From owner-freebsd-arch@FreeBSD.ORG  Fri Oct 17 07:53:10 2014
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id CFAD131B;
 Fri, 17 Oct 2014 07:53:10 +0000 (UTC)
Received: from mail-vc0-x22f.google.com (mail-vc0-x22f.google.com
 [IPv6:2607:f8b0:400c:c03::22f])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 551CE1FE;
 Fri, 17 Oct 2014 07:53:10 +0000 (UTC)
Received: by mail-vc0-f175.google.com with SMTP id id10so204685vcb.20
 for <multiple recipients>; Fri, 17 Oct 2014 00:53:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:date:message-id:subject
 :from:to:cc:content-type;
 bh=qB4KzNXlawKqj9rptVBu63SM3xe6V731H/4TluOed8c=;
 b=p2E+wPdoFSmx7kM5sHmJy+e02DsYi3bVgis19FO8liQaaPrcBU09ZeVsmydhUfIAB3
 93QkXFQ7Wd+5hN4G2msca1iTRs5X/CBCwdbq858m+QJq9862/q7IiAjGw9ptWQ2FE5KF
 JMkVQ9DIeCBUMISMuQ9AGqM4XTPgeuq3aPtLuNjnCuzz31O/4b22f8i44+Sik1RMN+fo
 wXFtpHVxnOOlk+6C54haM39iEDt30VDGKMGNpZ4Mg+P7Wo1EJ5hlWMx+YX7Yx+M5+3Zn
 9VVli0CGUhoHagw1kRjDSLNx+QS70ofhG9KmbFLx6DnMQIXvLbQ3Oz49spjIQ3SntR6d
 m5SA==
MIME-Version: 1.0
X-Received: by 10.52.248.76 with SMTP id yk12mr5039007vdc.1.1413532389208;
 Fri, 17 Oct 2014 00:53:09 -0700 (PDT)
Sender: jlehen@gmail.com
Received: by 10.31.136.79 with HTTP; Fri, 17 Oct 2014 00:53:09 -0700 (PDT)
In-Reply-To: <CADt0fhzg5G1cLEBNfHXSEi9iP7mCP=8sSwpXbFobig=pm=QsFQ@mail.gmail.com>
References: <CAMe1fxaYn+JaKzGXx+ywv8F0mKDo72g=W23KUWOKZzpm8wX4Tg@mail.gmail.com>
 <CAGSa5y3s9r0DRyinfqV=PJc_BT=Em-SLfwhD25nP0=6ki9pHWw@mail.gmail.com>
 <CAMe1fxaBEc5T77xjpRsMi_kkc5LXwPGooLWTO9C1FJcLSPnO8w@mail.gmail.com>
 <CAGSa5y2=bKpaeLO_S5W+1YGq02WMgCZn_5bbEMw+x3j-MYDOoA@mail.gmail.com>
 <CADt0fhzg5G1cLEBNfHXSEi9iP7mCP=8sSwpXbFobig=pm=QsFQ@mail.gmail.com>
Date: Fri, 17 Oct 2014 09:53:09 +0200
X-Google-Sender-Auth: Fjzj8DsrxHejGbVpO08IiyysNHM
Message-ID: <CAGSa5y1LBxkUNSgKkw=F9_uykXDeBV7_WL0a7Wt++GgMTSULEQ@mail.gmail.com>
Subject: Re: PIE/PIC support on base
From: Jeremie Le Hen <jlh@FreeBSD.org>
To: Shawn Webb <lattera@gmail.com>
Content-Type: text/plain; charset=UTF-8
Cc: hunger@hunger.hu, David Carlier <david.carlier@hardenedbsd.org>,
 Oliver Pinter <oliver.pntr@gmail.com>, Sean Bruno <sbruno@freebsd.org>,
 Konstantin Belousov <kib@freebsd.org>, freebsd-arch@freebsd.org,
 PaX Team <pageexec@freemail.hu>, Bryan Drewery <bdrewery@freebsd.org>
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Oct 2014 07:53:11 -0000

On Fri, Oct 17, 2014 at 12:15 AM, Shawn Webb <lattera@gmail.com> wrote:
>
>
> On Thu, Oct 16, 2014 at 5:59 PM, Jeremie Le Hen <jlh@freebsd.org> wrote:
>>
>> On Thu, Oct 16, 2014 at 8:21 PM, David Carlier
>> <david.carlier@hardenedbsd.org> wrote:
>> >
>> > I chose the "atomic" approach, at the moment very few binaries are
>> > concerned at the moment. So I applied INCLUDE_PIC_ARCHIVE in the needed
>> > libraries plus created WITH_PIE which add fPIE/fpie -pie flags only if
>> > you
>> > include <bsd.prog.pie.mk> (which include <bsd.prog.mk>...) otherwise
>> > other
>> > binaries include <bsd.prog.mk> as usual hence does not apply. Look
>> > reasonable approach ?
>>
>> I think I understand what you mean.  But I think PIE is commonplace
>> nowadays and I don't understand what you win by not enabling it for
>> the whole system.  Is it a performance concern?  Is it to preserve
>> conservative minds from to much change? :)
>
>
> Looping in Kostik, Bryan Drewery, the PaX team, Hunger, and Sean Bruno.
>
> On i386, there is a performance cost due to not having an extra register
> available for the relocation work that has to happen. PIE doesn't carry much
> of a performance penalty on amd64, though it still does carry some on first
> resolution of functions (due to the extra relocation step the RTLD has to
> worry about). On amd64, after symbol resolution has taken place, there is no
> further performance penalty due to amd64 having an extra register to use for
> PIE/PIC. I'm unsure what, if any, performance penalty PIE carries on ARM,
> AArch64, and sparc64.
>
> Certain folk would prefer to see PIE enabled only in certain applications.
> /bin/ls can't really make much use of PIE. But sshd can. I personally would
> like to see all of base's applications compiled as PIEs, but that's a long
> ways off. It took OpenBSD several years to accomplish that. Having certain
> high-visibility applications (like sshd, inetd, etc) is a great start.
> Providing a framework for application developers to opt their application
> into PIE is another great start.
>
> Those are my two cents.

OK.  As long as i386 is still an important architecture, it can make
sense to enable this on a per-binary basis if we don't want to have a
discrepancy between archs. Also I buy your argument on /bin/ls but I
was challenging to enable for the whole system because I wonder if
there aren't some unexpected attack surfaces, besides the obvious ones
(servers).

Do you know what took so much time to OpenBSD?

-- 
Jeremie Le Hen
jlh@FreeBSD.org