From nobody Mon May 13 18:09:24 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VdSDl2zqKz5KjGF for ; Mon, 13 May 2024 18:09:27 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from omta002.cacentral1.a.cloudfilter.net (omta002.cacentral1.a.cloudfilter.net [3.97.99.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VdSDl16Lhz4R3t; Mon, 13 May 2024 18:09:27 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Authentication-Results: mx1.freebsd.org; none Received: from shw-obgw-4003a.ext.cloudfilter.net ([10.228.9.183]) by cmsmtp with ESMTPS id 6W4YsJBFsdrxE6a74sVzO5; Mon, 13 May 2024 18:09:26 +0000 Received: from spqr.komquats.com ([70.66.152.170]) by cmsmtp with ESMTPSA id 6a72s0hflByQr6a73sOwlo; Mon, 13 May 2024 18:09:26 +0000 X-Auth-User: cschuber X-Authority-Analysis: v=2.4 cv=UOF+Hzfy c=1 sm=1 tr=0 ts=66425756 a=y8EK/9tc/U6QY+pUhnbtgQ==:117 a=y8EK/9tc/U6QY+pUhnbtgQ==:17 a=kj9zAlcOel0A:10 a=TpHVaj0NuXgA:10 a=6I5d2MoRAAAA:8 a=YxBL1-UpAAAA:8 a=EkcXrb_YAAAA:8 a=c9nf7SV_VUKgHcmH2i4A:9 a=CjuIK1q_8ugA:10 a=IjZwj45LgO3ly-622nXo:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=LK5xJRSDVpKd5WXXoEvA:22 Received: from slippy.cwsent.com (slippy [10.1.1.91]) by spqr.komquats.com (Postfix) with ESMTP id 55C7010A2; Mon, 13 May 2024 11:09:24 -0700 (PDT) Received: by slippy.cwsent.com (Postfix, from userid 1000) id 29C872B4; Mon, 13 May 2024 11:09:24 -0700 (PDT) X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.8+dev Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Kyle Evans cc: "freebsd-hackers@FreeBSD.org" Subject: Re: Initial implementation of _FORTIFY_SOURCE In-reply-to: References: Comments: In-reply-to Kyle Evans message dated "Mon, 13 May 2024 12:47:41 -0500." List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 13 May 2024 11:09:24 -0700 Message-Id: <20240513180924.29C872B4@slippy.cwsent.com> X-CMAE-Envelope: MS4xfJfzvAMDyt6hOqkW/3aVbRXhK2AirIYQmaA0ZQqNiAwI7YukUshBQZk0p4wp7yLgYcMuqamYt6UA2lrPnRinqR1wanPbftjABCVOfbjsTIdueehW00Ol T6Hedk5CIfrGph/P7Y3G4Yqchdm0I93HgNR2MxcrUhomNkOZsfpx7mcRTU6tgmrSqNVzyWMNaoZDAarj/UVnrgwTYG+M1VEcq1/+9Z0E7cKp4J0LpRwMNqXx ptNqFxw8CAccTcqHvusLzw== X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:16509, ipnet:3.96.0.0/15, country:US] X-Rspamd-Queue-Id: 4VdSDl16Lhz4R3t In message , Kyle Evans write s: > Hi, > > As of 9bfd3b407 ("Add a build knob for _FORTIFY_SOURCE"), I've imported > an initial version of FORTIFY_SOURCE from FreeBSD. FORTIFY_SOURCE is an > improvement over classical SSP, doing compiler-aided checking of stack > object sizes to detect more fine-grained stack overflow without relying > on the randomized stack canary just past the stack frame. > > This implementation is not yet complete, but we've done a review of > useful functions and syscalls to add checked variants of and intend to > complete the implementation over the next month or so. > > Please test _FORTIFY_SOURCE out now by setting FORTIFY_SOURCE=2 in the > buildworld env -- I intend to flip the default to 2 when WITH_SSP is set > in the next month if nobody complains about serious breakage. I've > personally been rolling with FORTIFY_SOURCE=2 for the last three years > that this has been sitting in a local branch, so I don't really > anticipate any super-fundamental breakage. Should this trigger a __FreeBSD_version bump? -- Cheers, Cy Schubert FreeBSD UNIX: Web: https://FreeBSD.org NTP: Web: https://nwtime.org e^(i*pi)+1=0