Google Git
Sign in
go / go / c04035be04c3a0ef0e44c1e3674485048df5d327^! / .
commitc04035be04c3a0ef0e44c1e3674485048df5d327[log] [tgz]
authorJason A. Donenfeld <Jason@zx2c4.com>Sat Oct 26 22:54:08 2019 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>Sat Oct 26 22:54:30 2019 +0200
tree05bcbc306dcada9f53fcb27b12a6f39481c925a6
parentcd144094d6cbc441ea93cd5e98ee59eadf403bd8 [diff]
cmd/link: enable ASLR on Windows executables

There's no reason not to enable ASLR in 2019, especially given Go's
minimum operating system level.

Fixes #27144

Change-Id: I539e22e970dae21c053ca155d230fc38d5660dd9

diff --git a/src/cmd/link/internal/ld/lib.go b/src/cmd/link/internal/ld/lib.go
index 04f0276..3793d44 100644
--- a/src/cmd/link/internal/ld/lib.go
+++ b/src/cmd/link/internal/ld/lib.go

@@ -1191,6 +1191,18 @@
 		// Enable DEP
 		argv = append(argv, "-Wl,--nxcompat")
 
+		// Enable ASLR
+		argv = append(argv, "-Wl,--dynamicbase")
+
+		// Enable high-entropy ASLR on 64-bit
+		if ctxt.Arch.PtrSize >= 8 {
+			argv = append(argv, "-Wl,--high-entropy-va")
+		}
+
+		// Work around binutils limitation that strips relocation table for dynamicbase
+		// See https://sourceware.org/bugzilla/show_bug.cgi?id=19011
+		argv = append(argv, "-Wl,--export-all-symbols")
+
 		argv = append(argv, fmt.Sprintf("-Wl,--major-os-version=%d", PeMinimumTargetMajorVersion))
 		argv = append(argv, fmt.Sprintf("-Wl,--minor-os-version=%d", PeMinimumTargetMinorVersion))
 		argv = append(argv, fmt.Sprintf("-Wl,--major-subsystem-version=%d", PeMinimumTargetMajorVersion))

diff --git a/src/cmd/link/internal/ld/pe.go b/src/cmd/link/internal/ld/pe.go
index b5851a9..ffafed1 100644
--- a/src/cmd/link/internal/ld/pe.go
+++ b/src/cmd/link/internal/ld/pe.go

@@ -94,6 +94,7 @@
 	IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR           = 14
 	IMAGE_SUBSYSTEM_WINDOWS_GUI                    = 2
 	IMAGE_SUBSYSTEM_WINDOWS_CUI                    = 3
+	IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA       = 0x0020
 	IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE          = 0x0040
 	IMAGE_DLLCHARACTERISTICS_NX_COMPAT             = 0x0100
 	IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE = 0x8000
@@ -859,12 +860,6 @@
 		oh.Subsystem = IMAGE_SUBSYSTEM_WINDOWS_CUI
 	}
 
-	switch ctxt.Arch.Family {
-	case sys.ARM:
-		oh64.DllCharacteristics = IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
-		oh.DllCharacteristics = IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
-	}
-
 	// Mark as having awareness of terminal services, to avoid ancient compatibility hacks.
 	oh64.DllCharacteristics |= IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
 	oh.DllCharacteristics |= IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
@@ -873,6 +868,10 @@
 	oh64.DllCharacteristics |= IMAGE_DLLCHARACTERISTICS_NX_COMPAT
 	oh.DllCharacteristics |= IMAGE_DLLCHARACTERISTICS_NX_COMPAT
 
+	// Enable ASLR (and high-entropy ASLR for 64-bit)
+	oh64.DllCharacteristics |= IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE | IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
+	oh.DllCharacteristics |= IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
+
 	// Disable stack growth as we don't want Windows to
 	// fiddle with the thread stack limits, which we set
 	// ourselves to circumvent the stack checks in the