From owner-freebsd-arch@FreeBSD.ORG Wed Jul 23 23:53:03 2014 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2454EE14; Wed, 23 Jul 2014 23:53:03 +0000 (UTC) Received: from mail-qg0-x229.google.com (mail-qg0-x229.google.com [IPv6:2607:f8b0:400d:c04::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9C7BD2950; Wed, 23 Jul 2014 23:53:02 +0000 (UTC) Received: by mail-qg0-f41.google.com with SMTP id q107so2378767qgd.28 for ; Wed, 23 Jul 2014 16:53:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=T4HffjYVT0XBLWJlB0QtAlkTwxEQ2GCdi+i7rAsRClQ=; b=W+BOTE1wkwJTfCZvqLtjftIv+EH/xvUOZ8pYY+x180gHAx76Lwh0aKtHxe/iOJopWR O7StjXl4iWPv58a5ELefoWcAIYOfPRZD+fUecERyspTvqr2gbZBqV+o4AQQN/uScg3Vl dKS7EJlLy5uknkMomFW57PYv/K0A+xgoXzgy0+Iz4MQ7WLbKxXUKBF9e+XCgV28mliK5 D0LxwvuPk/skF+DOIUeQvhnje24HCXFr59mfi4rOZ+6soNkVfpD/135evvI/CYl5rvnb wO1niA04X8BM2YrgYXVoymsAf8Hr9MHvSro6PORmJ2dCNqxL6RSe+l/ExIC5C58KwwFP 6Uig== X-Received: by 10.224.63.194 with SMTP id c2mr7914983qai.21.1406159581589; Wed, 23 Jul 2014 16:53:01 -0700 (PDT) Received: from pwnie.vrt.sourcefire.com (moist.vrt.sourcefire.com. [198.148.79.134]) by mx.google.com with ESMTPSA id b6sm6332703qak.42.2014.07.23.16.53.00 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Jul 2014 16:53:00 -0700 (PDT) Date: Wed, 23 Jul 2014 19:52:58 -0400 From: Shawn Webb To: Pedro Giffuni Subject: Re: [RFC] ASLR Whitepaper and Candidate Final Patch Message-ID: <20140723235258.GQ29618@pwnie.vrt.sourcefire.com> References: <96C72773-3239-427E-A90B-D05FF0F5B782@freebsd.org> <20140720201858.GB29618@pwnie.vrt.sourcefire.com> <20140723004543.GH29618@pwnie.vrt.sourcefire.com> <20140723234455.GP29618@pwnie.vrt.sourcefire.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="jigfid2yHjNFZUTO" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x6A84658F52456EEE User-Agent: Mutt/1.5.23 (2014-03-12) Cc: PaX Team , Oliver Pinter , Robert Watson , Bryan Drewery , freebsd-arch@freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2014 23:53:03 -0000 --jigfid2yHjNFZUTO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Jul 23, 2014 06:50 PM -0500, Pedro Giffuni wrote: >=20 > Il giorno 23/lug/2014, alle ore 18:44, Shawn Webb ha = scritto: >=20 > > On Jul 23, 2014 06:37 PM -0500, Pedro Giffuni wrote: > >> Hi; > >>=20 > >> Il giorno 22/lug/2014, alle ore 19:45, Shawn Webb = ha scritto: > >>=20 > >>>>> ... > >>>>=20 > >>>> Hi Shawn: > >>>>=20 > >>>> Great news that this work is coming to fruition -- ASLR is long over= due. > >>>>=20 > >>>> Are you having any luck with performance measurements? Unixbench se= ems like a=20 > >>>> good starting point, but I wonder if it would be useful to look, in= =20 > >>>> particular, at memory-mapping intensive workloads that might be affe= cted as a=20 > >>>> result of changes in kernel VM data-structure use, or greater fragme= ntation of > >>>> the address space. I'm not sure I have a specific application here = in mind --=20 > >>>> in the past I might have pointed out tools such as ElectricFence tha= t tend to=20 > >>>> increase fragmentation themselves. > >>>=20 > >>> The unixbench tests on that laptop have finished. However, I've been > >>> fighting a pesky migraine these last couple days, so I haven't had the > >>> opportunity to aggregate the results into a nice little spreadsheet. = I'm > >>> hoping to finish it up by the end of the week. > >>>=20 > >>> I'll take a look at ElectricFence this weekend. Additionally, I have a > >>> netbook somewhere. Once I find it and its power cord, I'll install > >>> FreeBSD/x86 and re-run the same tests on that. > >>>=20 > >>=20 > >> Somewhat related to ElectricFence? will ASLR have an adverse effect on= debuggers? > >>=20 > >> I googled around and got to this: > >>=20 > >> http://www.outflux.net/blog/archives/2010/07/03/gdb-turns-off-aslr/ > >=20 > > I've been doing all my ClamAV development on my FreeBSD box with ASLR > > enabled. Development tools like gdb and valgrind work great, even with > > corefiles. I have not, however, tried lldb. > >=20 >=20 > OK, but it?s worth to take a look if we need to support something to turn= it off. > Apparently gdb disables ASLR on MacOSX too: >=20 > http://reverse.put.as/2011/08/11/how-gdb-disables-aslr-in-mac-os-x-lion/ Completely agreed. It's easily possible my use case is different than others'. The more eyes on this project and the more testers we have, the better. Thanks, Shawn --jigfid2yHjNFZUTO Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJT0ErZAAoJEGqEZY9SRW7uKI4P/1rIOKJkikWx23zxDB5E2Sdt 5Cfl9kyd5P+ON5vZjdQADYnPlltgpppR1BCFyYlZNN59aWybfYQcg1sFbIAE2Vdv 243oyVs8d2clUpm6KGEaOTG2qLvfJ6aTQkWduo+vAE0KF7srQFb6px+Ms3b04GTA YW9fBj8uVn2Qrh0TqssLOkTj5DNFLTyVz8GinyJj7jNR0XPDN657mC167madlqS8 +0r0lvAtER+NRXPJCgykB9WMBo6JLL7MnQkq9kgsVLOGvLHOqB9iXASc4ha2gJGb UIsMJopuCe1cilJPiSw2ba3eCm4d61bgPnD9ZjBC/Mae8xinrS6lQbV4vNRhW/kT ZtHbTqrp+Mw99k1dnbaMh1Pf7SgLReucU8Ql2dOUkUC0FPtc6QVyf8iPCiL7c+hO PNtoL2kSQzH+Vu3n4ovUFXhA11bUInb5bGcWn4Wehdn2ncJ/MuO5xcJD2ehfV98v RaiVH4qkZgOmhWrVhvSx8v2IrvppJhPzu8tA7o3vYvIQwo+qffITaZ9a7TQy0Kt1 KRwXjl4y45XqeToLXMuigNG/GfY33wiKo7+poKpS/Z1c6N4z/75WhJXnskkrdzPx WwF7ZteELrz90VQX8xeqVSiHbGPdLulFn3yPmUFBTpvVb1Alk6X+6yMCuKks1NQR 51tsO+GH0U+rA8Iu2YGU =yHNJ -----END PGP SIGNATURE----- --jigfid2yHjNFZUTO--