Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 24 Jan 2022 19:43:53 +0100
From:      Marcin Wojtas <mw@semihalf.com>
To:        Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
Cc:        freebsd-current <freebsd-current@freebsd.org>, freebsd-stable@freebsd.org
Subject:   Re: HEADS-UP: PIE enabled by default on stable/13
Message-ID:  <CAPv3WKebAf7e40=mjZZz-tTjAt5AiAkeUVgaxkQa5FBskEWJkg@mail.gmail.com>
In-Reply-To: <1ec9c802-c8a5-237a-50a3-31885cae917e@plan-b.pwste.edu.pl>
References:  <CAPv3WKeCfHMLXN72sdmZCY03jLG7u79_8=sg0cj3N9rDxsm4nw@mail.gmail.com> <CAPv3WKcSgq-D0dOVQn7AVbKU_TSG0YeotywN-N=M=FpBVCKa2g@mail.gmail.com> <1ec9c802-c8a5-237a-50a3-31885cae917e@plan-b.pwste.edu.pl>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi Marek,

pon., 24 sty 2022 o 08:17 Marek Zarychta
<zarychtam@plan-b.pwste.edu.pl> napisa=C5=82(a):
>
> W dniu 24.01.2022 o 07:42, Marcin Wojtas pisze:
> > +freebsd-stable@
> >
> > niedz., 23 sty 2022 o 11:36 Marcin Wojtas <mw@semihalf.com> napisa=C5=
=82(a):
> >>
> >> Hi,
> >>
> >> As of 396e9f259d962 the base system binaries are now built as position=
-independent executable (PIE) by default, for 64-bit architectures. Thanks =
to that enabling ASLR can be done simply
> >> by sysctls knobs when booting the kernel.
> >>
> >> If you track stable/13 and normally build WITHOUT_CLEAN you'll need to=
 do one initial clean build -- either run `make cleanworld` or set WITH_CLE=
AN=3Dyes.
> >>
> >> The change is a pure MFC of the changes integrated to -CURRENT early 2=
021 and no issues are expected, but in case any problems are observed, plea=
se issue a PR and/or let me know in this thread.
> >>
> >> Best regards,
> >> Marcin
> >
>
> Thanks for enabling this. If I understand it correctly we got some
> improvements mentioned here[1] and it doesn't imply that ASLR has to be
> enabled, especially kern.elf64.aslr.pie_enable can be still set to 0 ?
>

Currently it still remains opt-in on stable/13 and is disabled by default.

Best regards,
Marcin

>
> [1] https://www.mail-archive.com/freebsd-current@freebsd.org/msg183605.ht=
ml
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPv3WKebAf7e40=mjZZz-tTjAt5AiAkeUVgaxkQa5FBskEWJkg>