From owner-svn-src-head@freebsd.org Fri Jul 7 18:06:16 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 13B8ADA8AF2 for ; Fri, 7 Jul 2017 18:06:16 +0000 (UTC) (envelope-from markmi@dsl-only.net) Received: from asp.reflexion.net (outbound-mail-210-33.reflexion.net [208.70.210.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BAE4C844ED for ; Fri, 7 Jul 2017 18:06:15 +0000 (UTC) (envelope-from markmi@dsl-only.net) Received: (qmail 22271 invoked from network); 7 Jul 2017 18:03:56 -0000 Received: from unknown (HELO mail-cs-01.app.dca.reflexion.local) (10.81.19.1) by 0 (rfx-qmail) with SMTP; 7 Jul 2017 18:03:56 -0000 Received: by mail-cs-01.app.dca.reflexion.local (Reflexion email security v8.40.1) with SMTP; Fri, 07 Jul 2017 13:59:34 -0400 (EDT) Received: (qmail 14805 invoked from network); 7 Jul 2017 17:59:34 -0000 Received: from unknown (HELO iron2.pdx.net) (69.64.224.71) by 0 (rfx-qmail) with (AES256-SHA encrypted) SMTP; 7 Jul 2017 17:59:34 -0000 Received: from [192.168.1.114] (c-76-115-7-162.hsd1.or.comcast.net [76.115.7.162]) by iron2.pdx.net (Postfix) with ESMTPSA id D67E5EC943C; Fri, 7 Jul 2017 10:59:33 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: svn commit: r320674 - head/usr.sbin/bsdinstall/scripts From: Mark Millard In-Reply-To: Date: Fri, 7 Jul 2017 10:59:33 -0700 Cc: svn-src-head@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <55AF105C-66D8-4A6A-AF26-BF6D2B59C142@dsl-only.net> References: <9691CBDC-9C55-4E05-AFA2-9FEFD5E1B21F@dsl-only.net> To: =?utf-8?Q?Bart=C5=82omiej_Rutkowski?= X-Mailer: Apple Mail (2.3273) X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jul 2017 18:06:16 -0000 On 2017-Jul-7, at 1:37 AM, Bart=C5=82omiej Rutkowski = wrote: > On Thu, Jul 6, 2017 at 11:38 PM, Mark Millard = wrote: > The following is only offered as a possibility for where > the 2MB idea might have came from: https://hardenedbsd.org . > I make no claim that the script change is in fact > appropriate: I've not studied the issue. >=20 > Not that it matters at all, but just to clear out the doubts, no this = change was not inspired by HardenedBSD in any way, I'd even say it was = the other way around ;) https://hardenedbsd.org "Stack Clash Mitigations" posting was dated: = 2017-Jun-25 (This is clearly after they had worked on the changes.) Your -r320674 check in date: 2017-Jul-5 https://reviews.freebsd.org/D9700 was earlier and has for Diff 30173: "Update the stack guard option to new sysctl behavior": 2017-Jun-28 (The prior diff [26537] does not have the change.) 2017-Jun-28 is shortly after the hardenedbsd.org posting, not before. So it was not obvious to me that you might have influenced hardenedBSD's changes. Sounds more like full independence to me now. I do not know if you picked 2MB based on > Qualys' recommendation to use a minimum of 1MB or not. (Quoted from hardenedbsd's article.) =3D=3D=3D Mark Millard markmi at dsl-only.net