Date: Sat, 14 Jun 2008 18:27:30 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Jeremie Le Hen <jeremie@le-hen.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Integration of ProPolice in FreeBSD Message-ID: <20080614182623.F66582@fledge.watson.org> In-Reply-To: <20080612184237.GC15774@obiwan.tataz.chchile.org> References: <20080612184237.GC15774@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 12 Jun 2008, Jeremie Le Hen wrote: > (This mail has already been sent to -arch@. I'm sending it here now for a > wider audience because I really need testers.) Dear Jeremie, Unfortunately, I can't lend my hands to this project as they're currently full of other stuff. However, I would really be very pleased to see is [finally] ship a release with ProPolice enabled. We're definitely trailing the pack in this regard, and I think it's bad practice to not ship with what are considered industry-standard protections here. Thanks for your work on this! Robert N M Watson Computer Laboratory University of Cambridge > > On Wed, Apr 23, 2008 at 03:17:20PM +0200, Jeremie Le Hen wrote: >> Hi Antoine, >> >> On Fri, Apr 18, 2008 at 04:37:06PM +0200, Antoine Brodin wrote: >>> Last time I looked at your patch, there was a problem when using >>> -fstack-protector-all instead of -fstack-protector: >>> when you compile lib/csu/*, gnu/lib/csu/*, or >>> src/lib/libc/sys/stack_protector.c with this flag, there is a kind of >>> chicken/egg problem and you end up with an unusable world. >>> That said, it would be great to be able to compile world with SSP when >>> an option is set in src.conf. >> >> You were right. I had a chance to test it this weekend. Thank you for >> pointing this out. > > I have had little spare time lately, this is why my followup have taken > so long. > > Since this report from Antoine, my goal has been to be able to use > -fstack-protector-all when building world. I hoped it would be quite > straightforward, IOW that preventing bootstrap functions from being > protected would be enough. Unfortunately, it seems that building > libc_pic.a/libc.so with -fstack-protector-all breaks rtld in a very > twisted way that I'm unable to untangle for now. > > Nonetheless, I really want to see this patch hit the tree before 8.x is > forked off. I have existed for more than two years and I would like to > avoid delaying it futher. So I will go the easy path for now and > prevent libc from being built with -fstack-protector-all. > > Here are what haved changed since the previous patch: > - SSP is opt-out except for ia64; this is intended to trigger bugs. > However this doesn't mean it will be enabled by default in stable > releases. > - Thanks to Antoine, SSP related symbols are now compiled without stack > protection itself. This prevents a chicken and egg problem. > - lib/csu, gnu/lib/csu and libexec/rtld-elf are built without stack > protection. > > I'm looking forward for more review and testing of this patch in order > to get it committed soon. > > Ruslan, would you mind reviewing the change in bsd.own.mk as well? > > Thank you very much. > Best regards, > -- > Jeremie Le Hen > < jeremie at le-hen dot org >< ttz at chchile dot org > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080614182623.F66582>