From owner-freebsd-arch@FreeBSD.ORG Sat Jul 19 23:35:35 2014 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 47B845D7 for ; Sat, 19 Jul 2014 23:35:35 +0000 (UTC) Received: from nm8-vm0.bullet.mail.bf1.yahoo.com (nm8-vm0.bullet.mail.bf1.yahoo.com [98.139.213.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E0A5A296D for ; Sat, 19 Jul 2014 23:35:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1405812927; bh=FjnTH9M9gGlUWONt9UVXXRpqcMtfigSvv1o7B/qzjr8=; h=Received:Received:Received:X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:From:Content-Type:Content-Transfer-Encoding:Subject:Date:Message-Id:Cc:To:Mime-Version:X-Mailer; b=Cz4zRXcj0WY8oFYcltg/yLUWaacIF82DJ9N5L8B3hf9Owrx1y4Jo2vq25pu+aAbahlxf5sJ56Eu/EPow7ByUO+nPUC6pXcDqGp9WyJOOUto3d40NiALbgAu/MGuPcQ5rCKZt6E/VmO7iG36svCwHx8l9B14dWkJB9dE4rG7nVzYPBXhMD8Ckk2i8hEHSh3OOMsPwPNdueMf6sHEnyJ7kP3QCssTdoEMPJBCyMUGGILRgGyNmEGWxvGga1UWcB4C9CVK7mAONwBTkQHeF+vt00N7AZbe5McyYpPUFMa912gmd1Ql/AHmmYjwAwx4kUGN9lJH0UiNld1MBcuTI+NEyhA== DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s2048; d=yahoo.com; b=Kokn1JmZKd1b8DBdwt2IhOpcNvdzLZKFjmO2ilwQ+t6coJKx2/XbrWX9KYVKaI3xJZAWnGaNId3r9ywkQFJD1+FWII5NTD/MkvssxZoVVYl8J+stQB+8bDiH2FnItT3CIyZEzzVJQzCXf6LnANrfiAiF413u/zZnC9P7Njnlfx14qPhXg9EdbqUEKFMawA/c/MvCXxUeHvhAq4r20hv5y2MJiXSZIAdrHX5cn3XEuPcLn8p4LTpE5uTOzty25Tm9Ay72zZGgJ0g2n1TubOIoVwmmgCvWaeqgLBNycCeke3n6BQmavkUJz9EERt6fFUZZ+Xl3uz2VQV8lp44jkR9w2g==; Received: from [66.196.81.174] by nm8.bullet.mail.bf1.yahoo.com with NNFMP; 19 Jul 2014 23:35:27 -0000 Received: from [98.139.213.12] by tm20.bullet.mail.bf1.yahoo.com with NNFMP; 19 Jul 2014 23:35:27 -0000 Received: from [127.0.0.1] by smtp112.mail.bf1.yahoo.com with NNFMP; 19 Jul 2014 23:35:27 -0000 X-Yahoo-Newman-Id: 606632.4074.bm@smtp112.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: 7p6gl5IVM1neDBPUKUa.w0cHupSzjZseRw1SpiEj3axnivI THvQkdpELB8L_je4i1evG2zuVYwHNkdzB1a4EiLaCRb3mnSBaVhBfChvOT4m zUjkbBrZlkJa5GyQUvaA_dpnoLb_KHxKCySYihUdRW9SaAsCO7qGnTFn6rC2 UUj_TxY4mWa6GI8L.FHZeA9QnKb9s.Plza.RvWAAs6fpIuDI3BK7es5_56zf U7icZJAkcdUp2Nu56nYaEpomLAW3w7BqtkLAgZW2nBJZwFiyNRqGbJ.dEDGf SWLnUd5kRDFLpZnIaVaFlUmxYKc7OcnFv7Ba4Frpb68vL8WSS2lBucnAEe8x kalmR9Vo58xK4uqlz8c5nkSFc992eG0zmRB1UsOkU990PiO5DxFUXbJQyVRw nlApz3RajRgzZHXKGpHvjlk2EqvW7bId._u911YWqki11QOi7HJGVd4RLv1p 04QuLUBvZmWbd..ZKzfDFXnIrGYbYZ_KPVQ6.Q2qny.HBmI7gzR5KczSlLI_ Anv07b2wn1Ve4codmKozhugpxk6Tfi.M- X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf From: Pedro Giffuni Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Subject: Re: [RFC] ASLR Whitepaper and Candidate Final Patch Date: Sat, 19 Jul 2014 18:35:24 -0500 Message-Id: <96C72773-3239-427E-A90B-D05FF0F5B782@freebsd.org> To: Bryan Drewery Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) X-Mailer: Apple Mail (2.1878.6) Cc: PaX Team , freebsd-arch@freebsd.org, Shawn Webb , Oliver Pinter X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 23:35:35 -0000 (Assuming @FreeBSD addresses are subscribed to arch, or check the = archives) FWIW, The issues I pointed out are still standing: - It is yet undetermined what the performance effect will be, and it is = not clear (but seems likely from past measurements) if there will be a = performance hit even when ASLR is off. -Apparently there are applications that will segfault (?). I wouldn=92t object to see it in the tree though: it has obviously been = the result of a lot of work and it is configurable and well integrated. = It will certainly have to be some time in the tree and undergo extensive = testing before turning it on by default though so it sounds reasonable = to bring it in but leave it initially inactive. Pedro.=