chatr_pa(1)						      General Commands Manual						       chatr_pa(1)

NAME

       chatr_pa: chatr - change program's internal attributes on PA-RISC systems

SYNOPSIS

   PA-RISC 32-bit SOM chatr
       library]  mode]	flag]  flag]  flag]  flag]  flag]  size]  size] flag] library] flag] size] size] flag] flag] flag] flag] flag] flag] flag]
	      file ...

   PA-RISC 64-bit ELF chatr
       There are two possible syntactic forms that can be used to invoke PA-RISC 64-bit

       The first syntactic form, which is compatible with the SOM is used for backward compatibility, and for easy manipulation of ordinary  files
       that only have a single text and a single data segment:

       library] mode] flag] flag] flag] flag] flag] size] flag] library] flag] flag] flag] size] size] flag] flag] flag] file ...

       The second syntactic form provides the ability to explicitly specify segments to be modified:

       mode] flag] flag] flag] flag] size] flag] flag] index | address | ] flag] file ...

   Remarks
       This manpage describes on PA-RISC systems.  For on Integrity systems, see chatr_ia(1).

DESCRIPTION

       allows you to change a program's internal attributes for 32-bit mode SOM and 64-bit mode ELF files.

       Upon completion, prints the file's old and new values to standard output unless is specified.

       The and options only provide a hint for the virtual memory page size.  The actual page sizes may vary.  Under certain conditions, page size
       hints of may result in better performance, depending on the specific memory requirements of the application.

       The performance of some applications may benefit from static branch prediction, others may not.	The option provides a hint  for  using	or
       avoiding this feature.

       The  and related options provide performance enhancements through use of global symbol table which improves searching for exported symbols.
       See dld.sl(5) and the for more information.

   Common Options For PA-RISC 32-bit SOM And PA-RISC 64-bit ELF (FORMAT 1) chatr
       by default, prints each file's magic number and file attributes to the standard output.

       Indicate that the specified shared library
		      is subject to run-time path lookup if directory path lists are provided (see and

       Change	      file from demand-loaded to shared (Ignored in PA-RISC 64-bit FORMAT 1.)

       Change	      file from shared to demand-loaded (Ignored in PA-RISC 64-bit FORMAT 1.)

       Perform its operation silently.
		      (Available with the PA-RISC 64-bit FORMAT 2 command.)

       Select run-time binding behavior mode of a program
		      using shared libraries.  You must specify one of the major binding modes or One or more of the binding modifiers or can also
		      be  specified, each with a separate option.  See the manual for a description of binding modes.  (Available with the PA-RISC
		      64-bit FORMAT 2 command.)

       Control whether the embedded path list
		      stored when the program (if any) was built can be used to locate shared libraries needed by the program.	The two flag  val-
		      ues,  and respectively enable and disable use of the embedded path list.	However, you cannot use on an ELF (PA-RISC 64-bit)
		      file and a warning message is issued.  See the option.  You can use the option  to  enable  the  embedded  path  for  filter
		      libraries.

       Controls the mapping of shared library text segments privately.
		      The  flag  values,  and  toggle  the  request on and off.  When enabled, this allows for mapping the text segments of shared
		      libraries in a private, writable region.	Also, you can use this feature on individual shared  libraries,  which	makes  the
		      text  segment mapped private.  If contains the string "", all shared libraries are mapped private.  You can specify a colon-
		      separated list of shared library base names with this option, following an equal character; for example:

		      When used with this allows text segments of shared libraries to be merged.

       Control the ability of user code to execute from stack with the
		      flag values, and See the section below for additional information related to security issues.

       Control whether the global symbol table hash mechanism is
		      used to look up values of symbol import/export entries.  The two flag values, and respectively enable and disable use of the
		      global symbol table hash mechanism.  The default is

       Request a particular hash array
		      size  using  the	global symbol table hash mechanism.  The value can vary between 1 and The default value is 1103.  Use this
		      option with

       Request kernel assisted branch prediction.
		      The flags and turn this request on and off, respectively.  (Available with the PA-RISC 64-bit FORMAT 2 command.)

       Indicate that the specified shared library
		      is not subject to run-time path lookup if directory path lists are provided (see and

       or	      the dynamic loader to automatically preload and also maps shared libraries as private.  The library is used to support  heap
		      analysis through GDB.

       Controls the shared library segment merging feature.
		      The  flag  values,  and  toggle  this request ON and OFF.  See the description of shared library segment merging in the When
		      enabled, all the data segments of the shared libraries loaded at program startup are merged.  This increases  run-time  per-
		      formance by allowing the kernel to use larger size page table entries.

       Request a particular virtual memory page size that
		      should  be used for data.  Sizes of and are supported.  A size of will result in using the largest page size available.  The
		      actual page size may vary if the requested size cannot be fulfilled.

       Request a particular virtual memory page size that
		      should be used for instructions.	See the option for additional information.

       Request static branch prediction when executing this
		      program.	The flags and turn this request on and off, respectively.  (Available with the PA-RISC 64-bit FORMAT 2 command.)

       This is an     to the option.

       Control whether the directory path list specified with the
		      environment variable can be used to locate shared libraries needed by the program.  The two flag	values,  and  respectively
		      enable  and  disable  use of the environment variable.  If both and are used, their relative order on the command line indi-
		      cates which path list will be searched first.  See the option.  (Available with the PA-RISC 64-bit FORMAT 2 command.)

       Enable lazy swap on all data segments (using PA-RISC 32-bit
		      or PA-RISC 64-bit FORMAT 1) or on a specific segment (using PA-RISC 64-bit ELF FORMAT 2).  May not  be  used  with  non-data
		      segments.

       Enable null pointer dereference trap.
		      Run-time dereference of null pointers will produce a SIGSEGV signal.  (This is the complement of the option.)

       Disable null pointer dereference trap.
		      (This is the complement of the option.)

   Options For PA-RISC 32-bit SOM chatr Only
       Change	      file  from  to  (This option is an interim solution until 64-bit addressability is available with a true 64-bit kernel.  See
		      and below.)

       Change	      file from to (This option is an interim solution until 64-bit addressability is available with a true  64-bit  kernel.   See
		      below.)

       Request a particular number of buckets per entry
		      using  the  global  symbol  table hash mechanism.  The value can vary between 1 and The default value is 3.  Use this option
		      with

       Control the use of the plabel caching mechanism.
		      The flags and turn this request on and off, respectively.  The default is Use this option with

		      This option is effective with C++.  In C++ applications, the dynamic loader needs to repetitively access PLABEL  information
		      (import  stub).  In order to make this access faster, the dynamic loader uses the global symbol table structure to also con-
		      tain PLABEL entries.  This behavior is enabled when the PLABEL_CACHE flag is set in the structure (enabled or

       Control the flag bit setting to indicate how 32-bit processes use the
		      third quadrant as data space.

		      The flag sets the flag bit to indicate that 32-bit processes use the third quadrant as a private data space.  By setting the
		      bit, the private data space increases from 1.9GB to 2.85GB for 32-bit processes.

		      The flag unsets the bit, which returns the third quadrant to the default state, in which it is used for shared memory.

		      This  flag  mechanism differs from how to set usage for the first and second quadrants.  Set these values by using the magic
		      number of the executable.  (See the and options.)

		      See the section below for more details and compatibility issues.

       Control the flag bit setting to indicate how 32-bit processes use the
		      third and fourth quadrant as data space.

		      The flag sets the flag bit to indicate that 32-bit processes use the fourth quadrant as a private data  space.   By  setting
		      the  flag  bit, the private data space increases from 1.9GB to 3.8GB for 32-bit processes.  When you set the fourth quadrant
		      for private data space, the third quadrant is automatically set for use as private data space, ignoring the current value.

		      The flag unsets the flag bit, which returns the fourth quadrant to the default state, in which it is used for shared memory.
		      With the value of the flag controls whether the third quadrant is used as a private data space or for shared memory.

		      This  flag  mechanism differs from how to set usage for the first and second quadrants.  Set these values by using the magic
		      number of the executable.  (See the and options.)

		      See the section below for more details and compatibility issues.

   Options For PA-RISC 64-bit ELF chatr
       PA-RISC 64-bit ELF is similar to SOM but supports new options (and obsoletes others).

       New options:

       Set the code bit for the file's data segment(s).

       Set the code bit for the file's text segments(s).

       Set the modification bit for the file's data segment(s).

       Set the modification bit for the file's text segment(s).

       With common options: mode, flag, flag, flag, flag.

       Set the code bit for a specified segment.

       Enable or disable lazy swap allocation for dynamically allocated
		      segments (such as the stack or heap).

       Set the modification bit for a specified segment.

       Set the page size for a specified segment.

       Specify a segment using an address for a set of attribute
		      modifications.

       Use all segments in the file for a set of attribute modifications.

       Specify a segment using a segment index number for a set of
		      attribute modifications.

   chatr and MAGIC Numbers
       The term applies to the magic number while the term applies to the magic number See magic(4) and the for more information.

       labels the following type of executables in output.

	      shared executable

	      demand load executable

	      normal executable

	      normal		  executable

       The linker produces executables by default.

   Using SHMEM_MAGIC
       is an interim solution until 64-bit addressability is available with a true 64-bit kernel.

       will not be supported on future HP implementations of 64-bit architectures (beyond PA-RISC 2.0).  Programs that need larger than 1.75 GB of
       shared memory on those architectures will have to be recompiled (as 64-bit executables) for those architectures.

       Programs  that  are  compiled as 64-bit executables on any 64-bit HP implementation (including PA-RISC 2.0) cannot be marked as nor do they
       need to be as they will already have access to more than 1.75 GB of shared memory.

       The additional 1 GB of shared memory that is available over other types of executables can be availed of only for system  V  shared  memory
       and not other forms of shared memory (like memory mapped files).

   Large Private Data Space
       Starting  from  the 11i release of HP-UX, an additional 1 to 2GB of private address space is made available for 32-bit programs (if enabled
       on a per process basis), at the expense of shared memory address space. This change increases the amount of private  data  space  available
       for a process.

       Two  new options, and have been added to the command that allow the user to control whether the 3rd quadrant (the 1GB of address space from
       0x80000000-0xBFFFFFFF) and the 4th quadrant (the 1GB of address space from 0xC0000000-0xFFFFFFFF) of a process are part	of  the  processes
       private	address  space or are shared with other running processes.  Previously, the 3rd and 4th quadrants were dedicated for shared object
       usage.  For example, System V shared memory and memory mapped files using a shared mapping

       In order to use this new feature, the maxdsiz kernel configurable variable will need to be increased appropriately; see maxdsiz(5).   Also,
       the system will have to enable enough swap space to support processes with large private address spaces.

   Compatibility issues
       Processes that enable a private 3rd quadrant processes) will reduce the amount of address space available for shared objects by 1GB.  Also,
       processes will not be able to share objects that were created by another, process, even in the 4th quadrant, unless those objects were cre-
       ated  by the process using the flag (System V shared memory) or If recompiling is not an option, it will be necessary to make all processes
       that share objects with the process into processes

       Processes that enable a private 4th quadrant processes) will have no address space available for  shared  objects.   This  means  that  the
       process	will  not  be able to use System V shared memory, shared mapped files, etc.  Shared libraries will still work, although the kernel
       will map them as private.  Note that a process implies that the 3rd quadrant is private also.  In other words, the kernel will not  execute
       a process that only enables a private 4th quadrant.

       Because	the  system  call  gateway  page  has to remain at address 0xC0000000 for binary compatibility reasons, the data segment cannot be
       extended past the beginning of the 4th quadrant.  Therefore, the and system calls will only allow the data segment to  be  expanded  up	to
       that address.

       To  take  advantage  of	private address space in the 4th quadrant, memory will need to be allocated using the system call with the option.
       The system call has been modified to do this automatically.  No re-link will be necessary to take advantage of the new for a  program  that
       uses  a	shared version of the C library.  A program that was linked with a non-shared library version of the C library, however, will need
       to be re-linked.

       These changes have no compatibility impacts if the feature is not enabled.

       This feature can only be enabled for 32-bit programs running on the 64-bit version of HP-UX.  The 32-bit version  of  HP-UX  will  silently
       ignore the request for a private 3rd or 4th quadrant.

   Restricting Execute Permission on Stacks
       A  frequent or common method of breaking into systems is by maliciously overflowing buffers on a program's stack, such as passing unusually
       long, carefully chosen command line arguments to a privileged program that does not expect them.  Malicious unprivileged users can use this
       technique to trick a privileged program into starting a superuser shell for them, or to perform similar unauthorized actions.

       One  simple yet highly effective way to reduce the risk from this type of attack is to remove the execute permission from a program's stack
       pages.  This improves system security without sacrificing performance and has no negative effects on the vast majority of legitimate appli-
       cations.  The changes described in this section only affect the very small number of programs that try to execute (or are tricked into exe-
       cuting) instructions located on the program's stack(s).

       If the stack protection feature described in this section is enabled for a program and that program  attempts  to  execute  code  from  its
       stack(s),  the  HP-UX  kernel will terminate the program with a signal, display a message referring to this manual page section, and log an
       error message to the system message log (use to view the error message).  The message logged by the kernel is:

       If you see one of these messages, check with the program's owner to determine whether this program is legitimately executing code from  its
       stack.	If  it	is,  you  can  use one or both of the methods described below to make the program functional again.  If the program is not
       legitimately executing code from its stack, you should suspect malicious activity and take appropriate action.

       HP-UX provides two options to permit legitimate execution from a program's stack(s).  Combinations of these two options help make site-spe-
       cific tradeoffs between security and compatibility.

       The  first  method  is  the use of the option of and affects individual programs.  It is typically used to specify that a particular binary
       must be able to execute from its stack, regardless of the system default setting.  This allows a restrictive system default while not  pre-
       venting	legitimate  programs  from  executing  code  on  their	stack(s).   Ideally this option should be set (if needed) by the program's
       provider, to minimize the need for manual intervention by whomever installs the program.

       An alternate method is setting the kernel tunable parameter, to set a system-wide default for whether stacks are executable.   Setting  the
       parameter  to  1 (one) with (see sam(1M)) tells the HP-UX kernel not to execute protect program stack(s).  This is the preferred setting if
       compatibility with older releases is more important than security.  Setting it to a 0 (zero) is appropriate if security is  more  important
       than  compatibility.   This  is	the  recommended setting, because it significantly improves system security with minimal, if any, negative
       effects on legitimate applications.

       Combinations of these settings may be appropriate for many applications.  For example, after setting to 0, you may find	that  one  or  two
       critical  applications  no  longer work because they have a legitimate need to execute from their stack(s).  Programs such as simulators or
       interpreters that use self-modifying code are examples you might encounter.  To obtain  the  security  benefits	of  a  restrictive  system
       default while still letting these specific applications run correctly, set to 0, and run on the specific binaries that need to execute code
       from their stack(s).  These binaries can be easily identified when they are executed, because they will print error messages  referring	to
       this manual page.

       The possible settings for are as follows:

	    A setting of 0 (the default value) causes stacks to be non-executable
		   and is strongly preferred from a security perspective.

	    A setting of 1
		   causes  all program stacks to be executable, and is safest from a compatibility perspective but is the least secure setting for
		   this parameter.

	    A setting of 2
		   is equivalent to a setting of 0, except that it gives non-fatal warnings instead of terminating a process  that  is	trying	to
		   execute from its stack.  Using this setting is helpful for users to gain confidence that using a value of 0 will not hurt their
		   legitimate applications.  Again, there is less security protection.

       The table below summarizes the results from using the possible combinations of and when executing from the program's stack.  Running relies
       solely on the setting of the kernel tunable parameter when deciding whether or not to grant execute permission for stacks and is equivalent
       to not having run on the binary.

       chatr +es		     executable_stack	ACTION
       ------------------------------------------------------------------------
       enable				    1		program runs normally
       disable or chatr is not run	    1		program runs normally
       ------------------------------------------------------------------------
       enable				    0		program runs normally
       disable or chatr is not run	    0		program is killed
       ------------------------------------------------------------------------
       enable				    2		program runs normally
       disable or chatr is not run	    2		program runs normally
							with warning displayed

RETURN VALUE

       returns zero on success.  If the command line contents is syntactically incorrect, or one or more of the specified files  cannot  be  acted
       upon, returns information about the files whose attributes could not be modified.  If no files are specified, returns decimal 255.

   Illegal options
       For PA-RISC 32-bit if you use an illegal option, returns the number of words in the command line.  For example,

	      returns  5 (because of illegal option

	      returns 8.

       For PA-RISC 64-bit if you use an illegal option, returns the number of non-option words present after the first illegal option.

	      returns 4.

   Invalid arguments
       If you use an invalid argument with a valid option and you do not specify a file name, both PA-RISC 32-bit and 64-bit return 0.

	      returns 0.

       For PA-RISC 32-bit if you specify a file name (regardless of whether or not the file exists), returns number of words in the command line.

	      returns 4.

       For PA-RISC 64-bit if you specify a file name (regardless of whether or not the file exists), returns the number of files specified.

	      returns 3.

   Invalid files
       For  both PA-RISC 32-bit and 64-bit if the command cannot act on any of the files given, it returns the total number of files specified (if
       some option is specified).  Otherwise it returns the number of files upon which it could not act.

	      (where does not have read/write permission) returns 4.

	      returns 1.

EXTERNAL INFLUENCES

   Environment Variables
       The following internationalization variables affect the execution of

       Determines the locale category for native language, local customs and
			 coded character set in the absence of and other environment variables.  If is not  specified  or  is  set  to	the  empty
			 string, a default of (see lang(5)) is used instead of

       Determines the values for all locale categories and has precedence over
			 and other environment variables.

       Determines the locale category for character handling functions.

       Determines the locale that should be used to affect the format
			 and contents of diagnostic messages written to standard error.

       Determines the locale category for numeric formatting.

       Determines the location of message catalogues for the processing
			 of

       If  any	internationalization  variable	contains an invalid setting, behaves as if all internationalization variables are set to See envi-
       ron(5).

       In addition, the following environment variable affects

       Specifies a directory
			 for temporary files (see tmpnam(3S)).

EXAMPLES

       Change to demand-loaded

       Change binding mode of program file that uses shared libraries to immediate and nonfatal.  Also enable usage of environment variable:

       Disallow run-time path lookup for the shared library that the shared library depends on:

       Given segment index number 5 from a previous run of change the page size to 4 kilobytes:

AUTHOR

       was developed by HP.

SEE ALSO

   System Tools
       ld(1)		   invoke the link editor

   Miscellaneous
       a.out(4) 	   assembler, compiler, and linker output
       magic(4) 	   magic number for HP-UX implementations
       sam(1M)		   system administration manager
       executable_stack(5) controls whether program stacks are executable by default

   Texts and Tutorials
       (See the 	   option)
       (See		   manuals(5) for ordering information)

PA-RISC Systems Only														       chatr_pa(1)