From owner-freebsd-hackers@FreeBSD.ORG Tue Nov 21 14:20:34 2006 Return-Path: X-Original-To: hackers@freebsd.org Delivered-To: freebsd-hackers@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 28AAC16A412; Tue, 21 Nov 2006 14:20:34 +0000 (UTC) (envelope-from joerg@britannica.bec.de) Received: from antivirus.uni-rostock.de (mailrelay1.uni-rostock.de [139.30.8.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id DBD2143D70; Tue, 21 Nov 2006 14:19:51 +0000 (GMT) (envelope-from joerg@britannica.bec.de) Received: from antivirus.exch.rz.uni-rostock.de ([127.0.0.1]) by antivirus.uni-rostock.de with Microsoft SMTPSVC(6.0.3790.1830); Tue, 21 Nov 2006 15:20:12 +0100 Received: from antivirus.uni-rostock.de (unverified) by antivirus.exch.rz.uni-rostock.de (Clearswift SMTPRS 5.2.5) with ESMTP id ; Tue, 21 Nov 2006 15:20:11 +0100 Received: from mail pickup service by antivirus.uni-rostock.de with Microsoft SMTPSVC; Tue, 21 Nov 2006 15:20:11 +0100 X-SCL: 1 38.74% Received: from mail.uni-rostock.de ([139.30.8.11]) by antivirus.uni-rostock.de with Microsoft SMTPSVC(6.0.3790.1830); Tue, 21 Nov 2006 15:20:06 +0100 Received: from britannica.bec.de (storm.stura.uni-rostock.de [139.30.252.72]) by mail2.uni-rostock.de (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0J930080I3TIDL@mail.uni-rostock.de>; Tue, 21 Nov 2006 15:20:06 +0100 (MET) Received: by britannica.bec.de (Postfix, from userid 1000) id E3F1F9A35; Tue, 21 Nov 2006 15:19:58 +0100 (CET) Date: Tue, 21 Nov 2006 15:19:58 +0100 From: Joerg Sonnenberger In-reply-to: <20061121115555.Y50450@fledge.watson.org> To: freebsd-hackers@freebsd.org, hackers@freebsd.org Mail-followup-to: freebsd-hackers@freebsd.org, hackers@freebsd.org Message-id: <20061121141958.GB721@britannica.bec.de> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.5.13 (2006-08-11) References: <455324F2.9090603@fugspbr.org> <20061120223407.GF20405@obiwan.tataz.chchile.org> <20061121115555.Y50450@fledge.watson.org> X-OriginalArrivalTime: 21 Nov 2006 14:20:06.0793 (UTC) FILETIME=[24CBEF90:01C70D78] Cc: Subject: Re: Hardening FreeBSD, does anyone have any documentation that may help? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Nov 2006 14:20:34 -0000 On Tue, Nov 21, 2006 at 11:59:27AM +0000, Robert Watson wrote: > FYI, Silby gave a nice mini-talk/discussion at EuroBSDCon on the topic of > gcc4 security features. It seems like there's a lot of support for having > these things in FreeBSD, but a strong reluctance to have large outstanding > patchsets against the compiler and build chain, hence the continued > "strategy" of waiting for them to arrive in gcc4. Most questions boiled > down to: The code is integrated in GCC 4.1, patching if needed at all is quite contained. > - What are the ABI impacts? Assuming that protection features arrive and > depart, and that reasonable application backward compatibility is required > for programs and libraries. Of particular interest was the case where we > turn on a protection feature in X.Y and discover that this was a bad idea, > so turn it off in X.Y+1. The ABI impact is limited to the stack guard cookie, the initialisation function and the failure handler. Three different solutions can be used: (1) The code can be part of a separate library (libssp). (2) The code can be part of libc (DragonFly, OpenBSD and glibc do this). (3) Like (2), but the cookie is part of the Thread Control Block, e.g. accessible via %gs. This is done on newer glibc systems and has the advantage of avoiding PIC references. > - What are the performance characteristics in a variety of real-world > workloads? The original benchmarks done with Propolice by IBM suggest typical degrations in the area of 2%-5%, depending on how many functions are called and not inlined and how many of them need to get the protection. The site of Etoh has more details. Joerg