Date: Wed, 27 Jul 2016 18:55:27 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: freebsd-current@freebsd.org Cc: emaste@freebsd.org Subject: SafeStack in base Message-ID: <20160727225527.GG13428@mutt-hardenedbsd>
next in thread | raw e-mail | index | archive | help
--GBDnBH7+ZvLx8QD4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hey All, I'm interested in getting SafeStack working in FreeBSD base. Below is a link to a simplistic (maybe too simplistic?) patch to enable SafeStack. The patch applies against HardenedBSD's hardened/current/master branch. Given how simple the patch is, it'd be extremely easy to port over to FreeBSD (just line numbers would change). I am running into a bit of a problem, though. When linking lib/libcom_err, I get the following error: com_err.So: In function `com_err': /usr/src/lib/libcom_err/../../contrib/com_err/com_err.c:100: undefined refe= rence to `__safestack_unsafe_stack_ptr' cc: error: linker command failed with exit code 1 (use -v to see invocation) *** [libcom_err.so.5.full] Error code 1 llvm's documentation says that SafeStack has been tested on FreeBSD. When and how was it tested? Apparently someone has done some work to enable it on FreeBSD, but I can't find any relevant FreeBSD-specific documentation. If someone could point me in the right direction, I'd love to help get SafeStack working (and commited?) in FreeBSD. Link to simplistic patch: http://ix.io/186A Link to build log: https://gist.github.com/lattera/5d94f44a5f3e10a28425cd59= 104dd169 Thanks, --=20 Shawn Webb Cofounder and Security Engineer HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --GBDnBH7+ZvLx8QD4 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXmTveAAoJEGqEZY9SRW7uC9sQALS+PI7Wobe9LE35GarzqSt1 lYxTNeIR+UMi9Nb8db+HKMoHDXZPqmxAiyJgdOoUyP/EcyWzJQxzZ2JdSRlVZ+lR QX/+tPscF0Y+rMnu+vCuX5oJ3LGhwytfgQWDfW3NAbcVdQzSXkpCZG9fobOIXsOb ISW2x9/zTnnoMJuY7yyZHPhwjzC+ePwbJCYt0lPHYeQLN4d/g4g/mc1pPH6CHS/v EaqwItbor75DZaeUwk7xRJzcU/WuyPPxhlugtknhawqz1N2pDH6FTWX4pIpXeY+N vcyGQMDtXIeJiZxobOQolcYalOZqNyenDpRhfOGZ7RU0icq/9FEVd/AJW7OpPxNv Qw0D6h9VEwpEtvomwnE3eGmRebHcmXu3VPnUlDEaMvvJJO5MgtGhpYEXv0wg+TNr FLDoboUZqTMcr8LlX5F3hh7g/Ktvw3z9C7hVBnzIczwS1EoRaLhPw/Zie0X/JGEW HBQiGoCryILX2/XyUd4Tt4rR0trtEBIwyV/m+hTjQc4PWFHBOR4ItET7Aqlc7KC1 nND0jixU3jBuvZavpDpgYkupwALd8GyoGflj4CJdlQ2oW6TXohbsChvWX0QW3e5v U5L5sgx5yDFlTB/y/Pn8xPeBmb92eO+8f7mzUvKY494hEZ4YgIHzZc273KH0kyH1 9SiwJ6Wfg1uxnczbQFbI =PZla -----END PGP SIGNATURE----- --GBDnBH7+ZvLx8QD4--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160727225527.GG13428>