Bug 239873 - www/firefox and mail/thunderbird don't like the new ASLR "stackgap" feature
Summary: www/firefox and mail/thunderbird don't like the new ASLR "stackgap" feature
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-gecko (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-08-15 09:39 UTC by sigsys
Modified: 2020-09-14 08:42 UTC (History)
5 users (show)

See Also:
bugzilla: maintainer-feedback? (gecko)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description sigsys 2019-08-15 09:39:44 UTC
Both fail with a "too much recursion" error message during start up.

I'm guessing the feature confuses them about the depth of the stack somehow.

Tested on 12.0-STABLE r351060.

They both work fine with the stackgap sysctls set to 0.

And they both have been working fine with the other ASLR features on ever since this was committed to 12-STABLE BTW.
Comment 1 Greg V 2020-05-08 12:22:12 UTC
hm, according to https://wiki.freebsd.org/ASLR the base ntpd also doesn't like stackgap..
Comment 2 Thibault Payet 2020-08-11 17:46:57 UTC
Do we know how to make it working by using 

/usr/bin/proccontrol -m stackgap -s disable firefox

This command still get the too much recursion error.

Currently I could either disable aslr completely for firefox, or just globally not enabling stackgap and keep aslr.
Comment 3 sigsys 2020-08-12 20:15:04 UTC
(In reply to Thibault Payet from comment #2)
Same problem here.

Looks like the proccontrol stackgap toggle only affects the stack "guard page" (handled by vm_map_stack_locked() in sys/vm/vm_map.c), not the ASLR randomized stackgap.

This patch makes it affect the ASLR stackgap too and that makes firefox work with proccontrol.

diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
index fe71acabe0b..56623f29d4e 100644
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@@ -2766,6 +2766,9 @@ __elfN(stackgap)(struct image_params *imgp, uintptr_t *stack_base)
 
 	if ((imgp->map_flags & MAP_ASLR) == 0)
 		return;
+	if ((imgp->proc->p_flag2 & P2_STKGAP_DISABLE) != 0 ||
+	    (imgp->proc->p_fctl0 & NT_FREEBSD_FCTL_STKGAP_DISABLE) != 0)
+		return;
 	pct = __elfN(aslr_stack_gap);
 	if (pct == 0)
 		return;

Also if you mark firefox's binary with the new ELF feature flag to disable stackgap like so:

# elfctl -e +stackgap /usr/local/bin/firefox

Then firefox just works without needing to start with it proccontrol.