Bug 181497
| Summary: | [kernel] [patch] Add ASLR feature to kernel | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | Steven Lee <steven> | ||||||||||||||||||
| Component: | kern | Assignee: | freebsd-bugs (Nobody) <bugs> | ||||||||||||||||||
| Status: | Closed FIXED | ||||||||||||||||||||
| Severity: | Affects Only Me | CC: | Jungleboogie0, bordjukov, chrysalis, emaste, kamila, shawn.webb, swills | ||||||||||||||||||
| Priority: | Normal | ||||||||||||||||||||
| Version: | Unspecified | ||||||||||||||||||||
| Hardware: | Any | ||||||||||||||||||||
| OS: | Any | ||||||||||||||||||||
| See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228964 | ||||||||||||||||||||
| Attachments: |
|
||||||||||||||||||||
|
Description
Steven Lee
2013-08-24 03:20:00 UTC
new version of the patchset: https://github.com/opntr/freebsd-patches-2013-tavasz/tree/master/r249952+ASLR Wow... very nice. :) -- Regards, Steven Lee ----- Forwarded message from Oliver Pinter <oliver.pntr@gmail.com> ----- Date: Sat, 24 Aug 2013 23:40:15 +0200 From: Oliver Pinter <oliver.pntr@gmail.com> To: Steven Lee <steven@roothosts.com> Cc: freebsd-bugs@freebsd.org Subject: Re: kern/181497: ASLR Feature Request - patch included performance test on HEAD from Juni + ASLR patches: http://centaur.sch.bme.hu/~oliverp/hunger/new/ ----- End forwarded message ----- Over the past few months, I've had the pleasure of enhancing Oliver's original patch. I've added support for randomizing the address of the RTLD and changing the behavior of ASLR to be set on a per-jail basis. This means that if a user requires an application that doesn't support ASLR (crashes, exhibits bugs, etc.), then the affected application can simply be placed in a jail with ASLR turned off. The rest of the system and the rest of the jails would still have ASLR turned on. Oliver had ported over PaX's ASLR to NetBSD a few years back, and these patches brings FreeBSD feature-for-feature complete with NetBSD's ASLR implementation. What's lacking, along with NetBSD's implementation, is exec base randomization. This needs to be done on a per-binary basis, for binaries compiled with -fPIE. Additionally, we might want to specifically mark executables with an ELF note, specifying that it's safe to relocate the exec base. One known bug is that applications compiled with clang with -fPIC -fPIE -static combined could segfault. I can provide a sample binary (with sample code) if needed for a simple five-line test application. I will continue to research exec base randomization, but this task might be a bit over my head skill-wise. Attached is the patch against 11-current as of 02 Feb 2014. If I make more progress on exec base randomization, you can follow my GitHub repo at https://github.com/lattera/freebsd, branch soldierx/lattera/aslr. Thanks, Shawn Webb I've try to patch 10.0 with the last attached patch, but it complains because it didn't find file opt_pax.h (and I didn't see this file in the patch). I'm sorry, my patch actually wasn't right. It included other fixes I had in my branch for other features and didn't include some of the other ASLR bits. Attached is the right patch. Thanks, Shawn Attached is a patch that applies on top of the existing patch to fix a few minor bugs. Thanks, Shawn Attached is a combined patch. Attached is a new patch with integrates ASLR into loading Position-Independent Executables (PIEs). The attached patch provides better stability to the new PIE feature. Created attachment 153731 [details]
New ASLR Patch
This is the same patch that was uploaded to Phabricator D473 on 01 March 2015.
any chance this can be backported to 9.x? This bug report can be closed. For bugs matching the following conditions: - Status == In Progress - Assignee == "bugs@FreeBSD.org" - Last Modified Year <= 2017 Do - Set Status to "Open" Feature request for AS*R is tracked in PR 228964. Patches for review / testing are best handled in Phabricator (see D473 and D5603). |
