Hi, On Fri, 6 Mar 2020 08:07:05 -0800, Felix Lechner <felix.lechner@lease-up.com> wrote: > On Thu, Mar 5, 2020 at 5:10 PM Daniel Kahn Gillmor > <dkg@fifthhorseman.net> wrote: > > it was showing up for me as an "E:" (error) not P: (pedantic) or > > experimental. > > The tag downgrade has not been released. We would appreciate input > from the maintainer of binutils-mingw-w64 about the future of this > tag. The remedy Lintian suggests is clearly insufficient. > > > If you think win-iconv should not be fiddling with these bits during the > > build, please feel free to go ahead and fix up win-iconv as well -- > > 0.0.8-4 introduced this process. > > I am not sure one should fiddle with those bits, after all. The > binutils seem to set them when appropriate. Perhaps their maintainer > knows? That is basically the issue at hand: the PE fields we’ve been tweaking should really only be set as a result of building the binaries in “the appropriate way”. We didn’t touch SEH explicitly previously in binutils-mingw-w64, so I wasn’t aware that the recent change in the defaults would affect this; I haven’t checked, but perhaps there’s a dependency (i.e. one of the options we previously enabled by default resulted in no-SEH being set). Regarding the defaults in binutils, I changed the behaviour in my last upload based on https://insights.sei.cmu.edu/cert/2018/08/when-aslr-is-not-really-aslr---the-case-of-incorrect-assumptions-and-bad-defaults.html and recent changes in upstream binutils. ld now has an --enable-reloc-section option, which causes it to keep the relocation section and make ASLR possible in Windows. This is enabled if --dynamicbase is specified on the command-line, but not if the default is changed (I patched binutils to change this — see https://salsa.debian.org/mingw-w64-team/binutils-mingw-w64/-/commit/6e600e25646c3dcb96a2f1904bdd965525cf6fe9 and the changes to debian/patches/default-secure-pe-flags.patch therein). As explained in the CERT post linked above, our previous Debian-specific defaults (dynamic base and DEP) are effectively useless without a relocation section. I tried enabling relocation sections by default (binutils-mingw-w64 8.7), but that made the test suite extremely unhappy — enabling relocation sections by default results in binaries with empty relocation sections in many cases, breaking the test suites. So I reverted to the defaults in 8.8, *including* DEP and dynamic base (now disabled by default). I want to investigate the test results further before possibly re-enabling relocation sections by default; at least, I want to check whether it’s possible for real executables to end up with empty relocation sections (which I believe would also make ASLR impossible). Even with a relocation section, some of the scenarios in https://sourceforge.net/p/mingw-w64/mailman/message/31034877/ are still broken, ideally they should be fixed too. As far as the no-SEH flag goes, I’m not sure what all the ins and outs are. In particular, I wonder if it should take into account the exception model we’re really using in GCC, which would mean a fix wouldn’t come from binutils, but rather from GCC knowing when to set the flag appropriately (perhaps a spec file tweak would be sufficient). Regards, Stephen
Attachment:
pgpzFuJw99P4E.pgp
Description: OpenPGP digital signature