Date: Wed, 14 May 2014 10:02:09 -0700 From: Adrian Chadd <adrian@freebsd.org> To: Shawn Webb <lattera@gmail.com> Cc: freebsd-security@freebsd.org, freebsd-current <freebsd-current@freebsd.org>, FreeBSD Stable Mailing List <freebsd-stable@freebsd.org> Subject: Re: [CFT] ASLR, PIE, and segvguard on 11-current and 10-stable Message-ID: <CAJ-Vmonm5k05ap03CvXR3tosJ6at-gxeaT0d4%2BJ1QzQ8-5viww@mail.gmail.com> In-Reply-To: <20140514135852.GC3063@pwnie.vrt.sourcefire.com> References: <20140514135852.GC3063@pwnie.vrt.sourcefire.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! Cool! Does it run on MIPS? :P -a On 14 May 2014 06:58, Shawn Webb <lattera@gmail.com> wrote: > Hey All, > > [NOTE: crossposting between freebsd-current@, freebsd-security@, and > freebsd-stable@. Please forgive me if crossposting is frowned upon.] > > Address Space Layout Randomization, or ASLR for short, is an exploit > mitigation technology. It helps secure applications against low-level > exploits. A popular secure implementation is known as PaX ASLR, which is > a third-party patch for Linux. Our implementation is based off of PaX's. > > Oliver Pinter, Danilo Egea, and I have been working hard to bring more > features and robust stability to our ASLR patches. We've done extensive > testing on amd64. We'd like to get as many people testing these patches. > Given the nature of them, we'd also like as many eyeballs reviewing the > code as well. > > I have a Raspberry Pi and have noticed a few bugs. On ARM (at least, on > the RPI), when a parent forks a child, and the child gracefully exits, > the parent segfaults with the pc register pointing to 0xc0000000. That > address is always the same, no matter the application. If anyone knows > the ARM architecture well, and how FreeBSD ties into it, I'd like a > little guidance. > > I also have a sparc64 box, but I'm having trouble getting a vanilla > 11-current system to be stable on it. I ought to file a few PRs. > > You can find links to the patches below. > > Patch for 11-current: > http://www.crysys.hu/~op/freebsd/patches/20140514091132-freebsd-current-aslr-segvguard-SNAPSHOT.diff > > Patch for 10-stable: > http://www.crysys.hu/~op/freebsd/patches/20140514091132-freebsd-stable-10-aslr-segvguard-SNAPSHOT.diff > > Thanks, > > Shawn Webb
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-Vmonm5k05ap03CvXR3tosJ6at-gxeaT0d4%2BJ1QzQ8-5viww>