From owner-freebsd-arch@FreeBSD.ORG  Thu Jun 26 12:13:44 2008
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3B1571065680
	for <freebsd-arch@freebsd.org>; Thu, 26 Jun 2008 12:13:44 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 054528FC1D
	for <freebsd-arch@freebsd.org>; Thu, 26 Jun 2008 12:13:43 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id 5CDC646B8C;
	Thu, 26 Jun 2008 07:56:07 -0400 (EDT)
Date: Thu, 26 Jun 2008 12:56:07 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Jeremie Le Hen <jeremie@le-hen.org>
In-Reply-To: <20080625092640.GC15815@obiwan.tataz.chchile.org>
Message-ID: <20080626125416.R96707@fledge.watson.org>
References: <200804181945.59189.max@love2party.net>
	<20080418204738.GE4840@obiwan.tataz.chchile.org>
	<20080419071400.GP73016@server.vk2pj.dyndns.org>
	<20080419074921.GI4840@obiwan.tataz.chchile.org>
	<20080420095911.GT5934@hoeg.nl>
	<f19c444a0804200320ifd64f85tbb19bcdbbb657dbb@mail.gmail.com>
	<20080423131720.GP92168@obiwan.tataz.chchile.org>
	<20080609200937.GB72413@obiwan.tataz.chchile.org>
	<486174DE.4080307@FreeBSD.org> <48617F66.6050607@FreeBSD.org>
	<20080625092640.GC15815@obiwan.tataz.chchile.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: Kris Kennaway <kris@FreeBSD.org>, Ruslan Ermilov <ru@FreeBSD.org>,
	freebsd-arch@freebsd.org
Subject: Re: Integration of ProPolice in FreeBSD
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jun 2008 12:13:44 -0000

On Wed, 25 Jun 2008, Jeremie Le Hen wrote:

>>  I'm running a build with CFLAGS += -fstack-protector now...just to see how
>>  much chaos will ensue :)
>
> All ports on my laptop are compiled with it.  Only a few ones broke
> during build:
>    lang/gcc41
>    lang/gcc42	(gcc4x should break too)
>    emulators/qemu
>    net/etherboot
>
> Firefox, Gnome, X.org, and everything else seems to not only compile but 
> also work correctly.
>
> There may be little noise on freebsd-ports@ once the ports bits will have 
> been provided, because Propolice may put forth a few bugs involving stack 
> based buffers.  In this case, the program is killed with SIGABRT and message 
> "stack overflow detected; terminated" is issued to syslog.

I'd guess that this is rather well-trodden ground by other projects, since 
most operating systems ship with stack protection enabled by default these 
days.  Our dubious advantage is that other people have probably found many of 
the problems in third-party applications themselves at this point :-).

Robert N M Watson
Computer Laboratory
University of Cambridge