Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

cmd/link: enable ASLR on windows binaries built with -buildmode=c-shared

Browse source 
Windows binaries built with -buildmode=c-shared set will have
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE flag set, and
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA flag set for windows/amd64.

ASLR can be disabled on windows by using the new linker -aslr flag.

RELNOTE=yes

Fixes #41421

Change-Id: I62bd88c6d7e0f87173b093a0ad8e1a4d269ec790
Reviewed-on: https://go-review.googlesource.com/c/go/+/255259
Reviewed-by: Alex Brainman <alex.brainman@gmail.com>
Reviewed-by: Cherry Zhang <cherryyz@google.com>
Trust: Alex Brainman <alex.brainman@gmail.com>
Trust: Cherry Zhang <cherryyz@google.com>
Run-TryBot: Alex Brainman <alex.brainman@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
This commit is contained in:
Quim 2020-09-17 01:59:14 +02:00 committed by Cherry Zhang
parent 7347907164
commit 56dac60074
3 changed files with 93 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

24
src/cmd/link/internal/ld/lib.go
View file

@ -1290,6 +1290,17 @@ func (ctxt *Link) hostlink() {
argv = append(argv, "-Wl,-bbigtoc")
}
// Enable ASLR on Windows.
addASLRargs := func(argv []string) []string {
// Enable ASLR.
argv = append(argv, "-Wl,--dynamicbase")
// enable high-entropy ASLR on 64-bit.
if ctxt.Arch.PtrSize >= 8 {
argv = append(argv, "-Wl,--high-entropy-va")
}
return argv
}
switch ctxt.BuildMode {
case BuildModeExe:
if ctxt.HeadType == objabi.Hdarwin {
@ -1302,12 +1313,7 @@ func (ctxt *Link) hostlink() {
switch ctxt.HeadType {
case objabi.Hdarwin, objabi.Haix:
case objabi.Hwindows:
// Enable ASLR.
argv = append(argv, "-Wl,--dynamicbase")
// enable high-entropy ASLR on 64-bit.
if ctxt.Arch.PtrSize >= 8 {
argv = append(argv, "-Wl,--high-entropy-va")
}
argv = addASLRargs(argv)
// Work around binutils limitation that strips relocation table for dynamicbase.
// See https://sourceware.org/bugzilla/show_bug.cgi?id=19011
argv = append(argv, "-Wl,--export-all-symbols")
@ -1331,7 +1337,11 @@ func (ctxt *Link) hostlink() {
argv = append(argv, "-Wl,-z,relro")
}
argv = append(argv, "-shared")
if ctxt.HeadType != objabi.Hwindows {
if ctxt.HeadType == objabi.Hwindows {
if *flagAslr {
argv = addASLRargs(argv)
}
} else {
// Pass -z nodelete to mark the shared library as
// non-closeable: a dlclose will do nothing.
argv = append(argv, "-Wl,-z,nodelete")