Date: Wed, 27 May 2015 09:54:50 -0700 From: Adrian Chadd <adrian@freebsd.org> To: Ian Lepore <ian@freebsd.org> Cc: Pedro Giffuni <pfg@freebsd.org>, Alfred Perlstein <alfred@freebsd.org>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: ASLR work into -HEAD ? Message-ID: <CAJ-Vmo=AhdG8qKxPqFRaxeYjCeni=g61gKKWGvaGqfsBQbbsmw@mail.gmail.com> In-Reply-To: <1432744877.1200.65.camel@freebsd.org> References: <555CADB6.202@FreeBSD.org> <CAPQ4fftbUUSMHYXjOD-yO0ZzxdKwXzd5LA5AycrEyKMT3o63xw@mail.gmail.com> <555CC369.1030206@FreeBSD.org> <555FBE83.6080103@FreeBSD.org> <CAHM0Q_O4bCTaVi5HvKohrcYE--Yw8Yoo-0wEp1ScnF=qLiiQiQ@mail.gmail.com> <55656245.3000205@freebsd.org> <5565EB16.20208@FreeBSD.org> <1432744877.1200.65.camel@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27 May 2015 at 09:41, Ian Lepore <ian@freebsd.org> wrote: > You may be in a minority, but you're not alone. I just hope that when > this fad fades away we aren't left with a permenent performance hit that > we can't get rid of. The best way to ensure that is to make sure > there's a no-performance-hit way to disable this stuff on day one. I believe that's the point of the implementation. It's disabled by default. We can also remove it relatively easily too. I may want this compiled into access points and other IoT devices to harden against a class of attacks, but I also want to be able to remove it for debugging. He makes it so you can enable/disable it during runtime with a sysctl - it's quite nice. -adrian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-Vmo=AhdG8qKxPqFRaxeYjCeni=g61gKKWGvaGqfsBQbbsmw>