From owner-freebsd-arch@FreeBSD.ORG Wed Jul 23 23:44:59 2014 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 82CE9BEF; Wed, 23 Jul 2014 23:44:59 +0000 (UTC) Received: from mail-qg0-x22f.google.com (mail-qg0-x22f.google.com [IPv6:2607:f8b0:400d:c04::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 086AF287E; Wed, 23 Jul 2014 23:44:58 +0000 (UTC) Received: by mail-qg0-f47.google.com with SMTP id i50so2310300qgf.20 for ; Wed, 23 Jul 2014 16:44:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=uJdUGdvtC2HHJL4WeRfFTS8JKREzxprLIim+BOwtCdk=; b=lMtc5DLCbEQrzPlri1r+FqvpzVnnpEiZakh8P1HPKgpIR/PjdCfxmSmI+gPVEjDX3W J5SjZG3RVxNUVUZ6vH47vq3hBfP2/NLkbtshrjn9luFA7NEeQMVsFHknK9iGf0bEZU00 SPsRFnizPrMxduz8FHrgORZxUo1s+8BBji3975bS3B8xrn36UgGg07G+s8w+IULNiAXy rWrhuW2WARlXTrrHZUDF6prcvYP/CsY9O4gXgXFhy8dAO3oOymMY+yMl7a9qfDs1O00R D9Icc9Dws716V2ylY9+TjBme4tu4gXT+vssMbH54Tsn6MmLwHE6fuRSopxIEH58cDeRG w+uw== X-Received: by 10.224.54.136 with SMTP id q8mr7852349qag.79.1406159098101; Wed, 23 Jul 2014 16:44:58 -0700 (PDT) Received: from pwnie.vrt.sourcefire.com (moist.vrt.sourcefire.com. [198.148.79.134]) by mx.google.com with ESMTPSA id j97sm5133625qgd.37.2014.07.23.16.44.56 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Jul 2014 16:44:57 -0700 (PDT) Date: Wed, 23 Jul 2014 19:44:55 -0400 From: Shawn Webb To: Pedro Giffuni Subject: Re: [RFC] ASLR Whitepaper and Candidate Final Patch Message-ID: <20140723234455.GP29618@pwnie.vrt.sourcefire.com> References: <96C72773-3239-427E-A90B-D05FF0F5B782@freebsd.org> <20140720201858.GB29618@pwnie.vrt.sourcefire.com> <20140723004543.GH29618@pwnie.vrt.sourcefire.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="o41d8xLWOaLD8vYh" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x6A84658F52456EEE User-Agent: Mutt/1.5.23 (2014-03-12) Cc: PaX Team , Oliver Pinter , Robert Watson , Bryan Drewery , freebsd-arch@freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2014 23:44:59 -0000 --o41d8xLWOaLD8vYh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Jul 23, 2014 06:37 PM -0500, Pedro Giffuni wrote: > Hi; >=20 > Il giorno 22/lug/2014, alle ore 19:45, Shawn Webb ha = scritto: >=20 > >>> ... > >>=20 > >> Hi Shawn: > >>=20 > >> Great news that this work is coming to fruition -- ASLR is long overdu= e. > >>=20 > >> Are you having any luck with performance measurements? Unixbench seem= s like a=20 > >> good starting point, but I wonder if it would be useful to look, in=20 > >> particular, at memory-mapping intensive workloads that might be affect= ed as a=20 > >> result of changes in kernel VM data-structure use, or greater fragment= ation of=20 > >> the address space. I'm not sure I have a specific application here in= mind --=20 > >> in the past I might have pointed out tools such as ElectricFence that = tend to=20 > >> increase fragmentation themselves. > >=20 > > The unixbench tests on that laptop have finished. However, I've been > > fighting a pesky migraine these last couple days, so I haven't had the > > opportunity to aggregate the results into a nice little spreadsheet. I'm > > hoping to finish it up by the end of the week. > >=20 > > I'll take a look at ElectricFence this weekend. Additionally, I have a > > netbook somewhere. Once I find it and its power cord, I'll install > > FreeBSD/x86 and re-run the same tests on that. > >=20 >=20 > Somewhat related to ElectricFence? will ASLR have an adverse effect on de= buggers? >=20 > I googled around and got to this: >=20 > http://www.outflux.net/blog/archives/2010/07/03/gdb-turns-off-aslr/ I've been doing all my ClamAV development on my FreeBSD box with ASLR enabled. Development tools like gdb and valgrind work great, even with corefiles. I have not, however, tried lldb. >=20 > So I guess we may have to patch gdb (and lldb)? =46rom my experience with ClamAV development, I don't think so. gdb uses ptrace to get and set the registers, so ASLR doesn't matter. >=20 > Pedro. >=20 --o41d8xLWOaLD8vYh Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJT0Ej1AAoJEGqEZY9SRW7uBDEP/ixd5suvrTzdlY+bKBRkfEJ4 SFRQi/UViQSU+6NtbnlvyJnbF6KfgKaM24jOo6O0so8Mwkm7CUtZVcidHITF2X5e wJz98Rpq7iaocrsLMoYhoSI0YYMcyI2IdsFquS0MOacxmEePBTSKBlJN1R60CbpB uZxhtpoSpD1o3rqWsG+JAMsrTDdOagrrtdO6zTf9VHLAG+Tjr4nFNCQJiXwnIs/H KbeqPYKp7Sj9Yu9E5rjkctYDYdkVRcDaFTHylQ8i19Uo1b+ThV+yvDr4LvHUTREc MqlumWz7a3PvWBhEyogUzBIJHXUnIsxyUREC4L2Q8iyH09U51uwKWLN4LumtXweL fG6fRv+0fZHYbMVsCDdrUhKgtcWG6zpkgG0bpD8sAIS7a/n7/LmGbkbhAHEBhHMQ m90WcKeGHiL0XDJJ35iKRip7E4zNN6DTmh1TP52feIbK6agCPLcT+DkEBdFypnFh ZFTHvDV4Fu6DBgIePcdSuPnlwslDPSK8lAGxWyKH77hEYXngvgbqfcHAsoLdtq2x XIa+56Ynq1ksZC/NxrDCG+TJ8kIFTqi6yJgDZlU6pWPlpUv/tIQKaAhSsfodLsYk nsAGkoYMXjrtZL+Bn4jakvaKR1mKLcs/dMTEb82X3Ioq9sCFptBjSJ43pooAlpuE V2IZJGRI2Q6PUibHOBc1 =JlWH -----END PGP SIGNATURE----- --o41d8xLWOaLD8vYh--