From owner-freebsd-current@freebsd.org Mon Nov 2 14:33:37 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9CE36A024FD for ; Mon, 2 Nov 2015 14:33:37 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-vk0-x22b.google.com (mail-vk0-x22b.google.com [IPv6:2607:f8b0:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4A0E913D6 for ; Mon, 2 Nov 2015 14:33:37 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by vkgs66 with SMTP id s66so86154049vkg.1 for ; Mon, 02 Nov 2015 06:33:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd_org.20150623.gappssmtp.com; s=20150623; h=from:to:subject:date:message-id:organization:user-agent :mime-version:content-type; bh=rIzq5fRVWQ2iOLhsla/2WdS3zORDuCgUuyGuCU/74D4=; b=r8tJERsBVVL/hH4ljF1iFDXjXImBjnJcFnLYzzrUS3ud4hJB9U0GWwycDAAotSjAe+ 6RBTi109M9jfGfadvKxuZxTKyzkdhpqfBimqUPzivHtdt394i1aoOeSz2NEZpunduKa4 foV9/FpSXJ3RtHxu+B7LsROlIV6DM6/Zs1KMz3p9Efv3FwBknlCXDjV6zxxPmqRLS7x3 9XRwi3+CS5CIm9xRXoUOuES71IEqoN8ZH950Bof7Ik5s9/Cm3PSgRvZO8E47Yb7Hi7PT D9DdXLDiITAF/x7IIRPFQCkowZzaa9QkZhBC19xWOmtPy+hqSkpDIIswh7NEqR8JeZVc 1m6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:message-id:organization :user-agent:mime-version:content-type; bh=rIzq5fRVWQ2iOLhsla/2WdS3zORDuCgUuyGuCU/74D4=; b=TSVBbRaUxKVmKaz1tfodhEdJ5RY+YwO/St2kMsikOO4atmbW440QlweZTXnJ/QREpz hEJe7+asgZ6dmJ/3LB4vsNWxnEzAlrRfaTGcf0i7016CrFFV2beD3LbtXOhp/b3Lo6If PLzuVTzyAoTkwc316j4qkj47XFFBpMMh2Oswq2bfIIFhP6YRJTu574IiuBXw3ojSHFmo pmGd3qzZXGi4+7+/aIWKW5V+WHzkLdUvkHlARTPKtbS+1uFJi1TTu++x8Oxf99vxTU46 zUSyeAVHTUQEEwFm5uLcGu+kDZhVKQYoMi34Fs30c7jnf0XxWjl7KRFFh5SJVNAUB04I KObw== X-Gm-Message-State: ALoCoQkYF7gBccU9gTmBfAympBIxZqNCGV7opEPcg/6Gf/8jvhRP6hE7427Berxnq0oiRIzsE+m4vv/aL3mCQa2CkQnt2F1wbUIuJN7y4/CF8dkrLgTBnuvOBCIg/aunPQ0fxhKbZ04XG6E8mHtxDHvvYXEHJkVsvIYpoGpVeCFD94kvt+JLKkEnKR/vpT1/aqTP3RKPoOVQ X-Received: by 10.31.157.75 with SMTP id g72mr15055851vke.153.1446474816498; Mon, 02 Nov 2015 06:33:36 -0800 (PST) Received: from hbsd-dev-laptop.localnet ([129.6.251.181]) by smtp.gmail.com with ESMTPSA id m16sm6218600vke.20.2015.11.02.06.33.35 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Nov 2015 06:33:36 -0800 (PST) From: Shawn Webb To: freebsd-current@freebsd.org Subject: Per-process PS_STRINGS, USRSTACK, shared_obj_base, and sigcode_base Date: Mon, 02 Nov 2015 09:33:34 -0500 Message-ID: <1627340.Jc3dhoJChb@hbsd-dev-laptop> Organization: HardenedBSD User-Agent: KMail/4.14.3 (FreeBSD/11.0-CURRENT-HBSD; KDE/4.14.3; amd64; ; ) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart40241747.OuFrxeV1Z1"; micalg="pgp-sha256"; protocol="application/pgp-signature" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Nov 2015 14:33:37 -0000 --nextPart40241747.OuFrxeV1Z1 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="us-ascii" Hey All, I've updated this patch to the latest HEAD. This patch is a preparatory= patch=20 for ASLR. It makes it so that PS_STRINGS, USRSTACK, the VDSO, and the s= ignal=20 trampolining code pointers are all stored per-process. Going forward, w= ith=20 HardenedBSD's ASLR patch, these values will be modified to introduce=20= randomness/entropy. The goal with this patch is to allow randomization = of the=20 stack base address and the VDSO. You can find the patch here: https://reviews.freebsd.org/D3565 Thanks, =2D-=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --nextPart40241747.OuFrxeV1Z1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJWN3Q+AAoJEGqEZY9SRW7uzUEQAIBLe9l/TuspDsaEX4CPvLK5 cp96MY4vOft5hkvmmEpcRN8IOKfrUjSG1Z+RA3JDLtr7pMdJ7htlPxkcd0xHIh3B Vbsk1pJ0vXEO6ms4a4uenH2n/GHgK5QvIDY5UEAGIdBZpRoVVjj5yTFfZpeA9Yr1 ZAGY62iqzmq4z27CrACsnysT4XNlyVMMUlb5pv3c4fa8rjbpia7Gr6VxXBuJ1s54 GnumhBIQczGwT9+gYIrQ68k/KDrO7vtEe/o7RvRN4GqtUJwsZaKSmdpF81zmqLDg Os7CfNDN/GNhVzENMiJslWfB5uO9qTR43QpN58T59qjtRc9WlBdpiH8NPHJqtM1G znkyt+xUNWdQGukQgl5CZLL0HEjrU2bhq2Zym/stRlk5uD+gHGOQ5nq6dD8YJ1ju c6IdW6YywYmRKejIMbGefdAbW2il5HU9bST3loVT2R5Sxuidv9A2l+6AaOr+2dc4 I7XhyPv03AmmjQ8QPFzPgNDWZHKT+akQ65a4gAG+4aGIYnGacBdGY2TyHq+VdMBb H5FRRemoJcn7iKl6BRntArQosD1EilCrnT4bhL8Wv7qiV7gz68seY2swIkMwcCiI kHyBi+Ci8DJrQeyUZYHRcYU0sGxKKNmNsIZ0rC27/mSgji8+XDe29OiV8n4agRu/ SzoW6jjId8rR0nTm5oOs =rTD4 -----END PGP SIGNATURE----- --nextPart40241747.OuFrxeV1Z1--