From nobody Sat Jun 22 02:22:00 2024
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4W5dK64BGTz5Nmp2
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Sat, 22 Jun 2024 02:22:02 +0000 (UTC)
	(envelope-from kevans@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4W5dK63jkZz42TF;
	Sat, 22 Jun 2024 02:22:02 +0000 (UTC)
	(envelope-from kevans@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1719022922;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=PC1hiexIIU4sVsqb+3YBdQsdsTjlNuF+69mFBDbHN4c=;
	b=ZUhCygXDHg7ht9FdtSXmqpMTD2eCRBzS//799MNeKCXm3TN6ZWe7TDckoItZogWBCYhydk
	QOFVd5f8heyCNEy2ZtjBtCIDB8cdZAA0IHq9hGxseE1ACYIX2KSkCEqOAKMBluGC+CfGEi
	eWM5PO6avadGe4alpi7lvvMLCLsLvjXBardAzSgHG38yzyWTijanSvHBukfPNmU9R5ZpxC
	U0TnBy1XS7YqCWNZKKuIvohRj/qubo72/tfU/qe/19mq4dlXKiJXoFnK3J9yFSHEek6hsC
	+JTF41+BthLZNsBSUA25RPDa1UwnUR4SF2gXTmv0mo2qJRznM1YU+jkpbk+CDw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1719022922; a=rsa-sha256; cv=none;
	b=ttN8UhkikB3GZHRRetSTJWUTnUGbavyniBZataRoT81uuqOzHZim15hnJL0RlQPBn23Tyd
	yoyKTHQtNsIvcGR+BpdKPIYHfybEEyVxcBi+uVh0OXDVzM5vTv/SKrnXINYbbFOmCmZEEY
	UybR1OBTI4iTRoSxyhC3CoSct+dy2ms9S0rdxHpNtsMiwtatFW8PM1gCgGXRNBOJfg34NX
	80FwoUmhzZIgjXvXTd7e7OCJR7+8jdjWZNreTZEixbtSibonVS3spTOe6piPTZOHuawzWB
	U/a9ybdxy5L1W7r3NfOusSrXk8Q5Ays/KVE2w91tbG3R0ZCSzZMQzbrIYM3ORg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1719022922;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=PC1hiexIIU4sVsqb+3YBdQsdsTjlNuF+69mFBDbHN4c=;
	b=ZYRuBS1Gi/A/9W2OvZBHk7I6fjpzlXUPxrIjqJrVT+A8aK6JTuUjLbJyaYu2FEWgP/BcKj
	qpGoU9gmfl/gCqla8l9mylkUKazO5pUBNPRK0sD1nZxBJ0N4O3tvvut7QsfR7l59Eg7c/P
	HkvREIl5XcOvO2n9u8Zf6Zzs0trWjsBA0faqWq6lGeXfl3YJSVNlNXuwuuQWQF/ajRRYT8
	xwrO2/n/vsE8jZIULGaDlN2rlHYET3HrAUCQ2TcDQVKOilkT8ciibzMm7V0sB0xuEBUqCL
	KIk9aX8l1fnDKODTsJZU0pbXmZ6ERcwbo3o/fyDcFc0lbKbbgs1WDxHJ9VHIbw==
Received: from [10.9.4.95] (unknown [209.182.120.176])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: kevans/mail)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4W5dK61Zqgzdgr;
	Sat, 22 Jun 2024 02:22:02 +0000 (UTC)
	(envelope-from kevans@FreeBSD.org)
Message-ID: <89e3763a-093f-4ac2-a785-fe95448061f4@FreeBSD.org>
Date: Fri, 21 Jun 2024 21:22:00 -0500
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: "freebsd-hackers@FreeBSD.org" <freebsd-hackers@freebsd.org>
From: Kyle Evans <kevans@FreeBSD.org>
Subject: Further work on FORTIFY_SOURCE
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

Hi,

Sponsored by Stormshield and Klara, I've completed an extension of the 
original FORTIFY_SOURCE work that landed a couple weeks ago.  This set 
includes both a test framework to make sure that it's more or less 
working as we expect, along with fortification of many, many more libc 
functions & syscalls.  The relevant reviews are in a stack starting at 
https://reviews.freebsd.org/D45676 and include:

D45676 Prepare some build fixes in advance of more _FORTIFY_SOURCE
D45677 libc: move __ssp_overlap back out into <ssp/ssp.h>
D45678 libc: tests: add testing infrastructure for _FORTIFY_SOURCE
D45679 include: ssp: round out fortification of current set of headers
D45680 include: ssp: fortify poll/ppoll from <poll.h>
D45681 include: ssp: fortify <stdlib.h>
D45682 include: ssp: fortify <wchar.h>
D45683 include: ssp: fortify <sys/random.h>
D45684 include: ssp: fortify <sys/uio.h>
D45685 include: ssp: fortify <sys/select.h>
D45686 include: ssp: fortify <sys/socket.h>

I've pushed a branch to Klara's GitHub as well for anyone interested in 
trying to consume it in that format:

https://github.com/KlaraSystems/freebsd/commits/stormshield/fortify_source/

Review and feedback are welcome- I've been running the full set on my 
laptop and my build machine with no obvious issues

One caveat that we'll need to work through is that the lang/gcc* ports 
include some <ssp/*> headers, so those ports can't be used to build 
anything with _FORTIFY_SOURCE enabled (not compatible with ours).  These 
headers should almost certainly just go away at this point -- the 
improvement in the feature with GCC comes from the builtin 
implementations, not from whatever they've written in these headers.

Thanks,

Kyle Evans