Date: Sun, 23 Jan 2022 11:36:29 +0100 From: Marcin Wojtas <mw@semihalf.com> To: freebsd-current <freebsd-current@freebsd.org> Subject: HEADS-UP: PIE enabled by default on stable/13 Message-ID: <CAPv3WKeCfHMLXN72sdmZCY03jLG7u79_8=sg0cj3N9rDxsm4nw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Hi, As of 396e9f259d962 the base system binaries are now built as position-independent executable (PIE) by default, for 64-bit architectures. Thanks to that enabling ASLR can be done simply by sysctls knobs when booting the kernel. If you track stable/13 and normally build WITHOUT_CLEAN you'll need to do one initial clean build -- either run `make cleanworld` or set WITH_CLEAN=yes. The change is a pure MFC of the changes integrated to -CURRENT early 2021 and no issues are expected, but in case any problems are observed, please issue a PR and/or let me know in this thread. Best regards, Marcin [-- Attachment #2 --] <div dir="ltr">Hi,<div><br></div><div>As of 396e9f259d962 the base system binaries are now built as position-independent executable (PIE) by default, for 64-bit architectures. Thanks to that enabling ASLR can be done simply</div><div>by sysctls knobs when booting the kernel.<br><div><br></div><div>If you track stable/13 and normally build WITHOUT_CLEAN you'll need to do one initial clean build -- either run `make cleanworld` or set WITH_CLEAN=yes.<br></div><div><br></div><div>The change is a pure MFC of the changes integrated to -CURRENT early 2021 and no issues are expected, but in case any problems are observed, please issue a PR and/or let me know in this thread.</div></div><div><br></div><div>Best regards,</div><div>Marcin</div></div>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPv3WKeCfHMLXN72sdmZCY03jLG7u79_8=sg0cj3N9rDxsm4nw>