From owner-dev-commits-src-all@freebsd.org  Wed Feb 24 23:26:45 2021
Return-Path: <owner-dev-commits-src-all@freebsd.org>
Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 77F1154C9DB;
 Wed, 24 Feb 2021 23:26:45 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DmBrh6R4cz4mHn;
 Wed, 24 Feb 2021 23:26:44 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B04F34F5C;
 Wed, 24 Feb 2021 23:26:44 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 11ONQic5073198;
 Wed, 24 Feb 2021 23:26:44 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 11ONQikl073197;
 Wed, 24 Feb 2021 23:26:44 GMT (envelope-from git)
Date: Wed, 24 Feb 2021 23:26:44 GMT
Message-Id: <202102242326.11ONQikl073197@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
From: Marcin Wojtas <mw@FreeBSD.org>
Subject: git: 9a227a2fd642 - main - Enable PIE by default on 64-bit
 architectures
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mw
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 9a227a2fd642ec057a0ec70d67d5699d65553294
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-all@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for all branches of the src repository
 <dev-commits-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-all/>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Help: <mailto:dev-commits-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2021 23:26:45 -0000

The branch main has been updated by mw:

URL: https://cgit.FreeBSD.org/src/commit/?id=9a227a2fd642ec057a0ec70d67d5699d65553294

commit 9a227a2fd642ec057a0ec70d67d5699d65553294
Author:     Marcin Wojtas <mw@FreeBSD.org>
AuthorDate: 2021-01-22 12:13:03 +0000
Commit:     Marcin Wojtas <mw@FreeBSD.org>
CommitDate: 2021-02-24 23:26:11 +0000

    Enable PIE by default on 64-bit architectures
    
    This patch adds Position Independent Executables (PIE)
    flags for building OS. It allows to enable the ASLR
    feature based only on the sysctl knobs, without
    need to rebuild the image. Tests showed that
    no problems with stability / performance degradation
    were seen when using PIEs with ASLR disabled.
    
    The change is limited only for 64-bit architectures.
    
    Use bsd.opts.mk instead of the src.opts.mk in order
    to satisfy all build dependencies related to MK_PIE.
    
    Reviewed by: emaste, imp
    Obtained from: Semihalf
    Sponsored by: Stormshield
    Differential Revision: https://reviews.freebsd.org/D28328
---
 share/mk/bsd.opts.mk | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/share/mk/bsd.opts.mk b/share/mk/bsd.opts.mk
index 88c73cc6bfe4..9f9889d0a0f0 100644
--- a/share/mk/bsd.opts.mk
+++ b/share/mk/bsd.opts.mk
@@ -75,7 +75,6 @@ __DEFAULT_NO_OPTIONS = \
     INIT_ALL_PATTERN \
     INIT_ALL_ZERO \
     INSTALL_AS_USER \
-    PIE \
     RETPOLINE \
     STALE_STAGED
 
@@ -85,6 +84,21 @@ __DEFAULT_DEPENDENT_OPTIONS = \
     STAGING_PROG/STAGING \
     STALE_STAGED/STAGING \
 
+#
+# Default to disabling PIE on 32-bit architectures. The small address space
+# means that ASLR is of limited effectiveness, and it may cause issues with
+# some memory-hungry workloads.
+#
+.if ${MACHINE_ARCH} == "armv6" || ${MACHINE_ARCH} == "armv7" \
+    || ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "mips" \
+    || ${MACHINE_ARCH} == "mipsel" || ${MACHINE_ARCH} == "mipselhf" \
+    || ${MACHINE_ARCH} == "mipshf" || ${MACHINE_ARCH} == "mipsn32" \
+    || ${MACHINE_ARCH} == "mipsn32el" || ${MACHINE_ARCH} == "powerpc" \
+    || ${MACHINE_ARCH} == "powerpcspe"
+__DEFAULT_NO_OPTIONS+= PIE
+.else
+__DEFAULT_YES_OPTIONS+=PIE
+.endif
 
 .include <bsd.mkopt.mk>