From owner-svn-src-head@FreeBSD.ORG Sun Jun 8 19:14:13 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1A2DC745; Sun, 8 Jun 2014 19:14:13 +0000 (UTC) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id F40F42072; Sun, 8 Jun 2014 19:14:12 +0000 (UTC) Received: from Alfreds-MacBook-Pro-9.local (c-76-21-10-192.hsd1.ca.comcast.net [76.21.10.192]) by elvis.mu.org (Postfix) with ESMTPSA id 9DC8C1A3C23; Sun, 8 Jun 2014 12:14:11 -0700 (PDT) Message-ID: <5394B607.1000109@mu.org> Date: Sun, 08 Jun 2014 12:14:15 -0700 From: Alfred Perlstein User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: Konstantin Belousov Subject: Re: svn commit: r267233 - in head: . bin/rmail gnu/usr.bin/binutils/addr2line gnu/usr.bin/binutils/nm gnu/usr.bin/binutils/objcopy gnu/usr.bin/binutils/objdump gnu/usr.bin/binutils/readelf gnu/usr.bin/... References: <201406081729.s58HTWkc006213@svn.freebsd.org> <74512A27-DD5F-4D43-BFA1-0AC04E0D08B4@FreeBSD.org> <20140608182728.GX3991@kib.kiev.ua> <5394ABD2.5040009@mu.org> <20140608184451.GZ3991@kib.kiev.ua> In-Reply-To: <20140608184451.GZ3991@kib.kiev.ua> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Bryan Drewery X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 19:14:13 -0000 On 6/8/14 11:44 AM, Konstantin Belousov wrote: > On Sun, Jun 08, 2014 at 11:30:42AM -0700, Alfred Perlstein wrote: >> On 6/8/14 11:27 AM, Konstantin Belousov wrote: >>> On Sun, Jun 08, 2014 at 05:38:49PM +0000, Bjoern A. Zeeb wrote: >>>> On 08 Jun 2014, at 17:29 , Bryan Drewery wrote: >>>> >>>>> Author: bdrewery >>>>> Date: Sun Jun 8 17:29:31 2014 >>>>> New Revision: 267233 >>>>> URL: http://svnweb.freebsd.org/changeset/base/267233 >>>>> >>>>> Log: >>>>> In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE. >>>>> >>>>> This is currently an opt-in build flag. Once ASLR support is ready and stable >>>>> it should changed to opt-out and be enabled by default along with ASLR. >>>>> >>>>> Each application Makefile uses opt-out to ensure that ASLR will be enabled by >>>>> default in new directories when the system is compiled with PIE/ASLR. [2] >>>>> >>>>> Mark known build failures as NO_PIE for now. >>>> No, no, no, no more NOs! >>>> >>>> I?ll leave it to others who understand the current build system in days when it?s not broken to fix this entire splattering across all these Makefiles; we really need a better way for this. >>> I have no words to express my dissatisfaction with this commit. >>> If change to the build of _some_ usermode binaries require patching >>> of loader', csu and rtld Makefiles, obviously it is done wrong. >>> >>> Why almost half of the binaries require opt-out ? >>> >>> PLEASE REVERT THIS. >> Wait. Does this not serve as a useful stake in the ground for people to >> come in and update things? Instead of asking to back out, shouldn't we >> be doing an announcement "ok folks, it's now time to fix this!" and move >> forward? Otherwise we may never get any pie. > Let me reformulate. > > Somebody commits broken change, despite it was pointed out by many > before the commit. From the changes it is obvious that people which > proposed it do not understand what they hack on. And then, somebody else > must run and 'fix' previously non-broken code. > > Sure, you get the pie. Sure, but hasn't the default stayed unchanged? It seems like you have to enable ASLR first before you see all the breakage. Right now it seems like goal was to document what even compiles versus doesn't compile with ASLR. Afaik there is not setting of ASLR on by default. There has to be a way to call out what works and what doesn't work and form a transition from a world with no ASLR to one with some ASLR and eventually one with almost entirely ASLR coverage. I'm not sure it can be done in one fell swoop. Hooks like this in -current allow for this to be done as a group effort. It would be very unlikely that we retain the semantics all the way until a -stable release. -Alfred -- Alfred Perlstein