From owner-freebsd-stable@freebsd.org  Mon Jul 17 13:47:14 2017
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 29B8DD7FAB1
 for <freebsd-stable@mailman.ysv.freebsd.org>;
 Mon, 17 Jul 2017 13:47:14 +0000 (UTC)
 (envelope-from vlad-fbsd@acheronmedia.com)
Received: from mx.irealone.hr (xoth.irealone.hr [136.243.79.146])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id E4F17205C
 for <freebsd-stable@freebsd.org>; Mon, 17 Jul 2017 13:47:13 +0000 (UTC)
 (envelope-from vlad-fbsd@acheronmedia.com)
Received: by mx.irealone.hr (Postfix, from userid 58)
 id 14AB67626; Mon, 17 Jul 2017 15:47:09 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 postfix.xoth.irealone.hr
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00
 autolearn=ham autolearn_force=no version=3.4.1
Received: from mail.irealone.com (unknown [10.0.0.10])
 by mx.irealone.hr (Postfix) with ESMTP id AD5DE7622
 for <freebsd-stable@freebsd.org>; Mon, 17 Jul 2017 15:47:08 +0200 (CEST)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Mon, 17 Jul 2017 15:47:08 +0200
From: "Vlad K." <vlad-fbsd@acheronmedia.com>
To: freebsd-stable@freebsd.org
Subject: Re: stack_guard hardening bsdinstall option in STABLE and 11.1
Organization: Acheron Media
In-Reply-To: <20170717133359.GP16843@FreeBSD.org>
References: <f16afd19d4e0be57dc5cef0b68a7edea@acheronmedia.com>
 <20170717133359.GP16843@FreeBSD.org>
Message-ID: <61f79801976fab6770471cd3e2359652@acheronmedia.com>
X-Sender: vlad-fbsd@acheronmedia.com
User-Agent: Roundcube Webmail/1.2.5
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 13:47:14 -0000

On 2017-07-17 15:33, Glen Barber wrote:
> 
> No, this is not available in the 11.1 installer.
> 
> Glen

Thanks but that's why I asked why's that. r320674 said MFC after 1 day. 
Is it too late for 11.1-RELEASE, so it'll be applied to 11-STABLE, or is 
there another reason?

If its' too late, does that mean it's too late for the installer, but 
the new stack_guard code is there in STABLE and I am guessing will be 
part of 11.1, so we can assume the sysctl to be an integer (as opposed 
to enable/disable semantics of the sysctl in 11.0)? In other words, is 
it safe to ramp up the gap size in 11.1?


-- 
Vlad K.