From owner-freebsd-current@freebsd.org Sat Sep 7 15:32:40 2019 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C3609D5753 for ; Sat, 7 Sep 2019 15:32:40 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46Qdj363WPz3C4k for ; Sat, 7 Sep 2019 15:32:39 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id x87FWRSQ097160 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Sat, 7 Sep 2019 18:32:30 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua x87FWRSQ097160 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id x87FWQca097159; Sat, 7 Sep 2019 18:32:26 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Sat, 7 Sep 2019 18:32:26 +0300 From: Konstantin Belousov To: Cy Schubert Cc: Harlan Stenn , Vladimir Zakharov , freebsd-current@freebsd.org Subject: Re: ntpd segfaults on start Message-ID: <20190907153226.GI2559@kib.kiev.ua> References: <20190905061251.rrip6635ebbfimsv@vzakharov> <20190905063354.qxecqjkafikdtdyq@vzakharov> <201909051307.x85D7MGs034053@slippy.cwsent.com> <20190905142817.GB2559@kib.kiev.ua> <201909060355.x863tRhP089169@slippy.cwsent.com> <201909060639.x866dJ7f090176@slippy.cwsent.com> <201909062356.x86NuKdk003780@slippy.cwsent.com> <156d1e7c-0dbb-8707-90b3-13ae97c87449@nwtime.org> <20190907075619.GG2559@kib.kiev.ua> <201909071309.x87D9GxZ089964@slippy.cwsent.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201909071309.x87D9GxZ089964@slippy.cwsent.com> User-Agent: Mutt/1.12.1 (2019-06-15) X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FROM, NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tom.home X-Rspamd-Queue-Id: 46Qdj363WPz3C4k X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=gmail.com (policy=none); spf=softfail (mx1.freebsd.org: 2001:470:d5e7:1::1 is neither permitted nor denied by domain of kostikbel@gmail.com) smtp.mailfrom=kostikbel@gmail.com X-Spamd-Result: default: False [-2.98 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; FREEMAIL_FROM(0.00)[gmail.com]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; TAGGED_RCPT(0.00)[]; HAS_XAW(0.00)[]; R_SPF_SOFTFAIL(0.00)[~all]; IP_SCORE_FREEMAIL(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.98)[-0.977,0]; IP_SCORE(0.00)[ip: (-2.66), ipnet: 2001:470::/32(-4.45), asn: 6939(-3.15), country: US(-0.05)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DMARC_POLICY_SOFTFAIL(0.10)[gmail.com : No valid SPF, No valid DKIM,none] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Sep 2019 15:32:40 -0000 On Sat, Sep 07, 2019 at 06:09:16AM -0700, Cy Schubert wrote: > In message <20190907075619.GG2559@kib.kiev.ua>, Konstantin Belousov writes: > > On Sat, Sep 07, 2019 at 12:53:19AM -0700, Harlan Stenn wrote: > > > Cy, > > > > > > On 9/6/2019 4:56 PM, Cy Schubert wrote: > > > > ... > > > > > > > > For those who enable ASLR, a better workaround is, to add this to your > > > > ntp.conf: > > > > > > > > rlimit memlock 64 > > > > > > > > Until a more precise default is determined. > > > > > > Should I change the default value for FreeBSD-12 to be 64 for now? > > > > > > I can get this change in place for the upcoming ntp-4.2.8p14 release, > > > and we can change it later if needed. > > > > ASLR is disabled by default, so if anybody tweak a system config, she > > should know better to tweak ntpd as well. I am fine with changing the > > defaults for ntpd, but I think that more useful would be to update > > the documentation (but where to put it ?). > > I agree. We should update the documentation for now. 64 MB was my first > successful test but I suspect we can get it lower, like 47 MB. For now we > can update the documentation to say that if a person enables ASLR they must > add this to ntp.conf. I'll find the best number instead of the current > sledgehammer. > > Where to put it? I've added it to the ASLR wiki (https://wiki.freebsd.org/AS > LR) for now. An ASLR page should go into the handbook documenting how to > use up ASLR and gotchas like this and mitigations. May be in security(7). There are actually two workarounds, with enabled ASLR. One is the rlimit, another one is to disable stack base randomization by gap. > > 64 MB is safe for now. I will do more testing. I think it can go below 47. > My sandbox has been running ntpd all night with 47 so far. I will try lower. > > > -- > Cheers, > Cy Schubert > FreeBSD UNIX: Web: http://www.FreeBSD.org > > The need of the many outweighs the greed of the few. >