ASLR work into -HEAD ?

Shawn Webb shawn.webb at hardenedbsd.org
Fri Mar 20 18:17:47 UTC 2015 

On Fri, 2015-03-20 at 09:28 -0600, Warner Losh wrote:
> > On Mar 19, 2015, at 2:31 PM, Oliver Pinter <oliver.pinter at hardenedbsd.org> wrote:
> > 
> > On Thu, Mar 19, 2015 at 9:04 PM, Adrian Chadd <adrian at freebsd.org> wrote:
> >> On 19 March 2015 at 12:56, Warner Losh <imp at bsdimp.com> wrote:
> >>> 
> >>>> On Mar 19, 2015, at 12:53 PM, Adrian Chadd <adrian at freebsd.org> wrote:
> >>>> 
> >>>> Hi,
> >>>> 
> >>>> Apparently this is done but has stalled:
> >>>> 
> >>>> https://reviews.freebsd.org/D473
> >>>> 
> >>>> Does anyone have any strong objections to it landing in the tree as-is?
> >>> 
> >>> There’s rather a lot of them specifically spelled out in the code review.
> >>> 
> >>> Many of the earlier ones were kinda blown off, so I’ve not been inclined
> >>> to take the time to re-review it. Glancing at it, I see several minor issues
> >>> that should be cleaned up.
> >> 
> >> Cool. Thanks for taking the time to look at it again.
> >> 
> >> Shawn is in #freebsd on freenode irc, so if you/others want a more
> >> interactive review then he's there during the day.
> > 
> > Please CC the core at hardenedbsd.org in future please, when you are
> > talking about this issue.
> > 
> > Adrian: do you able to review the MIPS or ARM part especially or test them?
> 
> Adrian: Do not commit the changes.
> 
> I’ve gone back and re-read Robert Watson’s rather long review and it appears
> that virtually none of that has been addressed. Until it is, do not commit it. This
> code interacts with dangerous parts of the system, and the default cannot be
> to just let it in because no one has objected recently. Objections have been made,
> they have been quantified, they haven’t been answered or acted upon. Until that
> changes, you can assume the objections remain in place and asking again without
> fixing them isn’t going to change the answer.
> 
> Warner

Warner,

We've fixed the vast majority of the concerns raised in that review. To
say "virtually none of that has been addressed" and "they haven't been
answered or acted upon" is a blatant lie. The fact that there are so
many revisions of the patch is proof. We even made our ASLR
implementation for FreeBSD less secure by providing a mechanism in
ptrace() to disable it as requested by a member of the FreeBSD
Foundation. (This "feature" doesn't exist in HardenedBSD's
implementation.) If comments like these continue, I will remove the diff
from Phabricator and close the BugZilla ticket. FreeBSD can feel free to
pull from us, but we won't make any effort to proactively upstream our
work.

With that said, I have missed a few of the concerns raised. There's so
many comments/concerns in that review that it's easy to miss a few. I
will address them tonight and upload a new patch tomorrow.

Thanks,

Shawn Webb
HardenedBSD
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20150320/2d7d93d1/attachment.sig>

More information about the freebsd-arch mailing list