Date: Sun, 12 Jan 2025 18:05:20 +0000 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Alexander Leidinger <Alexander@leidinger.net> Cc: Freebsd Arch <freebsd-arch@freebsd.org> Subject: Re: Setting a default value for OPT_INIT_ALL (stable=zero, current=pattern) Message-ID: <jo62rmylvejs2gm4r3wjfmkizymyjeaaszcubpv2duc36fjyz4@biamajvnaisz> In-Reply-To: <e75ff74c80d74f7cfa15af6e0870f095@Leidinger.net> References: <f6921f188cc5f41067394ec358d37fa5@Leidinger.net> <pjlvri44wsgoolt5yhtsmlbcbysjlsfwwrj6lqtwj4b6pctqr5@qs5q3s5isucg> <e75ff74c80d74f7cfa15af6e0870f095@Leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--nrqbrowxbgy5dz2l Content-Type: text/plain; protected-headers=v1; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Subject: Re: Setting a default value for OPT_INIT_ALL (stable=zero, current=pattern) MIME-Version: 1.0 On Sun, Jan 12, 2025 at 01:06:06PM +0100, Alexander Leidinger wrote: > Am 2025-01-11 21:18, schrieb Shawn Webb: >=20 > > Hey Alex, > >=20 > > To give some additional data points coming from the HardenedBSD side: > >=20 > > 1. In 2019, we added support for this feature on an opt-in basis. > > * Commit 6b573e328baa44bf8b47d40ff72fc1cc8a86fb00 > > 2. In 2021, we enabled -ftrivial-auto-var-init=3Dzero by default. > > * Commit e4494782e5015da340106ca81445c65121c55ae3 > > 3. In 2022, we modified clang itself to enable it by default. > > * Commit 7557c8fd656c83a21e4d43071ea502445efb1ef3 > > 4. In 2023, we added support for kernel modules to opt-in. > > * Commit dd21b931eca8e5370a6d0341908316538b52de71 >=20 > If it is enabled by default in clang, does it mean you have an opt-out per > default in the kernel? Did you encounter parts of the kernel which don't > work well with this? We ahve a mechanism for kernel modules to say they work safely with trivial variable auto-init[1]. In the module's Makefile, just set the TRIVIAL_VAR_AUTO_INIT_ZERO_SAFE variable. I haven't found success in enabling the feature for the kernel itself--and I'm unsure why, though I have a few guesses (which could be horrifically wrong, so I won't publicly speculate.) I've limited it to kernel modules I myself use on a daily basis. >=20 > If I read our bsd.kern.mk correctly, the OPT_INIT_ALL in src.conf is taken > in the full kernel build. As such I have this "active" in the kernel on t= he > jail host I test this on (with mysql, potsgresql, postfix, dovecot, redis, > php, java, .......). HardenedBSD takes a slightly different approach than FreeBSD mainly due to historic reasons. We could probably switch to the FreeBSD way, but why change something if it works? ;-) >=20 > I have most of the kernel stuff as modules, so this should all be compiled > with =3Dzero (except the isal and nvidia modules, I have just compiled-te= sted > the ports I use but not yet run tested with a similar feature for the por= ts > collection): > Id Name > 1 kernel > 2 opensolaris.ko > 3 usbhid.ko > 4 hidbus.ko > 5 hid.ko > 6 kbdmux.ko > 7 coretemp.ko > 8 hsctrl.ko > 9 hidmap.ko > 10 tcphpts.ko > 11 ahci.ko > 12 hcons.ko > 13 if_igb.ko > 14 iflib.ko > 15 cryptodev.ko > 16 cc_chd.ko > 17 aesni.ko > 18 tcp_rack.ko > 19 nvme.ko > 20 smbios.ko > 21 efirt.ko > 22 vkbd.ko > 23 zfs.ko > 24 xdr.ko > 25 cpufreq.ko > 26 dpms.ko > 27 hkbd.ko > 28 umass.ko > 29 miibus.ko > 30 geom_eli.ko > 31 geom_label.ko > 32 tmpfs.ko > 33 fdescfs.ko > 34 if_bridge.ko > 35 bridgestp.ko > 36 if_epair.ko > 37 xhci.ko > 38 firewire.ko > 39 if_fwip.ko > 40 filemon.ko > 41 sound.ko > 42 ulpt.ko > 43 accf_dns.ko > 44 accf_data.ko > 45 accf_http.ko > 46 accf_tls.ko > 47 cpuctl.ko > 48 tpm.ko > 49 ipmi.ko > 50 linux.ko > 51 mqueuefs.ko > 52 linux_common.ko > 53 linux64.ko > 54 nullfs.ko > 55 cuse.ko > 56 isal.ko > 57 nvidia-modeset.ko > 58 nvidia.ko > 59 hms.ko > 60 ioat.ko > 61 snd_uaudio.ko > 62 pf.ko > 63 procfs.ko > 64 pseudofs.ko > 65 linprocfs.ko > 66 linsysfs.ko I would especially be curious about crypto and platform (like EFIRT) kernel modules. If you do enable trivial variable auto-init for any of what you listed, please let me know which ones work. [1]: https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/blob/hardened/cu= rrent/master/sys/conf/kern.mk?ref_type=3Dheads#L247-249 Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --nrqbrowxbgy5dz2l Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmeEBFkACgkQ/y5nonf4 4foZ2A//eZkOpi9xLU+d+Gy2+mBt/h6oaTbzG4Wl1pnAxpbtb3tz4OdzANjoFAqn GYaaTAJrMlC2tCdyCmNT6q+uXqTI27d2us/s4ZOaiJIwppXw2/CTdV14/zriy4e1 l5ch1B5qz7hofMqufgFN1XnlyZXkZpFUDsy/pGUPNz+H5pEfx5jt9HrtQcYJ3WIV B0wGdy5pySrB/DmA2OqVvuDH5wzk9wCKKaegyltVzdn+/6L3x0773ysX1Z11wRBg gc3xo3CBCLpu7OTx5uW+/mjH1fIU5E1YNShjLY2JpCSQGgN6Phvt11mxSrbj611j NwnEAET+t9+fNZlxML2OklncRb90sZ3hk0660XPKt5ERJtLDCEdquqIcYpTUFMHw pj2vx+KOT9zL4XJjVXsXNestxoFSRCULHhWYlE/duULJ4VNqg/4hLAuWL0IqQSK+ qdcTD3mj53sefJIDSd/U0LKdRKbvH0FkuFWL2aljB4E1BXZgXbWyhAsLSkvqjh2U wNvgmayYyrA/sqqTdNtc4JeLGwek8k5trysACl0g2TAtBJYarWv9n/hBgmQRyB/N dg4pUjTsa3PJwrIHKBFCUJ3ivAlHl8T6ITmvsynpquEQjUcB8FZeM32sgqdLNJsW ymrAIvvy7iZhC7+maGJNrrTvfdex3iNZAhhW3A8LekSEO5UAQZQ= =d06n -----END PGP SIGNATURE----- --nrqbrowxbgy5dz2l--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?jo62rmylvejs2gm4r3wjfmkizymyjeaaszcubpv2duc36fjyz4>