<86>Jan 9 01:01:30 userdel[1386190]: delete user 'rooter' <86>Jan 9 01:01:30 groupadd[1386214]: group added to /etc/group: name=rooter, GID=681 <86>Jan 9 01:01:30 groupadd[1386214]: group added to /etc/gshadow: name=rooter <86>Jan 9 01:01:30 groupadd[1386214]: new group: name=rooter, GID=681 <86>Jan 9 01:01:30 useradd[1386225]: new user: name=rooter, UID=681, GID=681, home=/root, shell=/bin/bash <86>Jan 9 01:01:30 userdel[1386255]: delete user 'builder' <86>Jan 9 01:01:30 userdel[1386255]: removed group 'builder' owned by 'builder' <86>Jan 9 01:01:30 userdel[1386255]: removed shadow group 'builder' owned by 'builder' <86>Jan 9 01:01:30 groupadd[1386301]: group added to /etc/group: name=builder, GID=682 <86>Jan 9 01:01:30 groupadd[1386301]: group added to /etc/gshadow: name=builder <86>Jan 9 01:01:30 groupadd[1386301]: new group: name=builder, GID=682 <86>Jan 9 01:01:30 useradd[1386322]: new user: name=builder, UID=682, GID=682, home=/usr/src, shell=/bin/bash warning: user mike does not exist - using root warning: group mike does not exist - using root warning: user mike does not exist - using root warning: group mike does not exist - using root warning: user mike does not exist - using root warning: group mike does not exist - using root <13>Jan 9 01:01:32 rpmi: perl-Term-Cap-1.17-alt1 1445018869 installed <13>Jan 9 01:01:32 rpmi: perl-Term-ANSIColor-5.01-alt1 sisyphus+244783.100.1.2 1579747505 installed <13>Jan 9 01:01:32 rpmi: perl-Pod-Escapes-1.07-alt1 1418767892 installed <13>Jan 9 01:01:32 rpmi: perl-Filter-1.60-alt1 sisyphus+258375.300.14.2 1600903930 installed <13>Jan 9 01:01:32 rpmi: perl-Encode-3.08-alt1 sisyphus+263440.100.1.1 1607955880 installed <13>Jan 9 01:01:32 rpmi: perl-Pod-Simple-3.42-alt1 sisyphus+261979.100.1.1 1605684633 installed <13>Jan 9 01:01:32 rpmi: perl-Pod-Usage-2.01-alt1 sisyphus+260315.100.1.3 1603550551 installed <13>Jan 9 01:01:32 rpmi: perl-podlators-4.14-alt1 sisyphus+243914.100.1.1 1578493399 installed Building target platforms: x86_64 Building for target x86_64 Wrote: /usr/src/in/nosrpm/hardening-wrapper-2.6-alt1.nosrc.rpm (w1.gzdio) Installing hardening-wrapper-2.6-alt1.src.rpm Building target platforms: x86_64 Building for target x86_64 Executing(%prep): /bin/sh -e /usr/src/tmp/rpm-tmp.9767 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + rm -rf hardening-wrapper-2.6 + /bin/mkdir -p hardening-wrapper-2.6 + cd hardening-wrapper-2.6 + echo 'Source #0 (hardening-wrapper_2.6.tar.xz):' Source #0 (hardening-wrapper_2.6.tar.xz): + /usr/bin/xz -dc /usr/src/RPM/SOURCES/hardening-wrapper_2.6.tar.xz + /bin/tar -xf - + /bin/chmod -c -Rf u+rwX,go-w . + echo 'Patch #0 (hardening-wrapper-2.6-fix_perl.patch):' Patch #0 (hardening-wrapper-2.6-fix_perl.patch): + /usr/bin/patch -p1 patching file hardening-wrapper/Makefile + sed -i.debian -e '/^[ \t]*if \[ -z \"\$.DEB_/d' hardening-wrapper/Makefile + exit 0 Executing(%build): /bin/sh -e /usr/src/tmp/rpm-tmp.9767 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd hardening-wrapper-2.6 + make -j8 -C hardening-wrapper make: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' mkdir -p build-tree # Construct wrappers. install hardened-cc hardened-ld build-tree/ # Set defaults, based on OS and ARCH. perl -pi -e 's/ #OS#/ '""'/; s/ #ARCH#/ '""'/;' build-tree/hardened-cc build-tree/hardened-ld perl -pi -e "s/default\{'DEB_BUILD_HARDENING_PIE'\}=1;/default{'DEB_BUILD_HARDENING_PIE'}=0;/;" build-tree/hardened-cc build-tree/hardened-ld perl -pi -e "s/default\{'DEB_BUILD_HARDENING_STACKPROTECTOR'\}=1;/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=1;/;" build-tree/hardened-cc build-tree/hardened-ld # Duplicate cc wrapper to c++. install build-tree/hardened-cc build-tree/hardened-c++ perl -pi -e 's/hardened-cc/hardened-c++/g; s|/usr/bin/cc|/usr/bin/c++|g;' build-tree/hardened-c++ # Construct tools. install hardening.make hardening-check build-tree/ # Do not use "shell" here because it eats newlines. We want those. perl -pi -e "s/^my %libc;/my %libc = (\n$(perl hardening-check --find-libc-functions /bin/ls)\n);/;" build-tree/hardening-check # Construct man pages. install hardened-cc.1 hardened-ld.1 build-tree/ pod2man hardening-check > build-tree/hardening-check.1 # Duplicate cc man page to c++. install build-tree/hardened-cc.1 build-tree/hardened-c++.1 perl -pi -e 's/hardened-cc/hardened-c++/g; s/gcc/g++/g;' build-tree/hardened-c++.1 touch build-tree/stamp-build make: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' + exit 0 Executing(%install): /bin/sh -e /usr/src/tmp/rpm-tmp.52633 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + /bin/chmod -Rf u+rwX -- /usr/src/tmp/hardening-wrapper-buildroot + : + /bin/rm -rf -- /usr/src/tmp/hardening-wrapper-buildroot + PATH=/usr/libexec/rpm-build:/usr/src/bin:/bin:/usr/bin:/usr/X11R6/bin:/usr/games + cd hardening-wrapper-2.6 + install -pDm0755 hardening-wrapper/build-tree/hardening-check /usr/src/tmp/hardening-wrapper-buildroot/usr/bin/hardening-check + install -pDm0644 hardening-wrapper/build-tree/hardening-check.1 /usr/src/tmp/hardening-wrapper-buildroot/usr/share/man/man1/hardening-check.1 + /usr/lib/rpm/brp-alt Cleaning files in /usr/src/tmp/hardening-wrapper-buildroot (auto) Verifying and fixing files in /usr/src/tmp/hardening-wrapper-buildroot (binconfig,pkgconfig,libtool,desktop,gnuconfig) Checking contents of files in /usr/src/tmp/hardening-wrapper-buildroot/ (default) Compressing files in /usr/src/tmp/hardening-wrapper-buildroot (auto) Verifying ELF objects in /usr/src/tmp/hardening-wrapper-buildroot (arch=normal,fhs=normal,lfs=relaxed,lint=relaxed,rpath=normal,stack=normal,textrel=normal,unresolved=normal) Hardlinking identical .pyc and .pyo files Executing(%check): /bin/sh -e /usr/src/tmp/rpm-tmp.52633 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd hardening-wrapper-2.6 + make -j8 -C hardening-wrapper check make: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' make -C tests check make[1]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make[1]: warning: jobserver unavailable: using -j1. Add '+' to parent make rule. make[1]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make[1]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' # Check the stack protector and PIE options directly, just to have # a historical record in the build logs. cc -Wall -fstack-protector hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x55bb8deca155) cc -Wall -fstack-protector-strong hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x55a6cc6e4155) cc -Wall -fPIE -pie hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x558ae9265155) ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x55f5cefad155) make -f Makefile.wrapper check make[2]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' # Test basic perl syntax for script in ../build-tree/hardened-cc ../build-tree/hardened-ld ../build-tree/hardened-c++; do perl -c $script; done ../build-tree/hardened-cc syntax OK ../build-tree/hardened-ld syntax OK ../build-tree/hardened-c++ syntax OK touch syntax.stamp # Compiler and linker options disabled. DEB_BUILD_HARDENING=0 ../build-tree/hardened-cc -B ../build-tree/ -o ../build-tree/wrapper-test-stock hello.c /usr/bin/gcc_wrapper -B ../build-tree/ -o ../build-tree/wrapper-test-stock hello.c readelf -ldrsW ../build-tree/wrapper-test-stock Elf file type is DYN (Shared object file) Entry point 0x1070 There are 11 program headers, starting at offset 64 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000268 0x000268 R 0x8 INTERP 0x0002a8 0x00000000000002a8 0x00000000000002a8 0x00001c 0x00001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x0005f8 0x0005f8 R 0x1000 LOAD 0x001000 0x0000000000001000 0x0000000000001000 0x00026d 0x00026d R E 0x1000 LOAD 0x002000 0x0000000000002000 0x0000000000002000 0x000180 0x000180 R 0x1000 LOAD 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000264 0x000268 RW 0x1000 DYNAMIC 0x002db8 0x0000000000003db8 0x0000000000003db8 0x0001f0 0x0001f0 RW 0x8 NOTE 0x0002c4 0x00000000000002c4 0x00000000000002c4 0x000044 0x000044 R 0x4 GNU_EH_FRAME 0x002014 0x0000000000002014 0x0000000000002014 0x000044 0x000044 R 0x4 GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .data.rel.ro .dynamic .got .data .bss 06 .dynamic 07 .note.gnu.build-id .note.ABI-tag 08 .eh_frame_hdr 09 10 .init_array .fini_array .data.rel.ro .dynamic .got Dynamic section at offset 0x2db8 contains 27 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] 0x000000000000000c (INIT) 0x1000 0x000000000000000d (FINI) 0x1264 0x0000000000000019 (INIT_ARRAY) 0x3da0 0x000000000000001b (INIT_ARRAYSZ) 8 (bytes) 0x000000000000001a (FINI_ARRAY) 0x3da8 0x000000000000001c (FINI_ARRAYSZ) 8 (bytes) 0x000000006ffffef5 (GNU_HASH) 0x308 0x0000000000000005 (STRTAB) 0x408 0x0000000000000006 (SYMTAB) 0x330 0x000000000000000a (STRSZ) 161 (bytes) 0x000000000000000b (SYMENT) 24 (bytes) 0x0000000000000015 (DEBUG) 0x0 0x0000000000000003 (PLTGOT) 0x3fa8 0x0000000000000002 (PLTRELSZ) 72 (bytes) 0x0000000000000014 (PLTREL) RELA 0x0000000000000017 (JMPREL) 0x5b0 0x0000000000000007 (RELA) 0x4f0 0x0000000000000008 (RELASZ) 192 (bytes) 0x0000000000000009 (RELAENT) 24 (bytes) 0x0000000000000018 (BIND_NOW) 0x000000006ffffffb (FLAGS_1) Flags: NOW PIE 0x000000006ffffffe (VERNEED) 0x4c0 0x000000006fffffff (VERNEEDNUM) 1 0x000000006ffffff0 (VERSYM) 0x4aa 0x000000006ffffff9 (RELACOUNT) 3 0x0000000000000000 (NULL) 0x0 Relocation section '.rela.dyn' at offset 0x4f0 contains 8 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003da0 0000000000000008 R_X86_64_RELATIVE 1150 0000000000003da8 0000000000000008 R_X86_64_RELATIVE 1110 0000000000003db0 0000000000000008 R_X86_64_RELATIVE 3db0 0000000000003fd8 0000000100000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_deregisterTMCloneTable + 0 0000000000003fe0 0000000500000006 R_X86_64_GLOB_DAT 0000000000000000 __libc_start_main@GLIBC_2.2.5 + 0 0000000000003fe8 0000000600000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0 0000000000003ff0 0000000700000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_registerTMCloneTable + 0 0000000000003ff8 0000000800000006 R_X86_64_GLOB_DAT 0000000000000000 __cxa_finalize@GLIBC_2.2.5 + 0 Relocation section '.rela.plt' at offset 0x5b0 contains 3 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003fc0 0000000200000007 R_X86_64_JUMP_SLOT 0000000000000000 __stack_chk_fail@GLIBC_2.4 + 0 0000000000003fc8 0000000300000007 R_X86_64_JUMP_SLOT 0000000000000000 printf@GLIBC_2.2.5 + 0 0000000000003fd0 0000000400000007 R_X86_64_JUMP_SLOT 0000000000000000 snprintf@GLIBC_2.2.5 + 0 Symbol table '.dynsym' contains 9 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.2.5 (3) 4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.2.5 (3) 5: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (3) 6: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 7: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 8: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@GLIBC_2.2.5 (3) Symbol table '.symtab' contains 80 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000000002a8 0 SECTION LOCAL DEFAULT 1 2: 00000000000002c4 0 SECTION LOCAL DEFAULT 2 3: 00000000000002e8 0 SECTION LOCAL DEFAULT 3 4: 0000000000000308 0 SECTION LOCAL DEFAULT 4 5: 0000000000000330 0 SECTION LOCAL DEFAULT 5 6: 0000000000000408 0 SECTION LOCAL DEFAULT 6 7: 00000000000004aa 0 SECTION LOCAL DEFAULT 7 8: 00000000000004c0 0 SECTION LOCAL DEFAULT 8 9: 00000000000004f0 0 SECTION LOCAL DEFAULT 9 10: 00000000000005b0 0 SECTION LOCAL DEFAULT 10 11: 0000000000001000 0 SECTION LOCAL DEFAULT 11 12: 0000000000001020 0 SECTION LOCAL DEFAULT 12 13: 0000000000001060 0 SECTION LOCAL DEFAULT 13 14: 0000000000001070 0 SECTION LOCAL DEFAULT 14 15: 0000000000001264 0 SECTION LOCAL DEFAULT 15 16: 0000000000002000 0 SECTION LOCAL DEFAULT 16 17: 0000000000002014 0 SECTION LOCAL DEFAULT 17 18: 0000000000002058 0 SECTION LOCAL DEFAULT 18 19: 0000000000003da0 0 SECTION LOCAL DEFAULT 19 20: 0000000000003da8 0 SECTION LOCAL DEFAULT 20 21: 0000000000003db0 0 SECTION LOCAL DEFAULT 21 22: 0000000000003db8 0 SECTION LOCAL DEFAULT 22 23: 0000000000003fa8 0 SECTION LOCAL DEFAULT 23 24: 0000000000004000 0 SECTION LOCAL DEFAULT 24 25: 0000000000004004 0 SECTION LOCAL DEFAULT 25 26: 0000000000000000 0 SECTION LOCAL DEFAULT 26 27: 0000000000000000 0 SECTION LOCAL DEFAULT 27 28: 0000000000006008 0 SECTION LOCAL DEFAULT 28 29: 0000000000000000 0 SECTION LOCAL DEFAULT 29 30: 0000000000000000 0 SECTION LOCAL DEFAULT 30 31: 0000000000000000 0 SECTION LOCAL DEFAULT 31 32: 0000000000000000 0 SECTION LOCAL DEFAULT 32 33: 0000000000000000 0 SECTION LOCAL DEFAULT 33 34: 0000000000000000 0 SECTION LOCAL DEFAULT 34 35: 0000000000000000 0 SECTION LOCAL DEFAULT 35 36: 0000000000000000 0 FILE LOCAL DEFAULT ABS abi-note.c 37: 00000000000002e8 32 OBJECT LOCAL DEFAULT 3 __abi_tag 38: 0000000000000000 0 FILE LOCAL DEFAULT ABS init.c 39: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 40: 00000000000010a0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 41: 00000000000010d0 0 FUNC LOCAL DEFAULT 14 register_tm_clones 42: 0000000000001110 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 43: 0000000000004004 1 OBJECT LOCAL DEFAULT 25 completed.0 44: 0000000000003da8 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 45: 0000000000001150 0 FUNC LOCAL DEFAULT 14 frame_dummy 46: 0000000000003da0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 47: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 48: 0000000000000000 0 FILE LOCAL DEFAULT ABS elf-init.c 49: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 50: 000000000000217c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 51: 0000000000000000 0 FILE LOCAL DEFAULT ABS 52: 0000000000003da8 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 53: 0000000000003db8 0 OBJECT LOCAL DEFAULT 22 _DYNAMIC 54: 0000000000003da0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 55: 0000000000002014 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 56: 0000000000003fa8 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 57: 0000000000001000 0 FUNC LOCAL DEFAULT 11 _init 58: 0000000000001260 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 59: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 60: 0000000000004000 0 NOTYPE WEAK DEFAULT 24 data_start 61: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 24 _edata 62: 0000000000001264 0 FUNC GLOBAL HIDDEN 15 _fini 63: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 64: 0000000000000000 0 FUNC GLOBAL DEFAULT UND printf@@GLIBC_2.2.5 65: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.2.5 66: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.2.5 67: 0000000000004000 0 NOTYPE GLOBAL DEFAULT 24 __data_start 68: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 69: 0000000000003db0 0 OBJECT GLOBAL HIDDEN 21 __dso_handle 70: 0000000000001155 131 FUNC GLOBAL DEFAULT 14 announcement 71: 0000000000002000 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 72: 0000000000001200 93 FUNC GLOBAL DEFAULT 14 __libc_csu_init 73: 0000000000004008 0 NOTYPE GLOBAL DEFAULT 25 _end 74: 0000000000001070 43 FUNC GLOBAL DEFAULT 14 _start 75: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 76: 00000000000011d8 40 FUNC GLOBAL DEFAULT 14 main 77: 0000000000004008 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 78: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 79: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@@GLIBC_2.2.5 ../build-tree/wrapper-test-stock ../build-tree/wrapper-test-stock: ok (0x556757890155) # Compiler options enabled. (linker is not wrapper) ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-compiled hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-compiled hello.c readelf -ldrsW ../build-tree/wrapper-test-compiled Elf file type is DYN (Shared object file) Entry point 0x1090 There are 11 program headers, starting at offset 64 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000268 0x000268 R 0x8 INTERP 0x0002a8 0x00000000000002a8 0x00000000000002a8 0x00001c 0x00001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x000620 0x000620 R 0x1000 LOAD 0x001000 0x0000000000001000 0x0000000000001000 0x00026d 0x00026d R E 0x1000 LOAD 0x002000 0x0000000000002000 0x0000000000002000 0x000180 0x000180 R 0x1000 LOAD 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000264 0x000268 RW 0x1000 DYNAMIC 0x002db8 0x0000000000003db8 0x0000000000003db8 0x0001f0 0x0001f0 RW 0x8 NOTE 0x0002c4 0x00000000000002c4 0x00000000000002c4 0x000044 0x000044 R 0x4 GNU_EH_FRAME 0x002014 0x0000000000002014 0x0000000000002014 0x000044 0x000044 R 0x4 GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .data.rel.ro .dynamic .got .data .bss 06 .dynamic 07 .note.gnu.build-id .note.ABI-tag 08 .eh_frame_hdr 09 10 .init_array .fini_array .data.rel.ro .dynamic .got Dynamic section at offset 0x2db8 contains 27 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] 0x000000000000000c (INIT) 0x1000 0x000000000000000d (FINI) 0x1264 0x0000000000000019 (INIT_ARRAY) 0x3da0 0x000000000000001b (INIT_ARRAYSZ) 8 (bytes) 0x000000000000001a (FINI_ARRAY) 0x3da8 0x000000000000001c (FINI_ARRAYSZ) 8 (bytes) 0x000000006ffffef5 (GNU_HASH) 0x308 0x0000000000000005 (STRTAB) 0x408 0x0000000000000006 (SYMTAB) 0x330 0x000000000000000a (STRSZ) 186 (bytes) 0x000000000000000b (SYMENT) 24 (bytes) 0x0000000000000015 (DEBUG) 0x0 0x0000000000000003 (PLTGOT) 0x3fa8 0x0000000000000002 (PLTRELSZ) 72 (bytes) 0x0000000000000014 (PLTREL) RELA 0x0000000000000017 (JMPREL) 0x5d8 0x0000000000000007 (RELA) 0x518 0x0000000000000008 (RELASZ) 192 (bytes) 0x0000000000000009 (RELAENT) 24 (bytes) 0x0000000000000018 (BIND_NOW) 0x000000006ffffffb (FLAGS_1) Flags: NOW PIE 0x000000006ffffffe (VERNEED) 0x4d8 0x000000006fffffff (VERNEEDNUM) 1 0x000000006ffffff0 (VERSYM) 0x4c2 0x000000006ffffff9 (RELACOUNT) 3 0x0000000000000000 (NULL) 0x0 Relocation section '.rela.dyn' at offset 0x518 contains 8 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003da0 0000000000000008 R_X86_64_RELATIVE 1170 0000000000003da8 0000000000000008 R_X86_64_RELATIVE 1130 0000000000003db0 0000000000000008 R_X86_64_RELATIVE 3db0 0000000000003fd8 0000000100000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_deregisterTMCloneTable + 0 0000000000003fe0 0000000400000006 R_X86_64_GLOB_DAT 0000000000000000 __libc_start_main@GLIBC_2.2.5 + 0 0000000000003fe8 0000000500000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0 0000000000003ff0 0000000700000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_registerTMCloneTable + 0 0000000000003ff8 0000000800000006 R_X86_64_GLOB_DAT 0000000000000000 __cxa_finalize@GLIBC_2.2.5 + 0 Relocation section '.rela.plt' at offset 0x5d8 contains 3 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003fc0 0000000200000007 R_X86_64_JUMP_SLOT 0000000000000000 __stack_chk_fail@GLIBC_2.4 + 0 0000000000003fc8 0000000300000007 R_X86_64_JUMP_SLOT 0000000000000000 snprintf@GLIBC_2.2.5 + 0 0000000000003fd0 0000000600000007 R_X86_64_JUMP_SLOT 0000000000000000 __printf_chk@GLIBC_2.3.4 + 0 Symbol table '.dynsym' contains 9 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.2.5 (3) 4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (3) 5: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 6: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 7: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 8: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@GLIBC_2.2.5 (3) Symbol table '.symtab' contains 80 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000000002a8 0 SECTION LOCAL DEFAULT 1 2: 00000000000002c4 0 SECTION LOCAL DEFAULT 2 3: 00000000000002e8 0 SECTION LOCAL DEFAULT 3 4: 0000000000000308 0 SECTION LOCAL DEFAULT 4 5: 0000000000000330 0 SECTION LOCAL DEFAULT 5 6: 0000000000000408 0 SECTION LOCAL DEFAULT 6 7: 00000000000004c2 0 SECTION LOCAL DEFAULT 7 8: 00000000000004d8 0 SECTION LOCAL DEFAULT 8 9: 0000000000000518 0 SECTION LOCAL DEFAULT 9 10: 00000000000005d8 0 SECTION LOCAL DEFAULT 10 11: 0000000000001000 0 SECTION LOCAL DEFAULT 11 12: 0000000000001020 0 SECTION LOCAL DEFAULT 12 13: 0000000000001060 0 SECTION LOCAL DEFAULT 13 14: 0000000000001070 0 SECTION LOCAL DEFAULT 14 15: 0000000000001264 0 SECTION LOCAL DEFAULT 15 16: 0000000000002000 0 SECTION LOCAL DEFAULT 16 17: 0000000000002014 0 SECTION LOCAL DEFAULT 17 18: 0000000000002058 0 SECTION LOCAL DEFAULT 18 19: 0000000000003da0 0 SECTION LOCAL DEFAULT 19 20: 0000000000003da8 0 SECTION LOCAL DEFAULT 20 21: 0000000000003db0 0 SECTION LOCAL DEFAULT 21 22: 0000000000003db8 0 SECTION LOCAL DEFAULT 22 23: 0000000000003fa8 0 SECTION LOCAL DEFAULT 23 24: 0000000000004000 0 SECTION LOCAL DEFAULT 24 25: 0000000000004004 0 SECTION LOCAL DEFAULT 25 26: 0000000000000000 0 SECTION LOCAL DEFAULT 26 27: 0000000000000000 0 SECTION LOCAL DEFAULT 27 28: 0000000000006008 0 SECTION LOCAL DEFAULT 28 29: 0000000000000000 0 SECTION LOCAL DEFAULT 29 30: 0000000000000000 0 SECTION LOCAL DEFAULT 30 31: 0000000000000000 0 SECTION LOCAL DEFAULT 31 32: 0000000000000000 0 SECTION LOCAL DEFAULT 32 33: 0000000000000000 0 SECTION LOCAL DEFAULT 33 34: 0000000000000000 0 SECTION LOCAL DEFAULT 34 35: 0000000000000000 0 SECTION LOCAL DEFAULT 35 36: 0000000000000000 0 FILE LOCAL DEFAULT ABS abi-note.c 37: 00000000000002e8 32 OBJECT LOCAL DEFAULT 3 __abi_tag 38: 0000000000000000 0 FILE LOCAL DEFAULT ABS init.c 39: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 40: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 41: 00000000000010c0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 42: 00000000000010f0 0 FUNC LOCAL DEFAULT 14 register_tm_clones 43: 0000000000001130 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 44: 0000000000004004 1 OBJECT LOCAL DEFAULT 25 completed.0 45: 0000000000003da8 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 46: 0000000000001170 0 FUNC LOCAL DEFAULT 14 frame_dummy 47: 0000000000003da0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 48: 0000000000000000 0 FILE LOCAL DEFAULT ABS elf-init.c 49: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 50: 000000000000217c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 51: 0000000000000000 0 FILE LOCAL DEFAULT ABS 52: 0000000000003da8 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 53: 0000000000003db8 0 OBJECT LOCAL DEFAULT 22 _DYNAMIC 54: 0000000000003da0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 55: 0000000000002014 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 56: 0000000000003fa8 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 57: 0000000000001000 0 FUNC LOCAL DEFAULT 11 _init 58: 0000000000001260 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 59: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 60: 0000000000004000 0 NOTYPE WEAK DEFAULT 24 data_start 61: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 24 _edata 62: 0000000000001264 0 FUNC GLOBAL HIDDEN 15 _fini 63: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 64: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.2.5 65: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.2.5 66: 0000000000004000 0 NOTYPE GLOBAL DEFAULT 24 __data_start 67: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 68: 0000000000003db0 0 OBJECT GLOBAL HIDDEN 21 __dso_handle 69: 0000000000001180 117 FUNC GLOBAL DEFAULT 14 announcement 70: 0000000000002000 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 71: 0000000000001200 93 FUNC GLOBAL DEFAULT 14 __libc_csu_init 72: 0000000000004008 0 NOTYPE GLOBAL DEFAULT 25 _end 73: 0000000000001090 43 FUNC GLOBAL DEFAULT 14 _start 74: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 75: 0000000000001070 25 FUNC GLOBAL DEFAULT 14 main 76: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 77: 0000000000004008 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 78: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 79: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@@GLIBC_2.2.5 # Run twice to show off PIE, if available in kernel ../build-tree/wrapper-test-compiled ../build-tree/wrapper-test-compiled: ok (0x55930c7d9180) ../build-tree/wrapper-test-compiled ../build-tree/wrapper-test-compiled: ok (0x5637472df180) # Enable symlink for ld to trick gcc into doing wrapped linking (cd ../build-tree && ln -s hardened-ld ld) (cd ../build-tree && ln -s hardened-ld ld.gold) # Compiler and linker options enabled. ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-linked hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-linked hello.c /usr/bin/ld -z relro -plugin /usr/libexec/gcc/x86_64-alt-linux/10/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/x86_64-alt-linux/10/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/ccQCFC4o.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -pie -z now -o ../build-tree/wrapper-test-linked /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/Scrt1.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crti.o /usr/lib64/gcc/x86_64-alt-linux/10/crtbeginS.o -L../build-tree -L/usr/lib64/gcc/x86_64-alt-linux/10 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../.. /usr/src/tmp/ccnDFNmn.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib64/gcc/x86_64-alt-linux/10/crtendS.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crtn.o readelf -ldrsW ../build-tree/wrapper-test-linked Elf file type is DYN (Shared object file) Entry point 0x1090 There are 11 program headers, starting at offset 64 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000268 0x000268 R 0x8 INTERP 0x0002a8 0x00000000000002a8 0x00000000000002a8 0x00001c 0x00001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x000620 0x000620 R 0x1000 LOAD 0x001000 0x0000000000001000 0x0000000000001000 0x00026d 0x00026d R E 0x1000 LOAD 0x002000 0x0000000000002000 0x0000000000002000 0x000180 0x000180 R 0x1000 LOAD 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000264 0x000268 RW 0x1000 DYNAMIC 0x002db8 0x0000000000003db8 0x0000000000003db8 0x0001f0 0x0001f0 RW 0x8 NOTE 0x0002c4 0x00000000000002c4 0x00000000000002c4 0x000044 0x000044 R 0x4 GNU_EH_FRAME 0x002014 0x0000000000002014 0x0000000000002014 0x000044 0x000044 R 0x4 GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .data.rel.ro .dynamic .got .data .bss 06 .dynamic 07 .note.gnu.build-id .note.ABI-tag 08 .eh_frame_hdr 09 10 .init_array .fini_array .data.rel.ro .dynamic .got Dynamic section at offset 0x2db8 contains 27 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] 0x000000000000000c (INIT) 0x1000 0x000000000000000d (FINI) 0x1264 0x0000000000000019 (INIT_ARRAY) 0x3da0 0x000000000000001b (INIT_ARRAYSZ) 8 (bytes) 0x000000000000001a (FINI_ARRAY) 0x3da8 0x000000000000001c (FINI_ARRAYSZ) 8 (bytes) 0x000000006ffffef5 (GNU_HASH) 0x308 0x0000000000000005 (STRTAB) 0x408 0x0000000000000006 (SYMTAB) 0x330 0x000000000000000a (STRSZ) 186 (bytes) 0x000000000000000b (SYMENT) 24 (bytes) 0x0000000000000015 (DEBUG) 0x0 0x0000000000000003 (PLTGOT) 0x3fa8 0x0000000000000002 (PLTRELSZ) 72 (bytes) 0x0000000000000014 (PLTREL) RELA 0x0000000000000017 (JMPREL) 0x5d8 0x0000000000000007 (RELA) 0x518 0x0000000000000008 (RELASZ) 192 (bytes) 0x0000000000000009 (RELAENT) 24 (bytes) 0x0000000000000018 (BIND_NOW) 0x000000006ffffffb (FLAGS_1) Flags: NOW PIE 0x000000006ffffffe (VERNEED) 0x4d8 0x000000006fffffff (VERNEEDNUM) 1 0x000000006ffffff0 (VERSYM) 0x4c2 0x000000006ffffff9 (RELACOUNT) 3 0x0000000000000000 (NULL) 0x0 Relocation section '.rela.dyn' at offset 0x518 contains 8 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003da0 0000000000000008 R_X86_64_RELATIVE 1170 0000000000003da8 0000000000000008 R_X86_64_RELATIVE 1130 0000000000003db0 0000000000000008 R_X86_64_RELATIVE 3db0 0000000000003fd8 0000000100000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_deregisterTMCloneTable + 0 0000000000003fe0 0000000400000006 R_X86_64_GLOB_DAT 0000000000000000 __libc_start_main@GLIBC_2.2.5 + 0 0000000000003fe8 0000000500000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0 0000000000003ff0 0000000700000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_registerTMCloneTable + 0 0000000000003ff8 0000000800000006 R_X86_64_GLOB_DAT 0000000000000000 __cxa_finalize@GLIBC_2.2.5 + 0 Relocation section '.rela.plt' at offset 0x5d8 contains 3 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003fc0 0000000200000007 R_X86_64_JUMP_SLOT 0000000000000000 __stack_chk_fail@GLIBC_2.4 + 0 0000000000003fc8 0000000300000007 R_X86_64_JUMP_SLOT 0000000000000000 snprintf@GLIBC_2.2.5 + 0 0000000000003fd0 0000000600000007 R_X86_64_JUMP_SLOT 0000000000000000 __printf_chk@GLIBC_2.3.4 + 0 Symbol table '.dynsym' contains 9 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.2.5 (3) 4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (3) 5: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 6: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 7: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 8: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@GLIBC_2.2.5 (3) Symbol table '.symtab' contains 80 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000000002a8 0 SECTION LOCAL DEFAULT 1 2: 00000000000002c4 0 SECTION LOCAL DEFAULT 2 3: 00000000000002e8 0 SECTION LOCAL DEFAULT 3 4: 0000000000000308 0 SECTION LOCAL DEFAULT 4 5: 0000000000000330 0 SECTION LOCAL DEFAULT 5 6: 0000000000000408 0 SECTION LOCAL DEFAULT 6 7: 00000000000004c2 0 SECTION LOCAL DEFAULT 7 8: 00000000000004d8 0 SECTION LOCAL DEFAULT 8 9: 0000000000000518 0 SECTION LOCAL DEFAULT 9 10: 00000000000005d8 0 SECTION LOCAL DEFAULT 10 11: 0000000000001000 0 SECTION LOCAL DEFAULT 11 12: 0000000000001020 0 SECTION LOCAL DEFAULT 12 13: 0000000000001060 0 SECTION LOCAL DEFAULT 13 14: 0000000000001070 0 SECTION LOCAL DEFAULT 14 15: 0000000000001264 0 SECTION LOCAL DEFAULT 15 16: 0000000000002000 0 SECTION LOCAL DEFAULT 16 17: 0000000000002014 0 SECTION LOCAL DEFAULT 17 18: 0000000000002058 0 SECTION LOCAL DEFAULT 18 19: 0000000000003da0 0 SECTION LOCAL DEFAULT 19 20: 0000000000003da8 0 SECTION LOCAL DEFAULT 20 21: 0000000000003db0 0 SECTION LOCAL DEFAULT 21 22: 0000000000003db8 0 SECTION LOCAL DEFAULT 22 23: 0000000000003fa8 0 SECTION LOCAL DEFAULT 23 24: 0000000000004000 0 SECTION LOCAL DEFAULT 24 25: 0000000000004004 0 SECTION LOCAL DEFAULT 25 26: 0000000000000000 0 SECTION LOCAL DEFAULT 26 27: 0000000000000000 0 SECTION LOCAL DEFAULT 27 28: 0000000000006008 0 SECTION LOCAL DEFAULT 28 29: 0000000000000000 0 SECTION LOCAL DEFAULT 29 30: 0000000000000000 0 SECTION LOCAL DEFAULT 30 31: 0000000000000000 0 SECTION LOCAL DEFAULT 31 32: 0000000000000000 0 SECTION LOCAL DEFAULT 32 33: 0000000000000000 0 SECTION LOCAL DEFAULT 33 34: 0000000000000000 0 SECTION LOCAL DEFAULT 34 35: 0000000000000000 0 SECTION LOCAL DEFAULT 35 36: 0000000000000000 0 FILE LOCAL DEFAULT ABS abi-note.c 37: 00000000000002e8 32 OBJECT LOCAL DEFAULT 3 __abi_tag 38: 0000000000000000 0 FILE LOCAL DEFAULT ABS init.c 39: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 40: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 41: 00000000000010c0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 42: 00000000000010f0 0 FUNC LOCAL DEFAULT 14 register_tm_clones 43: 0000000000001130 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 44: 0000000000004004 1 OBJECT LOCAL DEFAULT 25 completed.0 45: 0000000000003da8 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 46: 0000000000001170 0 FUNC LOCAL DEFAULT 14 frame_dummy 47: 0000000000003da0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 48: 0000000000000000 0 FILE LOCAL DEFAULT ABS elf-init.c 49: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 50: 000000000000217c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 51: 0000000000000000 0 FILE LOCAL DEFAULT ABS 52: 0000000000003da8 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 53: 0000000000003db8 0 OBJECT LOCAL DEFAULT 22 _DYNAMIC 54: 0000000000003da0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 55: 0000000000002014 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 56: 0000000000003fa8 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 57: 0000000000001000 0 FUNC LOCAL DEFAULT 11 _init 58: 0000000000001260 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 59: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 60: 0000000000004000 0 NOTYPE WEAK DEFAULT 24 data_start 61: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 24 _edata 62: 0000000000001264 0 FUNC GLOBAL HIDDEN 15 _fini 63: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 64: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.2.5 65: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.2.5 66: 0000000000004000 0 NOTYPE GLOBAL DEFAULT 24 __data_start 67: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 68: 0000000000003db0 0 OBJECT GLOBAL HIDDEN 21 __dso_handle 69: 0000000000001180 117 FUNC GLOBAL DEFAULT 14 announcement 70: 0000000000002000 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 71: 0000000000001200 93 FUNC GLOBAL DEFAULT 14 __libc_csu_init 72: 0000000000004008 0 NOTYPE GLOBAL DEFAULT 25 _end 73: 0000000000001090 43 FUNC GLOBAL DEFAULT 14 _start 74: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 75: 0000000000001070 25 FUNC GLOBAL DEFAULT 14 main 76: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 77: 0000000000004008 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 78: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 79: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@@GLIBC_2.2.5 # Run twice to show off PIE, if available in kernel ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: ok (0x564de7cbb180) ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: ok (0x55e78e4c2180) # Check state of hardening features via check script perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Manually check state of hardening features # Skipped PIE test # Test Stack Protector nm ../build-tree/wrapper-test-linked | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Test Fortify nm ../build-tree/wrapper-test-linked | egrep '__(sn)?printf_chk($|@@GLIBC)' U __printf_chk@@GLIBC_2.3.4 # Test Format (no-op currently) # Test for RELRO readelf -lW ../build-tree/wrapper-test-linked | grep GNU_RELRO GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 # Test for BIND_NOW readelf -dW ../build-tree/wrapper-test-linked | grep BIND_NOW 0x0000000000000018 (BIND_NOW) # Build directly with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC-direct hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC-direct hello.c /usr/bin/ld -z relro -plugin /usr/libexec/gcc/x86_64-alt-linux/10/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/x86_64-alt-linux/10/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/cc1NiGAw.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -pie -z now -o ../build-tree/wrapper-test-fPIC-direct /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/Scrt1.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crti.o /usr/lib64/gcc/x86_64-alt-linux/10/crtbeginS.o -L../build-tree -L/usr/lib64/gcc/x86_64-alt-linux/10 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../.. /usr/src/tmp/cc20EQ9u.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib64/gcc/x86_64-alt-linux/10/crtendS.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crtn.o ../build-tree/wrapper-test-fPIC-direct ../build-tree/wrapper-test-fPIC-direct: ok (0x55d3f2a70180) # Build .o with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC.o -c hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC.o -c hello.c # Link .o with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC.o /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC.o /usr/bin/ld -z relro -plugin /usr/libexec/gcc/x86_64-alt-linux/10/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/x86_64-alt-linux/10/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/ccYzMBC6.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -pie -z now -o ../build-tree/wrapper-test-fPIC /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/Scrt1.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crti.o /usr/lib64/gcc/x86_64-alt-linux/10/crtbeginS.o -L../build-tree -L/usr/lib64/gcc/x86_64-alt-linux/10 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../.. ../build-tree/wrapper-test-fPIC.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib64/gcc/x86_64-alt-linux/10/crtendS.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crtn.o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC: ok (0x55efe6974180) # Make sure build fails due to -Werror=format-security ! ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-format-security format.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-format-security format.c format.c: In function 'main': format.c:11:5: error: format not a string literal and no format arguments [-Werror=format-security] 11 | return fprintf(stderr, argv[0]); | ^~~~~~ cc1: some warnings being treated as errors # Make sure build succeeds with -Wno-format-security ../build-tree/hardened-cc -B ../build-tree/ -O2 -Wno-format-security -o ../build-tree/wrapper-test-format-security format.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -Wno-format-security -o ../build-tree/wrapper-test-format-security format.c /usr/bin/ld -z relro -plugin /usr/libexec/gcc/x86_64-alt-linux/10/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/x86_64-alt-linux/10/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/ccmfZYJx.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -pie -z now -o ../build-tree/wrapper-test-format-security /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/Scrt1.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crti.o /usr/lib64/gcc/x86_64-alt-linux/10/crtbeginS.o -L../build-tree -L/usr/lib64/gcc/x86_64-alt-linux/10 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../.. /usr/src/tmp/cc8tYi7B.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib64/gcc/x86_64-alt-linux/10/crtendS.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crtn.o # Make sure build stack-protects a small ssp buffer ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect ssp-buffer-size-protect.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect ssp-buffer-size-protect.c /usr/bin/ld -z relro -plugin /usr/libexec/gcc/x86_64-alt-linux/10/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/x86_64-alt-linux/10/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/cczTnFoS.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -pie -z now -o ../build-tree/wrapper-test-ssp-buffer-size-protect /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/Scrt1.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crti.o /usr/lib64/gcc/x86_64-alt-linux/10/crtbeginS.o -L../build-tree -L/usr/lib64/gcc/x86_64-alt-linux/10 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../.. /usr/src/tmp/ccLeSxHR.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib64/gcc/x86_64-alt-linux/10/crtendS.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crtn.o # Test Stack Protector nm ../build-tree/wrapper-test-ssp-buffer-size-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Make sure build stack-protects a non-char array ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-type-protect ssp-buffer-type-protect.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-type-protect ssp-buffer-type-protect.c /usr/bin/ld -z relro -plugin /usr/libexec/gcc/x86_64-alt-linux/10/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/x86_64-alt-linux/10/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/cczSlNkJ.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -pie -z now -o ../build-tree/wrapper-test-ssp-buffer-type-protect /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/Scrt1.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crti.o /usr/lib64/gcc/x86_64-alt-linux/10/crtbeginS.o -L../build-tree -L/usr/lib64/gcc/x86_64-alt-linux/10 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib64/gcc/x86_64-alt-linux/10/../../.. /usr/src/tmp/ccR40i0I.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib64/gcc/x86_64-alt-linux/10/crtendS.o /usr/lib64/gcc/x86_64-alt-linux/10/../../../../lib64/crtn.o # Test Stack Protector nm ../build-tree/wrapper-test-ssp-buffer-type-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 ../build-tree/hardened-cc -B ../build-tree/ -O2 -c -o ../build-tree/wrapper-test-all.o hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -c -o ../build-tree/wrapper-test-all.o hello.c ar r ../build-tree/wrapper-test-all.a ../build-tree/wrapper-test-all.o ar: creating ../build-tree/wrapper-test-all.a readelf -ldrsW ../build-tree/wrapper-test-all.a File: ../build-tree/wrapper-test-all.a(wrapper-test-all.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rela.text' at offset 0x390 contains 6 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 000000000000000d 0000000900000002 R_X86_64_PC32 0000000000000000 .LC0 - 4 0000000000000032 0000000e00000004 R_X86_64_PLT32 0000000000000000 snprintf - 4 0000000000000043 0000000c00000002 R_X86_64_PC32 0000000000000000 announcement - 4 000000000000004a 0000000a00000002 R_X86_64_PC32 0000000000000003 .LC1 - 4 000000000000004f 0000000f00000004 R_X86_64_PLT32 0000000000000000 __printf_chk - 4 0000000000000071 0000001000000004 R_X86_64_PLT32 0000000000000000 __stack_chk_fail - 4 Relocation section '.rela.text.startup' at offset 0x420 contains 1 entry: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000008 0000000c00000004 R_X86_64_PLT32 0000000000000000 announcement - 4 Relocation section '.rela.eh_frame' at offset 0x438 contains 2 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000020 0000000200000002 R_X86_64_PC32 0000000000000000 .text + 0 0000000000000044 0000000600000002 R_X86_64_PC32 0000000000000000 .text.startup + 0 Symbol table '.symtab' contains 18 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 0000000000000000 0 SECTION LOCAL DEFAULT 1 3: 0000000000000000 0 SECTION LOCAL DEFAULT 3 4: 0000000000000000 0 SECTION LOCAL DEFAULT 4 5: 0000000000000000 0 SECTION LOCAL DEFAULT 5 6: 0000000000000000 0 SECTION LOCAL DEFAULT 6 7: 0000000000000000 0 SECTION LOCAL DEFAULT 9 8: 0000000000000000 0 SECTION LOCAL DEFAULT 10 9: 0000000000000000 0 NOTYPE LOCAL DEFAULT 5 .LC0 10: 0000000000000003 0 NOTYPE LOCAL DEFAULT 5 .LC1 11: 0000000000000000 0 SECTION LOCAL DEFAULT 8 12: 0000000000000000 117 FUNC GLOBAL DEFAULT 1 announcement 13: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND _GLOBAL_OFFSET_TABLE_ 14: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 15: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND __printf_chk 16: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 17: 0000000000000000 25 FUNC GLOBAL DEFAULT 6 main perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-all.a ../build-tree/wrapper-test-all.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) DEB_BUILD_HARDENING=0 ../build-tree/hardened-cc -B ../build-tree/ -c -o ../build-tree/wrapper-test-none.o hello.c /usr/bin/gcc_wrapper -B ../build-tree/ -c -o ../build-tree/wrapper-test-none.o hello.c ar r ../build-tree/wrapper-test-none.a ../build-tree/wrapper-test-none.o ar: creating ../build-tree/wrapper-test-none.a readelf -ldrsW ../build-tree/wrapper-test-none.a File: ../build-tree/wrapper-test-none.a(wrapper-test-none.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rela.text' at offset 0x348 contains 7 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000035 0000000500000002 R_X86_64_PC32 0000000000000000 .rodata - 4 0000000000000047 0000000b00000004 R_X86_64_PLT32 0000000000000000 snprintf - 4 0000000000000055 0000000900000002 R_X86_64_PC32 0000000000000000 announcement - 4 000000000000005f 0000000500000002 R_X86_64_PC32 0000000000000000 .rodata - 1 0000000000000069 0000000c00000004 R_X86_64_PLT32 0000000000000000 printf - 4 000000000000007d 0000000d00000004 R_X86_64_PLT32 0000000000000000 __stack_chk_fail - 4 000000000000009d 0000000900000004 R_X86_64_PLT32 0000000000000000 announcement - 4 Relocation section '.rela.eh_frame' at offset 0x3f0 contains 2 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000020 0000000200000002 R_X86_64_PC32 0000000000000000 .text + 0 0000000000000040 0000000200000002 R_X86_64_PC32 0000000000000000 .text + 83 Symbol table '.symtab' contains 15 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 0000000000000000 0 SECTION LOCAL DEFAULT 1 3: 0000000000000000 0 SECTION LOCAL DEFAULT 3 4: 0000000000000000 0 SECTION LOCAL DEFAULT 4 5: 0000000000000000 0 SECTION LOCAL DEFAULT 5 6: 0000000000000000 0 SECTION LOCAL DEFAULT 7 7: 0000000000000000 0 SECTION LOCAL DEFAULT 8 8: 0000000000000000 0 SECTION LOCAL DEFAULT 6 9: 0000000000000000 131 FUNC GLOBAL DEFAULT 1 announcement 10: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND _GLOBAL_OFFSET_TABLE_ 11: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 12: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND printf 13: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 14: 0000000000000083 40 FUNC GLOBAL DEFAULT 1 main if perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-none.a; then exit 1; fi ../build-tree/wrapper-test-none.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) make[2]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make -f Makefile.includes check make[2]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' # Compiler and linker options disabled. DEB_BUILD_HARDENING=0 cc -o ../build-tree/includes-test-stock hello.c readelf -ldrsW ../build-tree/includes-test-stock Elf file type is DYN (Shared object file) Entry point 0x1070 There are 11 program headers, starting at offset 64 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000268 0x000268 R 0x8 INTERP 0x0002a8 0x00000000000002a8 0x00000000000002a8 0x00001c 0x00001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x0005f8 0x0005f8 R 0x1000 LOAD 0x001000 0x0000000000001000 0x0000000000001000 0x00026d 0x00026d R E 0x1000 LOAD 0x002000 0x0000000000002000 0x0000000000002000 0x000180 0x000180 R 0x1000 LOAD 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000264 0x000268 RW 0x1000 DYNAMIC 0x002db8 0x0000000000003db8 0x0000000000003db8 0x0001f0 0x0001f0 RW 0x8 NOTE 0x0002c4 0x00000000000002c4 0x00000000000002c4 0x000044 0x000044 R 0x4 GNU_EH_FRAME 0x002014 0x0000000000002014 0x0000000000002014 0x000044 0x000044 R 0x4 GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .data.rel.ro .dynamic .got .data .bss 06 .dynamic 07 .note.gnu.build-id .note.ABI-tag 08 .eh_frame_hdr 09 10 .init_array .fini_array .data.rel.ro .dynamic .got Dynamic section at offset 0x2db8 contains 27 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] 0x000000000000000c (INIT) 0x1000 0x000000000000000d (FINI) 0x1264 0x0000000000000019 (INIT_ARRAY) 0x3da0 0x000000000000001b (INIT_ARRAYSZ) 8 (bytes) 0x000000000000001a (FINI_ARRAY) 0x3da8 0x000000000000001c (FINI_ARRAYSZ) 8 (bytes) 0x000000006ffffef5 (GNU_HASH) 0x308 0x0000000000000005 (STRTAB) 0x408 0x0000000000000006 (SYMTAB) 0x330 0x000000000000000a (STRSZ) 161 (bytes) 0x000000000000000b (SYMENT) 24 (bytes) 0x0000000000000015 (DEBUG) 0x0 0x0000000000000003 (PLTGOT) 0x3fa8 0x0000000000000002 (PLTRELSZ) 72 (bytes) 0x0000000000000014 (PLTREL) RELA 0x0000000000000017 (JMPREL) 0x5b0 0x0000000000000007 (RELA) 0x4f0 0x0000000000000008 (RELASZ) 192 (bytes) 0x0000000000000009 (RELAENT) 24 (bytes) 0x0000000000000018 (BIND_NOW) 0x000000006ffffffb (FLAGS_1) Flags: NOW PIE 0x000000006ffffffe (VERNEED) 0x4c0 0x000000006fffffff (VERNEEDNUM) 1 0x000000006ffffff0 (VERSYM) 0x4aa 0x000000006ffffff9 (RELACOUNT) 3 0x0000000000000000 (NULL) 0x0 Relocation section '.rela.dyn' at offset 0x4f0 contains 8 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003da0 0000000000000008 R_X86_64_RELATIVE 1150 0000000000003da8 0000000000000008 R_X86_64_RELATIVE 1110 0000000000003db0 0000000000000008 R_X86_64_RELATIVE 3db0 0000000000003fd8 0000000100000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_deregisterTMCloneTable + 0 0000000000003fe0 0000000500000006 R_X86_64_GLOB_DAT 0000000000000000 __libc_start_main@GLIBC_2.2.5 + 0 0000000000003fe8 0000000600000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0 0000000000003ff0 0000000700000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_registerTMCloneTable + 0 0000000000003ff8 0000000800000006 R_X86_64_GLOB_DAT 0000000000000000 __cxa_finalize@GLIBC_2.2.5 + 0 Relocation section '.rela.plt' at offset 0x5b0 contains 3 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003fc0 0000000200000007 R_X86_64_JUMP_SLOT 0000000000000000 __stack_chk_fail@GLIBC_2.4 + 0 0000000000003fc8 0000000300000007 R_X86_64_JUMP_SLOT 0000000000000000 printf@GLIBC_2.2.5 + 0 0000000000003fd0 0000000400000007 R_X86_64_JUMP_SLOT 0000000000000000 snprintf@GLIBC_2.2.5 + 0 Symbol table '.dynsym' contains 9 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.2.5 (3) 4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.2.5 (3) 5: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (3) 6: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 7: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 8: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@GLIBC_2.2.5 (3) Symbol table '.symtab' contains 80 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000000002a8 0 SECTION LOCAL DEFAULT 1 2: 00000000000002c4 0 SECTION LOCAL DEFAULT 2 3: 00000000000002e8 0 SECTION LOCAL DEFAULT 3 4: 0000000000000308 0 SECTION LOCAL DEFAULT 4 5: 0000000000000330 0 SECTION LOCAL DEFAULT 5 6: 0000000000000408 0 SECTION LOCAL DEFAULT 6 7: 00000000000004aa 0 SECTION LOCAL DEFAULT 7 8: 00000000000004c0 0 SECTION LOCAL DEFAULT 8 9: 00000000000004f0 0 SECTION LOCAL DEFAULT 9 10: 00000000000005b0 0 SECTION LOCAL DEFAULT 10 11: 0000000000001000 0 SECTION LOCAL DEFAULT 11 12: 0000000000001020 0 SECTION LOCAL DEFAULT 12 13: 0000000000001060 0 SECTION LOCAL DEFAULT 13 14: 0000000000001070 0 SECTION LOCAL DEFAULT 14 15: 0000000000001264 0 SECTION LOCAL DEFAULT 15 16: 0000000000002000 0 SECTION LOCAL DEFAULT 16 17: 0000000000002014 0 SECTION LOCAL DEFAULT 17 18: 0000000000002058 0 SECTION LOCAL DEFAULT 18 19: 0000000000003da0 0 SECTION LOCAL DEFAULT 19 20: 0000000000003da8 0 SECTION LOCAL DEFAULT 20 21: 0000000000003db0 0 SECTION LOCAL DEFAULT 21 22: 0000000000003db8 0 SECTION LOCAL DEFAULT 22 23: 0000000000003fa8 0 SECTION LOCAL DEFAULT 23 24: 0000000000004000 0 SECTION LOCAL DEFAULT 24 25: 0000000000004004 0 SECTION LOCAL DEFAULT 25 26: 0000000000000000 0 SECTION LOCAL DEFAULT 26 27: 0000000000000000 0 SECTION LOCAL DEFAULT 27 28: 0000000000006008 0 SECTION LOCAL DEFAULT 28 29: 0000000000000000 0 SECTION LOCAL DEFAULT 29 30: 0000000000000000 0 SECTION LOCAL DEFAULT 30 31: 0000000000000000 0 SECTION LOCAL DEFAULT 31 32: 0000000000000000 0 SECTION LOCAL DEFAULT 32 33: 0000000000000000 0 SECTION LOCAL DEFAULT 33 34: 0000000000000000 0 SECTION LOCAL DEFAULT 34 35: 0000000000000000 0 SECTION LOCAL DEFAULT 35 36: 0000000000000000 0 FILE LOCAL DEFAULT ABS abi-note.c 37: 00000000000002e8 32 OBJECT LOCAL DEFAULT 3 __abi_tag 38: 0000000000000000 0 FILE LOCAL DEFAULT ABS init.c 39: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 40: 00000000000010a0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 41: 00000000000010d0 0 FUNC LOCAL DEFAULT 14 register_tm_clones 42: 0000000000001110 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 43: 0000000000004004 1 OBJECT LOCAL DEFAULT 25 completed.0 44: 0000000000003da8 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 45: 0000000000001150 0 FUNC LOCAL DEFAULT 14 frame_dummy 46: 0000000000003da0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 47: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 48: 0000000000000000 0 FILE LOCAL DEFAULT ABS elf-init.c 49: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 50: 000000000000217c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 51: 0000000000000000 0 FILE LOCAL DEFAULT ABS 52: 0000000000003da8 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 53: 0000000000003db8 0 OBJECT LOCAL DEFAULT 22 _DYNAMIC 54: 0000000000003da0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 55: 0000000000002014 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 56: 0000000000003fa8 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 57: 0000000000001000 0 FUNC LOCAL DEFAULT 11 _init 58: 0000000000001260 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 59: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 60: 0000000000004000 0 NOTYPE WEAK DEFAULT 24 data_start 61: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 24 _edata 62: 0000000000001264 0 FUNC GLOBAL HIDDEN 15 _fini 63: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 64: 0000000000000000 0 FUNC GLOBAL DEFAULT UND printf@@GLIBC_2.2.5 65: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.2.5 66: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.2.5 67: 0000000000004000 0 NOTYPE GLOBAL DEFAULT 24 __data_start 68: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 69: 0000000000003db0 0 OBJECT GLOBAL HIDDEN 21 __dso_handle 70: 0000000000001155 131 FUNC GLOBAL DEFAULT 14 announcement 71: 0000000000002000 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 72: 0000000000001200 93 FUNC GLOBAL DEFAULT 14 __libc_csu_init 73: 0000000000004008 0 NOTYPE GLOBAL DEFAULT 25 _end 74: 0000000000001070 43 FUNC GLOBAL DEFAULT 14 _start 75: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 76: 00000000000011d8 40 FUNC GLOBAL DEFAULT 14 main 77: 0000000000004008 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 78: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 79: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@@GLIBC_2.2.5 ../build-tree/includes-test-stock ../build-tree/includes-test-stock: ok (0x55685198e155) # Compiler options enabled. (linker is not wrapper) cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-compiled hello.c readelf -ldrsW ../build-tree/includes-test-compiled Elf file type is DYN (Shared object file) Entry point 0x1090 There are 11 program headers, starting at offset 64 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000268 0x000268 R 0x8 INTERP 0x0002a8 0x00000000000002a8 0x00000000000002a8 0x00001c 0x00001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x000620 0x000620 R 0x1000 LOAD 0x001000 0x0000000000001000 0x0000000000001000 0x00026d 0x00026d R E 0x1000 LOAD 0x002000 0x0000000000002000 0x0000000000002000 0x000180 0x000180 R 0x1000 LOAD 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000264 0x000268 RW 0x1000 DYNAMIC 0x002db8 0x0000000000003db8 0x0000000000003db8 0x0001f0 0x0001f0 RW 0x8 NOTE 0x0002c4 0x00000000000002c4 0x00000000000002c4 0x000044 0x000044 R 0x4 GNU_EH_FRAME 0x002014 0x0000000000002014 0x0000000000002014 0x000044 0x000044 R 0x4 GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .data.rel.ro .dynamic .got .data .bss 06 .dynamic 07 .note.gnu.build-id .note.ABI-tag 08 .eh_frame_hdr 09 10 .init_array .fini_array .data.rel.ro .dynamic .got Dynamic section at offset 0x2db8 contains 27 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] 0x000000000000000c (INIT) 0x1000 0x000000000000000d (FINI) 0x1264 0x0000000000000019 (INIT_ARRAY) 0x3da0 0x000000000000001b (INIT_ARRAYSZ) 8 (bytes) 0x000000000000001a (FINI_ARRAY) 0x3da8 0x000000000000001c (FINI_ARRAYSZ) 8 (bytes) 0x000000006ffffef5 (GNU_HASH) 0x308 0x0000000000000005 (STRTAB) 0x408 0x0000000000000006 (SYMTAB) 0x330 0x000000000000000a (STRSZ) 186 (bytes) 0x000000000000000b (SYMENT) 24 (bytes) 0x0000000000000015 (DEBUG) 0x0 0x0000000000000003 (PLTGOT) 0x3fa8 0x0000000000000002 (PLTRELSZ) 72 (bytes) 0x0000000000000014 (PLTREL) RELA 0x0000000000000017 (JMPREL) 0x5d8 0x0000000000000007 (RELA) 0x518 0x0000000000000008 (RELASZ) 192 (bytes) 0x0000000000000009 (RELAENT) 24 (bytes) 0x0000000000000018 (BIND_NOW) 0x000000006ffffffb (FLAGS_1) Flags: NOW PIE 0x000000006ffffffe (VERNEED) 0x4d8 0x000000006fffffff (VERNEEDNUM) 1 0x000000006ffffff0 (VERSYM) 0x4c2 0x000000006ffffff9 (RELACOUNT) 3 0x0000000000000000 (NULL) 0x0 Relocation section '.rela.dyn' at offset 0x518 contains 8 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003da0 0000000000000008 R_X86_64_RELATIVE 1170 0000000000003da8 0000000000000008 R_X86_64_RELATIVE 1130 0000000000003db0 0000000000000008 R_X86_64_RELATIVE 3db0 0000000000003fd8 0000000100000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_deregisterTMCloneTable + 0 0000000000003fe0 0000000400000006 R_X86_64_GLOB_DAT 0000000000000000 __libc_start_main@GLIBC_2.2.5 + 0 0000000000003fe8 0000000500000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0 0000000000003ff0 0000000700000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_registerTMCloneTable + 0 0000000000003ff8 0000000800000006 R_X86_64_GLOB_DAT 0000000000000000 __cxa_finalize@GLIBC_2.2.5 + 0 Relocation section '.rela.plt' at offset 0x5d8 contains 3 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003fc0 0000000200000007 R_X86_64_JUMP_SLOT 0000000000000000 __stack_chk_fail@GLIBC_2.4 + 0 0000000000003fc8 0000000300000007 R_X86_64_JUMP_SLOT 0000000000000000 snprintf@GLIBC_2.2.5 + 0 0000000000003fd0 0000000600000007 R_X86_64_JUMP_SLOT 0000000000000000 __printf_chk@GLIBC_2.3.4 + 0 Symbol table '.dynsym' contains 9 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.2.5 (3) 4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (3) 5: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 6: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 7: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 8: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@GLIBC_2.2.5 (3) Symbol table '.symtab' contains 80 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000000002a8 0 SECTION LOCAL DEFAULT 1 2: 00000000000002c4 0 SECTION LOCAL DEFAULT 2 3: 00000000000002e8 0 SECTION LOCAL DEFAULT 3 4: 0000000000000308 0 SECTION LOCAL DEFAULT 4 5: 0000000000000330 0 SECTION LOCAL DEFAULT 5 6: 0000000000000408 0 SECTION LOCAL DEFAULT 6 7: 00000000000004c2 0 SECTION LOCAL DEFAULT 7 8: 00000000000004d8 0 SECTION LOCAL DEFAULT 8 9: 0000000000000518 0 SECTION LOCAL DEFAULT 9 10: 00000000000005d8 0 SECTION LOCAL DEFAULT 10 11: 0000000000001000 0 SECTION LOCAL DEFAULT 11 12: 0000000000001020 0 SECTION LOCAL DEFAULT 12 13: 0000000000001060 0 SECTION LOCAL DEFAULT 13 14: 0000000000001070 0 SECTION LOCAL DEFAULT 14 15: 0000000000001264 0 SECTION LOCAL DEFAULT 15 16: 0000000000002000 0 SECTION LOCAL DEFAULT 16 17: 0000000000002014 0 SECTION LOCAL DEFAULT 17 18: 0000000000002058 0 SECTION LOCAL DEFAULT 18 19: 0000000000003da0 0 SECTION LOCAL DEFAULT 19 20: 0000000000003da8 0 SECTION LOCAL DEFAULT 20 21: 0000000000003db0 0 SECTION LOCAL DEFAULT 21 22: 0000000000003db8 0 SECTION LOCAL DEFAULT 22 23: 0000000000003fa8 0 SECTION LOCAL DEFAULT 23 24: 0000000000004000 0 SECTION LOCAL DEFAULT 24 25: 0000000000004004 0 SECTION LOCAL DEFAULT 25 26: 0000000000000000 0 SECTION LOCAL DEFAULT 26 27: 0000000000000000 0 SECTION LOCAL DEFAULT 27 28: 0000000000006008 0 SECTION LOCAL DEFAULT 28 29: 0000000000000000 0 SECTION LOCAL DEFAULT 29 30: 0000000000000000 0 SECTION LOCAL DEFAULT 30 31: 0000000000000000 0 SECTION LOCAL DEFAULT 31 32: 0000000000000000 0 SECTION LOCAL DEFAULT 32 33: 0000000000000000 0 SECTION LOCAL DEFAULT 33 34: 0000000000000000 0 SECTION LOCAL DEFAULT 34 35: 0000000000000000 0 SECTION LOCAL DEFAULT 35 36: 0000000000000000 0 FILE LOCAL DEFAULT ABS abi-note.c 37: 00000000000002e8 32 OBJECT LOCAL DEFAULT 3 __abi_tag 38: 0000000000000000 0 FILE LOCAL DEFAULT ABS init.c 39: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 40: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 41: 00000000000010c0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 42: 00000000000010f0 0 FUNC LOCAL DEFAULT 14 register_tm_clones 43: 0000000000001130 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 44: 0000000000004004 1 OBJECT LOCAL DEFAULT 25 completed.0 45: 0000000000003da8 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 46: 0000000000001170 0 FUNC LOCAL DEFAULT 14 frame_dummy 47: 0000000000003da0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 48: 0000000000000000 0 FILE LOCAL DEFAULT ABS elf-init.c 49: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 50: 000000000000217c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 51: 0000000000000000 0 FILE LOCAL DEFAULT ABS 52: 0000000000003da8 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 53: 0000000000003db8 0 OBJECT LOCAL DEFAULT 22 _DYNAMIC 54: 0000000000003da0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 55: 0000000000002014 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 56: 0000000000003fa8 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 57: 0000000000001000 0 FUNC LOCAL DEFAULT 11 _init 58: 0000000000001260 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 59: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 60: 0000000000004000 0 NOTYPE WEAK DEFAULT 24 data_start 61: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 24 _edata 62: 0000000000001264 0 FUNC GLOBAL HIDDEN 15 _fini 63: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 64: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.2.5 65: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.2.5 66: 0000000000004000 0 NOTYPE GLOBAL DEFAULT 24 __data_start 67: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 68: 0000000000003db0 0 OBJECT GLOBAL HIDDEN 21 __dso_handle 69: 0000000000001180 117 FUNC GLOBAL DEFAULT 14 announcement 70: 0000000000002000 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 71: 0000000000001200 93 FUNC GLOBAL DEFAULT 14 __libc_csu_init 72: 0000000000004008 0 NOTYPE GLOBAL DEFAULT 25 _end 73: 0000000000001090 43 FUNC GLOBAL DEFAULT 14 _start 74: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 75: 0000000000001070 25 FUNC GLOBAL DEFAULT 14 main 76: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 77: 0000000000004008 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 78: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 79: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@@GLIBC_2.2.5 # Run twice to show off PIE, if available in kernel ../build-tree/includes-test-compiled ../build-tree/includes-test-compiled: ok (0x557e2ec6d180) ../build-tree/includes-test-compiled ../build-tree/includes-test-compiled: ok (0x562f880b2180) # Compiler and linker options enabled. cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-linked hello.c readelf -ldrsW ../build-tree/includes-test-linked Elf file type is DYN (Shared object file) Entry point 0x1090 There are 11 program headers, starting at offset 64 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000268 0x000268 R 0x8 INTERP 0x0002a8 0x00000000000002a8 0x00000000000002a8 0x00001c 0x00001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x000620 0x000620 R 0x1000 LOAD 0x001000 0x0000000000001000 0x0000000000001000 0x00026d 0x00026d R E 0x1000 LOAD 0x002000 0x0000000000002000 0x0000000000002000 0x000180 0x000180 R 0x1000 LOAD 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000264 0x000268 RW 0x1000 DYNAMIC 0x002db8 0x0000000000003db8 0x0000000000003db8 0x0001f0 0x0001f0 RW 0x8 NOTE 0x0002c4 0x00000000000002c4 0x00000000000002c4 0x000044 0x000044 R 0x4 GNU_EH_FRAME 0x002014 0x0000000000002014 0x0000000000002014 0x000044 0x000044 R 0x4 GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .data.rel.ro .dynamic .got .data .bss 06 .dynamic 07 .note.gnu.build-id .note.ABI-tag 08 .eh_frame_hdr 09 10 .init_array .fini_array .data.rel.ro .dynamic .got Dynamic section at offset 0x2db8 contains 27 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] 0x000000000000000c (INIT) 0x1000 0x000000000000000d (FINI) 0x1264 0x0000000000000019 (INIT_ARRAY) 0x3da0 0x000000000000001b (INIT_ARRAYSZ) 8 (bytes) 0x000000000000001a (FINI_ARRAY) 0x3da8 0x000000000000001c (FINI_ARRAYSZ) 8 (bytes) 0x000000006ffffef5 (GNU_HASH) 0x308 0x0000000000000005 (STRTAB) 0x408 0x0000000000000006 (SYMTAB) 0x330 0x000000000000000a (STRSZ) 186 (bytes) 0x000000000000000b (SYMENT) 24 (bytes) 0x0000000000000015 (DEBUG) 0x0 0x0000000000000003 (PLTGOT) 0x3fa8 0x0000000000000002 (PLTRELSZ) 72 (bytes) 0x0000000000000014 (PLTREL) RELA 0x0000000000000017 (JMPREL) 0x5d8 0x0000000000000007 (RELA) 0x518 0x0000000000000008 (RELASZ) 192 (bytes) 0x0000000000000009 (RELAENT) 24 (bytes) 0x0000000000000018 (BIND_NOW) 0x000000006ffffffb (FLAGS_1) Flags: NOW PIE 0x000000006ffffffe (VERNEED) 0x4d8 0x000000006fffffff (VERNEEDNUM) 1 0x000000006ffffff0 (VERSYM) 0x4c2 0x000000006ffffff9 (RELACOUNT) 3 0x0000000000000000 (NULL) 0x0 Relocation section '.rela.dyn' at offset 0x518 contains 8 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003da0 0000000000000008 R_X86_64_RELATIVE 1170 0000000000003da8 0000000000000008 R_X86_64_RELATIVE 1130 0000000000003db0 0000000000000008 R_X86_64_RELATIVE 3db0 0000000000003fd8 0000000100000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_deregisterTMCloneTable + 0 0000000000003fe0 0000000400000006 R_X86_64_GLOB_DAT 0000000000000000 __libc_start_main@GLIBC_2.2.5 + 0 0000000000003fe8 0000000500000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0 0000000000003ff0 0000000700000006 R_X86_64_GLOB_DAT 0000000000000000 _ITM_registerTMCloneTable + 0 0000000000003ff8 0000000800000006 R_X86_64_GLOB_DAT 0000000000000000 __cxa_finalize@GLIBC_2.2.5 + 0 Relocation section '.rela.plt' at offset 0x5d8 contains 3 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000003fc0 0000000200000007 R_X86_64_JUMP_SLOT 0000000000000000 __stack_chk_fail@GLIBC_2.4 + 0 0000000000003fc8 0000000300000007 R_X86_64_JUMP_SLOT 0000000000000000 snprintf@GLIBC_2.2.5 + 0 0000000000003fd0 0000000600000007 R_X86_64_JUMP_SLOT 0000000000000000 __printf_chk@GLIBC_2.3.4 + 0 Symbol table '.dynsym' contains 9 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.2.5 (3) 4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (3) 5: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 6: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 7: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 8: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@GLIBC_2.2.5 (3) Symbol table '.symtab' contains 80 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000000002a8 0 SECTION LOCAL DEFAULT 1 2: 00000000000002c4 0 SECTION LOCAL DEFAULT 2 3: 00000000000002e8 0 SECTION LOCAL DEFAULT 3 4: 0000000000000308 0 SECTION LOCAL DEFAULT 4 5: 0000000000000330 0 SECTION LOCAL DEFAULT 5 6: 0000000000000408 0 SECTION LOCAL DEFAULT 6 7: 00000000000004c2 0 SECTION LOCAL DEFAULT 7 8: 00000000000004d8 0 SECTION LOCAL DEFAULT 8 9: 0000000000000518 0 SECTION LOCAL DEFAULT 9 10: 00000000000005d8 0 SECTION LOCAL DEFAULT 10 11: 0000000000001000 0 SECTION LOCAL DEFAULT 11 12: 0000000000001020 0 SECTION LOCAL DEFAULT 12 13: 0000000000001060 0 SECTION LOCAL DEFAULT 13 14: 0000000000001070 0 SECTION LOCAL DEFAULT 14 15: 0000000000001264 0 SECTION LOCAL DEFAULT 15 16: 0000000000002000 0 SECTION LOCAL DEFAULT 16 17: 0000000000002014 0 SECTION LOCAL DEFAULT 17 18: 0000000000002058 0 SECTION LOCAL DEFAULT 18 19: 0000000000003da0 0 SECTION LOCAL DEFAULT 19 20: 0000000000003da8 0 SECTION LOCAL DEFAULT 20 21: 0000000000003db0 0 SECTION LOCAL DEFAULT 21 22: 0000000000003db8 0 SECTION LOCAL DEFAULT 22 23: 0000000000003fa8 0 SECTION LOCAL DEFAULT 23 24: 0000000000004000 0 SECTION LOCAL DEFAULT 24 25: 0000000000004004 0 SECTION LOCAL DEFAULT 25 26: 0000000000000000 0 SECTION LOCAL DEFAULT 26 27: 0000000000000000 0 SECTION LOCAL DEFAULT 27 28: 0000000000006008 0 SECTION LOCAL DEFAULT 28 29: 0000000000000000 0 SECTION LOCAL DEFAULT 29 30: 0000000000000000 0 SECTION LOCAL DEFAULT 30 31: 0000000000000000 0 SECTION LOCAL DEFAULT 31 32: 0000000000000000 0 SECTION LOCAL DEFAULT 32 33: 0000000000000000 0 SECTION LOCAL DEFAULT 33 34: 0000000000000000 0 SECTION LOCAL DEFAULT 34 35: 0000000000000000 0 SECTION LOCAL DEFAULT 35 36: 0000000000000000 0 FILE LOCAL DEFAULT ABS abi-note.c 37: 00000000000002e8 32 OBJECT LOCAL DEFAULT 3 __abi_tag 38: 0000000000000000 0 FILE LOCAL DEFAULT ABS init.c 39: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 40: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 41: 00000000000010c0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 42: 00000000000010f0 0 FUNC LOCAL DEFAULT 14 register_tm_clones 43: 0000000000001130 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 44: 0000000000004004 1 OBJECT LOCAL DEFAULT 25 completed.0 45: 0000000000003da8 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 46: 0000000000001170 0 FUNC LOCAL DEFAULT 14 frame_dummy 47: 0000000000003da0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 48: 0000000000000000 0 FILE LOCAL DEFAULT ABS elf-init.c 49: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 50: 000000000000217c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 51: 0000000000000000 0 FILE LOCAL DEFAULT ABS 52: 0000000000003da8 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 53: 0000000000003db8 0 OBJECT LOCAL DEFAULT 22 _DYNAMIC 54: 0000000000003da0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 55: 0000000000002014 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 56: 0000000000003fa8 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 57: 0000000000001000 0 FUNC LOCAL DEFAULT 11 _init 58: 0000000000001260 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 59: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 60: 0000000000004000 0 NOTYPE WEAK DEFAULT 24 data_start 61: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 24 _edata 62: 0000000000001264 0 FUNC GLOBAL HIDDEN 15 _fini 63: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 64: 0000000000000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.2.5 65: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.2.5 66: 0000000000004000 0 NOTYPE GLOBAL DEFAULT 24 __data_start 67: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 68: 0000000000003db0 0 OBJECT GLOBAL HIDDEN 21 __dso_handle 69: 0000000000001180 117 FUNC GLOBAL DEFAULT 14 announcement 70: 0000000000002000 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 71: 0000000000001200 93 FUNC GLOBAL DEFAULT 14 __libc_csu_init 72: 0000000000004008 0 NOTYPE GLOBAL DEFAULT 25 _end 73: 0000000000001090 43 FUNC GLOBAL DEFAULT 14 _start 74: 0000000000004004 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 75: 0000000000001070 25 FUNC GLOBAL DEFAULT 14 main 76: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 77: 0000000000004008 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 78: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 79: 0000000000000000 0 FUNC WEAK DEFAULT UND __cxa_finalize@@GLIBC_2.2.5 # Run twice to show off PIE, if available in kernel ../build-tree/includes-test-linked ../build-tree/includes-test-linked: ok (0x564f54f53180) ../build-tree/includes-test-linked ../build-tree/includes-test-linked: ok (0x55767c8ac180) # Check state of hardening features via check script perl ../build-tree/hardening-check -p ../build-tree/includes-test-linked ../build-tree/includes-test-linked: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Manually check state of hardening features # Skipped PIE test # Test Stack Protector nm ../build-tree/includes-test-linked | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Test Fortify nm ../build-tree/includes-test-linked | egrep '__(sn)?printf_chk($|@@GLIBC)' U __printf_chk@@GLIBC_2.3.4 # Test Format (no-op currently) # Test for RELRO readelf -lW ../build-tree/includes-test-linked | grep GNU_RELRO GNU_RELRO 0x002da0 0x0000000000003da0 0x0000000000003da0 0x000260 0x000260 R 0x1 # Test for BIND_NOW readelf -dW ../build-tree/includes-test-linked | grep BIND_NOW 0x0000000000000018 (BIND_NOW) # Build directly with -fPIC already defined cc -fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC-direct hello.c ../build-tree/includes-test-fPIC-direct ../build-tree/includes-test-fPIC-direct: ok (0x563a22b1b180) # Build .o with -fPIC already defined cc -fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC.o -c hello.c # Link .o with -fPIC already defined cc -fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC ../build-tree/includes-test-fPIC.o ../build-tree/includes-test-fPIC ../build-tree/includes-test-fPIC: ok (0x55614ac37180) # Make sure build fails due to -Werror=format-security ! cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-format-security format.c format.c: In function 'main': format.c:11:5: error: format not a string literal and no format arguments [-Werror=format-security] 11 | return fprintf(stderr, argv[0]); | ^~~~~~ cc1: some warnings being treated as errors # Make sure build succeeds with -Wno-format-security cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wno-format-security -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-format-security format.c # Make sure build stack-protects a small ssp buffer cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-ssp-buffer-size-protect ssp-buffer-size-protect.c # Test Stack Protector nm ../build-tree/includes-test-ssp-buffer-size-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Make sure build stack-protects a non-char array cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-ssp-buffer-type-protect ssp-buffer-type-protect.c # Test Stack Protector nm ../build-tree/includes-test-ssp-buffer-type-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -c -o ../build-tree/includes-test-all.o hello.c ar r ../build-tree/includes-test-all.a ../build-tree/includes-test-all.o ar: creating ../build-tree/includes-test-all.a readelf -ldrsW ../build-tree/includes-test-all.a File: ../build-tree/includes-test-all.a(includes-test-all.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rela.text' at offset 0x390 contains 6 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 000000000000000d 0000000900000002 R_X86_64_PC32 0000000000000000 .LC0 - 4 0000000000000032 0000000e00000004 R_X86_64_PLT32 0000000000000000 snprintf - 4 0000000000000043 0000000c00000002 R_X86_64_PC32 0000000000000000 announcement - 4 000000000000004a 0000000a00000002 R_X86_64_PC32 0000000000000003 .LC1 - 4 000000000000004f 0000000f00000004 R_X86_64_PLT32 0000000000000000 __printf_chk - 4 0000000000000071 0000001000000004 R_X86_64_PLT32 0000000000000000 __stack_chk_fail - 4 Relocation section '.rela.text.startup' at offset 0x420 contains 1 entry: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000008 0000000c00000004 R_X86_64_PLT32 0000000000000000 announcement - 4 Relocation section '.rela.eh_frame' at offset 0x438 contains 2 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000020 0000000200000002 R_X86_64_PC32 0000000000000000 .text + 0 0000000000000044 0000000600000002 R_X86_64_PC32 0000000000000000 .text.startup + 0 Symbol table '.symtab' contains 18 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 0000000000000000 0 SECTION LOCAL DEFAULT 1 3: 0000000000000000 0 SECTION LOCAL DEFAULT 3 4: 0000000000000000 0 SECTION LOCAL DEFAULT 4 5: 0000000000000000 0 SECTION LOCAL DEFAULT 5 6: 0000000000000000 0 SECTION LOCAL DEFAULT 6 7: 0000000000000000 0 SECTION LOCAL DEFAULT 9 8: 0000000000000000 0 SECTION LOCAL DEFAULT 10 9: 0000000000000000 0 NOTYPE LOCAL DEFAULT 5 .LC0 10: 0000000000000003 0 NOTYPE LOCAL DEFAULT 5 .LC1 11: 0000000000000000 0 SECTION LOCAL DEFAULT 8 12: 0000000000000000 117 FUNC GLOBAL DEFAULT 1 announcement 13: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND _GLOBAL_OFFSET_TABLE_ 14: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 15: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND __printf_chk 16: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 17: 0000000000000000 25 FUNC GLOBAL DEFAULT 6 main perl ../build-tree/hardening-check -p ../build-tree/includes-test-all.a ../build-tree/includes-test-all.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) DEB_BUILD_HARDENING=0 cc -c -o ../build-tree/includes-test-none.o hello.c ar r ../build-tree/includes-test-none.a ../build-tree/includes-test-none.o ar: creating ../build-tree/includes-test-none.a readelf -ldrsW ../build-tree/includes-test-none.a File: ../build-tree/includes-test-none.a(includes-test-none.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rela.text' at offset 0x348 contains 7 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000035 0000000500000002 R_X86_64_PC32 0000000000000000 .rodata - 4 0000000000000047 0000000b00000004 R_X86_64_PLT32 0000000000000000 snprintf - 4 0000000000000055 0000000900000002 R_X86_64_PC32 0000000000000000 announcement - 4 000000000000005f 0000000500000002 R_X86_64_PC32 0000000000000000 .rodata - 1 0000000000000069 0000000c00000004 R_X86_64_PLT32 0000000000000000 printf - 4 000000000000007d 0000000d00000004 R_X86_64_PLT32 0000000000000000 __stack_chk_fail - 4 000000000000009d 0000000900000004 R_X86_64_PLT32 0000000000000000 announcement - 4 Relocation section '.rela.eh_frame' at offset 0x3f0 contains 2 entries: Offset Info Type Symbol's Value Symbol's Name + Addend 0000000000000020 0000000200000002 R_X86_64_PC32 0000000000000000 .text + 0 0000000000000040 0000000200000002 R_X86_64_PC32 0000000000000000 .text + 83 Symbol table '.symtab' contains 15 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 0000000000000000 0 SECTION LOCAL DEFAULT 1 3: 0000000000000000 0 SECTION LOCAL DEFAULT 3 4: 0000000000000000 0 SECTION LOCAL DEFAULT 4 5: 0000000000000000 0 SECTION LOCAL DEFAULT 5 6: 0000000000000000 0 SECTION LOCAL DEFAULT 7 7: 0000000000000000 0 SECTION LOCAL DEFAULT 8 8: 0000000000000000 0 SECTION LOCAL DEFAULT 6 9: 0000000000000000 131 FUNC GLOBAL DEFAULT 1 announcement 10: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND _GLOBAL_OFFSET_TABLE_ 11: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 12: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND printf 13: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 14: 0000000000000083 40 FUNC GLOBAL DEFAULT 1 main if perl ../build-tree/hardening-check -p ../build-tree/includes-test-none.a; then exit 1; fi ../build-tree/includes-test-none.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) # Disable stack protector cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -fno-stack-protector -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: yes Stack protected: no, not found! Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Disable fortify cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -U_FORTIFY_SOURCE -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: yes Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: yes Immediate binding: yes # Disable relro cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -Wl,-z,norelro -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, not found! Immediate binding: yes # Disable bindnow cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -Wl,-z,lazy -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no, not found! # Disable everything cc \ -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 \ -Wl,-z,relro -Wl,-z,now \ -fno-stack-protector \ -U_FORTIFY_SOURCE \ -Wno-format-security \ -Wl,-z,norelro \ -Wl,-z,lazy \ -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: yes Stack protected: no, not found! Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, not found! Immediate binding: no, not found! readelf -ldW ../build-tree/includes-disabled Elf file type is DYN (Shared object file) Entry point 0x1080 There are 10 program headers, starting at offset 64 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x000230 0x000230 R 0x8 INTERP 0x000270 0x0000000000000270 0x0000000000000270 0x00001c 0x00001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x000560 0x000560 R 0x1000 LOAD 0x001000 0x0000000000001000 0x0000000000001000 0x00022d 0x00022d R E 0x1000 LOAD 0x002000 0x0000000000002000 0x0000000000002000 0x000178 0x000178 R 0x1000 LOAD 0x002178 0x0000000000003178 0x0000000000003178 0x00024c 0x000250 RW 0x1000 DYNAMIC 0x002190 0x0000000000003190 0x0000000000003190 0x0001e0 0x0001e0 RW 0x8 NOTE 0x00028c 0x000000000000028c 0x000000000000028c 0x000044 0x000044 R 0x4 GNU_EH_FRAME 0x002014 0x0000000000002014 0x0000000000002014 0x000044 0x000044 R 0x4 GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .data.rel.ro .dynamic .got .got.plt .data .bss 06 .dynamic 07 .note.gnu.build-id .note.ABI-tag 08 .eh_frame_hdr 09 Dynamic section at offset 0x2190 contains 26 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] 0x000000000000000c (INIT) 0x1000 0x000000000000000d (FINI) 0x1224 0x0000000000000019 (INIT_ARRAY) 0x3178 0x000000000000001b (INIT_ARRAYSZ) 8 (bytes) 0x000000000000001a (FINI_ARRAY) 0x3180 0x000000000000001c (FINI_ARRAYSZ) 8 (bytes) 0x000000006ffffef5 (GNU_HASH) 0x2d0 0x0000000000000005 (STRTAB) 0x3b8 0x0000000000000006 (SYMTAB) 0x2f8 0x000000000000000a (STRSZ) 134 (bytes) 0x000000000000000b (SYMENT) 24 (bytes) 0x0000000000000015 (DEBUG) 0x0 0x0000000000000003 (PLTGOT) 0x3398 0x0000000000000002 (PLTRELSZ) 48 (bytes) 0x0000000000000014 (PLTREL) RELA 0x0000000000000017 (JMPREL) 0x530 0x0000000000000007 (RELA) 0x470 0x0000000000000008 (RELASZ) 192 (bytes) 0x0000000000000009 (RELAENT) 24 (bytes) 0x000000006ffffffb (FLAGS_1) Flags: PIE 0x000000006ffffffe (VERNEED) 0x450 0x000000006fffffff (VERNEEDNUM) 1 0x000000006ffffff0 (VERSYM) 0x43e 0x000000006ffffff9 (RELACOUNT) 3 0x0000000000000000 (NULL) 0x0 make[2]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make[1]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' + exit 0 Processing files: hardening-check-2.6-alt1 Executing(%doc): /bin/sh -e /usr/src/tmp/rpm-tmp.93835 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd hardening-wrapper-2.6 + DOCDIR=/usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + export DOCDIR + rm -rf /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + /bin/mkdir -p /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/TODO /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/debian/README.Debian /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/debian/changelog /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/AUTHORS /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/debian/copyright /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + exit 0 Finding Provides (using /usr/lib/rpm/find-provides) Executing: /bin/sh -e /usr/src/tmp/rpm-tmp.EmKUaJ find-provides: running scripts (debuginfo,lib,pam,perl,pkgconfig,python,shell) Finding Requires (using /usr/lib/rpm/find-requires) Executing: /bin/sh -e /usr/src/tmp/rpm-tmp.R1ARDL find-requires: running scripts (cpp,debuginfo,files,lib,pam,perl,pkgconfig,pkgconfiglib,python,rpmlib,shebang,shell,static,symlinks,systemd-services) /usr/src/tmp/hardening-wrapper-buildroot/usr/bin/hardening-check syntax OK Requires: binutils, /usr/bin/perl, perl(Getopt/Long.pm), perl(IPC/Open3.pm), perl(Pod/Usage.pm), perl(Symbol.pm), perl(Term/ANSIColor.pm) Wrote: /usr/src/RPM/RPMS/noarch/hardening-check-2.6-alt1.noarch.rpm (w2.lzdio) 3.53user 0.88system 0:06.23elapsed 70%CPU (0avgtext+0avgdata 23056maxresident)k 0inputs+0outputs (0major+333153minor)pagefaults 0swaps 6.76user 3.37system 0:12.18elapsed 83%CPU (0avgtext+0avgdata 107376maxresident)k 0inputs+0outputs (0major+604293minor)pagefaults 0swaps