains; ep; ep = ep->next) {
if (pers >= ep->pers_low && pers <= ep->pers_high)
if (try_module_get(ep->module))
goto out;
}
#ifdef CONFIG_MODULES
read_unlock(&exec_domains_lock);
request_module("personality-%d", pers);
read_lock(&exec_domains_lock);
for (ep = exec_domains; ep; ep = ep->next) {
if (pers >= ep->pers_low && pers <= ep->pers_high)
if (try_module_get(ep->module))
goto out;
}
#endif
ep = &default_exec_domain;
out:
read_unlock(&exec_domains_lock);
return ep;
}
CfgMgrBldr::CfgMgrBldr() : doc(nullptr), volatile_doc(nullptr), r(false)
{
ConfigManager::MigrateFolders();
TiXmlBase::SetCondenseWhiteSpace(false);
wxString personality(Manager::Get()->GetPersonalityManager()->GetPersonality());
if (personality.StartsWith(_T("http://")))
{
SwitchToR(personality);
return;
}
cfg = FindConfigFile(personality + _T(".conf"));
if (cfg.IsEmpty())
{
cfg = ConfigManager::GetConfigFolder() + wxFILE_SEP_PATH + personality + _T(".conf");
doc = new TiXmlDocument();
doc->InsertEndChild(TiXmlDeclaration("1.0", "UTF-8", "yes"));
doc->InsertEndChild(TiXmlElement("CodeBlocksConfig"));
doc->FirstChildElement("CodeBlocksConfig")->SetAttribute("version", CfgMgrConsts::version);
return;
}
SwitchTo(cfg);
}
static int c_show(struct seq_file *m, void *v)
{
int i, j;
bool compat = personality(current->personality) == PER_LINUX32;
for_each_online_cpu(i) {
struct cpuinfo_arm64 *cpuinfo = &per_cpu(cpu_data, i);
u32 midr = cpuinfo->reg_midr;
/*
* glibc reads /proc/cpuinfo to determine the number of
* online processors, looking for lines beginning with
* "processor". Give glibc what it expects.
*/
seq_printf(m, "processor\t: %d\n", i);
if (compat)
seq_printf(m, "model name\t: ARMv8 Processor rev %d (%s)\n",
MIDR_REVISION(midr), COMPAT_ELF_PLATFORM);
seq_printf(m, "BogoMIPS\t: %lu.%02lu\n",
loops_per_jiffy / (500000UL/HZ),
loops_per_jiffy / (5000UL/HZ) % 100);
/*
* Dump out the common processor features in a single line.
* Userspace should read the hwcaps with getauxval(AT_HWCAP)
* rather than attempting to parse this, but there's a body of
* software which does already (at least for 32-bit).
*/
seq_puts(m, "Features\t:");
if (compat) {
#ifdef CONFIG_COMPAT
for (j = 0; compat_hwcap_str[j]; j++)
if (compat_elf_hwcap & (1 << j))
seq_printf(m, " %s", compat_hwcap_str[j]);
for (j = 0; compat_hwcap2_str[j]; j++)
if (compat_elf_hwcap2 & (1 << j))
seq_printf(m, " %s", compat_hwcap2_str[j]);
#endif /* CONFIG_COMPAT */
} else {
for (j = 0; hwcap_str[j]; j++)
if (elf_hwcap & (1 << j))
seq_printf(m, " %s", hwcap_str[j]);
}
seq_puts(m, "\n");
seq_printf(m, "CPU implementer\t: 0x%02x\n",
MIDR_IMPLEMENTOR(midr));
seq_printf(m, "CPU architecture: 8\n");
seq_printf(m, "CPU variant\t: 0x%x\n", MIDR_VARIANT(midr));
seq_printf(m, "CPU part\t: 0x%03x\n", MIDR_PARTNUM(midr));
seq_printf(m, "CPU revision\t: %d\n\n", MIDR_REVISION(midr));
}
return 0;
}
/* * 20.12.91 - time began. Got VM working yesterday by doing this by hand. * * Usage: mkswap [-c] [-vN] [-f] device [size-in-blocks] * * -c for readability checking. (Use it unless you are SURE!) * -vN for swap areas version N. (Only N=0,1 known today.) * -f for forcing swap creation even if it would smash partition table. * * The device may be a block device or an image of one, but this isn't * enforced (but it's not much fun on a character device :-). * * Patches from [email protected] (Mike Jagdis) to make the * size-in-blocks parameter optional added Wed Feb 8 10:33:43 1995. * * Version 1 swap area code (for kernel 2.1.117), aeb, 981010. * * Sparc fixes, [email protected] (Jakub Jelinek), 981201 - mangled by aeb. * V1_MAX_PAGES fixes, jj, 990325. * sparc64 fixes, jj, 000219. * * 1999-02-22 Arkadiusz Miśkiewicz <*****@*****.**> * - added Native Language Support * */ #include <stdio.h> #include <unistd.h> #include <string.h> #include <fcntl.h> #include <stdlib.h> #include <limits.h> #include <mntent.h> #include <sys/utsname.h> #include <sys/stat.h> #include <errno.h> #include <getopt.h> #ifdef HAVE_LIBSELINUX #include <selinux/selinux.h> #include <selinux/context.h> #endif #include "linux_version.h" #include "swapheader.h" #include "strutils.h" #include "nls.h" #include "blkdev.h" #include "pathnames.h" #include "wholedisk.h" #include "all-io.h" #include "xalloc.h" #include "c.h" #include "closestream.h" #include "ismounted.h" #ifdef HAVE_LIBUUID # include <uuid.h> #endif #ifdef HAVE_LIBBLKID # include <blkid.h> #endif static char *device_name = NULL; static int DEV = -1; static unsigned long long PAGES = 0; static unsigned long badpages = 0; static int check = 0; #define SELINUX_SWAPFILE_TYPE "swapfile_t" #ifdef __sparc__ # ifdef __arch64__ # define is_sparc64() 1 # define is_be64() 1 # else /* sparc32 */ static int is_sparc64(void) { struct utsname un; static int sparc64 = -1; if (sparc64 != -1) return sparc64; sparc64 = 0; if (uname(&un) < 0) return 0; if (! strcmp(un.machine, "sparc64")) { sparc64 = 1; return 1; } if (strcmp(un.machine, "sparc")) return 0; /* Should not happen */ #ifdef HAVE_PERSONALITY { extern int personality(unsigned long); int oldpers; #define PERS_LINUX 0x00000000 #define PERS_LINUX_32BIT 0x00800000 #define PERS_LINUX32 0x00000008 oldpers = personality(PERS_LINUX_32BIT); if (oldpers != -1) { if (personality(PERS_LINUX) != -1) { uname(&un); if (! strcmp(un.machine, "sparc64")) { sparc64 = 1; oldpers = PERS_LINUX32; } } personality(oldpers); } } #endif return sparc64; }
int main(int ac, char **av)
{
int lc;
int start_pers;
tst_parse_opts(ac, av, NULL, NULL);
setup(); /* global setup */
start_pers = personality(PER_LINUX);
if (start_pers == -1) {
printf("personality01: Test Failed\n");
exit(1);
}
/* The following checks the looping state if -i option given */
for (lc = 0; TEST_LOOPING(lc); lc++) {
/* reset tst_count in case we are looping */
tst_count = 0;
TEST(personality(PER_BAD));
if (TEST_RETURN != 0) {
tst_brkm(TFAIL, cleanup, "call failed - errno = %d "
"- %s", TEST_ERRNO, strerror(TEST_ERRNO));
} else {
tst_resm(TPASS, "call to personality() with a "
"bad personality passed");
}
/*
* set our personality back to PER_LINUX
*/
if (personality(start_pers) == -1) {
tst_brkm(TBROK, cleanup, "personality reset failed");
}
}
cleanup();
tst_exit();
}
SYSCALL_DEFINE1(uname, struct new_utsname __user *, name)
{
int err;
down_read(&uts_sem);
err = copy_to_user(name, utsname(), sizeof(*name));
up_read(&uts_sem);
if (personality(current->personality) == PER_LINUX32)
err |= copy_to_user(&name->machine, "i686", 5);
return err ? -EFAULT : 0;
}
asmlinkage long sys_uname(struct new_utsname __user * name)
{
int err;
down_read(&uts_sem);
err = copy_to_user(name, &system_utsname, sizeof (*name));
up_read(&uts_sem);
if (personality(current->personality) == PER_LINUX32)
err |= copy_to_user(&name->machine, "i686", 5);
return err ? -EFAULT : 0;
}
static void
restore_personality (void *arg)
{
int personality_orig = (int) (uintptr_t) arg;
errno = 0;
personality (personality_orig);
if (errno != 0)
warning (_("Error restoring address space randomization: %s"),
safe_strerror (errno));
}
int safe_personality(const char *filename, unsigned int lineno,
unsigned long persona)
{
int prev_persona = personality(persona);
if (prev_persona < 0) {
tst_brk_(filename, lineno, TBROK | TERRNO,
"persona(%ld) failed", persona);
}
return prev_persona;
}
TEST(sys_personality, current_persona) {
int persona = personality(0xffffffff) & PER_MASK;
#if defined(__BIONIC__)
#if defined(__LP64__)
ASSERT_EQ(PER_LINUX, persona);
#else
ASSERT_EQ(PER_LINUX32, persona);
#endif
#else
// GLIBC does not set persona prior process startup - it is always PER_LINUX;
ASSERT_EQ(PER_LINUX, persona);
#endif
}
// Referencing include/uapi/linux/personality.h
// PER_LINUX = 0x0000,
// PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT,
// PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS,
// PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
// PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE,
// PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS |
// WHOLE_SECONDS | SHORT_INODE,
// PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS,
// PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE,
// PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS,
// PER_BSD = 0x0006,
// PER_SUNOS = 0x0006 | STICKY_TIMEOUTS,
// PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE,
// PER_LINUX32 = 0x0008,
// PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB,
// PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */
// PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */
// PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */
// PER_RISCOS = 0x000c,
// PER_SOLARIS = 0x000d | STICKY_TIMEOUTS,
// PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
// PER_OSF4 = 0x000f, /* OSF/1 v4 */
// PER_HPUX = 0x0010,
// PER_MASK = 0x00ff,
void try_personality()
{
int ret;
if ( -1 < ( ret = personality( 0x1234 ) ) )
{
printf( "Personality: 0x%x\n", ret );
// getchar();
} ELSE_PRINT_ERROR
if ( -1 < ( ret = personality( PER_LINUX32_3GB ) ) )
{
printf( "Personality: 0x%x\n", ret );
// getchar();
} ELSE_PRINT_ERROR
if ( -1 < ( ret = personality( PER_LINUX ) ) )
{
printf( "Personality: 0x%x\n", ret );
// getchar();
} ELSE_PRINT_ERROR
}
int main(int ac, char **av)
{
if (!av[1]) {
fprintf(stderr, "Usage: uname26 program ...\n"
"Run program with the uname 2.6 personality\n");
exit(1);
}
if (personality(PER_LINUX | UNAME26) < 0)
perror("personality"), exit(1);
execvp(av[1], av + 1);
fprintf(stderr, "Cannot execute %s: %s\n", av[1], strerror(errno));
exit(1);
}
TEST(sys_personality, current_persona) {
int persona = personality(0xffffffff) & PER_MASK;
#if defined(__BIONIC__)
// When personality syscall is executed on mips64, for a 32bit process
// sys_32_personality() is called, which converts PER_LINUX32 -> PER_LINUX
#if defined(__LP64__) || (__mips==32 && __mips_isa_rev>2)
ASSERT_EQ(PER_LINUX, persona);
#else
ASSERT_EQ(PER_LINUX32, persona);
#endif
#else
// GLIBC does not set persona prior process startup - it is always PER_LINUX;
ASSERT_EQ(PER_LINUX, persona);
#endif
}
