On Thu, 12 Jun 2008, Jeremie Le Hen wrote:
(This mail has already been sent to [EMAIL PROTECTED] I'm sending it here now for a
wider audience because I really need testers.)
Dear Jeremie,
Unfortunately, I can't lend my hands to this project as they're currently full
of other stuff. However, I would really be very pleased to see is [finally]
ship a release with ProPolice enabled. We're definitely trailing the pack in
this regard, and I think it's bad practice to not ship with what are
considered industry-standard protections here. Thanks for your work on this!
Robert N M Watson
Computer Laboratory
University of Cambridge
On Wed, Apr 23, 2008 at 03:17:20PM +0200, Jeremie Le Hen wrote:
Hi Antoine,
On Fri, Apr 18, 2008 at 04:37:06PM +0200, Antoine Brodin wrote:
Last time I looked at your patch, there was a problem when using
-fstack-protector-all instead of -fstack-protector:
when you compile lib/csu/*, gnu/lib/csu/*, or
src/lib/libc/sys/stack_protector.c with this flag, there is a kind of
chicken/egg problem and you end up with an unusable world.
That said, it would be great to be able to compile world with SSP when
an option is set in src.conf.
You were right. I had a chance to test it this weekend. Thank you for
pointing this out.
I have had little spare time lately, this is why my followup have taken
so long.
Since this report from Antoine, my goal has been to be able to use
-fstack-protector-all when building world. I hoped it would be quite
straightforward, IOW that preventing bootstrap functions from being
protected would be enough. Unfortunately, it seems that building
libc_pic.a/libc.so with -fstack-protector-all breaks rtld in a very
twisted way that I'm unable to untangle for now.
Nonetheless, I really want to see this patch hit the tree before 8.x is
forked off. I have existed for more than two years and I would like to
avoid delaying it futher. So I will go the easy path for now and
prevent libc from being built with -fstack-protector-all.
Here are what haved changed since the previous patch:
- SSP is opt-out except for ia64; this is intended to trigger bugs.
However this doesn't mean it will be enabled by default in stable
releases.
- Thanks to Antoine, SSP related symbols are now compiled without stack
protection itself. This prevents a chicken and egg problem.
- lib/csu, gnu/lib/csu and libexec/rtld-elf are built without stack
protection.
I'm looking forward for more review and testing of this patch in order
to get it committed soon.
Ruslan, would you mind reviewing the change in bsd.own.mk as well?
Thank you very much.
Best regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
