Date: Wed, 14 May 2014 09:58:52 -0400 From: Shawn Webb <lattera@gmail.com> To: freebsd-current@freebsd.org;, freebsd-security@freebsd.org;, freebsd-stable@freebsd.org Subject: [CFT] ASLR, PIE, and segvguard on 11-current and 10-stable Message-ID: <20140514135852.GC3063@pwnie.vrt.sourcefire.com>
next in thread | raw e-mail | index | archive | help
--lymARMIdFDV9dylT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hey All, [NOTE: crossposting between freebsd-current@, freebsd-security@, and freebsd-stable@. Please forgive me if crossposting is frowned upon.] Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology. It helps secure applications against low-level exploits. A popular secure implementation is known as PaX ASLR, which is a third-party patch for Linux. Our implementation is based off of PaX's. Oliver Pinter, Danilo Egea, and I have been working hard to bring more features and robust stability to our ASLR patches. We've done extensive testing on amd64. We'd like to get as many people testing these patches. Given the nature of them, we'd also like as many eyeballs reviewing the code as well. I have a Raspberry Pi and have noticed a few bugs. On ARM (at least, on the RPI), when a parent forks a child, and the child gracefully exits, the parent segfaults with the pc register pointing to 0xc0000000. That address is always the same, no matter the application. If anyone knows the ARM architecture well, and how FreeBSD ties into it, I'd like a little guidance. I also have a sparc64 box, but I'm having trouble getting a vanilla 11-current system to be stable on it. I ought to file a few PRs. You can find links to the patches below. Patch for 11-current: http://www.crysys.hu/~op/freebsd/patches/20140514091132-freebsd-current-aslr-segvguard-SNAPSHOT.diff Patch for 10-stable: http://www.crysys.hu/~op/freebsd/patches/20140514091132-freebsd-stable-10-aslr-segvguard-SNAPSHOT.diff Thanks, Shawn Webb --lymARMIdFDV9dylT Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBAgAGBQJTc3abAAoJEGqEZY9SRW7u580QAJWLg7UFiDYh4kScgsbyKmGT oAtZvijHAmqqRZ3TAbenWfset3MkyxxQ56QupEVvIl7TiveyEzgYNOVsOluur+gZ KtfM8IUUWQqaxQL7H0lfG304KpZGM6dWahxIPTeM3nOwkb70Z9HY4geuS5B2cSLs 4Js85lwKE09a9dzyCZWz13bB173zTLD4Drx23L5LQdvLfYrn+bQ83SScyq8arzoy 0e3AltDxxqYw50FMCe3865856Umi6envzm1bV/fMMp36Wc4usgLjTcodxqEJvrGs cRTKCg5lJZQCrPmqOSLaxOwDa9ni6Q6CDHNOi0D1RzfAvLQKzvR+Cro33494PAOL Lx33GfN2YRPpCnJ7E46/M2Kk+4JF6wCIqqsg8WZAoXdHs9+grs86ID24lueUxR4Z HL7ubdx68thozBbdq89m9Lg5Iji7Z7UVEVClVgnS+Sy9EoBiJIiFULgB1OuVITzS TPQ20mfwuIEVxfU2mOdf8FdJuWw5Pb5SrivaNgi+lO73H/et9yhR/SGmoA1jo086 4Tm0acmsq0ITI8gqtIJ0rypjqJxhkvID9qeXsmd8Q6P03XuXV/U7Mr/Ry5Y1iXbh /lAW6fRosqgWK2UpNTFOXSKG1BVjv+UictZGtPnGV2c5BTeCVNb9NT558jv0FolU Ica4f4E1I5Auioxdw8Y9 =xhTr -----END PGP SIGNATURE----- --lymARMIdFDV9dylT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140514135852.GC3063>