Ken Thomases : libwine: On Mac, disable ASLR for Wine processes.

Alexandre Julliard julliard at winehq.org
Mon Feb 4 13:29:53 CST 2019 

Module: wine
Branch: master
Commit: ecd53057b5148cbe35fb67097d0063f796728e04
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=ecd53057b5148cbe35fb67097d0063f796728e04

Author: Ken Thomases <ken at codeweavers.com>
Date:   Thu Jan 31 17:08:24 2019 -0600

libwine: On Mac, disable ASLR for Wine processes.

ASLR can allow dyld to be loaded where it overlaps one of the regions that the
preloader would like to reserve.  That, in turn, can prevent Wine from using the
shared user data region.  With ASLR disabled, dyld will be loaded immediately
after the preloader, which has a defined base address.

This uses an Apple extension to posix_spawn() that allows it to replace the
calling process's image, like a more featureful execve().  The flag to disable
ASLR is technically private SPI, but has remained stable for many versions of
the OS.  And the Mac preloader is already stepping over that line.

Signed-off-by: Ken Thomases <ken at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 libs/wine/config.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/libs/wine/config.c b/libs/wine/config.c
index 083e263..b1f526c 100644
--- a/libs/wine/config.c
+++ b/libs/wine/config.c
@@ -33,6 +33,13 @@
 #ifdef HAVE_PWD_H
 #include <pwd.h>
 #endif
+#ifdef __APPLE__
+#include <crt_externs.h>
+#include <spawn.h>
+#ifndef _POSIX_SPAWN_DISABLE_ASLR
+#define _POSIX_SPAWN_DISABLE_ASLR 0x0100
+#endif
+#endif
 #include "wine/library.h"
 
 static const char server_config_dir[] = "/.wine";        /* config dir relative to $HOME */
@@ -558,6 +565,15 @@ static void preloader_exec( char **argv, int use_preloader )
         new_argv = xmalloc( (last_arg - argv + 2) * sizeof(*argv) );
         memcpy( new_argv + 1, argv, (last_arg - argv + 1) * sizeof(*argv) );
         new_argv[0] = full_name;
+#ifdef __APPLE__
+        {
+            posix_spawnattr_t attr;
+            posix_spawnattr_init( &attr );
+            posix_spawnattr_setflags( &attr, POSIX_SPAWN_SETEXEC | _POSIX_SPAWN_DISABLE_ASLR );
+            posix_spawn( NULL, full_name, NULL, &attr, new_argv, *_NSGetEnviron() );
+            posix_spawnattr_destroy( &attr );
+        }
+#endif
         execv( full_name, new_argv );
         free( new_argv );
         free( full_name );

More information about the wine-cvs mailing list