From owner-svn-src-head@freebsd.org  Thu Aug  6 17:28:01 2020
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8E4CB3A7156;
 Thu,  6 Aug 2020 17:28:01 +0000 (UTC)
 (envelope-from brooks@spindle.one-eyed-alien.net)
Received: from spindle.one-eyed-alien.net (spindle.one-eyed-alien.net
 [199.48.129.229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BMwS05c9xz4MtF;
 Thu,  6 Aug 2020 17:28:00 +0000 (UTC)
 (envelope-from brooks@spindle.one-eyed-alien.net)
Received: by spindle.one-eyed-alien.net (Postfix, from userid 3001)
 id 6A4DF3C0199; Thu,  6 Aug 2020 17:27:59 +0000 (UTC)
Date: Thu, 6 Aug 2020 17:27:59 +0000
From: Brooks Davis <brooks@freebsd.org>
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: Re: svn commit: r363966 - head/sys/vm
Message-ID: <20200806172759.GC19649@spindle.one-eyed-alien.net>
References: <202008061620.076GKLoa047657@repo.freebsd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="JYK4vJDZwFMowpUq"
Content-Disposition: inline
In-Reply-To: <202008061620.076GKLoa047657@repo.freebsd.org>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-Rspamd-Queue-Id: 4BMwS05c9xz4MtF
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=none (mx1.freebsd.org: domain of brooks@spindle.one-eyed-alien.net has no
 SPF policy when checking 199.48.129.229)
 smtp.mailfrom=brooks@spindle.one-eyed-alien.net
X-Spamd-Result: default: False [-1.84 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-0.30)[-0.299]; FROM_HAS_DN(0.00)[];
 RCPT_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 NEURAL_HAM_LONG(-0.60)[-0.602];
 MIME_GOOD(-0.20)[multipart/signed,text/plain];
 TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[freebsd.org];
 AUTH_NA(1.00)[]; NEURAL_HAM_SHORT(-0.04)[-0.035];
 SIGNED_PGP(-2.00)[];
 FORGED_SENDER(0.30)[brooks@freebsd.org,brooks@spindle.one-eyed-alien.net];
 RCVD_COUNT_ZERO(0.00)[0]; R_SPF_NA(0.00)[no SPF record];
 R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~];
 ASN(0.00)[asn:36236, ipnet:199.48.128.0/22, country:US];
 FROM_NEQ_ENVFROM(0.00)[brooks@freebsd.org,brooks@spindle.one-eyed-alien.net]
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2020 17:28:01 -0000


--JYK4vJDZwFMowpUq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Aug 06, 2020 at 04:20:21PM +0000, Brooks Davis wrote:
> Author: brooks
> Date: Thu Aug  6 16:20:20 2020
> New Revision: 363966
> URL: https://svnweb.freebsd.org/changeset/base/363966
>=20
> Log:
>   Preserve ASLR vm_map flags across fork
>  =20
>   In the most common case (fork+execve) this doesn't matter, but further
>   attempts to apply entropy would fail in (e.g.) a pre-fork server.
>  =20
>   Reported by:	Alfredo Mazzinghi
>   Reviewed by:	kib, markj
>   Obtained from:	CheriBSD
>   MFC after:	3 days
>   Differential Revision:	https://reviews.freebsd.org/D25966

For the record, ASLR is off by default so there will not be a security
advisory on this issue.  If there are enough users who are concerned
about this we will consider an eratta notice for 12.1.

-- Brooks

--JYK4vJDZwFMowpUq
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJfLD2eAAoJEKzQXbSebgfAcmMH/3/8c+Xbs1w0Rr/8qo9Bo/jN
qA9dskspU6SAlIlaxv3Ip/AxtrghNobfTD8hnfnDu6B9p8jPtdpNvacCcYwpFWR7
+2Nr/tlQtiAF5m6PPAq/Blx9aMeuboqLdcq93k7F/6aB4Ngn/bSR5gaElVS3OWjh
iMRwNtWvTWD26BFB4mHgEzd6t7qz9RiJSor2OwCD7/F9BJv6sECYseL21pNu8aSE
PfE4KoXFVGKpyyoeLVThufZckY3Dvpsrhavr0sqTcRO9hjQOwN0rvEtGSBgA2AVI
H4gNSBdgVmUZTvEcQsa46iajnpfnHUrCiE0/FZXbyZ74PczfLpbU8p0+1Xdi4s0=
=zAIG
-----END PGP SIGNATURE-----

--JYK4vJDZwFMowpUq--