Re: Initial implementation of _FORTIFY_SOURCE

From: Shawn Webb <shawn.webb_at_hardenedbsd.org>
Date: Mon, 13 May 2024 18:57:26 UTC
On Mon, May 13, 2024 at 11:09:24AM -0700, Cy Schubert wrote:
> In message <f8000e6b-226b-45f3-a751-aca790f4f8c8@FreeBSD.org>, Kyle Evans 
> write
> s:
> > Hi,
> >
> > As of 9bfd3b407 ("Add a build knob for _FORTIFY_SOURCE"), I've imported 
> > an initial version of FORTIFY_SOURCE from FreeBSD.  FORTIFY_SOURCE is an 
> > improvement over classical SSP, doing compiler-aided checking of stack 
> > object sizes to detect more fine-grained stack overflow without relying 
> > on the randomized stack canary just past the stack frame.
> >
> > This implementation is not yet complete, but we've done a review of 
> > useful functions and syscalls to add checked variants of and intend to 
> > complete the implementation over the next month or so.
> >
> > Please test _FORTIFY_SOURCE out now by setting FORTIFY_SOURCE=2 in the 
> > buildworld env -- I intend to flip the default to 2 when WITH_SSP is set 
> > in the next month if nobody complains about serious breakage.  I've 
> > personally been rolling with FORTIFY_SOURCE=2 for the last three years 
> > that this has been sitting in a local branch, so I don't really 
> > anticipate any super-fundamental breakage.
> 
> Should this trigger a __FreeBSD_version bump?

I would encourage that so to help the ports tree determine
availability of the import.

Additionally, I've enabled _FORTIFY_SOURCE in HardenedBSD base[1] and
ports[2]. For base, it's only set (and to 2 by default) when MK_SSP is
set to yes. In ports, it's set by default except for ports that have
"kmod" in their USES.

Are there any plans to support _FORTIFY_SOURCE in the kernel?

[1]:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/commit/927fd28755da27c5dd2b1b0d0396c93db585f933
[2]:
https://git.hardenedbsd.org/hardenedbsd/ports/-/commit/3d7dcd284ce3083103edd6b28b3d232abbfeaa63

Thanks,

-- 
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc