Date: Fri, 21 May 2021 10:17:44 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Jessica Clarke <jrtc27@freebsd.org> Cc: Marcin Wojtas <mw@semihalf.com>, Marcin Wojtas <mw@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@freebsd.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@freebsd.org> Subject: Re: git: af949c590bd8 - main - Disable stack gap for ntpd during build. Message-ID: <20210521141744.pszt7s6l65h6jgtm@mutt-hbsd> In-Reply-To: <02078965-24BE-4F23-92D5-5E8E54A0C3E7@freebsd.org> References: <202105211334.14LDYqoa004343@gitrepo.freebsd.org> <04F25FD0-7863-4AC1-A257-EF0F1EB90659@freebsd.org> <CAPv3WKeV1Oz8Gbv0LBFD03J6k3k%2B2XMBEvi28DuMM8LVq8cjrQ@mail.gmail.com> <02078965-24BE-4F23-92D5-5E8E54A0C3E7@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Fri, May 21, 2021 at 03:15:43PM +0100, Jessica Clarke wrote: > > On 21 May 2021, at 15:11, Marcin Wojtas <mw@semihalf.com> wrote: > > > > Hi Jess > > > > pt., 21 maj 2021 o 15:39 Jessica Clarke <jrtc27@freebsd.org> napisał(a): > >> > >> On 21 May 2021, at 14:34, Marcin Wojtas <mw@FreeBSD.org> wrote: > >>> > >>> The branch main has been updated by mw: > >>> > >>> URL: https://cgit.FreeBSD.org/src/commit/?id=af949c590bd8a00a5973b5875d7e0fa6832ea64a > >>> > >>> commit af949c590bd8a00a5973b5875d7e0fa6832ea64a > >>> Author: Marcin Wojtas <mw@FreeBSD.org> > >>> AuthorDate: 2021-05-21 09:29:22 +0000 > >>> Commit: Marcin Wojtas <mw@FreeBSD.org> > >>> CommitDate: 2021-05-21 13:33:06 +0000 > >>> > >>> Disable stack gap for ntpd during build. > >>> > >>> When starting, ntpd calls setrlimit(2) to limit maximum size of its > >>> stack. The stack limit chosen by ntpd is 200K, so when stack gap > >>> is enabled, the stack gap is larger than this limit, which results > >>> in ntpd crashing. > >> > >> Isn’t the bug that the unusable gap counts as usage? > >> > >> Jess > >> > > > > An alternative solution was submitted > > (https://reviews.freebsd.org/D29832), so that to extend the limit for > > ntpd, but eventually it was recommended to simple disable the stack > > gap for it until it's fixed upstream (see the last comment in the > > linked revision). > > That’s my point, there is nothing to “fix” upstream. NTPD uses less than 200K > of stack, thus it is perfectly reasonable for it to set its limit to that. The > fact that FreeBSD decides to count an arbitrary, non-deterministic amount of > additional unusable virtual address space towards that limit is not its fault, > but a bug in FreeBSD that needs to be fixed as it’s entirely unreasonable for > applications to have to account for that. Also: Disabling randomization of any part of the address space makes randomization other parts of the address space moot. Toggling ASLR should be all-or-nothing. Especially true for randomizing the stack. Thanks, -- Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmCnwQYACgkQ/y5nonf4 4fp3cQ//Vph+hclAo5YCOAElLn/5LTAEvw0pLVk3jzsNvavVOKHOABt9sEd07LVC TFlcManAZFHUs2KWTKRkZGwtp/xpUD/R/jfg8biP16aZGmGc/rD2n5B4jTPxSz2j hcD4h0jmNkhNxOR1KOsioKXUw0vEYs7qHhe07KaeIyA1RlM17typ570DBW+zB5ws u1PGx3Va89wsaV5SZkKjNZsjJMkGEElVY6ryF8YNCwEHpix8WbwIc070OHdDJ043 i7Xw2JTk8GUOfRralDtdOW/uoZd56Ci9qxsXs8Xl6cAtHkglO/L277FU4RHfwVcm iIHPbxgZEGl0007MdyglgjaDxTfR8KXP1Z7RKkvz4WIlWlhl3d2QcOq9zoXhWyWF +iSzDe+tweDfgi+71fzX7oSn/u1lSWJbJGVVHwkxQha7IXGnPa3fDt1maSXaxZSh IOFnIc7FM9uVyqfoFtUtbhkGvjPwR0rUOK2+qaXUQ5FuGkzYMJ8qA2Xflwu91Dzz OxzOLbNsYkvPT2xnp+huasvvmTKQNeHYigF+yGEO+mBEBZA0tbbjyCgZF25RI0u1 PeeiHZl/1GG1Kz8TlKU35JJjdb+zyF3Kp1OZWtZo9o5WChHvle4pGb5CNE+Li01k ZWspFA2LRe53GJQ+KHkYMndfuJyj/SK/NqDCz6C0fruPloy8ze8= =DGeC -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210521141744.pszt7s6l65h6jgtm>