From owner-freebsd-current@freebsd.org Wed Jan 18 18:34:07 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 85EE8CB5914 for ; Wed, 18 Jan 2017 18:34:07 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: from mail-wm0-f54.google.com (mail-wm0-f54.google.com [74.125.82.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 25BED180F for ; Wed, 18 Jan 2017 18:34:06 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: by mail-wm0-f54.google.com with SMTP id r144so39319893wme.1 for ; Wed, 18 Jan 2017 10:34:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc:content-transfer-encoding; bh=lC1tjMJTMa893KQA22QcxQiZ1GV2+OnOsHjTqOIbxts=; b=Nc6rNUwr+HubyTXTa2fHdWSeC8zSyefnLDtwIudq8zN4hG55ibNL15tOaSXOqbHAgM y/Xbjcqs0VutnMwZTO2r17CvBgsN1y6DtPI4i6fdkDIqlOum8u4Jq50uEEjLWpQh4yqQ tMOrKZphSGqtnsBGL/4BzlZtCeKzxdBtqo++sYjF2gGhpR8x0vbSb3IUXLFjnbFVTy6U uT4ZqxcfKXhLcqOlDR9uyAJkBQukaLqAQZ77V9fHIgPK2UIOy7cuKKnGwsWAN4NcKp1p tZGHZIL10TpJqopWaXL/kMG7JakWmhgB8vy4ZW281MSJLgBLYe7ltjQTGe/rdUALE1ct /26w== X-Gm-Message-State: AIkVDXK797G62Y0KIPaIWC6ehUEMTBc6lB0UvuBH26CIZ+25k+Qa5yC82A4Nmd3uz9GosQ== X-Received: by 10.28.4.216 with SMTP id 207mr3814625wme.45.1484764007856; Wed, 18 Jan 2017 10:26:47 -0800 (PST) Received: from mail-wm0-f44.google.com (mail-wm0-f44.google.com. [74.125.82.44]) by smtp.gmail.com with ESMTPSA id e5sm47095611wma.12.2017.01.18.10.26.47 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 18 Jan 2017 10:26:47 -0800 (PST) Received: by mail-wm0-f44.google.com with SMTP id r144so38999681wme.1 for ; Wed, 18 Jan 2017 10:26:47 -0800 (PST) X-Received: by 10.28.4.216 with SMTP id 207mr3814608wme.45.1484764007564; Wed, 18 Jan 2017 10:26:47 -0800 (PST) MIME-Version: 1.0 Reply-To: cem@freebsd.org Received: by 10.194.29.72 with HTTP; Wed, 18 Jan 2017 10:26:46 -0800 (PST) In-Reply-To: References: From: Conrad Meyer Date: Wed, 18 Jan 2017 10:26:46 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: ASLR To: Johannes Lundberg Cc: freebsd-current Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jan 2017 18:34:07 -0000 On Wed, Jan 18, 2017 at 9:53 AM, Johannes Lundberg wro= te: > Hi > > What is the status of ASLR? > > https://reviews.freebsd.org/D5603 > > The thread has been silent for a couple of months. I'm happy to test if > needed. Hi Johannes, I think we were waiting on some review, but if that has stalled out, let's go ahead and commit it. Default off is fine for now. It can be improved as needed and then we at least have an ASLR story for the checkbox users. > I'm also interested in KASLR. Is that also on the roadmap? If someone > involved could share some info I'd be grateful. KASLR is less useful (grsecurity folks might say useless) =E2=80=94 see https://forums.grsecurity.net/viewtopic.php?f=3D7&t=3D3367 for some discussion on it. Best, Conrad