From nobody Sun Jan 26 12:38:00 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ygrgh6YWPz5ll0N; Sun, 26 Jan 2025 12:38:24 +0000 (UTC) (envelope-from netchild@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ygrgh5jr0z43v5; Sun, 26 Jan 2025 12:38:24 +0000 (UTC) (envelope-from netchild@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737895104; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=px3kIxz7Y252xmbT3lpLYmt3x9vSjULT5Z2/Q/b9q8g=; b=igx+WQkcKpj0NXd/zQexdqfpQFhVgtlELOxhRtLePZcewLHnBhYzWrIJNjLmmrnJ3MWP2O bLMyt2YFPZ1UfpsLFxXMm6IY77Awi5slxuJK/PYgklPBJ1lQ/wkqLLXEdIe80USIbGmNh1 TsDVwpj+UeLvh+p+hosDC+Yy/t6QcYNP5BDGr74HkQhrooAgMjjFROByKvN6BKP9cY9qrT 2juZHXL4isTQKiNAXQhUAsHs/K9w2j0L+tt5PEOUJz8pnp09fbPQHI/ZwS8KiSDjXG2fBd iwpmYOSgqCTl3dY9GHstG232/lSOE66ENpLPqM9Y97RMHrVPa3D2KzzeMjtZWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737895104; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=px3kIxz7Y252xmbT3lpLYmt3x9vSjULT5Z2/Q/b9q8g=; b=yw5EBfuNt3H57b8pmnfG8k1Az2M0d8WIzZ069OO/KQ/VhVDUn27SzqdrcM9MrkB4/WgM+F qTa6K2TOve+T/j57xlEnbyoPOp98U2ZhczDaJvYX/Al2Q948XCixj8lupWhaZmVJUAm0F8 f4eugbwvivrSxB3rDWW5d3+wlWzJ1ob8upOm+JuiS3Uujpao4vb/1FPChNPAWs92uo2sdK RUikaTJJd2/A0nY5ZoSzdS5kYGrshO7eijydewUQGR6Qyc6V6phaa74dmbr/s5zWhdw3U5 +FUKPY2VpIlTGEKUsdJsE+lUO0kG1h7aPSrVqGDrhy+X0yOHoMwWG2gSGAQEWw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1737895104; a=rsa-sha256; cv=none; b=omxLR/sxkkKRjwp1ZyqVa2BBB2cTyy9SPIqE1WOtU8fjE40lP456F+niVgwlo0sg5NO6Hc lzaeXX4c/xvSUFRq5UhcErj7BLLv5VLIW173+8UMKPKufSiwBxNea1Jrs+r9Jay+zqr0Uy wLmekjhyhAcDE3RP2Q4/eKxCXOWUn4CFhCgPmrmszlPpXK4DjClWtVAdLPKVwoMPpvRIAY i5F3ShXKY8cWMN50sljCRaEpDBo0D/Pt+Vf9I94dZnwBqrtFxJIhagc/gZkLmjEDyI8Pud XNGtkfpxfHs/K5wX3mBp3FrjiSeeWvPPFs/d+B++FuhcTMdtTXz9jB1IIsuE7A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from outgoing.leidinger.net (p5b165f59.dip0.t-ipconnect.de [91.22.95.89]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (prime256v1) client-digest SHA256) (Client CN "outgoing.leidinger.net", Issuer "E5" (verified OK)) (Authenticated sender: netchild) by smtp.freebsd.org (Postfix) with ESMTPSA id 4Ygrgg2ZJzzvHM; Sun, 26 Jan 2025 12:38:23 +0000 (UTC) (envelope-from netchild@FreeBSD.org) Received: from webmail.leidinger.net (roundcube.Leidinger.net [192.168.1.123]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: alexander@leidinger.net) by outgoing.leidinger.net (Postfix) with ESMTPSA id 557037AE; Sun, 26 Jan 2025 13:38:20 +0100 (CET) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Date: Sun, 26 Jan 2025 13:38:00 +0100 From: Alexander Leidinger To: Jessica Clarke Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: f934e629dc22 - main - Add stack clash protection to the WITH_SSP flag In-Reply-To: <6C70A3E0-CC6D-4B0B-96A8-70636F08AC6B@freebsd.org> References: <202501251308.50PD8Qsg042260@gitrepo.freebsd.org> <81A8E695-5034-4945-8D07-DF95E76904D0@freebsd.org> <9fec6bfae287dfc123a359c3e1164ae2@FreeBSD.org> <6C70A3E0-CC6D-4B0B-96A8-70636F08AC6B@freebsd.org> Message-ID: <3e0e88c0031d9c3e1f6232f2949f8909@FreeBSD.org> Organization: FreeBSD Content-Type: multipart/signed; protocol="application/pgp-signature"; boundary="=_5085ee47075ddbc0f028b7423686aebd"; micalg=pgp-sha256 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --=_5085ee47075ddbc0f028b7423686aebd Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8; format=flowed Am 2025-01-25 20:21, schrieb Jessica Clarke: > It looks like with Clang we end up using -Qunused-arguments so the > warning/error is suppressed. That at least means the build doesn’t > fail, which I suppose is good, but I’m not sure we should be promising > that WITH_SSP will protect against stack clash then having the compiler > silently emit unprotected code (for which we’re to blame, by telling it > to ignore the fact it’s not supported). This at least needs to be > documented that the protection will only be provided if supported by > the compiler. Like this? diff --git share/man/man7/mitigations.7 share/man/man7/mitigations.7 index 4db6589cdcf1..82a8e3a2c1c2 100644 --- share/man/man7/mitigations.7 +++ share/man/man7/mitigations.7 @@ -28,7 +28,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd January 25, 2025 +.Dd January 26, 2025 .Dt MITIGATIONS 7 .Os .Sh NAME @@ -245,7 +245,7 @@ and it is possible that some applications may not function correctly. supports stack overflow protection using the Stack Smashing Protector .Pq SSP compiler feature, -and stack clash protection. +and stack clash protection (if supported by the compiler for the given architecture). In userland, SSP adds a per-process randomized canary at the end of every stack frame which is checked for corruption upon return from the function, and stack probing in Bye, Alexander. -- http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_5085ee47075ddbc0f028b7423686aebd Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc; size=833 Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmeWLLoACgkQEg2wmwP4 2IYDzw/6A11VzeYbkFH/RqFHF+IzX47mBT7YUzNqB9Ipf0ahw3STb6irrjpkPNVD Jc2SL77VkRgBLR5aadYgPSpuTUeT/tfZMg0J40erZZn7+VAdDlYHpz39zzVAXDPe c5NJA98IE4JpiKn1J2h24j44a6mYIhTL0j94UsUJiw4yMV8qyRlwd7hRinK/qcC+ jw/5xQnKruM8W06S4+3EOwO/Dnx4CSlQOQAE75FskArRXDpb5wraUUM4oVRriWHf rzQU3XEp9cjjEn+BqQ03yzeClKbzWf9L2+gGcTriFDAn/LlQw0yYHjaNsrGZkBX1 H7mgdaUXanjnn30upYhhaQWG7WFTmpyso2neg3K3lMhiZLjQlWeJsqymeMS00VAV nvlVvLwsBMFJpMXYskF5g/v42nUOxl2I25IzdBy7aY+z6CHRQdSyR3y3eeBFj43n ZmUWlh9+QqIqb4yEpzaAds9wjjK+f4KRT810WlXrZMqK3k1bmWhzjZvqwy3gE4uR zJExfTk2B2gTNn6IB7aGfcpmyv7jG4d1OsRZyPmJtoQP9u/g9FG36irgQ3feP1jL EtzCI8w8IAozZbCzzY9Bz3OmI/6ckKOxZIDV88Z1rC6KOxT46qw4H4iHvGIC+02I sZO3CgVIn61fGfAslyrnhA27ibL8assvjmXGTD01X1WPZuqIJkA= =ORyb -----END PGP SIGNATURE----- --=_5085ee47075ddbc0f028b7423686aebd--