From owner-freebsd-arch@FreeBSD.ORG Wed May 20 15:20:09 2015 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5BF634DF for ; Wed, 20 May 2015 15:20:09 +0000 (UTC) Received: from mail-qg0-f51.google.com (mail-qg0-f51.google.com [209.85.192.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1863116E8 for ; Wed, 20 May 2015 15:20:08 +0000 (UTC) Received: by qgew3 with SMTP id w3so25096731qge.2 for ; Wed, 20 May 2015 08:20:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:organization:content-type:mime-version; bh=Fe3TCNGhj3TDxlL2042qgtz1J5YcWOPlE4fSHAzRTDA=; b=XSo4fNlWrZ8xu80Qt3qnVUPpBeRIJs85A+WM6QG0mX9A+iKB7/0sXWTMcje5PsqtFz CsNVDl0HUXZBpo1IMpTLsQBPFRusrbSKUUJV0qRa4Wjo2CWkp8zz8cn5QMfsXa5giR1W fV5Okyu/IaydFaSSJUGpj/AJmi+l5sp49TtVkBW6dPOYIEsmuy8r3f4ayrs/f5Nwub6H ec/cP/J7iX1mZc6hLi3QfuorSH983v39c9yZkrLSmirRw6qR/9hjyqmBOT8xt6PPIRA1 pAT6Bbf7ELbgAqbcfZNg2SvfI8jduHgmlt/TOnH1rMWvCDsJpUCSJLikDOIUhI/GtNH8 8Q9Q== X-Gm-Message-State: ALoCoQkNnLysrH4zGRaZGMSN2WqZ8snr0uN3Q8SAbI3mMabrO7IwexhoNMbekIZv28aBCiL2B51H X-Received: by 10.55.41.24 with SMTP id p24mr3734950qkh.55.1432135202576; Wed, 20 May 2015 08:20:02 -0700 (PDT) Received: from [192.168.1.103] ([129.6.250.136]) by mx.google.com with ESMTPSA id x142sm11420040qkx.28.2015.05.20.08.20.00 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 May 2015 08:20:01 -0700 (PDT) Message-ID: <1432135200.4153.3.camel@hardenedbsd.org> Subject: Re: ASLR work into -HEAD ? From: Shawn Webb To: Warner Losh Cc: Oliver Pinter , Adrian Chadd , "freebsd-arch@freebsd.org" , HardenedBSD Core Date: Wed, 20 May 2015 11:20:00 -0400 In-Reply-To: <9043388.Uf7dufN8KZ@shawnwebb-laptop> References: <1426878339.5550.29.camel@hardenedbsd.org> <9043388.Uf7dufN8KZ@shawnwebb-laptop> Organization: HardenedBSD Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-OOrFFrDjuGwdQ0+P3Tou" X-Mailer: Evolution 3.12.10-0ubuntu1~14.10.1 Mime-Version: 1.0 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 May 2015 15:20:09 -0000 --=-OOrFFrDjuGwdQ0+P3Tou Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sat, 2015-03-21 at 10:43 -0400, Shawn Webb wrote: > On Friday, March 20, 2015 03:14:30 PM Warner Losh wrote: > > > On Mar 20, 2015, at 1:05 PM, Shawn Webb > > > wrote: > > >=20 > > > On Fri, 2015-03-20 at 14:17 -0400, Shawn Webb wrote: > > >> On Fri, 2015-03-20 at 09:28 -0600, Warner Losh wrote: > > >>>> On Mar 19, 2015, at 2:31 PM, Oliver Pinter > > >>>> wrote:>>>>=20 > > >>>> On Thu, Mar 19, 2015 at 9:04 PM, Adrian Chadd = =20 > wrote: > > >>>>> On 19 March 2015 at 12:56, Warner Losh wrote: > > >>>>>>> On Mar 19, 2015, at 12:53 PM, Adrian Chadd > > >>>>>>> wrote: > > >>>>>>>=20 > > >>>>>>> Hi, > > >>>>>>>=20 > > >>>>>>> Apparently this is done but has stalled: > > >>>>>>>=20 > > >>>>>>> https://reviews.freebsd.org/D473 > > >>>>>>>=20 > > >>>>>>> Does anyone have any strong objections to it landing in the tre= e > > >>>>>>> as-is? > > >>>>>>=20 > > >>>>>> There=E2=80=99s rather a lot of them specifically spelled out in= the code > > >>>>>> review. > > >>>>>>=20 > > >>>>>> Many of the earlier ones were kinda blown off, so I=E2=80=99ve n= ot been > > >>>>>> inclined > > >>>>>> to take the time to re-review it. Glancing at it, I see several = minor > > >>>>>> issues that should be cleaned up. > > >>>>>=20 > > >>>>> Cool. Thanks for taking the time to look at it again. > > >>>>>=20 > > >>>>> Shawn is in #freebsd on freenode irc, so if you/others want a mor= e > > >>>>> interactive review then he's there during the day. > > >>>>=20 > > >>>> Please CC the core@hardenedbsd.org in future please, when you are > > >>>> talking about this issue. > > >>>>=20 > > >>>> Adrian: do you able to review the MIPS or ARM part especially or t= est > > >>>> them? > > >>>=20 > > >>> Adrian: Do not commit the changes. > > >>>=20 > > >>> I=E2=80=99ve gone back and re-read Robert Watson=E2=80=99s rather l= ong review and it > > >>> appears that virtually none of that has been addressed. Until it is= , do > > >>> not commit it. This code interacts with dangerous parts of the syst= em, > > >>> and the default cannot be to just let it in because no one has obje= cted > > >>> recently. Objections have been made, they have been quantified, the= y > > >>> haven=E2=80=99t been answered or acted upon. Until that changes, yo= u can assume > > >>> the objections remain in place and asking again without fixing them > > >>> isn=E2=80=99t going to change the answer. > > >>>=20 > > >>> Warner > > >>=20 > > >> Warner, > > >>=20 > > >> We've fixed the vast majority of the concerns raised in that review.= To > > >> say "virtually none of that has been addressed" and "they haven't be= en > > >> answered or acted upon" is a blatant lie. The fact that there are so > > >> many revisions of the patch is proof. We even made our ASLR > > >> implementation for FreeBSD less secure by providing a mechanism in > > >> ptrace() to disable it as requested by a member of the FreeBSD > > >> Foundation. (This "feature" doesn't exist in HardenedBSD's > > >> implementation.) If comments like these continue, I will remove the = diff > > >> from Phabricator and close the BugZilla ticket. FreeBSD can feel fre= e to > > >> pull from us, but we won't make any effort to proactively upstream o= ur > > >> work. > > >>=20 > > >> With that said, I have missed a few of the concerns raised. There's = so > > >> many comments/concerns in that review that it's easy to miss a few. = I > > >> will address them tonight and upload a new patch tomorrow. > > >=20 > > > I've updated the patch. Is there anything I've missed? > >=20 > > I=E2=80=99ve taken a look at the updated patch and see that it addresse= d the > > issues I raised. It almost looks like the update to the review a month > > ago was the wrong version, since so many more of the original > > comments appear to be addressed than when I looked. Thanks! > >=20 > > Warner >=20 > I've updated the patch again. Please let me know if there's anything I've= =20 > missed. Otherwise, I'd love to see this committed in HEAD. :-) >=20 Does anyone have any updates since I last updated the patch over a month ago? What's needed to get this patch in? Thanks, Shawn --=-OOrFFrDjuGwdQ0+P3Tou Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCgAGBQJVXKYgAAoJEGqEZY9SRW7uMoAP/3iKAQXdw/7QiUkQDiTIW7eT +uFb6DZYjMae8UpL+tJv8tg23mInAG2rtdOqg7dWCas2jXRdAm08Fx690mWr2WUE taZzthttecUDpHP+vZ3XENRUOrh38fCwfd8W5uVk8I3JvZaE5UkKXjS9iD3zYMLF Vc+l4mr1tKAUAWTfLsiGwa1TIZUoC5VQOCE9/RPLMXiuTT/IjdaE8OXmyYa40759 ZiC6fvNlKMkLRJYKjEisYsvhHYJ3jHj+7OYNRUBRLKsZ1ci3BSSxXxqO+h4HbIre Lif/IscmskbFCNpxN/X2X07EaaTITRXKnn7fr2lEPSSBCqFqjlwCTKH6Y4rwl9n1 bN9LfIRG45Rr/lHkzlBHH5J3pRMhfh9kzSNRJqbsb/105fXEQDFgDkD8uankYAp+ YC1iz1c5XYDWmUqH7+Ymp7UuqR26HQOlIUzGISZWUuKnkCk3LIJ/lXPrXfuOUK// 82ElchhqT33i175xFhFikJH0v54fW9b4FMhv1ua0cHXzRdP+M6yLD+G2Ekxk3ylM oYRyQtZOO3KPaiDSBm7UvATd+4KHjfupLrOO/GudzJ912KD7RSAnm3YVy+4VGQUR FTsegXUkY56BU/bD+GsuHDRNellIRhbluTPIrcgRXHpOgfGkPACR1CyiQq4bHkC4 jTHw7GUYUv6PbjgNEse1 =Nrv0 -----END PGP SIGNATURE----- --=-OOrFFrDjuGwdQ0+P3Tou--