elf

type ARMBTIRule ¶

type ARMBTIRule struct{}

ARMBTIRule checks for ARM Branch Target Identification

func (r ARMBTIRule) Applicability() rule.Applicability

func (r ARMBTIRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r ARMBTIRule) ID() string

func (r ARMBTIRule) Name() string

type ARMBranchProtectionRule ¶

type ARMBranchProtectionRule struct{}

ARMBranchProtectionRule checks for ARM branch protection (PAC+BTI) ARM: https://developer.arm.com/documentation/ddi0487/latest GCC: https://gcc.gnu.org/onlinedocs/gcc/AArch64-Options.html#index-mbranch-protection Clang: https://clang.llvm.org/docs/ClangCommandLineReference.html#cmdoption-clang-mbranch-protection

func (r ARMBranchProtectionRule) Applicability() rule.Applicability

func (r ARMBranchProtectionRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r ARMBranchProtectionRule) ID() string

func (r ARMBranchProtectionRule) Name() string

type ARMMTERule ¶

type ARMMTERule struct{}

ARMMTERule checks for ARM Memory Tagging Extension ARM: https://developer.arm.com/documentation/ddi0487/latest LLVM: https://llvm.org/docs/MemTagSanitizer.html

func (r ARMMTERule) Applicability() rule.Applicability

func (r ARMMTERule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r ARMMTERule) ID() string

func (r ARMMTERule) Name() string

type ARMPACRule ¶

type ARMPACRule struct{}

ARMPACRule checks for ARM Pointer Authentication Code ARM: https://developer.arm.com/documentation/ddi0487/latest GCC: https://gcc.gnu.org/onlinedocs/gcc/AArch64-Options.html#index-mbranch-protection Clang: https://clang.llvm.org/docs/ClangCommandLineReference.html#cmdoption-clang-mbranch-protection

func (r ARMPACRule) Applicability() rule.Applicability

func (r ARMPACRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r ARMPACRule) ID() string

func (r ARMPACRule) Name() string

type ASANRule ¶

type ASANRule struct{}

ASANRule checks for AddressSanitizer instrumentation Clang: https://clang.llvm.org/docs/AddressSanitizer.html GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#index-fsanitize=address

func (r ASANRule) Applicability() rule.Applicability

func (r ASANRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r ASANRule) ID() string

func (r ASANRule) Name() string

type ASLRRule ¶

type ASLRRule struct{}

ASLRRule checks if binary is ASLR compatible Linux Kernel: https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/sysctl/kernel.rst

func (r ASLRRule) Applicability() rule.Applicability

func (r ASLRRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r ASLRRule) ID() string

func (r ASLRRule) Name() string

type CFIRule ¶

type CFIRule struct{}

CFIRule checks for Clang Control Flow Integrity https://clang.llvm.org/docs/ControlFlowIntegrity.html

func (r CFIRule) Applicability() rule.Applicability

func (r CFIRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r CFIRule) ID() string

func (r CFIRule) Name() string

type DynEntry ¶

type DynEntry struct {
	Tag uint64
	Val uint64
}

func ParseDynamic(f *elf.File) []DynEntry

type FortifySourceRule ¶

type FortifySourceRule struct{}

FortifySourceRule checks for FORTIFY_SOURCE protection glibc: https://sourceware.org/glibc/wiki/FortifySourceLevel3 GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#index-D_FORTIFY_SOURCE

func (r FortifySourceRule) Applicability() rule.Applicability

func (r FortifySourceRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r FortifySourceRule) ID() string

func (r FortifySourceRule) Name() string

type FullRELRORule ¶

type FullRELRORule struct{}

FullRELRORule checks for full RELRO protection ld: https://sourceware.org/binutils/docs/ld/Options.html

func (r FullRELRORule) Applicability() rule.Applicability

func (r FullRELRORule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r FullRELRORule) ID() string

func (r FullRELRORule) Name() string

type NXBitRule ¶

type NXBitRule struct{}

NXBitRule checks for non-executable stack GCC: https://gcc.gnu.org/onlinedocs/gcc/Link-Options.html#index-z

func (r NXBitRule) Applicability() rule.Applicability

func (r NXBitRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r NXBitRule) ID() string

func (r NXBitRule) Name() string

type NoDLOpenRule ¶

type NoDLOpenRule struct{}

NoDLOpenRule checks if dlopen is disabled ld: https://sourceware.org/binutils/docs/ld/Options.html#index-z-keyword

func (r NoDLOpenRule) Applicability() rule.Applicability

func (r NoDLOpenRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r NoDLOpenRule) ID() string

func (r NoDLOpenRule) Name() string

type NoDumpRule ¶

type NoDumpRule struct{}

NoDumpRule checks if core dumps are disabled ld: https://sourceware.org/binutils/docs/ld/Options.html#index-z-keyword

func (r NoDumpRule) Applicability() rule.Applicability

func (r NoDumpRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r NoDumpRule) ID() string

func (r NoDumpRule) Name() string

type NoInsecureRPATHRule ¶

type NoInsecureRPATHRule struct{}

NoInsecureRPATHRule checks for insecure RPATH values ld: https://sourceware.org/binutils/docs/ld/Options.html

func (r NoInsecureRPATHRule) Applicability() rule.Applicability

func (r NoInsecureRPATHRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r NoInsecureRPATHRule) ID() string

func (r NoInsecureRPATHRule) Name() string

type NoInsecureRUNPATHRule ¶

type NoInsecureRUNPATHRule struct{}

NoInsecureRUNPATHRule checks for insecure RUNPATH values ld: https://sourceware.org/binutils/docs/ld/Options.html

func (r NoInsecureRUNPATHRule) Applicability() rule.Applicability

func (r NoInsecureRUNPATHRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r NoInsecureRUNPATHRule) ID() string

func (r NoInsecureRUNPATHRule) Name() string

type PIERule ¶

type PIERule struct{}

PIERule checks if binary is compiled as Position Independent Executable GCC: https://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html#index-fPIE Clang: https://clang.llvm.org/docs/ClangCommandLineReference.html#cmdoption-clang-fpie

func (r PIERule) Applicability() rule.Applicability

func (r PIERule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r PIERule) ID() string

func (r PIERule) Name() string

type RELRORule ¶

type RELRORule struct{}

RELRORule checks for partial RELRO ld: https://sourceware.org/binutils/docs/ld/Options.html

func (r RELRORule) Applicability() rule.Applicability

func (r RELRORule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r RELRORule) ID() string

func (r RELRORule) Name() string

type SafeStackRule ¶

type SafeStackRule struct{}

SafeStackRule checks for SafeStack protection Clang: https://clang.llvm.org/docs/SafeStack.html LLVM: https://llvm.org/docs/SafeStack.html

func (r SafeStackRule) Applicability() rule.Applicability

func (r SafeStackRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r SafeStackRule) ID() string

func (r SafeStackRule) Name() string

type SeparateCodeRule ¶

type SeparateCodeRule struct{}

SeparateCodeRule checks if code and data are in separate pages ld: https://sourceware.org/binutils/docs/ld/Options.html#index-z-keyword

func (r SeparateCodeRule) Applicability() rule.Applicability

func (r SeparateCodeRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r SeparateCodeRule) ID() string

func (r SeparateCodeRule) Name() string

type StackCanaryRule ¶

type StackCanaryRule struct{}

StackCanaryRule checks for stack canary protection GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#index-fstack-protector Clang: https://clang.llvm.org/docs/ClangCommandLineReference.html#cmdoption-clang-fstack-protector-strong

func (r StackCanaryRule) Applicability() rule.Applicability

func (r StackCanaryRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r StackCanaryRule) ID() string

func (r StackCanaryRule) Name() string

type StackLimitRule ¶

type StackLimitRule struct{}

StackLimitRule checks for explicit stack size limit ld: https://sourceware.org/binutils/docs/ld/Options.html#index-z-keyword

func (r StackLimitRule) Applicability() rule.Applicability

func (r StackLimitRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r StackLimitRule) ID() string

func (r StackLimitRule) Name() string

type StrippedRule ¶

type StrippedRule struct{}

StrippedRule checks if binary is fully stripped ld: https://sourceware.org/binutils/docs/ld/Options.html#index-_002d_002dstrip_002dall

func (r StrippedRule) Applicability() rule.Applicability

func (r StrippedRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r StrippedRule) ID() string

func (r StrippedRule) Name() string

type UBSanRule ¶

type UBSanRule struct{}

UBSanRule checks for Undefined Behavior Sanitizer Clang: https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#index-fsanitize=undefined

func (r UBSanRule) Applicability() rule.Applicability

func (r UBSanRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r UBSanRule) ID() string

func (r UBSanRule) Name() string

type WXorXRule ¶

type WXorXRule struct{}

WXorXRule checks for W^X (Write XOR Execute) policy GNU ld: https://sourceware.org/binutils/docs/ld/Options.html (-z noexecstack)

func (r WXorXRule) Applicability() rule.Applicability

func (r WXorXRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r WXorXRule) ID() string

func (r WXorXRule) Name() string

type X86CETIBTRule ¶

type X86CETIBTRule struct{}

X86CETIBTRule checks for CET Indirect Branch Tracking (Intel/AMD) GCC: https://gcc.gnu.org/onlinedocs/gcc/x86-Options.html#index-fcf-protection

func (r X86CETIBTRule) Applicability() rule.Applicability

func (r X86CETIBTRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r X86CETIBTRule) ID() string

func (r X86CETIBTRule) Name() string

type X86CETShadowStackRule ¶

type X86CETShadowStackRule struct{}

X86CETShadowStackRule checks for CET Shadow Stack (Intel/AMD) GCC: https://gcc.gnu.org/onlinedocs/gcc/x86-Options.html#index-fcf-protection

func (r X86CETShadowStackRule) Applicability() rule.Applicability

func (r X86CETShadowStackRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r X86CETShadowStackRule) ID() string

func (r X86CETShadowStackRule) Name() string

type X86RetpolineRule ¶

type X86RetpolineRule struct{}

X86RetpolineRule checks for Spectre v2 mitigation (retpoline) GCC: https://gcc.gnu.org/onlinedocs/gcc/x86-Options.html#index-mindirect-branch Clang: https://clang.llvm.org/docs/ClangCommandLineReference.html#cmdoption-clang-mretpoline

func (r X86RetpolineRule) Applicability() rule.Applicability

func (r X86RetpolineRule) Execute(bin *binary.ELFBinary) rule.ExecuteResult

func (r X86RetpolineRule) ID() string

func (r X86RetpolineRule) Name() string