Date: Sat, 25 Jan 2025 18:32:15 +0000 From: Jessica Clarke <jrtc27@freebsd.org> To: Alexander Leidinger <netchild@FreeBSD.org> Cc: "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@FreeBSD.org> Subject: Re: git: f934e629dc22 - main - Add stack clash protection to the WITH_SSP flag Message-ID: <81A8E695-5034-4945-8D07-DF95E76904D0@freebsd.org> In-Reply-To: <202501251308.50PD8Qsg042260@gitrepo.freebsd.org> References: <202501251308.50PD8Qsg042260@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 25 Jan 2025, at 13:08, Alexander Leidinger <netchild@FreeBSD.org> = wrote: >=20 > The branch main has been updated by netchild: >=20 > URL: = https://cgit.FreeBSD.org/src/commit/?id=3Df934e629dc22b859efabd3cdebc23b63= b04fa2bb >=20 > commit f934e629dc22b859efabd3cdebc23b63b04fa2bb > Author: Alexander Leidinger <netchild@FreeBSD.org> > AuthorDate: 2025-01-25 12:43:39 +0000 > Commit: Alexander Leidinger <netchild@FreeBSD.org> > CommitDate: 2025-01-25 12:45:53 +0000 >=20 > Add stack clash protection to the WITH_SSP flag >=20 > Some background info availabe in: > = https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Harden= ing-Guide-for-C-and-C++.html > = https://developers.redhat.com/blog/2020/05/22/stack-clash-mitigation-in-gc= c-part-3 > https://blog.llvm.org/posts/2021-01-05-stack-clash-protection/ >=20 > Reviewed by: emaste > Differential Revision: https://reviews.freebsd.org/D48651 Uh, it does require architecture-specific compiler support, which = isn=E2=80=99t implemented for all architectures in LLVM at least. RISC-V has only recently (as in 1.5 months ago so not even released yet) gained support, for example. So this is just going to spew out -Wunused-command-line-argument warnings, and errors with -Werror, no? Jess > --- > share/man/man7/mitigations.7 | 14 ++++++++++---- > share/mk/bsd.sys.mk | 2 +- > 2 files changed, 11 insertions(+), 5 deletions(-) >=20 > diff --git a/share/man/man7/mitigations.7 = b/share/man/man7/mitigations.7 > index c487e4e1000b..4db6589cdcf1 100644 > --- a/share/man/man7/mitigations.7 > +++ b/share/man/man7/mitigations.7 > @@ -28,7 +28,7 @@ > .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE = POSSIBILITY OF > .\" SUCH DAMAGE. > .\" > -.Dd July 23, 2024 > +.Dd January 25, 2025 > .Dt MITIGATIONS 7 > .Os > .Sh NAME > @@ -244,9 +244,13 @@ and it is possible that some applications may not = function correctly. > .Fx > supports stack overflow protection using the Stack Smashing Protector > .Pq SSP > -compiler feature. > +compiler feature, > +and stack clash protection. > In userland, SSP adds a per-process randomized canary at the end of = every stack > -frame which is checked for corruption upon return from the function. > +frame which is checked for corruption upon return from the function, > +and stack probing in > +.Dv PAGE_SIZE > +chunks. > In the kernel, a single randomized canary is used globally except on = aarch64, > which has a > .Dv PERTHREAD_SSP > @@ -264,7 +268,9 @@ When > .Va WITH_SSP > is enabled, which is the default, world is built with the > .Fl fstack-protector-strong > -compiler option. > +and > +.Fl fstack-clash-protection > +compiler options. > The kernel is built with the > .Fl fstack-protector > option. > diff --git a/share/mk/bsd.sys.mk b/share/mk/bsd.sys.mk > index 63774e857167..06f8e6e9fe78 100644 > --- a/share/mk/bsd.sys.mk > +++ b/share/mk/bsd.sys.mk > @@ -304,7 +304,7 @@ CXXFLAGS.clang+=3D -Wno-c++11-extensions > FORTIFY_SOURCE?=3D 0 > .if ${MK_SSP} !=3D "no" > # Don't use -Wstack-protector as it breaks world with -Werror. > -SSP_CFLAGS?=3D -fstack-protector-strong > +SSP_CFLAGS?=3D -fstack-protector-strong -fstack-clash-protection > CFLAGS+=3D ${SSP_CFLAGS} > .endif # SSP > .if ${FORTIFY_SOURCE} > 0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?81A8E695-5034-4945-8D07-DF95E76904D0>