from:"Alex Smith"

Re: [FFmpeg-devel] [PATCH] configure: Fix debugging on mingw-w64 with gdb

2016-03-28 Thread Alex Smith

I think the logic is correct but I won't be able to test it with the changes
until tomorrow.  I wanted to get the patch on the ML as soon as possible
since
debugging is currently broken.

As I mentioned in the original patch thread I'll see about taking another
stab
at binutils to see if this can't get fixed upstream.  In the mean time
keeping
the reloc hack enabled for release builds seems reasonable.

Sorry for the delay in addressing this.
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH] configure: Fix debugging on mingw-w64 with gdb

2016-03-28 Thread Alex Smith

The relocation hack broke debugging on mingw-w64 when using gdb.  This
makes the reloc hack dependent on --disable-debug so it's still enabled
for release builds.

This is simply an immediate fix for the issue of broken debugging, we
should probably still look at the possibility of reverting it outright
if it proves to be more trouble than it's worth.  For now keeping it
enabled for release builds is a reasonable trade off.

Signed-off-by: Alex Smith <ther...@warpsharp.info>
---
 configure | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index e550547..e8c4a7b 100755
--- a/configure
+++ b/configure
@@ -4634,9 +4634,9 @@ case $target_os in
 # however ld then forgets what the entry point should be (oops) so we
 # have to manually (re)set it.
 if enabled x86_32; then
-add_ldexeflags -Wl,--pic-executable,-e,_mainCRTStartup
+disabled debug && add_ldexeflags 
-Wl,--pic-executable,-e,_mainCRTStartup
 elif enabled x86_64; then
-add_ldexeflags -Wl,--pic-executable,-e,mainCRTStartup
+disabled debug && add_ldexeflags 
-Wl,--pic-executable,-e,mainCRTStartup
 check_ldflags -Wl,--high-entropy-va # binutils 2.25
 # Set image base >4GB for extra entropy with HEASLR
 add_ldexeflags -Wl,--image-base,0x14000
-- 
1.9.5.msysgit.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/3] configure: Force mingw's ld to keep the reloc section

2016-03-28 Thread Alex Smith

On Sun, Mar 20, 2016 at 6:29 AM, Christophe Gisquet <
christophe.gisq...@gmail.com> wrote:
>
>
> I understand the sentiment, and there's probably little lost in
> keeping it, but... is it not a hack? ie:
> - When do you notice the added security is no longer there/it breaks
> in even worse ways?
> - Who is and would be available and able to prevent it from breaking?
> Because it already has, and almost nobody dealt with it.
>
> The original author already did well in reporting the issue to
> binutils, so I'm certainly not complaining about his efforts.
>
> --
> Christophe
> ___
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>

Sorry didn't see this until now.

I think that making it dependent on enable/disable-debug is reasonable for
an
immediate fix.  I'll see about taking another stab at binutils and seeing if
this can't get fixed upstream.
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH 2/3 v2] configure: Support for HEASLR on mingw targets

2015-09-26 Thread Alex Smith

From: Alex Smith <alex.sm...@warpsharp.info>

The appropriate flag for HEASLR (--high-entropy-va) was added in
binutils 2.25.

Also set the image base >4GB so higher entropy gets applied to image
base randomization when used with HEASLR (8 -> 17 bits of
randomization).  Windows does this for compatibility because of "latent
pointer truncation issues".

Signed-off-by: Alex Smith <alex.sm...@warpsharp.info>
---
 configure | 4 
 1 file changed, 4 insertions(+)

diff --git a/configure b/configure
index f6bc622..0a4b4ed 100755
--- a/configure
+++ b/configure
@@ -4401,6 +4401,10 @@ case $target_os in
 add_ldexeflags -Wl,--pic-executable,-e,_mainCRTStartup
 elif enabled x86_64; then
 add_ldexeflags -Wl,--pic-executable,-e,mainCRTStartup
+check_ldflags -Wl,--high-entropy-va # binutils 2.25
+# Set image base >4GB for extra entropy with HEASLR
+add_ldexeflags -Wl,--image-base,0x14000
+append SHFLAGS -Wl,--image-base,0x18000
 fi
 ;;
 win32|win64)
-- 
1.9.5.msysgit.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH] configure: Combine dynamicbase and nxcompat checks

2015-09-26 Thread Alex Smith

They were added to binutils in the same version so it's safe to combine.

Signed-off-by: Alex Smith <ther...@warpsharp.info>
---
 configure | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/configure b/configure
index 3339126..b572d59 100755
--- a/configure
+++ b/configure
@@ -4367,8 +4367,6 @@ case $target_os in
 LIBTARGET=arm-wince
 fi
 enabled shared && ! enabled small && check_cmd $windres --version && 
enable gnu_windres
-check_ldflags -Wl,--nxcompat
-check_ldflags -Wl,--dynamicbase
 enabled x86_32 && check_ldflags -Wl,--large-address-aware
 shlibdir_default="$bindir_default"
 SLIBPREF=""
@@ -4392,6 +4390,7 @@ case $target_os in
 objformat="win32"
 ranlib=:
 enable dos_paths
+check_ldflags -Wl,--nxcompat,--dynamicbase
 # Lets work around some stupidity in binutils.
 # ld will strip relocations from executables even though we need them
 # for dynamicbase (ASLR).  Using -pie does retain the reloc section
-- 
1.9.5.msysgit.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/3] configure: Force mingw's ld to keep the reloc section

2015-09-22 Thread Alex Smith

On Tue, Sep 22, 2015 at 7:43 PM, Michael Niedermayer 
wrote:
>
>
> this is ugly, but ASLR is important thus applied
> i did not apply the nxcompat dynamicbase merge as its unrelated
>
> Thanks
>
> PS: if this breaks some version of mingw then this should be reverted
>
> [...]
>
>
The only thing I'm not sure of is extremely old mingw versions that no one
should be using anymore.
If it does break that I should be able to provide a fix for that if that's
the case.

Would you accept a separate patch for the dynamicbase/nxcompat merge, they
were added in the same binutils version so it's safe to do so.
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH 2/3] configure: Support for HEASLR on mingw targets

2015-09-20 Thread Alex Smith

From: Alex Smith <alex.sm...@warpsharp.info>

The appropriate flag for HEASLR (--high-entropy-va) is scheduled for
inclusion in the next version of binutils (2.25), doesn't hurt to
include it a little early.

Also set the image base >4GB so higher entropy gets applied to image
base randomization when used with HEASLR (8 -> 17 bits of
randomization).  Windows does this for compatibility because of "latent
pointer truncation issues".

Signed-off-by: Alex Smith <alex.sm...@warpsharp.info>
---
 configure | 4 
 1 file changed, 4 insertions(+)

diff --git a/configure b/configure
index d6ab35a..0c60c03 100755
--- a/configure
+++ b/configure
@@ -4400,6 +4400,10 @@ case $target_os in
 add_ldexeflags -Wl,--pic-executable,-e,_mainCRTStartup
 elif enabled x86_64; then
 add_ldexeflags -Wl,--pic-executable,-e,mainCRTStartup
+check_ldflags -Wl,--high-entropy-va # binutils 2.25
+# Set image base >4GB for extra entropy with HEASLR
+add_ldexeflags -Wl,--image-base,0x14000
+append SHFLAGS -Wl,--image-base,0x18000
 fi
 ;;
 win32|win64)
-- 
1.9.5.msysgit.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH 3/3] configure: Disable automatic image base calculation

2015-09-20 Thread Alex Smith

From: Alex Smith <alex.sm...@warpsharp.info>

There's no reason for it.  ASLR will rebase it regardless so "preventing
collisions" isn't really relevant.  This also brings it in line with
what a msvc produced dll will have (an image base of 0x1000).

Signed-off-by: Alex Smith <alex.sm...@warpsharp.info>
---
 configure | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure b/configure
index 0c60c03..a540ae7 100755
--- a/configure
+++ b/configure
@@ -4386,7 +4386,7 @@ case $target_os in
 SLIB_INSTALL_LINKS=
 SLIB_INSTALL_EXTRA_SHLIB='$(SLIBNAME:$(SLIBSUF)=.lib)'
 SLIB_INSTALL_EXTRA_LIB='lib$(SLIBNAME:$(SLIBSUF)=.dll.a) 
$(SLIBNAME_WITH_MAJOR:$(SLIBSUF)=.def)'
-SHFLAGS='-shared -Wl,--output-def,$$(@:$(SLIBSUF)=.orig.def) 
-Wl,--out-implib,$(SUBDIR)lib$(SLIBNAME:$(SLIBSUF)=.dll.a) 
-Wl,--enable-runtime-pseudo-reloc -Wl,--enable-auto-image-base'
+SHFLAGS='-shared -Wl,--output-def,$$(@:$(SLIBSUF)=.orig.def) 
-Wl,--out-implib,$(SUBDIR)lib$(SLIBNAME:$(SLIBSUF)=.dll.a) 
-Wl,--enable-runtime-pseudo-reloc -Wl,--disable-auto-image-base'
 objformat="win32"
 ranlib=:
 enable dos_paths
-- 
1.9.5.msysgit.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH 1/3] configure: Force mingw's ld to keep the reloc section

2015-09-20 Thread Alex Smith

From: Alex Smith <alex.sm...@warpsharp.info>

Binutils will always strip the relocation information from executable
files even if it needs it (dynamicbase/ASLR).  We can work around this
by using the pic-executable flag combined with setting the correct entry
point since apparently ld forgets what that should be.  This problem
affects both 32 and 64-bit mingw-w64.

We can combine the nxcompat/dynamicbase check because they were added to
binutils at the same time.

Signed-off-by: Alex Smith <alex.sm...@warpsharp.info>

Conflicts:
configure
---
 configure | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index d2a25bb..d6ab35a 100755
--- a/configure
+++ b/configure
@@ -4367,8 +4367,6 @@ case $target_os in
 LIBTARGET=arm-wince
 fi
 enabled shared && ! enabled small && check_cmd $windres --version && 
enable gnu_windres
-check_ldflags -Wl,--nxcompat
-check_ldflags -Wl,--dynamicbase
 enabled x86_32 && check_ldflags -Wl,--large-address-aware
 shlibdir_default="$bindir_default"
 SLIBPREF=""
@@ -4392,6 +4390,17 @@ case $target_os in
 objformat="win32"
 ranlib=:
 enable dos_paths
+check_ldflags -Wl,--nxcompat,--dynamicbase
+# Lets work around some stupidity in binutils.
+# ld will strip relocations from executables even though we need them
+# for dynamicbase (ASLR).  Using -pie does retain the reloc section
+# however ld then forgets what the entry point should be (oops) so we
+# have to manually (re)set it.
+if enabled x86_32; then
+add_ldexeflags -Wl,--pic-executable,-e,_mainCRTStartup
+elif enabled x86_64; then
+add_ldexeflags -Wl,--pic-executable,-e,mainCRTStartup
+fi
 ;;
 win32|win64)
 disable symver
-- 
1.9.5.msysgit.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] configure: Fix debugging on mingw-w64 with gdb

[FFmpeg-devel] [PATCH] configure: Fix debugging on mingw-w64 with gdb

Re: [FFmpeg-devel] [PATCH 1/3] configure: Force mingw's ld to keep the reloc section

[FFmpeg-devel] [PATCH 2/3 v2] configure: Support for HEASLR on mingw targets

[FFmpeg-devel] [PATCH] configure: Combine dynamicbase and nxcompat checks

Re: [FFmpeg-devel] [PATCH 1/3] configure: Force mingw's ld to keep the reloc section

[FFmpeg-devel] [PATCH 2/3] configure: Support for HEASLR on mingw targets

[FFmpeg-devel] [PATCH 3/3] configure: Disable automatic image base calculation

[FFmpeg-devel] [PATCH 1/3] configure: Force mingw's ld to keep the reloc section

9 matches

Site Navigation

Mail list logo

Footer information