[uClibc] Re: [gentoo-hardened] uclibc and heap randomisation (ET_EXEC)

pageexec at freemail.hu pageexec at freemail.hu
Tue Aug 17 16:25:07 UTC 2004

> What we would need for full hardened support, is RELRO support in ldso

this should not be hard: basically, whenever you're done with
relocations in a library (and the main app on startup), you
should call mprotect(PROT_READ) on the area described by the
PT_GNU_RELRO program header (so you have to parse it and save
the relevant start address/length info).

> and Scrt1.o (PIE support) for non-x86 archs.

this you can take from glibc, on any arch PIEs are supported they
also have the corresponding Scrt1.o generated (they do that by
adding '#ifdef SHARED' or something similar to the crt1 source
and assembling it twice during the build process, once for PIEs
and once for normal executables).

