From owner-freebsd-arch@FreeBSD.ORG Fri Mar 20 19:05:42 2015 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 41A84ADB for ; Fri, 20 Mar 2015 19:05:42 +0000 (UTC) Received: from mail-qg0-f51.google.com (mail-qg0-f51.google.com [209.85.192.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E3AD0ACE for ; Fri, 20 Mar 2015 19:05:41 +0000 (UTC) Received: by qgew92 with SMTP id w92so25674238qge.2 for ; Fri, 20 Mar 2015 12:05:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:organization:content-type:mime-version; bh=ASA4uERTvyhnq5wtFDQttkBYWWl189u5IkELgSYAZ/0=; b=mrwiJFm7Yz/+XF+WIhr0kFtzDrhB7YipsmfVK8SVEVf1MC0mYGmrhiTQCRvS6/g//N K90KQv8tV90iow79ybsBeUh+lk1qdpEPhczgADWOowaBgOj/ZhUuInA2ubbm6ZPdiSRd a6TkRNT8jpQagLiid8y1UYyLu51YhYo/Au/9pKugxj626ke/NLpdsFc6oQXUP9pKrUah 6+RtNpUkQoOn4CgVttMSHgH7eOa8lDOr5/1XEAGJN4640eeIYHKwLlRE8MqQGQWmPbbI UYCKV4pA9Kc1eUcKSzJ00JtNBKhE1QHcHJ9lzLaVy/KBpksQd1UopTO7E8BUkU2YcmAI puEg== X-Gm-Message-State: ALoCoQlnJ+XqMmBYDGtbOikk8C+HThe3MBLUU5ypkk+Ku0dYn9D1ilg3AmMgRs6ysIs7uuQ6eo39 X-Received: by 10.55.24.159 with SMTP id 31mr106639775qky.74.1426878335496; Fri, 20 Mar 2015 12:05:35 -0700 (PDT) Received: from [10.3.0.21] ([63.88.83.66]) by mx.google.com with ESMTPSA id p8sm3599254qha.20.2015.03.20.12.05.33 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 20 Mar 2015 12:05:34 -0700 (PDT) Message-ID: <1426878339.5550.29.camel@hardenedbsd.org> Subject: Re: ASLR work into -HEAD ? From: Shawn Webb To: Warner Losh Date: Fri, 20 Mar 2015 15:05:39 -0400 In-Reply-To: <1426875464.5550.26.camel@hardenedbsd.org> References: <7C64CB2B-3FD0-434C-A11A-2A841537220F@bsdimp.com> <1426875464.5550.26.camel@hardenedbsd.org> Organization: HardenedBSD Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-17Fk+7cjDbIAFS40BrYA" X-Mailer: Evolution 3.12.10-0ubuntu1~14.10.1 Mime-Version: 1.0 Cc: Adrian Chadd , HardenedBSD Core , Oliver Pinter , "freebsd-arch@freebsd.org" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Mar 2015 19:05:42 -0000 --=-17Fk+7cjDbIAFS40BrYA Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, 2015-03-20 at 14:17 -0400, Shawn Webb wrote: > On Fri, 2015-03-20 at 09:28 -0600, Warner Losh wrote: > > > On Mar 19, 2015, at 2:31 PM, Oliver Pinter wrote: > > >=20 > > > On Thu, Mar 19, 2015 at 9:04 PM, Adrian Chadd wr= ote: > > >> On 19 March 2015 at 12:56, Warner Losh wrote: > > >>>=20 > > >>>> On Mar 19, 2015, at 12:53 PM, Adrian Chadd wr= ote: > > >>>>=20 > > >>>> Hi, > > >>>>=20 > > >>>> Apparently this is done but has stalled: > > >>>>=20 > > >>>> https://reviews.freebsd.org/D473 > > >>>>=20 > > >>>> Does anyone have any strong objections to it landing in the tree a= s-is? > > >>>=20 > > >>> There=E2=80=99s rather a lot of them specifically spelled out in th= e code review. > > >>>=20 > > >>> Many of the earlier ones were kinda blown off, so I=E2=80=99ve not = been inclined > > >>> to take the time to re-review it. Glancing at it, I see several min= or issues > > >>> that should be cleaned up. > > >>=20 > > >> Cool. Thanks for taking the time to look at it again. > > >>=20 > > >> Shawn is in #freebsd on freenode irc, so if you/others want a more > > >> interactive review then he's there during the day. > > >=20 > > > Please CC the core@hardenedbsd.org in future please, when you are > > > talking about this issue. > > >=20 > > > Adrian: do you able to review the MIPS or ARM part especially or test= them? > >=20 > > Adrian: Do not commit the changes. > >=20 > > I=E2=80=99ve gone back and re-read Robert Watson=E2=80=99s rather long = review and it appears > > that virtually none of that has been addressed. Until it is, do not com= mit it. This > > code interacts with dangerous parts of the system, and the default cann= ot be > > to just let it in because no one has objected recently. Objections have= been made, > > they have been quantified, they haven=E2=80=99t been answered or acted = upon. Until that > > changes, you can assume the objections remain in place and asking again= without > > fixing them isn=E2=80=99t going to change the answer. > >=20 > > Warner >=20 > Warner, >=20 > We've fixed the vast majority of the concerns raised in that review. To > say "virtually none of that has been addressed" and "they haven't been > answered or acted upon" is a blatant lie. The fact that there are so > many revisions of the patch is proof. We even made our ASLR > implementation for FreeBSD less secure by providing a mechanism in > ptrace() to disable it as requested by a member of the FreeBSD > Foundation. (This "feature" doesn't exist in HardenedBSD's > implementation.) If comments like these continue, I will remove the diff > from Phabricator and close the BugZilla ticket. FreeBSD can feel free to > pull from us, but we won't make any effort to proactively upstream our > work. >=20 > With that said, I have missed a few of the concerns raised. There's so > many comments/concerns in that review that it's easy to miss a few. I > will address them tonight and upload a new patch tomorrow. I've updated the patch. Is there anything I've missed? Thanks, Shawn Webb HardenedBSD --=-17Fk+7cjDbIAFS40BrYA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCgAGBQJVDG+DAAoJEGqEZY9SRW7uHesP/1C0dn7RTMwgC5i4trRLvxWN F40qlP3c0VQnfUiC6+/NT9kupIR17cecnqsB6MYT2axa4+pw8uIV4sHK1ZwEaw/O VXAPR7u9HznTR8earpaj1W36FZWLfuCgaGTxvTwzboqNwm6goIFBJogq46Pjgh7G MZ2NVSIy5+hUErMc6+7k9NwdnGNY8av4V+8ThgiTuE3ezQ2cTF4bv2FyG/eapbSf AVy5cOdO8DSxBSNvLr26vHNzt4YygakPuIbH+JEaGDflUoG0IXDIp6h5RE5NzXk+ CiBOZLHoFSM1oa74njGVB736KCUH/lcX4wCblX14VDu3Z0m4Fsj/9fNBWDTIwioS RvfFf5YzD9IC7vOroVZa3h55qE7X0A4Rg4yJrHNY9UDH91JDSGMqbQCLpdMQvcix npAWL6dr59j+GoSKR49lWklV0k9Bysj1LBlxhoNOko42OuaCDcGUoMgFeXVF6HOs 3wYRS5BXS0olW22sBvtufENqq6Z6Q9wFdsW4A8nWApyJmGrNFaOgxT9FFKxu9Xww quF+hUuPUvcMDPgttfzoQRCao2ad9ibiSLleph2Gp0Lri7r2iSvjX3sZXOw8GjLO MDQ4OpTfJ7I7wYZRvFVR4YjlSeENFyE+E9RPGbJtuuTe/TLkfOLa2tlqGdXl+ubN 7HJIz0eFUlK7BJGNq4Ql =3y95 -----END PGP SIGNATURE----- --=-17Fk+7cjDbIAFS40BrYA--