Date: Sun, 25 Aug 2019 00:40:22 +0200 (CEST) From: =?UTF-8?Q?Trond_Endrest=C3=B8l?= <trond.endrestol@ximalas.info> To: Konstantin Belousov <kostikbel@gmail.com> Cc: freebsd-stable@freebsd.org Subject: Re: ntpd doesn't like ASLR on stable/12 post-r350672 Message-ID: <alpine.BSF.2.21.99999.352.1908250038010.6386@enterprise.ximalas.info> In-Reply-To: <20190824222817.GJ71821@kib.kiev.ua> References: <alpine.BSF.2.21.99999.352.1908242135380.6386@enterprise.ximalas.info> <20190824204114.GG71821@kib.kiev.ua> <alpine.BSF.2.21.99999.352.1908250012580.6386@enterprise.ximalas.info> <20190824222817.GJ71821@kib.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 25 Aug 2019 01:28+0300, Konstantin Belousov wrote:
> On Sun, Aug 25, 2019 at 12:19:43AM +0200, Trond Endrestøl wrote:
> > On Sat, 24 Aug 2019 23:41+0300, Konstantin Belousov wrote:
> > > > I tried changing command="/usr/sbin/${name}" to
> > > > command="/usr/bin/proccontrol -m aslr -s disable /usr/sbin/${name}" in
> > > > /etc/rc.d/ntpd, but that didn't go well.
> > >
> > > If you set kern.elf64.aslr.stack_gap to zero, does it help ?
> >
> > That helped. Thank you again.
>
> Can you verify is ntpd sets new rlimit(RLIMIT_STACK) for the main thread,
> and if yes, what this new limit is ?
(gdb)
5265 if (-1 == setrlimit(RLIMIT_STACK, &rl)) {
(gdb) print rl
$1 = {rlim_cur = 204800, rlim_max = 536870912}
> aslr.stack_gap is the percentage for the gap on that stack, and since
> default size of the main stack limit is quite large 512M, even 3%
> (default gap upper limit) are whole 15M. If the new limit is less than
> 15M, there is a likely probability that only the gap is left after the
> rlimit(2) call, leaving no space for the program frames.
>
> At least this looks like a nice theory.
--
Trond.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.21.99999.352.1908250038010.6386>