From owner-freebsd-arch@FreeBSD.ORG  Wed May 20 15:52:27 2015
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 439031F5
 for <freebsd-arch@freebsd.org>; Wed, 20 May 2015 15:52:27 +0000 (UTC)
Received: from nm1-vm1.bullet.mail.bf1.yahoo.com
 (nm1-vm1.bullet.mail.bf1.yahoo.com [98.139.213.163])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id EAF521BF2
 for <freebsd-arch@freebsd.org>; Wed, 20 May 2015 15:52:26 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1432137139; bh=RJQKKHfNlEIfmBFkGpFklMxDGISlNJV6h/pKGvEVXcI=;
 h=Date:From:To:Subject:From:Subject;
 b=RbOzEdYaE5tZsoAEbs0a01FEbi3p/t2Zm/srmK8VsfsClqjcUKPH0LyJWCBPkbV/nx4a45sJwkIhY2+5krMz8jPlVZpBzYdjpbcDIOYuC5Nh4ITXDuVUR0cDVwOIzFjpzkFLlvUupOtUuUhE1QsHH8jr6RbeK0mXpJ4tRs4A4n67HwMZO2jz8+RV/RhXNdKmzWztWy2d++vv37ckz8Oy02jqNXebU/0a7UfN6XCgKwYNvSg+giC6pFeMj6SBdvtjbH+GI5ldBFPsURVOHaAyW7Tbw/G/yAZkfegtozMceRzSx25dd7sAsJWpUcEQcQwBv2m3j0LBhiuurlRAti5OJg==
Received: from [66.196.81.170] by nm1.bullet.mail.bf1.yahoo.com with NNFMP;
 20 May 2015 15:52:19 -0000
Received: from [98.139.211.206] by tm16.bullet.mail.bf1.yahoo.com with NNFMP;
 20 May 2015 15:52:19 -0000
Received: from [127.0.0.1] by smtp215.mail.bf1.yahoo.com with NNFMP;
 20 May 2015 15:52:19 -0000
X-Yahoo-Newman-Id: 74966.60384.bm@smtp215.mail.bf1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: kUS0zvkVM1lOk9tIYePtCissYh7_WtVU80CLJUw7Jm5HkzR
 KMU_1FqJParS5tOXCDR3MORvkurLNejU8t47XY8drl6vmaDK_KxcjIVO6btN
 wyjrFvMoaZgwuPa44qU7VsAs83GzhAKOY0x5272HNi1p6J68hEkcKrkEjdK8
 lzAfONV7avdD_Loz8ZXfU5K1mDnLEMuAeE4XwXWeUJj5JbTm5M.zK8uJePTz
 aQQSi8ui_41xqc9N.gpDL8czLFJqN5Lo4KPbECO934lZO_BD9t9zYfN9.bKh
 ZKFuTPhUbNcOKXXFerZvXsCD0LixqTH_4OLWZ5AxUECNn0.sD1tmCIByBbhT
 OR07yRwy8CRMj7MpRscsEHoz9IHO.yKE9AtRI8._TAS0gCLPSkgzoGH0bR.n
 NHwHQBHqXcbWSfWfH7jl4vb0d3dZ5dHc9_x8_AFvJ9_x3Yh1Utocb_GWJRwO
 3qUbpVn0zDaqWHHh8fFMgnOL1G.1Ok6HR.38W5rM9s7X_SFp1Hwksuj50UC.
 QLE5E7RskQBWCuNpIZZFn_PeE7Mp3DgTK
X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf
Message-ID: <555CADB6.202@FreeBSD.org>
Date: Wed, 20 May 2015 10:52:22 -0500
From: Pedro Giffuni <pfg@FreeBSD.org>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Shawn Webb <shawn.webb@hardenedbsd.org>, 
 "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
Subject: Re: ASLR work into -HEAD ?
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 15:52:27 -0000

Hello Shawn;

What ever happened to the performance, does it still have a
noticeable effect even when disabled?

I have no technical opinion on the patch, but ...

TBH, the problem I see is that ASLR is so widespread that every
potential attacker already knows how to defeat it. Yes, it is meant
only as a mitigation technique but if it only buys you 5 min.
(at most) I don't see much advantage in obfuscating the VM.

Just IMHO ... I am not a player in that area and I don't maintain
the underlying code so I don't approve or reject anything.

Pedro.