From nobody Sun Apr 14 23:43:15 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VHn1S01X1z5HJrB for ; Sun, 14 Apr 2024 23:43:24 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-io1-xd2b.google.com (mail-io1-xd2b.google.com [IPv6:2607:f8b0:4864:20::d2b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VHn1Q6hTmz41fG for ; Sun, 14 Apr 2024 23:43:22 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=hardenedbsd.org header.s=google header.b=Kcw+w2BC; dmarc=none; spf=pass (mx1.freebsd.org: domain of shawn.webb@hardenedbsd.org designates 2607:f8b0:4864:20::d2b as permitted sender) smtp.mailfrom=shawn.webb@hardenedbsd.org Received: by mail-io1-xd2b.google.com with SMTP id ca18e2360f4ac-7d95f2a2dfaso38823739f.0 for ; Sun, 14 Apr 2024 16:43:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; t=1713138200; x=1713743000; darn=freebsd.org; h=content-disposition:mime-version:message-id:subject:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=jn5W9cbDVSZzHz2fE7jLzGxj77/+k3BoenK4s7xKXmo=; b=Kcw+w2BCGhNsOXdQgT065NrePQrSpsYvBX1/RpQBAzhv1id88xA7IOw7ufqJB4DoKi METJn/87PhDcN8tzk4QLW7v0jMxUCiJcQi9kQyyVDcr1lmnyw7SmeX0GRthPKTsJ/XXu 8s9T/9+YQ9ZWiNJ/85iRZ1h25uVa37aLHSE1Ae8Ej6rDHIAfijr18oV2RF36WFyvLpiz N7SvUam+hdvCAD7wmvm680T3mIN2/6w12BmN2A4e9rmqkcUJCzDPc5xHfxfGQHNgTVe7 i9MoOoE6hnI4Az6Wc41lkXoynh+5i/Sxtw9JK/+i4srcfRtcjrTjQpf2VWW/4w5SBdD5 PgQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713138200; x=1713743000; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=jn5W9cbDVSZzHz2fE7jLzGxj77/+k3BoenK4s7xKXmo=; b=c2AhTUfeyLnfx7fYvTxT3vCL56zwJy4Y+H6YyPx0XHIOczBJIH/Y0mHFiAVpUp20TS N5684IMwC0Fcs9qpmfyklVw0h3YXtVu/uJ+xIPz+F41iSICUXU7FlG7N9P8vJj8IRPFI Wneer0jco1FSK0Oo5kZkpVji1kSerm3k8yp2FTJBSG1v3gVheb+7afOaRlLphiQBSGaa HEs8gu17AURXq1KkBQZE5B/bkufepkMDtSl/CRyiZMxxNOLe7BJncgh/AC9MWLEgQn7i PTXA/UYtuK1VvPbehrEI/7Bm9sQPKI82WpxsaR39d+elsiEkr1zGWANbxxLsg/YYqkyG Vy3w== X-Gm-Message-State: AOJu0Yz3MZjmxN50ldzVim/ijRDtAG3wZYg7rgdvK0C05nktZRnTYW18 ux9M7x+ZL1AbND+aofn1dMe+ODWqB8liQVAng0gJVfFk5kUN49MurQyFgWdrzsrmBi0udFQmUw7 kCtiO47OAt9LNq/HC0RJHBnUmB7PxRdjZyXCQhTQv6ODYnQwdbHE9hjMPYfvk9abbI/sYr+qqnW NkNQ61TAjy7KvWFLVJ/QlCKlIldJinhJ76851Pan++yU+iPE5A0uz6 X-Google-Smtp-Source: AGHT+IHPO3AxeVVo1NMuVwXE+tg0cF7D43/HWfe0JX4pjfnSlsFG7akJ6f3VD5uGka2k9Pb3yzO6LQ== X-Received: by 2002:a05:6602:341c:b0:7d9:63c2:5059 with SMTP id n28-20020a056602341c00b007d963c25059mr2858939ioz.4.1713138200066; Sun, 14 Apr 2024 16:43:20 -0700 (PDT) Received: from mutt-hbsd ([184.99.37.29]) by smtp.gmail.com with ESMTPSA id y17-20020a056602165100b007d5bcafde90sm2439381iow.3.2024.04.14.16.43.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Apr 2024 16:43:19 -0700 (PDT) Date: Sun, 14 Apr 2024 23:43:15 +0000 From: Shawn Webb To: freebsd-hackers@freebsd.org Subject: Question regarding crunchgen(1) binaries Message-ID: X-Operating-System: FreeBSD mutt-hbsd 15.0-CURRENT-HBSD FreeBSD 15.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="mz2p6heg5z522xk2" Content-Disposition: inline X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.10 / 15.00]; SIGNED_PGP(-2.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.997]; MID_RHS_NOT_FQDN(0.50)[]; R_DKIM_ALLOW(-0.20)[hardenedbsd.org:s=google]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; DMARC_NA(0.00)[hardenedbsd.org]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[freebsd-hackers@freebsd.org]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d2b:from]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; DKIM_TRACE(0.00)[hardenedbsd.org:+] X-Rspamd-Queue-Id: 4VHn1Q6hTmz41fG --mz2p6heg5z522xk2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hey FreeBSD Hackers, Note: I originally posted this to the HardenedBSD users mailing list. I'm posting to freebsd-hackers@ to hopefully learn from a wider audience. I wanted to ping the HardenedBSD community, asking about the usefulness of crunchgen(1)-built applications in 2024. =46rom the crunchgen(1) manual page: > The main reason to crunch programs together is for fitting as many > programs as possible onto an installation or system recovery floppy. The binaries in /rescue are built with crunchgen. It seems that crunchgen-built applications are not (currently) compatible with a libc built with LTO due to the recent CSU and libc changes. The size of the binaries in /rescue on HardenedBSD 15-CURRENT/amd64 are 17MB in size. That application size alone makes it impossible to build a "system recovery floppy". Additionally, floppy drives aren't all too common on the amd64, arm64, and riscv64 systems HardenedBSD targets. Control Flow Integrity (CFI) is a compiler-based exploit mitigation that we apply to applications in HardenedBSD 15-CURRENT and 14-STABLE. In order to apply CFI to applications, application code must be built with Link Time Optimization (LTO). Over the past few years, I've slowly been working on applying CFI to shared objects (aka, Cross-DSO CFI). This requires building library code with LTO as well. It seems that with the recent changes to the CSU and libc, the crunchgen(1) built tool does not produce workable applications when libc is built with LTO. With libc having such a huge surface area, it would be prudent to apply Cross-DSO CFI to it. This presents two possible solutions: 1. Enhance crunchgen(1) to support libc built with LTO. 2. Kick crunchgen(1) to the curb. 3. Other ideas from the community are possible. Does anyone find crunchgen(1) to be truly useful in 2024? If we kick crunchgen(1) to the curb, we need to modify the build system for /rescue binaries. My own preference would indeed to rid ourselves of crunchgen(1) so that we can progress towards applying Cross-DSO CFI and LTO to libc. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --mz2p6heg5z522xk2 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmYcahMACgkQ/y5nonf4 4fqc+g/7BAKhiQUJKcZj5shig7v7qKfxn9n2IDXm7M0DeqYm6krfLqm1DcWa5E4W ASJKmU5SlhXg8T77npF2b5Pwsbge3lTriRknakDEZg3mi7EXHSMgf2aLRuQZ6uAp RAbJtx9jb4hlvHE0ZXiQ1aUf5ZwGkGvWFCvBc9+yJh3vWjSHEJ8Z5fK8/5MPk0Pa +LgbtrNBaA54iVjBP8X29I6WA/uZoKMtieYYpn8q6e6vj2OuzYt5HxIPAIy2TmAw o0Awa1kEVCrA8TQWf0hXZHqAU73lOAZK1D7MGERfk4ODFH5EykLw7vSwNLz78/Qs aSNcYHTSPLrN+s6KA3RXAibbqLqEbNYwkrJ94jasAHxi0BY7iyI6oFdHXIABk9Ov WNhPDZDoqFwLJ+OAySZechajEkfE8d9+riie63iDkWjSW7AOX5xu9rQqOeAVUmiR SSXcTNQKzFjHtm6hoAxHbRoQe5S7SO0ddh43HDE+9IesLRKeyfr3zJmZk7UzA1+0 HplsuuL7nBXqxKgOkj8n8AOYmG/vJyyZPzIXJuBGDSkzeqvHfzZcc7F9c8j6JUEh RZSYFkjoQOfqV9kfMPyL+XP7xyT8jEWgp0hcAYBtk7jOkfDUJTTDcZL0t3WQrYfH 0bEEBxwpk6ST90EdknD+CPR9fdL0iNBO7hfF5AvXA9vPsi1aGjs= =mz3z -----END PGP SIGNATURE----- --mz2p6heg5z522xk2--