From owner-dev-commits-src-all@freebsd.org Fri May 21 14:17:47 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3CC00633B50 for ; Fri, 21 May 2021 14:17:47 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-qk1-x72a.google.com (mail-qk1-x72a.google.com [IPv6:2607:f8b0:4864:20::72a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fmpbb0M7zz3htL for ; Fri, 21 May 2021 14:17:46 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-qk1-x72a.google.com with SMTP id 82so8463861qki.8 for ; Fri, 21 May 2021 07:17:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=v8f56cGYfUTiFhL3KQjhHcq07x9plt72zDvEsui2CFs=; b=HfK7c/CZCMqzdET1wT+48pSJZVnfQgT5wvzilqR54BC893v7j1NDhPlL0og9l4t9WF 4l3uK7dTEYwG1pUMaARV3tfupDTnP7f5kkS6Tqx+1ltMWlEo5VElfj7QBwy3zciEC7wH KBd7f2mxY1M+YI3BtR/RISUNNxLN34s4wCSLugjck1MzoglopZLVgQYF54/T1IzhRx6y FJFSKbN7v0B8dA20A95gNUO1MMwJxrS4pzPacNdjazVrSA+96Z4KTFB4B19TN8YVPJ/n yKSUm1/iKTdN4rgRP+hRtBkaVcYFqjU0cmn8TPO9mbUDpP3mryPoQoloun/OqRdbhOsP TWow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=v8f56cGYfUTiFhL3KQjhHcq07x9plt72zDvEsui2CFs=; b=YNaOY26sB0mn5Yh/KMqI+UuXMMcxuHkw3/97U/NIK+75nGBlhCNJC9wg442APkdinc KcToyGjHxUzFb5G0TWGpIMFi0I7FWQf12mckYQSGIgn+TN86MUk2C9+LUvwu440NOlM3 5D9v7lMPJ6MWb1/a2r5tp2vALNZvar0E3oR2FF1IRhVz8Hb0cS2xXNwKI4dxK7LhvN+D nRREwK0CVYxw1yg83LW1MnO5JAWB8npg7fqFKnBiPRAwVCtYfEPpZz0acXJbrvIFB3Zk o5RBOPxVdaXaNTPDIxColj9HqsjGToVcRYmnNMjxauQVm6E8wq/BIgbyzZn93Os8ESCA fPbg== X-Gm-Message-State: AOAM533Yj8e5q5Dxz3StcRGimeAuKMvdi58jpZ/Z1dm2KkXk8eV4Hvrh I/CBBt3htj09YcYDcx95cWDh6g== X-Google-Smtp-Source: ABdhPJzy9omNkr6fQ/qF9QTr56wLpPPi0RvzRNGfoUw1B8u43bHXIHoGj6cwGjfvogtUdjGtCVP69A== X-Received: by 2002:a37:4697:: with SMTP id t145mr12495233qka.188.1621606666257; Fri, 21 May 2021 07:17:46 -0700 (PDT) Received: from mutt-hbsd (pool-100-16-224-136.bltmmd.fios.verizon.net. [100.16.224.136]) by smtp.gmail.com with ESMTPSA id q13sm5008168qkn.10.2021.05.21.07.17.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 May 2021 07:17:45 -0700 (PDT) Date: Fri, 21 May 2021 10:17:44 -0400 From: Shawn Webb To: Jessica Clarke Cc: Marcin Wojtas , Marcin Wojtas , "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" Subject: Re: git: af949c590bd8 - main - Disable stack gap for ntpd during build. Message-ID: <20210521141744.pszt7s6l65h6jgtm@mutt-hbsd> X-Operating-System: FreeBSD mutt-hbsd 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc References: <202105211334.14LDYqoa004343@gitrepo.freebsd.org> <04F25FD0-7863-4AC1-A257-EF0F1EB90659@freebsd.org> <02078965-24BE-4F23-92D5-5E8E54A0C3E7@freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="ensr6kx62mdtqzwo" Content-Disposition: inline In-Reply-To: <02078965-24BE-4F23-92D5-5E8E54A0C3E7@freebsd.org> X-Rspamd-Queue-Id: 4Fmpbb0M7zz3htL X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 May 2021 14:17:47 -0000 --ensr6kx62mdtqzwo Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, May 21, 2021 at 03:15:43PM +0100, Jessica Clarke wrote: > > On 21 May 2021, at 15:11, Marcin Wojtas wrote: > >=20 > > Hi Jess > >=20 > > pt., 21 maj 2021 o 15:39 Jessica Clarke napisa=C5= =82(a): > >>=20 > >> On 21 May 2021, at 14:34, Marcin Wojtas wrote: > >>>=20 > >>> The branch main has been updated by mw: > >>>=20 > >>> URL: https://cgit.FreeBSD.org/src/commit/?id=3Daf949c590bd8a00a5973b5= 875d7e0fa6832ea64a > >>>=20 > >>> commit af949c590bd8a00a5973b5875d7e0fa6832ea64a > >>> Author: Marcin Wojtas > >>> AuthorDate: 2021-05-21 09:29:22 +0000 > >>> Commit: Marcin Wojtas > >>> CommitDate: 2021-05-21 13:33:06 +0000 > >>>=20 > >>> Disable stack gap for ntpd during build. > >>>=20 > >>> When starting, ntpd calls setrlimit(2) to limit maximum size of its > >>> stack. The stack limit chosen by ntpd is 200K, so when stack gap > >>> is enabled, the stack gap is larger than this limit, which results > >>> in ntpd crashing. > >>=20 > >> Isn=E2=80=99t the bug that the unusable gap counts as usage? > >>=20 > >> Jess > >>=20 > >=20 > > An alternative solution was submitted > > (https://reviews.freebsd.org/D29832), so that to extend the limit for > > ntpd, but eventually it was recommended to simple disable the stack > > gap for it until it's fixed upstream (see the last comment in the > > linked revision). >=20 > That=E2=80=99s my point, there is nothing to =E2=80=9Cfix=E2=80=9D upstre= am. NTPD uses less than 200K > of stack, thus it is perfectly reasonable for it to set its limit to that= =2E The > fact that FreeBSD decides to count an arbitrary, non-deterministic amount= of > additional unusable virtual address space towards that limit is not its f= ault, > but a bug in FreeBSD that needs to be fixed as it=E2=80=99s entirely unre= asonable for > applications to have to account for that. Also: Disabling randomization of any part of the address space makes randomization other parts of the address space moot. Toggling ASLR should be all-or-nothing. Especially true for randomizing the stack. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --ensr6kx62mdtqzwo Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmCnwQYACgkQ/y5nonf4 4fp3cQ//Vph+hclAo5YCOAElLn/5LTAEvw0pLVk3jzsNvavVOKHOABt9sEd07LVC TFlcManAZFHUs2KWTKRkZGwtp/xpUD/R/jfg8biP16aZGmGc/rD2n5B4jTPxSz2j hcD4h0jmNkhNxOR1KOsioKXUw0vEYs7qHhe07KaeIyA1RlM17typ570DBW+zB5ws u1PGx3Va89wsaV5SZkKjNZsjJMkGEElVY6ryF8YNCwEHpix8WbwIc070OHdDJ043 i7Xw2JTk8GUOfRralDtdOW/uoZd56Ci9qxsXs8Xl6cAtHkglO/L277FU4RHfwVcm iIHPbxgZEGl0007MdyglgjaDxTfR8KXP1Z7RKkvz4WIlWlhl3d2QcOq9zoXhWyWF +iSzDe+tweDfgi+71fzX7oSn/u1lSWJbJGVVHwkxQha7IXGnPa3fDt1maSXaxZSh IOFnIc7FM9uVyqfoFtUtbhkGvjPwR0rUOK2+qaXUQ5FuGkzYMJ8qA2Xflwu91Dzz OxzOLbNsYkvPT2xnp+huasvvmTKQNeHYigF+yGEO+mBEBZA0tbbjyCgZF25RI0u1 PeeiHZl/1GG1Kz8TlKU35JJjdb+zyF3Kp1OZWtZo9o5WChHvle4pGb5CNE+Li01k ZWspFA2LRe53GJQ+KHkYMndfuJyj/SK/NqDCz6C0fruPloy8ze8= =DGeC -----END PGP SIGNATURE----- --ensr6kx62mdtqzwo--