Date: Sat, 21 Mar 2015 10:43:40 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Warner Losh <imp@bsdimp.com> Cc: Adrian Chadd <adrian@freebsd.org>, HardenedBSD Core <core@hardenedbsd.org>, Oliver Pinter <oliver.pinter@hardenedbsd.org>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: ASLR work into -HEAD ? Message-ID: <9043388.Uf7dufN8KZ@shawnwebb-laptop> In-Reply-To: <A637110F-A865-4924-AB06-13D7DE2631A8@bsdimp.com> References: <CAJ-VmomszKm47aLnGWiouUQHvmB8%2BchA=y-q1zvtOwJ7_iqe0g@mail.gmail.com> <1426878339.5550.29.camel@hardenedbsd.org> <A637110F-A865-4924-AB06-13D7DE2631A8@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart2422452.N10iFPSzQD Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On Friday, March 20, 2015 03:14:30 PM Warner Losh wrote: > > On Mar 20, 2015, at 1:05 PM, Shawn Webb <shawn.webb@hardenedbsd.org= > > > wrote: > >=20 > > On Fri, 2015-03-20 at 14:17 -0400, Shawn Webb wrote: > >> On Fri, 2015-03-20 at 09:28 -0600, Warner Losh wrote: > >>>> On Mar 19, 2015, at 2:31 PM, Oliver Pinter > >>>> <oliver.pinter@hardenedbsd.org> wrote:>>>>=20 > >>>> On Thu, Mar 19, 2015 at 9:04 PM, Adrian Chadd <adrian@freebsd.or= g>=20 wrote: > >>>>> On 19 March 2015 at 12:56, Warner Losh <imp@bsdimp.com> wrote: > >>>>>>> On Mar 19, 2015, at 12:53 PM, Adrian Chadd <adrian@freebsd.or= g> > >>>>>>> wrote: > >>>>>>>=20 > >>>>>>> Hi, > >>>>>>>=20 > >>>>>>> Apparently this is done but has stalled: > >>>>>>>=20 > >>>>>>> https://reviews.freebsd.org/D473 > >>>>>>>=20 > >>>>>>> Does anyone have any strong objections to it landing in the t= ree > >>>>>>> as-is? > >>>>>>=20 > >>>>>> There=E2=80=99s rather a lot of them specifically spelled out = in the code > >>>>>> review. > >>>>>>=20 > >>>>>> Many of the earlier ones were kinda blown off, so I=E2=80=99ve= not been > >>>>>> inclined > >>>>>> to take the time to re-review it. Glancing at it, I see severa= l minor > >>>>>> issues that should be cleaned up. > >>>>>=20 > >>>>> Cool. Thanks for taking the time to look at it again. > >>>>>=20 > >>>>> Shawn is in #freebsd on freenode irc, so if you/others want a m= ore > >>>>> interactive review then he's there during the day. > >>>>=20 > >>>> Please CC the core@hardenedbsd.org in future please, when you ar= e > >>>> talking about this issue. > >>>>=20 > >>>> Adrian: do you able to review the MIPS or ARM part especially or= test > >>>> them? > >>>=20 > >>> Adrian: Do not commit the changes. > >>>=20 > >>> I=E2=80=99ve gone back and re-read Robert Watson=E2=80=99s rather= long review and it > >>> appears that virtually none of that has been addressed. Until it = is, do > >>> not commit it. This code interacts with dangerous parts of the sy= stem, > >>> and the default cannot be to just let it in because no one has ob= jected > >>> recently. Objections have been made, they have been quantified, t= hey > >>> haven=E2=80=99t been answered or acted upon. Until that changes, = you can assume > >>> the objections remain in place and asking again without fixing th= em > >>> isn=E2=80=99t going to change the answer. > >>>=20 > >>> Warner > >>=20 > >> Warner, > >>=20 > >> We've fixed the vast majority of the concerns raised in that revie= w. To > >> say "virtually none of that has been addressed" and "they haven't = been > >> answered or acted upon" is a blatant lie. The fact that there are = so > >> many revisions of the patch is proof. We even made our ASLR > >> implementation for FreeBSD less secure by providing a mechanism in= > >> ptrace() to disable it as requested by a member of the FreeBSD > >> Foundation. (This "feature" doesn't exist in HardenedBSD's > >> implementation.) If comments like these continue, I will remove th= e diff > >> from Phabricator and close the BugZilla ticket. FreeBSD can feel f= ree to > >> pull from us, but we won't make any effort to proactively upstream= our > >> work. > >>=20 > >> With that said, I have missed a few of the concerns raised. There'= s so > >> many comments/concerns in that review that it's easy to miss a few= . I > >> will address them tonight and upload a new patch tomorrow. > >=20 > > I've updated the patch. Is there anything I've missed? >=20 > I=E2=80=99ve taken a look at the updated patch and see that it addres= sed the > issues I raised. It almost looks like the update to the review a mont= h > ago was the wrong version, since so many more of the original > comments appear to be addressed than when I looked. Thanks! >=20 > Warner I've updated the patch again. Please let me know if there's anything I'= ve=20 missed. Otherwise, I'd love to see this committed in HEAD. :-) =2D-=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --nextPart2422452.N10iFPSzQD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJVDYOcAAoJEGqEZY9SRW7uTDMP/ikvBOG9SJ3C3fipDtg+968D 5WtFqQw3AMqfzf6h1ixhB0FXOC27gBFpGvy4Hy5WG8U5l8E06aB24fyqQi6U6MUt Brb8aJg1VpjxRec2+rmPz/TbVu0LaTXgn1RnY2fVurG846ehz0e8OE09jGHbWz3u gx9Rn1yj6DAe8xeTfrEMIwhSctZgd6bjahCuPjuID3Rz0f/9RrGd7XTpClwCosWA IjrpOPdxcS5Uy0x+givcGt/1rqHVBlDMcZDQ1kcomzN6MEEe/J94N939ah4Asn3B ZoEuLeqcc8E7rqixaXbmktNfVCS2/jtdzmeChDw5isO47MUJExkwkHVneSV3ZQ0z eU1c6jL7XpD4lZqaVNYy/CCYDQW0VCi7J1W5ZYYfpDY0lzLzP8L84+iACuwNG7Xp W3wMnMOkxz9QVlxUHlsuQCMp1TZA9HTRSi9VwpoDv2mrEz8boTpwbvu928mOLrFT V5BV8nbanWgYl07duMEZ+Hto+gBeWgJF8h3OsShSNQh1+7y0r9bD+3mOr/h+tXV3 q5Dg56hNg1LOH8KNeY4yWCmxcI4aWI+GWu0qKBIY/mfMr9Yn7sMK4b498iP1fFl5 Qw/FeI5EaTdXY4wLaQPQVJH6OwRV+72Wk+BkT5OQfpcywegLZdcwzUmIgZ8sCeLA vlZX2PdT26KQFQiVB1g5 =HsOX -----END PGP SIGNATURE----- --nextPart2422452.N10iFPSzQD--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9043388.Uf7dufN8KZ>