Date: Fri, 17 Apr 2020 14:58:06 +0200 From: Marcin Wojtas <mw@semihalf.com> To: freebsd-security@freebsd.org Cc: Rafal Jaworowski <raj@semihalf.com> Subject: ASLR/PIE status in FreeBSD HEAD Message-ID: <CAPv3WKfYyVnfNDTPOEN6TF_GjJr=ThdNeB1yMtTEoQoxEdHMDg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, Together with our customers, Semihalf is interested in improving the status of security mitigations enablement in FreeBSD. To start with, based on our initial research it seems that after 2019 enhancements the ASLR/PIE features are in pretty much ready state. Building the world using the 'WITH_PIE' flag produced proper binaries and the sanity showed no obvious degradations. Additionally, for the ASLR we performed a comparison of the pax tests ( https://github.com/opntr/paxtest-freebsd) for amd64/arm64 and they indicate the feature is working fine after setting the according sysctl knobs. I'd be happy to present the results and discuss the details, but firstly I'd like to ask more general questions: 1. Are there any hard blockers, like missing features or bugs, that prevent enabling ASLR by default in the kernel and building the base system with -DWITH_PIE? 2. In case the enablement becomes eventually approved, will it be better to do it for all archs or focus only on the selected ones? 3. IMO it may be worth to benchmark/stress the system for the stability verification and perf comparison purpose. Do you think it may be reasonable to create a kind of reference matrix (archs vs tests)? Those could be done to evaluate the current state of the OS, but also for validating each proposed feature. I also think engaging the FreeBSD CI might be a huge help in such an effort. BTW, any particular tests / benchmarks come to your mind as useful in this case? I'd appreciate any feedback. Best regards, Marcin Wojtas (mw@)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPv3WKfYyVnfNDTPOEN6TF_GjJr=ThdNeB1yMtTEoQoxEdHMDg>