1d5cd80c8SEd Maste.\" Copyright 2019 The FreeBSD Foundation. 2d5cd80c8SEd Maste.\" 3d5cd80c8SEd Maste.\" This software was developed by Bora Ozarslan under sponsorship from 4d5cd80c8SEd Maste.\" the FreeBSD Foundation. 5d5cd80c8SEd Maste.\" 6d5cd80c8SEd Maste.\" Redistribution and use in source and binary forms, with or without 7d5cd80c8SEd Maste.\" modification, are permitted provided that the following conditions 8d5cd80c8SEd Maste.\" are met: 9d5cd80c8SEd Maste.\" 1. Redistributions of source code must retain the above copyright 10d5cd80c8SEd Maste.\" notice, this list of conditions and the following disclaimer. 11d5cd80c8SEd Maste.\" 2. Redistributions in binary form must reproduce the above copyright 12d5cd80c8SEd Maste.\" notice, this list of conditions and the following disclaimer in the 13d5cd80c8SEd Maste.\" documentation and/or other materials provided with the distribution. 14d5cd80c8SEd Maste.\" 15d5cd80c8SEd Maste.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' 16d5cd80c8SEd Maste.\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17d5cd80c8SEd Maste.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18d5cd80c8SEd Maste.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19d5cd80c8SEd Maste.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20d5cd80c8SEd Maste.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21d5cd80c8SEd Maste.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22d5cd80c8SEd Maste.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23d5cd80c8SEd Maste.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24d5cd80c8SEd Maste.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25d5cd80c8SEd Maste.\" SUCH DAMAGE. 26d5cd80c8SEd Maste.\" 276e5dcc61SEd Maste.Dd October 5, 2023 2879bfb05bSEd Maste.Dt ELFCTL 1 29d5cd80c8SEd Maste.Os 30d5cd80c8SEd Maste.Sh NAME 3179bfb05bSEd Maste.Nm elfctl 32f84ed828SEd Maste.Nd change an ELF binary's feature control note 33d5cd80c8SEd Maste.Sh SYNOPSIS 34d5cd80c8SEd Maste.Nm 35d5cd80c8SEd Maste.Op Fl h | Fl -help 36f6d95a01SEd Maste.Op Fl i 37d5cd80c8SEd Maste.Op Fl l 38d5cd80c8SEd Maste.Op Fl e Ar featurelist 39d5cd80c8SEd Maste.Ar 40d5cd80c8SEd Maste.Sh DESCRIPTION 41d5cd80c8SEd MasteThe 42d5cd80c8SEd Maste.Nm 43f84ed828SEd Masteutility modifies feature flags in the feature control note in an ELF binary. 44d5cd80c8SEd Maste.Pp 45d5cd80c8SEd MasteThe options are as follows: 46d5cd80c8SEd Maste.Bl -tag -width indent 47d5cd80c8SEd Maste.It Fl h | Fl -help 48d5cd80c8SEd MastePrint a usage message and exit. 49f6d95a01SEd Maste.It Fl i 50f6d95a01SEd MasteIgnore unknown feature flags in 51f6d95a01SEd Maste.Ar featurelist . 52d5cd80c8SEd Maste.It Fl l 53f84ed828SEd MasteList known ELF feature flags. 54d5cd80c8SEd Maste.It Fl e Ar featurelist 55d5cd80c8SEd MasteEdit features from the given comma separated list 56d5cd80c8SEd Maste.Ar featurelist . 57d5cd80c8SEd Maste.Ar featurelist 58f84ed828SEd Mastestarts with one of the three operations: 59d5cd80c8SEd Maste.Dq Li + 60d5cd80c8SEd Masteto turn on the features, 61d5cd80c8SEd Maste.Dq Li - 62d5cd80c8SEd Masteto turn off the features, 63d5cd80c8SEd Maste.Dq Li = 64d5cd80c8SEd Masteto only turn on the given features. 6586f33b5fSEd MasteA comma separated list of feature names or numeric values follows the 6686f33b5fSEd Masteoperation. 67d5cd80c8SEd Maste.El 68d5cd80c8SEd Maste.Pp 69d5cd80c8SEd MasteIf 70f84ed828SEd Maste.Fl e 71f84ed828SEd Masteis not specified 72d5cd80c8SEd Maste.Nm 73f84ed828SEd Mastedisplays the status of each feature in the ELF note in each 74d5cd80c8SEd Maste.Ar . 75d5cd80c8SEd Maste.Sh EXIT STATUS 76d5cd80c8SEd MasteExit status is 0 on success, and 1 if the command 77d5cd80c8SEd Mastefails if a file does not exist, is too short, 78d5cd80c8SEd Masteor fails to find or edit features note. 79d5cd80c8SEd Maste.Sh EXAMPLES 80d5cd80c8SEd MasteThe following is an example of a typical usage 81d5cd80c8SEd Masteof the 82d5cd80c8SEd Maste.Nm 83d5cd80c8SEd Mastecommand: 84d5cd80c8SEd Maste.Bd -literal -offset indent 8579bfb05bSEd Masteelfctl file 86dbc7364bSEd Masteelfctl -e +noaslr file 87d5cd80c8SEd Maste.Ed 8886f33b5fSEd Maste.Pp 8986f33b5fSEd MasteFeatures may be specified as numerical values: 90c013ca2cSGraham Percival.Bd -literal -offset indent 9186f33b5fSEd Masteelfctl -e =0x0001,0x0004 file 9286f33b5fSEd Maste.Ed 9386f33b5fSEd Maste.Pp 9486f33b5fSEd MasteFeatures may also be specified as a single combined value: 95c013ca2cSGraham Percival.Bd -literal -offset indent 9686f33b5fSEd Masteelfctl -e =0x5 file 9786f33b5fSEd Maste.Ed 98*b989c1ddSKonstantin Belousov.Sh NOTES 99*b989c1ddSKonstantin BelousovOn amd64, on a machine with LA57 (5-level paging) mode supported and 100*b989c1ddSKonstantin Belousovenabled, if both 101*b989c1ddSKonstantin Belousov.Va la57 102*b989c1ddSKonstantin Belousovand 103*b989c1ddSKonstantin Belousov.Va la48 104*b989c1ddSKonstantin Belousovfeature flags are specified, the 105*b989c1ddSKonstantin Belousov.Va la57 106*b989c1ddSKonstantin Belousovfeature has priority over 107*b989c1ddSKonstantin Belousov.Va la48 . 108*b989c1ddSKonstantin BelousovThe 109*b989c1ddSKonstantin Belousov.Va vm.pmap.prefer_uva_la48 110*b989c1ddSKonstantin Belousovsysctl MIB defines the default user address space size for binaries 111*b989c1ddSKonstantin Belousovwhich do not set either of these flags. 1126e5dcc61SEd Maste.Sh SEE ALSO 1136e5dcc61SEd Maste.Xr mitigations 7 114d5cd80c8SEd Maste.Sh HISTORY 115d5cd80c8SEd Maste.Nm 116f84ed828SEd Mastefirst appeared in 1174ac4a7f8SEd Maste.Fx 12.2 . 118d5cd80c8SEd Maste.Sh AUTHORS 119f84ed828SEd Maste.Nm 120f84ed828SEd Mastewas written by 121f84ed828SEd Maste.An Bora Ozarslan Mt borako.ozarslan@gmail.com 122f84ed828SEd Masteunder sponsorship from the 123f84ed828SEd Maste.Fx Foundation. 124