[M108 Migration] Add ASLR to executables.

Address space layout randomization(ASLR) is a computer security
technique involved in preventing exploitation of memory corruption
vulnerabilities.

ASLR randomly arranges the address space positions of key data areas of
a process to prevent an attacker from reliably jumping to a particular
exploited function in memory.

This adds ASLR to ubrowser, efl_webview_app, mini_browser, and efl_webprocess.

* Output from a command in bash to check ASLR

$ hardening-check ubrowser
ubrowser:
Position Independent Executable: yes

$ file ubrowser
ubrowser: ELF 32-bit LSB  shared object

Reference: https://review.tizen.org/gerrit/c/280956

Change-Id: I6e429acd73c01f85bda743c46a47cac6fc298bd4
Signed-off-by: Bakka Uday Kiran <b.kiran@samsung.com>

diff --git a/tizen_src/ewk/efl_integration/BUILD.gn b/tizen_src/ewk/efl_integration/BUILD.gn
index a9c6b68..3781431 100755 (executable)
--- a/tizen_src/ewk/efl_integration/BUILD.gn
+++ b/tizen_src/ewk/efl_integration/BUILD.gn
@@ -650,6 +650,9 @@ executable("efl_webprocess") {
   testonly = true
   sources = [ "efl_webprocess.cc" ]
   deps = [ ":chromium-ewk" ]
+  if (is_tizen && !tizen_product_tv) {
+    configs += [ "//tizen_src/build/config/tizen:executable_config" ]
+  }
 }
 
 copy("launch_exec_script") {

diff --git a/tizen_src/ewk/efl_webview_app/BUILD.gn b/tizen_src/ewk/efl_webview_app/BUILD.gn
index 56fbd63..ab25680 100644 (file)
--- a/tizen_src/ewk/efl_webview_app/BUILD.gn
+++ b/tizen_src/ewk/efl_webview_app/BUILD.gn
@@ -12,6 +12,9 @@ copy("efl_webview_app_script") {
 executable("efl_webview_app") {
   testonly = true
   deps = [ ":efl_webview_app_script" ]
+  if (is_tizen) {
+    configs += [ "//tizen_src/build/config/tizen:executable_config" ]
+  }
   configs += [ "//tizen_src/build:capi-system-device" ]
   configs += [ "//tizen_src/build:libcapi-system-device" ]
   public_configs = [ "//tizen_src/build:capi-system-device-public" ]
@@ -84,6 +87,7 @@ executable("mini_browser") {
       "../../chromium_impl/build",
     ]
     configs += [ "//tizen_src/build:capi-system-device" ]
+    configs += [ "//tizen_src/build/config/tizen:executable_config" ]
     configs += [ "//tizen_src/build:libcapi-system-device" ]
     public_configs = [ "//tizen_src/build:capi-system-device-public" ]
     configs += [ "//tizen_src/build:capi-appfw-application" ]

diff --git a/tizen_src/ewk/ubrowser/BUILD.gn b/tizen_src/ewk/ubrowser/BUILD.gn
index ad15938..66a7d33 100644 (file)
--- a/tizen_src/ewk/ubrowser/BUILD.gn
+++ b/tizen_src/ewk/ubrowser/BUILD.gn
@@ -64,6 +64,7 @@ executable("ubrowser") {
   libs = []
   if (is_tizen) {
     configs += [ "//tizen_src/build:capi-appfw-application" ]
+    configs += [ "//tizen_src/build/config/tizen:executable_config" ]
     configs += [ "//tizen_src/build:libcapi-appfw-application" ]
     if (tizen_product_tv) {
       configs += [ "//tizen_src/build:ecore-wayland" ]