Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 18 Apr 2008 22:47:38 +0200
From:      Jeremie Le Hen <jeremie@le-hen.org>
To:        Max Laier <max@love2party.net>
Cc:        freebsd-arch@freebsd.org
Subject:   Re: Integration of ProPolice in FreeBSD
Message-ID:  <20080418204738.GE4840@obiwan.tataz.chchile.org>
In-Reply-To: <200804181945.59189.max@love2party.net>
References:  <20080418132749.GB4840@obiwan.tataz.chchile.org> <200804181945.59189.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, Apr 18, 2008 at 07:45:58PM +0200, Max Laier wrote:
> > First, should we build world and/or kernel with SSP by default?  I've
> > scamped a trivial benchmark back in 2006: timing buildworld with and
> > without SSP.  You can found the result on my webpage:
> >     http://tataz.chchile.org/~tataz/FreeSBD/SSP/#section1
> 
> 404 :-\

Oops, sorry I made a typo.

http://tataz.chchile.org/~tataz/FreeBSD/SSP/#section1

> So I'd suggest something along the lines of:
> 
> 1) Add the needed support symbols to libc (they don't hurt anyone, right?)

Actually, they are already in libc :-).
See src/sys/lib/libc/sys/stack_protector.c .

> 2) Add support to build kernel/world with SSP enabled - default OFF.
> 3) Solicit testing!
> 4) After some time has passed (and people have had to reinstall libc anyways) 
> and enough feedback has been received flip the switch to default ON.

I will change my patch to make SSP opt-out.  This will address Marcel's
concern too.

> In light of the the recent "let's save stack space in the kernel", I'd like to 
> point out that SSP adds one word to every call.  Not much, but still.

Certainly.  I would like to hear opinion from other committers if SSP
should be enabled by default.

> Finally, what happens if SSP triggers in the kernel?  Do we get a useable 
> panic message?  Can we get a kdb_traceback() (if compiled in)?  Where is the 
> patch, btw?

Yes, the panic message is explicit.  But since a stack overflow occured,
the backtrace may be corrupted.  BTW the panic message warns about this.
See src/sys/kern/stack_protector.c in the patch.

Regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080418204738.GE4840>