chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
NAME [Toc] [Back]
chatr_pa: chatr - change program's internal attributes
SYNOPSIS [Toc] [Back]
PA-RISC 32-bit SOM chatr
chatr [-nqsMN [z|Z]] [-l library] [-B mode] [+b flag] [+dbg flag] [+es
flag] [+mergeseg flag] [+gst flag]
[+gstbuckets size] [+gstsize size] [+k flag] [+l library]
[+pd size] [+pi size] [+plabel_cache flag] [+q3p flag] [+q4p flag]
[+r flag] [+s flag] [+z flag] file ...
PA-RISC 64-bit ELF chatr [Toc] [Back]
There are two possible syntactic forms that can be used to invoke PARISC
64-bit chatr.
FORMAT 1: The first syntactic form, which is compatible with the SOM
chatr, is used for backward compatibility, and for easy manipulation of
ordinary files that only have a single text and a single data segment:
chatr [-nqszZ] [-l library] [-B mode] [+b flag] [+cd flag] [+ci flag]
[+es flag] [+gst flag] [+gstsize size] [+k flag] [+l library]
[+md flag] [+mi flag] [+pd size] [+pi size] [+s flag] [+z flag]
file ...
FORMAT 2: The second syntactic form provides the ability to explicitly
specify segments to be modified:
chatr [-s] [-B mode] [+c flag] [+dz flag] [+k flag] [+m flag] [+p size]
[+r flag] [+s flag] [+si index | +sa address | +sall ] [+z flag]
file ...
DESCRIPTION [Toc] [Back]
chatr allows you to change a program's internal attributes for 32-bit
mode SOM and 64-bit mode ELF files.
Upon completion, chatr prints the file's old and new values to
standard output unless -s is specified.
The +pd and +pi options only provide a hint for the virtual memory
page size. The actual page sizes may vary. Under certain conditions,
page size hints of L may result in better performance, depending on
the specific memory requirements of the application.
The performance of some applications may benefit from static branch
prediction, others may not. The +r option provides a hint for using
or avoiding this feature.
The +gst and related options provide performance enhancements through
use of global symbol table which improves searching for exported
symbols. See dld.sl(5) and the HP-UX Linker and Libraries Online User
Guide for more information.
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
COMMON OPTIONS FOR PA-RISC 32-bit SOM AND PA-RISC 64-bit ELF (FORMAT 1) [Toc] [Back]
chatr
chatr, by default, prints each file's magic number and file attributes
to the standard output.
-l library Indicate that the specified shared library is subject
to run-time path lookup if directory path lists are
provided (see +s and +b).
-n Change file from demand-loaded (DEMAND_MAGIC) to shared
(SHARE_MAGIC) (Ignored in PA-RISC 64-bit FORMAT 1.)
-q Change file from shared (SHARE_MAGIC) to demand-loaded
(DEMAND_MAGIC). (Ignored in PA-RISC 64-bit FORMAT 1.)
-s Perform its operation silently. (Available with the
PA-RISC 64-bit FORMAT 2 command.)
-B mode Select run-time binding behavior mode of a program
using shared libraries. You must specify one of the
major binding modes immediate or deferred. One or more
of the binding modifiers nonfatal, verbose, or
restricted can also be specified, each with a separate
option. See the HP-UX Linker and Libraries User's
Guide manual for a description of binding modes.
(Available with the PA-RISC 64-bit FORMAT 2 command.)
+b flag Control whether the embedded path list stored when the
program (if any) was built can be used to locate shared
libraries needed by the program. The two flag values,
enable and disable, respectively enable and disable use
of the embedded path list. However, you cannot use
disable on an ELF (PA-RISC 64-bit) file and a warning
message is issued. See the +s option. You can use the
+b option to enable the embedded path for filter
libraries.
+dbg flag Controls the mapping of shared library text segments
privately. The flag values, enable and disable, toggle
the request on and off. When enabled, this allows for
mapping the text segments of shared libraries in a
private, writtable region. When used with +mergeseg
enable, this allows for text segments of shared
libraries to be merged.
+es flag Control the ability of user code to execute from stack
with the flag values, enable and disable. See the
Restricting Execute Permission on Stacks section below
for additional information related to security issues.
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
+gst flag Control whether the global symbol table hash mechanism
is used to look up values of symbol import/export
entries. The two flag values, enable and disable,
respectively enable and disable use of the global
symbol table hash mechanism. The default is disable.
+gstsize size Request a particular hash array size using the global
symbol table hash mechanism. The value can vary
between 1 and MAXINT. The default value is 1103. Use
this option with +gst enable.
+k flag Request kernel assisted branch prediction. The flags
enable and disable turn this request on and off,
respectively. (Available with the PA-RISC 64-bit
FORMAT 2 command.)
+l library Indicate that the specified shared library is not
subject to run-time path lookup if directory path lists
are provided (see +s and +b).
+mergeseg flag Controls the shared library segment merging feature.
The flag values, enable and disable, toggle this
request ON and OFF. See the description of shared
library segment merging in the HP-UX Linker and
Libraries User's Guide. When enabled, all the data
segments of the shared libraries loaded at program
startup are merged. This increases run-time
performance by allowing the kernel to use larger size
page table entries.
+pd size Request a particular virtual memory page size that
should be used for data. Sizes of 4K, 16K, 64K, 256K,
1M, 4M, 16M, 64M, 256M, and L are supported. A size of
L will result in using the largest page size available.
The actual page size may vary if the requested size
cannot be fulfilled.
+pi size Request a particular virtual memory page size that
should be used for instructions. See the +pd option
for additional information.
+r flag Request static branch prediction when executing this
program. The flags enable and disable turn this
request on and off, respectively. (Available with the
PA-RISC 64-bit FORMAT 2 command.)
+s flag Control whether the directory path list specified with
the SHLIB_PATH environment variable can be used to
locate shared libraries needed by the program. The two
flag values, enable and disable, respectively enable
and disable use of the environment variable. If both
Hewlett-Packard Company - 3 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
+s and +b are used, their relative order on the command
line indicates which path list will be searched first.
See the +b option. (Available with the PA-RISC 64-bit
FORMAT 2 command.)
+z Enable lazy swap on all data segments (using PA-RISC
32-bit chatr or PA-RISC 64-bit chatr FORMAT 1) or on a
specific segment (using PA-RISC 64-bit ELF chatr FORMAT
2). May not be used with non-data segments.
-z,-Z Enable run-time dereferencing of null pointers to
produce a SIGSEGV signal. (This is the complement of
the -Z option.)
OPTIONS FOR PA-RISC 32-bit SOM chatr ONLY [Toc] [Back]
-M Change file from EXEC_MAGIC to SHMEM_MAGIC. (This
option is an interim solution until 64-bit
addressability is available with a true 64-bit kernel.
See "chatr and Magic Numbers" and "Using SHMEM_MAGIC"
below.)
-N Change file from SHMEM_MAGIC to EXEC_MAGIC. (This
option is an interim solution until 64-bit
addressability is available with a true 64-bit kernel.
See "chatr and Magic Numbers" and Notes below.)
+gstbuckets size
Request a particular number of buckets per entry using
the global symbol table hash mechanism. The value can
vary between 1 and MAXINT. The default value is 3.
Use this option with +gst enable.
+plabel_cache flag
Control the use of the plabel caching mechanism. The
flags enable and disable turn this request on and off,
respectively. The default is disable. Use this option
with +gst enable.
This option is effective with C++. In C++
applications, the dynamic loader needs to repetitively
access PLABEL information (import stub). In order to
make this access faster, the dynamic loader uses the
global symbol table structure to also contain PLABEL
entries. This behavior is enabled when the
PLABEL_CACHE flag is set in the dl_header structure
(enabled ld +plabel_cache enable a.out or chatr
+plabel_cache enable a.out).
+q3p flag Control the flag bit setting to indicate how 32-bit
processes use the third quadrant as data space.
Hewlett-Packard Company - 4 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
The enable flag sets the flag bit to indicate that 32-
bit processes use the third quadrant as a private data
space. By setting the bit, the private data space
increases from 1.9GB to 2.85GB for 32-bit processes.
The disable flag unsets the bit, which returns the
third quadrant to the default state, in which it is
used for shared memory.
This flag mechanism differs from how to set usage for
the first and second quadrants. Set these values by
using the magic number of the executable. (See the -M
and -N options.)
+q4p flag Control the flag bit setting to indicate how 32-bit
processes use the third and fourth quadrant as data
space.
The enable flag sets the flag bit to indicate that 32-
bit processes use the fourth quadrant as a private data
space. By setting the +q4p flag bit, the private data
space increases from 1.9GB to 3.8GB for 32-bit
processes. When you set the fourth quadrant for
private data space, the third quadrant is automatically
set for use as private data space, ignoring the current
+q3p value.
The disable flag unsets the flag bit, which returns the
fourth quadrant to the default state, in which it is
used for shared memory. With +q4p disable, the value
of the +q3p flag controls whether the third quadrant is
used as a private data space or for shared memory.
This flag mechanism differs from how to set usage for
the first and second quadrants. Set these values by
using the magic number of the executable. (See the -M
and -N options.)
OPTIONS FOR PA-RISC 64-bit ELF chatr [Toc] [Back]
PA-RISC 64-bit ELF chatr is similar to SOM chatr but supports new
options (and obsoletes others).
New options:
OPTIONS FOR PA-RISC 64-bit ELF chatr (FORMAT 1) [Toc] [Back]
+cd Set the code bit for the file's data segment(s).
+ci Set the code bit for the file's text segments(s).
Hewlett-Packard Company - 5 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
+md Set the modification bit for the file's data
segment(s).
+mi Set the modification bit for the file's text
segment(s).
OPTIONS FOR PA-RISC 64-bit ELF chatr (FORMAT 2) [Toc] [Back]
With common options: -s, -B mode, +k flag, +r flag, +s flag, +z flag.
+c Set the code bit for a specified segment.
+dz Enable or disable lazy swap allocation for dynamically
allocated segments (such as the stack or heap).
+m Set the modification bit for a specified segment.
+p Set the page size for a specified segment.
+sa Specify a segment using an address for a set of
attribute modifications.
+sall Use all segments in the file for a set of attribute
modifications.
+si Specify a segment using a segment index number for a
set of attribute modifications.
chatr and MAGIC Numbers
The term shared applies to the magic number SHARE_MAGIC while the term
demand-loaded applies to the magic number DEMAND_MAGIC. See magic(4)
and the HP-UX Linker and Libraries Online User Guide for more
information.
chatr labels the following type of executables in output.
SHARE_MAGIC: shared executable
DEMAND_MAGIC: demand load executable
EXEC_MAGIC: normal executable
SHMEM_MAGIC: normal SHMEM_MAGIC executable
The linker produces SHARE_MAGIC executables by default.
Using SHMEM_MAGIC [Toc] [Back]
SHMEM_MAGIC is an interim solution until 64-bit addressability is
available with a true 64-bit kernel.
Hewlett-Packard Company - 6 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
SHMEM_MAGIC will not be supported on future HP implementations of 64-
bit architectures (beyond PA-RISC 2.0). Programs that need larger
than 1.75 GB of shared memory on those architectures will have to be
recompiled (as 64-bit executables) for those architectures.
Programs that are compiled as 64-bit executables on any 64-bit HP
implementation (including PA-RISC 2.0) cannot be marked as SHMEM_MAGIC
nor do they need to be as they will already have access to more than
1.75 GB of shared memory.
The additional 1 GB of shared memory that is available over other
types of executables can be availed of only for system V shared memory
and not other forms of shared memory (like memory mapped files).
Restricting Execute Permission on Stacks [Toc] [Back]
A frequent or common method of breaking into systems is by maliciously
overflowing buffers on a program's stack, such as passing unusually
long, carefully chosen command line arguments to a privileged program
that does not expect them. Malicious unprivileged users can use this
technique to trick a privileged program into starting a superuser
shell for them, or to perform similar unauthorized actions.
One simple yet highly effective way to reduce the risk from this type
of attack is to remove the execute permission from a program's stack
pages. This improves system security without sacrificing performance
and has no negative effects on the vast majority of legitimate
applications. The changes described in this section only affect the
very small number of programs that try to execute (or are tricked into
executing) instructions located on the program's stack(s).
If the stack protection feature described in this section is enabled
for a program and that program attempts to execute code from its
stack(s), the HP-UX kernel will terminate the program with a SIGKILL
signal, display a message referring to this manual page section, and
log an error message to the system message log (use dmesg to view the
error message). The message logged by the kernel is:
WARNING: UID # may have attempted a buffer overflow attack. PID
# (program_name) has been terminated. See the '+es enable'
option of chatr(1).
If you see one of these messages, check with the program's owner to
determine whether this program is legitimately executing code from its
stack. If it is, you can use one or both of the methods described
below to make the program functional again. If the program is not
legitimately executing code from its stack, you should suspect
malicious activity and take appropriate action.
HP-UX provides two options to permit legitimate execution from a
program's stack(s). Combinations of these two options help make
site-specific tradeoffs between security and compatibility.
Hewlett-Packard Company - 7 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
The first method is the use of the +es option of chatr and affects
individual programs. It is typically used to specify that a
particular binary must be able to execute from its stack, regardless
of the system default setting. This allows a restrictive system
default while not preventing legitimate programs from executing code
on their stack(s). Ideally this option should be set (if needed) by
the program's provider, to minimize the need for manual intervention
by whomever installs the program.
An alternate method is setting the kernel tunable parameter,
executable_stack, to set a system-wide default for whether stacks are
executable. Setting the executable_stack parameter to 1 (one) with
sam (see sam(1M)) tells the HP-UX kernel not to execute protect
program stack(s). This is the preferred setting if compatibility with
older releases is more important than security. Setting it to a 0
(zero) is appropriate if security is more important than
compatibility. This is the recommended setting, because it
significantly improves system security with minimal, if any, negative
effects on legitimate applications.
Combinations of these settings may be appropriate for many
applications. For example, after setting executable_stack to 0, you
may find that one or two critical applications no longer work because
they have a legitimate need to execute from their stack(s). Programs
such as simulators or interpreters that use self-modifying code are
examples you might encounter. To obtain the security benefits of a
restrictive system default while still letting these specific
applications run correctly, set executable_stack to 0, and run chatr
+es enable on the specific binaries that need to execute code from
their stack(s). These binaries can be easily identified when they are
executed, because they will print error messages referring to this
manual page.
The possible settings for executable_stack are as follows:
executable_stack = 0 (default)
A setting of 0 (the default value) causes stacks to be nonexecutable
and is strongly preferred from a security
perspective.
executable_stack = 1
A setting of 1 causes all program stacks to be executable,
and is safest from a compatibility perspective but is the
least secure setting for this parameter.
executable_stack = 2
A setting of 2 is equivalent to a setting of 0, except that
it gives non-fatal warnings instead of terminating a process
that is trying to execute from its stack. Using this
setting is helpful for users to gain confidence that using a
value of 0 will not hurt their legitimate applications.
Hewlett-Packard Company - 8 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
Again, there is less security protection.
The table below summarizes the results from using the possible
combinations of chatr +es and executable_stack when executing from the
program's stack. Running chatr +es disable relies solely on the
setting of the executable_stack kernel tunable parameter when deciding
whether or not to grant execute permission for stacks and is
equivalent to not having run chatr +es on the binary.
_________________________________________________________________________
|chatr +es | executable_stack | ACTION |
|____________________________|__________________|________________________|
|enable | 1 | program runs normally |
|disable or chatr is not run | 1 | program runs normally |
|____________________________|__________________|________________________|
|enable | 0 | program runs normally |
|disable or chatr is not run | 0 | program is killed |
|____________________________|__________________|________________________|
|enable | 2 | program runs normally |
|disable or chatr is not run | 2 | program runs normally |
| | | with warning displayed |
|____________________________|__________________|________________________|
RETURN VALUE [Toc] [Back]
chatr returns zero on success. If the command line contents is
syntactically incorrect, or one or more of the specified files cannot
be acted upon, chatr returns information about the files whose
attributes could not be modified. If no files are specified, chatr
returns decimal 255.
Illegal options [Toc] [Back]
For PA-RISC 32-bit chatr, if you use an illegal option, chatr returns
the number of words in the command line. For example,
chatr +b enable +xyz enable returns 5 (because of illegal option
+xyz).
chatr +b enable +xyz enable +mno file1 file2 returns 8.
For PA-RISC 64-bit chatr, if you use an illegal option, chatr returns
the number of non-option words present after the first illegal option.
chatr +b enable +xyz enable +mno enable +pqr enable file returns
4.
Invalid arguments [Toc] [Back]
If you use an invalid argument with a valid option and you do not
specify a file name, both PA-RISC 32-bit and 64-bit chatr return 0.
chatr +b <no argument> returns 0.
Hewlett-Packard Company - 9 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
For PA-RISC 32-bit chatr, if you specify a file name (regardless of
whether or not the file exists), chatr returns number of words in the
command line.
chatr +b <no argument> file returns 4.
For PA-RISC 64-bit chatr, if you specify a file name (regardless of
whether or not the file exists), chatr returns the number of files
specified.
chatr +b <no argument> file1 file2 file3 returns 3.
Invalid files [Toc] [Back]
For both PA-RISC 32-bit and 64-bit chatr, if the command cannot act on
any of the files given, it returns the total number of files specified
(if some option is specified). Otherwise it returns the number of
files upon which it could not act.
chatr +b enable a1 a2 a3 a4 (where a2 does not have read/write
permission) returns 4.
chatr a1 a2 a3 a4 returns 1.
EXTERNAL INFLUENCES [Toc] [Back]
Environment Variables
The following internationalization variables affect the execution of
chatr:
LANG Determines the locale category for native language,
local customs and coded character set in the absence
of LC_ALL and other LC_* environment variables. If
LANG is not specified or is set to the empty string,
a default of C (see lang(5)) is used instead of
LANG.
LC_ALL Determines the values for all locale categories and
has precedence over LANG and other LC_* environment
variables.
LC_CTYPE Determines the locale category for character
handling functions.
LC_MESSAGES Determines the locale that should be used to affect
the format and contents of diagnostic messages
written to standard error.
LC_NUMERIC Determines the locale category for numeric
formatting.
NLSPATH Determines the location of message catalogues for
the processing of LC_MESSAGES.
Hewlett-Packard Company - 10 - HP-UX 11i Version 2: Sep 2004
chatr_pa(1) chatr_pa(1)
For PA-RISC Systems
If any internationalization variable contains an invalid setting,
chatr behaves as if all internationalization variables are set to C.
See environ(5).
In addition, the following environment variable affects chatr:
TMPDIR Specifies a directory for temporary files (see
tmpnam(3S)).
EXAMPLES [Toc] [Back]
Change a.out to demand-loaded
chatr -q a.out
Change binding mode of program file that uses shared libraries to
immediate and nonfatal. Also enable usage of SHLIB_PATH environment
variable:
chatr -B immediate -B nonfatal +s enable a.out
Disallow run-time path lookup for the shared library /usr/lib/libc.sl
that the shared library libfoo.sl depends on:
chatr +l /usr/lib/libc.sl libfoo.sl
Given segment index number 5 from a previous run of chatr, change the
page size to 4 kilobytes:
chatr +si 5 +p 4K average64
AUTHOR [Toc] [Back]
chatr was developed by HP.
SEE ALSO [Toc] [Back]
System Tools:
ld(1) invoke the link editor
Miscellaneous:
a.out(4) assembler, compiler, and linker output
magic(4) magic number for HP-UX implementations
sam(1M) system administration manager
executable_stack(5) controls whether program stacks are executable by
default
Texts and Tutorials:
HP-UX Linker and Libraries Online User Guide
(See the +help option)
HP-UX Linker and Libraries User's Guide
(See manuals(5) for ordering information)
Hewlett-Packard Company - 11 - HP-UX 11i Version 2: Sep 2004 [ Back ] |
