From owner-freebsd-arch@FreeBSD.ORG Sat Mar 21 15:23:41 2015 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6C1F0BF4 for ; Sat, 21 Mar 2015 15:23:41 +0000 (UTC) Received: from mail-qc0-f172.google.com (mail-qc0-f172.google.com [209.85.216.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 20C5E21C for ; Sat, 21 Mar 2015 15:23:40 +0000 (UTC) Received: by qcto4 with SMTP id o4so115524485qct.3 for ; Sat, 21 Mar 2015 08:23:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:organization :user-agent:in-reply-to:references:mime-version:content-type; bh=BFZNXeUDPyP26RP5XEEK5j7boriK2SMZe8KqHBkuoqc=; b=gU1AU2ibklcVyfzaonHWRhBeV7S3K9nXjmTw/Zx1qxgawSWD2NhUT9OoUrUI/E+5tZ f+EjO9YQoYAli78DLQIzLmDjVut8TxDdoZp3EADYiPvV/++vZbrzZbnAdsNPzREn3YGv +4RykkQ7FVpn23LK4rVXOhauqR/qwBjR6OzHmAoygA3IR+3u6vKMfEp3gYHXkdLgm6Rx Z9LnTkJciJbpTyrr9RZAlpwRXr3VhfO2HjTYGe2Ln1oMADRJnKhp4D/3j6qp/pr5wmmC dioS+vEa334bGgRv0OKfZCmVuBDZGp3tBLHtiA1nT1JtzM4Zrc22dbyxXt0ZVM20o2Jk SqRQ== X-Gm-Message-State: ALoCoQmYhnwfavM4evcX1Tjf+RDSbeiFgHOIHuUTHIYlZj3fHndHk1QfqYpHmIHuVwZETITp6QVX X-Received: by 10.55.31.97 with SMTP id f94mr126019983qkf.10.1426949975615; Sat, 21 Mar 2015 07:59:35 -0700 (PDT) Received: from shawnwebb-laptop.localnet ([73.173.99.185]) by mx.google.com with ESMTPSA id n20sm5267776qgd.48.2015.03.21.07.59.34 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 21 Mar 2015 07:59:34 -0700 (PDT) From: Shawn Webb To: Warner Losh Subject: Re: ASLR work into -HEAD ? Date: Sat, 21 Mar 2015 10:43:40 -0400 Message-ID: <9043388.Uf7dufN8KZ@shawnwebb-laptop> Organization: HardenedBSD User-Agent: KMail/4.14.2 (FreeBSD/11.0-CURRENT; KDE/4.14.2; amd64; ; ) In-Reply-To: References: <1426878339.5550.29.camel@hardenedbsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2422452.N10iFPSzQD"; micalg="pgp-sha256"; protocol="application/pgp-signature" Cc: Adrian Chadd , HardenedBSD Core , Oliver Pinter , "freebsd-arch@freebsd.org" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Mar 2015 15:23:41 -0000 --nextPart2422452.N10iFPSzQD Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On Friday, March 20, 2015 03:14:30 PM Warner Losh wrote: > > On Mar 20, 2015, at 1:05 PM, Shawn Webb > > wrote: > >=20 > > On Fri, 2015-03-20 at 14:17 -0400, Shawn Webb wrote: > >> On Fri, 2015-03-20 at 09:28 -0600, Warner Losh wrote: > >>>> On Mar 19, 2015, at 2:31 PM, Oliver Pinter > >>>> wrote:>>>>=20 > >>>> On Thu, Mar 19, 2015 at 9:04 PM, Adrian Chadd =20 wrote: > >>>>> On 19 March 2015 at 12:56, Warner Losh wrote: > >>>>>>> On Mar 19, 2015, at 12:53 PM, Adrian Chadd > >>>>>>> wrote: > >>>>>>>=20 > >>>>>>> Hi, > >>>>>>>=20 > >>>>>>> Apparently this is done but has stalled: > >>>>>>>=20 > >>>>>>> https://reviews.freebsd.org/D473 > >>>>>>>=20 > >>>>>>> Does anyone have any strong objections to it landing in the t= ree > >>>>>>> as-is? > >>>>>>=20 > >>>>>> There=E2=80=99s rather a lot of them specifically spelled out = in the code > >>>>>> review. > >>>>>>=20 > >>>>>> Many of the earlier ones were kinda blown off, so I=E2=80=99ve= not been > >>>>>> inclined > >>>>>> to take the time to re-review it. Glancing at it, I see severa= l minor > >>>>>> issues that should be cleaned up. > >>>>>=20 > >>>>> Cool. Thanks for taking the time to look at it again. > >>>>>=20 > >>>>> Shawn is in #freebsd on freenode irc, so if you/others want a m= ore > >>>>> interactive review then he's there during the day. > >>>>=20 > >>>> Please CC the core@hardenedbsd.org in future please, when you ar= e > >>>> talking about this issue. > >>>>=20 > >>>> Adrian: do you able to review the MIPS or ARM part especially or= test > >>>> them? > >>>=20 > >>> Adrian: Do not commit the changes. > >>>=20 > >>> I=E2=80=99ve gone back and re-read Robert Watson=E2=80=99s rather= long review and it > >>> appears that virtually none of that has been addressed. Until it = is, do > >>> not commit it. This code interacts with dangerous parts of the sy= stem, > >>> and the default cannot be to just let it in because no one has ob= jected > >>> recently. Objections have been made, they have been quantified, t= hey > >>> haven=E2=80=99t been answered or acted upon. Until that changes, = you can assume > >>> the objections remain in place and asking again without fixing th= em > >>> isn=E2=80=99t going to change the answer. > >>>=20 > >>> Warner > >>=20 > >> Warner, > >>=20 > >> We've fixed the vast majority of the concerns raised in that revie= w. To > >> say "virtually none of that has been addressed" and "they haven't = been > >> answered or acted upon" is a blatant lie. The fact that there are = so > >> many revisions of the patch is proof. We even made our ASLR > >> implementation for FreeBSD less secure by providing a mechanism in= > >> ptrace() to disable it as requested by a member of the FreeBSD > >> Foundation. (This "feature" doesn't exist in HardenedBSD's > >> implementation.) If comments like these continue, I will remove th= e diff > >> from Phabricator and close the BugZilla ticket. FreeBSD can feel f= ree to > >> pull from us, but we won't make any effort to proactively upstream= our > >> work. > >>=20 > >> With that said, I have missed a few of the concerns raised. There'= s so > >> many comments/concerns in that review that it's easy to miss a few= . I > >> will address them tonight and upload a new patch tomorrow. > >=20 > > I've updated the patch. Is there anything I've missed? >=20 > I=E2=80=99ve taken a look at the updated patch and see that it addres= sed the > issues I raised. It almost looks like the update to the review a mont= h > ago was the wrong version, since so many more of the original > comments appear to be addressed than when I looked. Thanks! >=20 > Warner I've updated the patch again. Please let me know if there's anything I'= ve=20 missed. Otherwise, I'd love to see this committed in HEAD. :-) =2D-=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --nextPart2422452.N10iFPSzQD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJVDYOcAAoJEGqEZY9SRW7uTDMP/ikvBOG9SJ3C3fipDtg+968D 5WtFqQw3AMqfzf6h1ixhB0FXOC27gBFpGvy4Hy5WG8U5l8E06aB24fyqQi6U6MUt Brb8aJg1VpjxRec2+rmPz/TbVu0LaTXgn1RnY2fVurG846ehz0e8OE09jGHbWz3u gx9Rn1yj6DAe8xeTfrEMIwhSctZgd6bjahCuPjuID3Rz0f/9RrGd7XTpClwCosWA IjrpOPdxcS5Uy0x+givcGt/1rqHVBlDMcZDQ1kcomzN6MEEe/J94N939ah4Asn3B ZoEuLeqcc8E7rqixaXbmktNfVCS2/jtdzmeChDw5isO47MUJExkwkHVneSV3ZQ0z eU1c6jL7XpD4lZqaVNYy/CCYDQW0VCi7J1W5ZYYfpDY0lzLzP8L84+iACuwNG7Xp W3wMnMOkxz9QVlxUHlsuQCMp1TZA9HTRSi9VwpoDv2mrEz8boTpwbvu928mOLrFT V5BV8nbanWgYl07duMEZ+Hto+gBeWgJF8h3OsShSNQh1+7y0r9bD+3mOr/h+tXV3 q5Dg56hNg1LOH8KNeY4yWCmxcI4aWI+GWu0qKBIY/mfMr9Yn7sMK4b498iP1fFl5 Qw/FeI5EaTdXY4wLaQPQVJH6OwRV+72Wk+BkT5OQfpcywegLZdcwzUmIgZ8sCeLA vlZX2PdT26KQFQiVB1g5 =HsOX -----END PGP SIGNATURE----- --nextPart2422452.N10iFPSzQD--