From nobody Tue Feb 08 22:30:24 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id BF6D419A74D8; Tue, 8 Feb 2022 22:30:31 +0000 (UTC) (envelope-from koobs.freebsd@gmail.com) Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jtd4k6f2Yz4vsb; Tue, 8 Feb 2022 22:30:30 +0000 (UTC) (envelope-from koobs.freebsd@gmail.com) Received: by mail-pf1-x42c.google.com with SMTP id z13so969735pfa.3; Tue, 08 Feb 2022 14:30:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:message-id:date:mime-version:user-agent:reply-to:subject :content-language:to:references:from:in-reply-to :content-transfer-encoding; bh=lEGBAiBMTLhE/tdXdliBqF7/S4nBIgmrje3dUEFXIgw=; b=Foi61pt8WX/4vTO2UsimnQleam61PO7r2ZJZddu252pXWfVvAxqKHgHD1HBPWSQcKs XCkvJLFfR48kHcwl/Gl0PJIw1YxI00/nvZvYXgYvXXxIeeGidT2IAPRPTJu/COzOH/FN oQ9vsQyROjumFeV6LtL5c+i4KnGcWGoPzx8FCIq0DPK0hmWjs0Ciz/QFqEwQkOZAeY1U 1KwxIY1MDiAVOdARBs7dAeQDikb2oZrPc2LtKJJho74l+SwwirmbpTSB//RF7JPxR1Q5 kkinvSRMrmGNoMFAwgZO9UUrbKdK2ZUro4CFSfRiHnmX47g1bLqrKtccgy8bjKlDhwc1 KK4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:message-id:date:mime-version:user-agent :reply-to:subject:content-language:to:references:from:in-reply-to :content-transfer-encoding; bh=lEGBAiBMTLhE/tdXdliBqF7/S4nBIgmrje3dUEFXIgw=; b=RBE9FGK45FdX3J8ARQLOKk+dLJy54lRpmMRSo/S67ntFHz8FStFKBpuviZPXgALx37 fSYFf29tgeTLVfH34i+lXgniuZMpCyHrEr1LfnxANXEmldwlixp/dqsItKx7wB+etY3m K1re2MqJ5bfkdW6obDNCWzf+Uz7+9al47PmmF7f47J1xT6BLGpHiAZOCIIfdHIPfK48M X8gW8SOuhq0vylF7O7lzO55ZT+hwrQzlQiHu2EwHbSsxD16+VBzqV3eXo7b6MpIPFzbf SLKxbaWhoUdAyg7tcLuYKA07fUXMN0ps7uBeMjXxXysfrewEkcHOEzbEOMwMTVMe7uA4 L8NA== X-Gm-Message-State: AOAM530IDPau+3dEpwb2ibRuck8bZfm8X7s6nJgU5T376T1dLhx4Tp4P /Qj9fVfxLUGmIha2TwNts8uz1DZGdR4= X-Google-Smtp-Source: ABdhPJxGAcBWhMoEagGvL5EVgdyCIvAqIxWgMBIKEKNxf9lNtnFOTskbAOjKi4czxSCzp6nT4i/maQ== X-Received: by 2002:a65:6681:: with SMTP id b1mr5185686pgw.221.1644359429752; Tue, 08 Feb 2022 14:30:29 -0800 (PST) Received: from ?IPV6:2403:5807:1b:1:a9fa:96eb:994e:1aa7? (2403-5807-1b-1-a9fa-96eb-994e-1aa7.ip6.aussiebb.net. [2403:5807:1b:1:a9fa:96eb:994e:1aa7]) by smtp.gmail.com with ESMTPSA id q2sm3690853pjj.32.2022.02.08.14.30.26 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 08 Feb 2022 14:30:29 -0800 (PST) Message-ID: <0b6f8813-6c07-3adb-a8e6-d4f9d55247bf@FreeBSD.org> Date: Wed, 9 Feb 2022 09:30:24 +1100 List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Thunderbird/99.0a1 Reply-To: koobs@FreeBSD.org Subject: Re: git: 930a7c2ac67e - main - compiler-rt: re-exec with ASLR disabled when necessary Content-Language: en-US To: Ed Maste , src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org References: <202202041620.214GKn2V007538@gitrepo.freebsd.org> From: Kubilay Kocak In-Reply-To: <202202041620.214GKn2V007538@gitrepo.freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Jtd4k6f2Yz4vsb X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=Foi61pt8; dmarc=none; spf=pass (mx1.freebsd.org: domain of koobsfreebsd@gmail.com designates 2607:f8b0:4864:20::42c as permitted sender) smtp.mailfrom=koobsfreebsd@gmail.com X-Spamd-Result: default: False [-3.20 / 15.00]; HAS_REPLYTO(0.00)[koobs@FreeBSD.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; REPLYTO_ADDR_EQ_FROM(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FORGED_SENDER(0.30)[koobs@FreeBSD.org,koobsfreebsd@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; FROM_NEQ_ENVFROM(0.00)[koobs@FreeBSD.org,koobsfreebsd@gmail.com]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[FreeBSD.org]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::42c:from]; MLMMJ_DEST(0.00)[dev-commits-src-all,dev-commits-src-main]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N On 5/02/2022 3:20 am, Ed Maste wrote: > The branch main has been updated by emaste: > > URL: https://cgit.FreeBSD.org/src/commit/?id=930a7c2ac67e1e8e511aa1d0a31a16c632060ebb > > commit 930a7c2ac67e1e8e511aa1d0a31a16c632060ebb > Author: Ed Maste > AuthorDate: 2022-01-16 19:22:05 +0000 > Commit: Ed Maste > CommitDate: 2022-02-04 16:20:00 +0000 > > compiler-rt: re-exec with ASLR disabled when necessary > > Some sanitizers (at least msan) currently require ASLR to be disabled. > When we detect that ASLR is enabled, re-exec with it disabled rather > than exiting with an error. See LLVM GitHub issue 53256 for more > detail: https://github.com/llvm/llvm-project/issues/53256 > > No objection: dim > MFC after: 2 weeks > Sponsored by: The FreeBSD Foundation > Differential Revision: https://reviews.freebsd.org/D33934 > --- > .../compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp b/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp > index 09b3f31831df..daa07c15490e 100644 > --- a/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp > +++ b/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp > @@ -2197,8 +2197,11 @@ void CheckASLR() { > } > if ((aslr_status & PROC_ASLR_ACTIVE) != 0) { > Printf("This sanitizer is not compatible with enabled ASLR " > - "and binaries compiled with PIE\n"); > - Die(); > + "and binaries compiled with PIE\n" > + "ASLR will be disabled and the program re-executed.\n"); > + int aslr_ctl = PROC_ASLR_FORCE_DISABLE; > + CHECK_NE(procctl(P_PID, 0, PROC_ASLR_CTL, &aslr_ctl), -1); > + ReExec(); > } > #else > // Do nothing > Could we sysctl tunable this, defaulting to previous behaviour? Feels useful, particularly with respect to compatibility with *San behaviour elsewhere and cases where a re-exec may not be desirable ./koobs