Date: Sun, 20 Jul 2014 16:18:58 -0400 From: Shawn Webb <lattera@gmail.com> To: Pedro Giffuni <pfg@freebsd.org> Cc: PaX Team <pageexec@freemail.hu>, freebsd-arch@freebsd.org, Oliver Pinter <oliver.pntr@gmail.com>, Bryan Drewery <bdrewery@FreeBSD.org> Subject: Re: [RFC] ASLR Whitepaper and Candidate Final Patch Message-ID: <20140720201858.GB29618@pwnie.vrt.sourcefire.com> In-Reply-To: <96C72773-3239-427E-A90B-D05FF0F5B782@freebsd.org> References: <96C72773-3239-427E-A90B-D05FF0F5B782@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--uZ3hkaAS1mZxFaxD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Jul 19, 2014 06:35 PM -0500, Pedro Giffuni wrote:
> (Assuming @FreeBSD addresses are subscribed to arch, or check the archive=
s)
>=20
> FWIW,
>=20
> The issues I pointed out are still standing:
>=20
> - It is yet undetermined what the performance effect will be, and it is n=
ot clear (but seems likely from past measurements) if there will be a perfo=
rmance hit even when ASLR is off.
> -Apparently there are applications that will segfault (?).
So I have an old Dell Latitude E6500 that I bought at Defcon a year or
so ago that I'm doing testing on. Even though it's quite an underpowered
laptop, I'm running ZFS on it for BE support (in case one of our changes
kills it). I'll run unixbench on it a few times to benchmark the ASLR
patch. I'll test these three scenarios:
1) ASLR compiled in and enabled;
2) ASLR compiled in and disabled;
3) ASLR compiled out (GENERIC kernel).
In each of these three scenarios, I'll have the kernel debugging
features (WITNESS, INVARIANTS, etc.) turned off to better simulate a
production system and to remove just one more variable in the tests.
I'll run unixbench ten times under each scenario and I'll compute
averages.
Since this is an older laptop (and it's running ZFS), these tests will
take a couple days. I'll have an answer for you soon.
>=20
> I wouldn?t object to see it in the tree though: it has obviously been the=
result of a lot of work and it is configurable and well integrated. It wil=
l certainly have to be some time in the tree and undergo extensive testing =
before turning it on by default though so it sounds reasonable to bring it =
in but leave it initially inactive.
That's great to hear. Oliver and I didn't make the PAX_ASLR option
default in the GENERIC kernel, so there really isn't anything that needs
to happen to make ASLR disabled by default. It's up to the user to add
the PAX_ASLR option to their kernel config. The same goes for the
WITH_PIE {src,make}.conf tunable.
Thanks,
Shawn
--uZ3hkaAS1mZxFaxD
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJTzCQxAAoJEGqEZY9SRW7u+8MP/jCJ+0DvnNNuDn61qzFI77cl
lNJm4ZA1nZAhtNsa6spKn8obRs+woh5IgG+isKDsa2T6TEjJA3QbhQg8n9EWgstp
mt29kZ8V51dMpN/QiGiVLBP6Jz3JtEFIf5vVuXWrAxkqozYqNHdJmPdE56fXRqjd
2jVao+Vms3M8aB1wCi9j1APhi01NdmgZNMxA/Z+X/yUN3FMJ67IwxuXBbzlwV9Kk
73LCXBpebaauRuMXblS+ZizNg2Qqzo29NUVDjkru3tos2sN63meFlK/UvwhXPMwe
aHY9h0Q9NE6mecXILbAkB2NwaWFNBXZ1cOUyHPXxy/bv5Fhq4sk4TO5SvsTO/RqW
AxVCqe1qEf1FfAIg/cRIOSc2NpV2fePQ48kB3R+yd7soy3RX7Qivyt/fPJNAdVzM
b/5C+EYDz6BGJcyNzUhdAB/IxrXLhT+0nck8l59A6Xzklh1xvq2NdK9LBa1GW/AH
H3OZ5DEmDk/Y6boULbphMi3YlxqDR17N/NN8nxubJIqBQ7o2zHtUlXNKP1OeqDMa
jTh23A2AiD5jl6plWVxdTxZ/kNx0WiPlqcYOuN9r3H37iuSx/XHkBwVNf8W6w2me
RZaHkxzrn65QkVCOk4+LeVKAe7mADspv9x+L8snsHfM3/uH+nQ9H0mHZuKwUgD1V
sSXnZ1E5qkU9PtrBER2h
=w2Cz
-----END PGP SIGNATURE-----
--uZ3hkaAS1mZxFaxD--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140720201858.GB29618>