Date: Fri, 21 May 2021 10:17:44 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Jessica Clarke <jrtc27@freebsd.org> Cc: Marcin Wojtas <mw@semihalf.com>, Marcin Wojtas <mw@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@freebsd.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@freebsd.org> Subject: Re: git: af949c590bd8 - main - Disable stack gap for ntpd during build. Message-ID: <20210521141744.pszt7s6l65h6jgtm@mutt-hbsd> In-Reply-To: <02078965-24BE-4F23-92D5-5E8E54A0C3E7@freebsd.org> References: <202105211334.14LDYqoa004343@gitrepo.freebsd.org> <04F25FD0-7863-4AC1-A257-EF0F1EB90659@freebsd.org> <CAPv3WKeV1Oz8Gbv0LBFD03J6k3k%2B2XMBEvi28DuMM8LVq8cjrQ@mail.gmail.com> <02078965-24BE-4F23-92D5-5E8E54A0C3E7@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--ensr6kx62mdtqzwo Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, May 21, 2021 at 03:15:43PM +0100, Jessica Clarke wrote: > > On 21 May 2021, at 15:11, Marcin Wojtas <mw@semihalf.com> wrote: > >=20 > > Hi Jess > >=20 > > pt., 21 maj 2021 o 15:39 Jessica Clarke <jrtc27@freebsd.org> napisa=C5= =82(a): > >>=20 > >> On 21 May 2021, at 14:34, Marcin Wojtas <mw@FreeBSD.org> wrote: > >>>=20 > >>> The branch main has been updated by mw: > >>>=20 > >>> URL: https://cgit.FreeBSD.org/src/commit/?id=3Daf949c590bd8a00a5973b5= 875d7e0fa6832ea64a > >>>=20 > >>> commit af949c590bd8a00a5973b5875d7e0fa6832ea64a > >>> Author: Marcin Wojtas <mw@FreeBSD.org> > >>> AuthorDate: 2021-05-21 09:29:22 +0000 > >>> Commit: Marcin Wojtas <mw@FreeBSD.org> > >>> CommitDate: 2021-05-21 13:33:06 +0000 > >>>=20 > >>> Disable stack gap for ntpd during build. > >>>=20 > >>> When starting, ntpd calls setrlimit(2) to limit maximum size of its > >>> stack. The stack limit chosen by ntpd is 200K, so when stack gap > >>> is enabled, the stack gap is larger than this limit, which results > >>> in ntpd crashing. > >>=20 > >> Isn=E2=80=99t the bug that the unusable gap counts as usage? > >>=20 > >> Jess > >>=20 > >=20 > > An alternative solution was submitted > > (https://reviews.freebsd.org/D29832), so that to extend the limit for > > ntpd, but eventually it was recommended to simple disable the stack > > gap for it until it's fixed upstream (see the last comment in the > > linked revision). >=20 > That=E2=80=99s my point, there is nothing to =E2=80=9Cfix=E2=80=9D upstre= am. NTPD uses less than 200K > of stack, thus it is perfectly reasonable for it to set its limit to that= =2E The > fact that FreeBSD decides to count an arbitrary, non-deterministic amount= of > additional unusable virtual address space towards that limit is not its f= ault, > but a bug in FreeBSD that needs to be fixed as it=E2=80=99s entirely unre= asonable for > applications to have to account for that. Also: Disabling randomization of any part of the address space makes randomization other parts of the address space moot. Toggling ASLR should be all-or-nothing. Especially true for randomizing the stack. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --ensr6kx62mdtqzwo Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmCnwQYACgkQ/y5nonf4 4fp3cQ//Vph+hclAo5YCOAElLn/5LTAEvw0pLVk3jzsNvavVOKHOABt9sEd07LVC TFlcManAZFHUs2KWTKRkZGwtp/xpUD/R/jfg8biP16aZGmGc/rD2n5B4jTPxSz2j hcD4h0jmNkhNxOR1KOsioKXUw0vEYs7qHhe07KaeIyA1RlM17typ570DBW+zB5ws u1PGx3Va89wsaV5SZkKjNZsjJMkGEElVY6ryF8YNCwEHpix8WbwIc070OHdDJ043 i7Xw2JTk8GUOfRralDtdOW/uoZd56Ci9qxsXs8Xl6cAtHkglO/L277FU4RHfwVcm iIHPbxgZEGl0007MdyglgjaDxTfR8KXP1Z7RKkvz4WIlWlhl3d2QcOq9zoXhWyWF +iSzDe+tweDfgi+71fzX7oSn/u1lSWJbJGVVHwkxQha7IXGnPa3fDt1maSXaxZSh IOFnIc7FM9uVyqfoFtUtbhkGvjPwR0rUOK2+qaXUQ5FuGkzYMJ8qA2Xflwu91Dzz OxzOLbNsYkvPT2xnp+huasvvmTKQNeHYigF+yGEO+mBEBZA0tbbjyCgZF25RI0u1 PeeiHZl/1GG1Kz8TlKU35JJjdb+zyF3Kp1OZWtZo9o5WChHvle4pGb5CNE+Li01k ZWspFA2LRe53GJQ+KHkYMndfuJyj/SK/NqDCz6C0fruPloy8ze8= =DGeC -----END PGP SIGNATURE----- --ensr6kx62mdtqzwo--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210521141744.pszt7s6l65h6jgtm>