Date: Fri, 8 Jul 2005 17:35:06 +0200 From: Jeremie Le Hen <jeremie@le-hen.org> To: freebsd-hackers@FreeBSD.org Subject: ProPolice: best way to fill canary Message-ID: <20050708153506.GM39292@obiwan.tataz.chchile.org>
next in thread | raw e-mail | index | archive | help
Hello hackers, I'm going to disturb you once again with ProPolice. The original ProPolice patch, as well as most of FreeBSD variants and Linux one, uses /dev/urandom to fill the "canary" with random data (the canary is what is going to be put between buffer and return address in the stack). OTOH, OpenBSD uses kern.arnd sysctl to achieve this (this is a sysctl front-end to the arc4random() function). I don't really see the pros and cons between the two methods, so I'd like taste your opinions. Note that the first method (opening /dev/urandom) requires to patch open(2) wrapper from libpthread and libthr (cognet@ did this for me), in order to initialize _thr_initial, because the SSP constructor is called quite early. The second method requires to introduce the kern.arnd sysctl (KERN_ARND). FYI, note that NetBSD has kern.urandom (KERN_URND) and they define KERN_ARND to be an alias to this. Your comments will be welcome. Best regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050708153506.GM39292>