From 6415dcfdcc303c3fc92b15515af2f48275140b38 Mon Sep 17 00:00:00 2001
From: Masamichi Takagi <masamichi.takagi@riken.jp>
Date: Wed, 12 Jul 2017 14:11:36 +0900
Subject: [PATCH] mcexec: Disable address space layout randomization

Move the code from mcreboot.sh to mcexec.c.
---
 arch/x86/tools/mcreboot-smp-x86.sh.in       | 15 +------
 arch/x86/tools/mcstop+release-smp-x86.sh.in |  5 ---
 executer/user/mcexec.c                      | 45 ++++++++++++++++++++-
 3 files changed, 46 insertions(+), 19 deletions(-)

diff --git a/arch/x86/tools/mcreboot-smp-x86.sh.in b/arch/x86/tools/mcreboot-smp-x86.sh.in
index 0ddc9f22..31538fda 100644
--- a/arch/x86/tools/mcreboot-smp-x86.sh.in
+++ b/arch/x86/tools/mcreboot-smp-x86.sh.in
@@ -180,11 +180,6 @@ error_exit() {
 			fi
 		fi
 		;&
-	aslr_disabled)
-		if [ -f /tmp/mckernel_randomize_va_space ]; then
-			cat /tmp/mckernel_randomize_va_space > /proc/sys/kernel/randomize_va_space
-		fi
-		;&
 	initial)
 		# Nothing more to revert
 		;;
@@ -236,12 +231,6 @@ if [ "$cpus" == "" ]; then
 	fi
 fi
 
-# Disable address space layout randomization
-if [ -f /proc/sys/kernel/randomize_va_space ] && [ "`cat /proc/sys/kernel/randomize_va_space`" != "0" ]; then
-	cat /proc/sys/kernel/randomize_va_space > /tmp/mckernel_randomize_va_space
-	echo "0" > /proc/sys/kernel/randomize_va_space
-fi
-
 # Remove mcoverlay if loaded
 if [ "$enable_mcoverlay" == "yes" ]; then
 	if grep mcoverlay /proc/modules &>/dev/null; then
@@ -252,7 +241,7 @@ if [ "$enable_mcoverlay" == "yes" ]; then
 		if [ -e /tmp/mcos ]; then rm -rf /tmp/mcos; fi
 		if ! rmmod mcoverlay 2>/dev/null; then
 			echo "error: removing mcoverlay" >&2
-			error_exit "aslr_disabled"
+			exit 1
 		fi
 	fi
 fi
@@ -262,7 +251,7 @@ if [ "${irqbalance_used}" == "yes" ]; then
     systemctl stop irqbalance_mck.service 2>/dev/null
     if ! systemctl stop irqbalance.service 2>/dev/null ; then
 		echo "error: stopping irqbalance" >&2
-		error_exit "aslr_disabled"
+		exit 1
 	fi;
 
     if ! etcdir=@ETCDIR@ perl -e 'use File::Copy qw(copy); $etcdir=$ENV{'etcdir'}; @files = grep { -f } glob "/proc/irq/*/smp_affinity"; foreach $file (@files) { $rel = substr($file, 1); $dir=substr($rel, 0, length($rel)-length("/smp_affinity")); if(0) { print "cp $file $etcdir/$rel\n";} if(system("mkdir -p $etcdir/$dir")){ exit 1;} if(!copy($file,"$etcdir/$rel")){ exit 1;} }'; then
diff --git a/arch/x86/tools/mcstop+release-smp-x86.sh.in b/arch/x86/tools/mcstop+release-smp-x86.sh.in
index e5b7cdf9..03ce8dad 100644
--- a/arch/x86/tools/mcstop+release-smp-x86.sh.in
+++ b/arch/x86/tools/mcstop+release-smp-x86.sh.in
@@ -121,10 +121,5 @@ if [ "${irqbalance_used}" != "" ]; then
 	fi
 fi
 
-# Re-enable ASLR
-if [ -f /tmp/mckernel_randomize_va_space ]; then
-	cat /tmp/mckernel_randomize_va_space > /proc/sys/kernel/randomize_va_space
-fi
-
 # Set back default swappiness
 echo 60 > /proc/sys/vm/swappiness
diff --git a/executer/user/mcexec.c b/executer/user/mcexec.c
index ae5f1074..e3d9d801 100644
--- a/executer/user/mcexec.c
+++ b/executer/user/mcexec.c
@@ -73,6 +73,7 @@
 #include "../../config.h"
 #include <numa.h>
 #include <numaif.h>
+#include <sys/personality.h>
 
 //#define DEBUG
 
@@ -89,6 +90,25 @@
 #define __eprintf(format, ...)  {fprintf(stderr, "%s: " format, __FUNCTION__, \
                                         __VA_ARGS__);fflush(stderr);}
 #endif
+	
+#define CHKANDJUMPF(cond, err, format, ...)								\
+	do {																\
+		if(cond) {														\
+			__eprintf(format, __VA_ARGS__);								\
+			ret = err;													\
+			goto fn_fail;												\
+		}																\
+	} while(0)
+
+#define CHKANDJUMP(cond, err, msg)										\
+	do {																\
+		if(cond) {														\
+			__eprint(msg);												\
+			ret = err;													\
+			goto fn_fail;												\
+		}																\
+	} while(0)
+
 
 #undef DEBUG_UTI
 
@@ -1580,6 +1600,7 @@ opendev()
 
 int main(int argc, char **argv)
 {
+	int ret = 0;
 	struct program_load_desc *desc;
 	int envs_len;
 	char *envs;
@@ -1596,6 +1617,7 @@ int main(int argc, char **argv)
 	char *shell = NULL;
 	char shell_path[1024];
 	int num = 0;
+	int persona;
 
 #ifdef USE_SYSCALL_MOD_CALL
 	__glob_argc = argc;
@@ -1607,6 +1629,26 @@ int main(int argc, char **argv)
 		altroot = "/usr/linux-k1om-4.7/linux-k1om";
 	}
 
+	/* Disable address space layout randomization */
+	persona = personality(0xffffffff);
+	__dprintf("persona=%08x\n", persona);
+	if ((persona & (PER_LINUX | ADDR_NO_RANDOMIZE)) == 0) {
+		CHKANDJUMP(getenv("MCEXEC_ADDR_NO_RANDOMIZE"), 1, "personality() and then execv() failed\n");
+
+		persona = personality(persona | PER_LINUX | ADDR_NO_RANDOMIZE);
+		CHKANDJUMPF(persona == -1, 1, "personality failed, persona=%08x, strerror=%s\n", persona, strerror(errno));
+
+		error = setenv("MCEXEC_ADDR_NO_RANDOMIZE", "1", 1);
+		CHKANDJUMP(error == -1, 1, "setenv failed\n");
+
+		error = execv("/proc/self/exe", argv);
+		CHKANDJUMPF(error == -1, 1, "execv failed, error=%d,strerror=%s\n", error, strerror(errno));
+	}
+	if (getenv("MCEXEC_ADDR_NO_RANDOMIZE")) {
+		error = unsetenv("MCEXEC_ADDR_NO_RANDOMIZE");
+		CHKANDJUMP(error == -1, 1, "unsetenv failed");
+	}
+
 	rlim_stack.rlim_cur = MCEXEC_DEF_CUR_STACK_SIZE;
 	rlim_stack.rlim_max = MCEXEC_DEF_MAX_STACK_SIZE;
 
@@ -2119,7 +2161,8 @@ int main(int argc, char **argv)
 
 	join_all_threads();
 
-	return 0;
+ fn_fail:
+	return ret;
 }