From owner-freebsd-hackers@FreeBSD.ORG Sat Jun 14 17:27:31 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 63C9C1065678 for ; Sat, 14 Jun 2008 17:27:31 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id 3B7A08FC15 for ; Sat, 14 Jun 2008 17:27:31 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id E433A46C20; Sat, 14 Jun 2008 13:27:30 -0400 (EDT) Date: Sat, 14 Jun 2008 18:27:30 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Jeremie Le Hen In-Reply-To: <20080612184237.GC15774@obiwan.tataz.chchile.org> Message-ID: <20080614182623.F66582@fledge.watson.org> References: <20080612184237.GC15774@obiwan.tataz.chchile.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-hackers@freebsd.org Subject: Re: Integration of ProPolice in FreeBSD X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jun 2008 17:27:31 -0000 On Thu, 12 Jun 2008, Jeremie Le Hen wrote: > (This mail has already been sent to -arch@. I'm sending it here now for a > wider audience because I really need testers.) Dear Jeremie, Unfortunately, I can't lend my hands to this project as they're currently full of other stuff. However, I would really be very pleased to see is [finally] ship a release with ProPolice enabled. We're definitely trailing the pack in this regard, and I think it's bad practice to not ship with what are considered industry-standard protections here. Thanks for your work on this! Robert N M Watson Computer Laboratory University of Cambridge > > On Wed, Apr 23, 2008 at 03:17:20PM +0200, Jeremie Le Hen wrote: >> Hi Antoine, >> >> On Fri, Apr 18, 2008 at 04:37:06PM +0200, Antoine Brodin wrote: >>> Last time I looked at your patch, there was a problem when using >>> -fstack-protector-all instead of -fstack-protector: >>> when you compile lib/csu/*, gnu/lib/csu/*, or >>> src/lib/libc/sys/stack_protector.c with this flag, there is a kind of >>> chicken/egg problem and you end up with an unusable world. >>> That said, it would be great to be able to compile world with SSP when >>> an option is set in src.conf. >> >> You were right. I had a chance to test it this weekend. Thank you for >> pointing this out. > > I have had little spare time lately, this is why my followup have taken > so long. > > Since this report from Antoine, my goal has been to be able to use > -fstack-protector-all when building world. I hoped it would be quite > straightforward, IOW that preventing bootstrap functions from being > protected would be enough. Unfortunately, it seems that building > libc_pic.a/libc.so with -fstack-protector-all breaks rtld in a very > twisted way that I'm unable to untangle for now. > > Nonetheless, I really want to see this patch hit the tree before 8.x is > forked off. I have existed for more than two years and I would like to > avoid delaying it futher. So I will go the easy path for now and > prevent libc from being built with -fstack-protector-all. > > Here are what haved changed since the previous patch: > - SSP is opt-out except for ia64; this is intended to trigger bugs. > However this doesn't mean it will be enabled by default in stable > releases. > - Thanks to Antoine, SSP related symbols are now compiled without stack > protection itself. This prevents a chicken and egg problem. > - lib/csu, gnu/lib/csu and libexec/rtld-elf are built without stack > protection. > > I'm looking forward for more review and testing of this patch in order > to get it committed soon. > > Ruslan, would you mind reviewing the change in bsd.own.mk as well? > > Thank you very much. > Best regards, > -- > Jeremie Le Hen > < jeremie at le-hen dot org >< ttz at chchile dot org > >