[Bug 262192] Crashes at boot with kern.random.initial_seeding.bypass_before_seeding=0 in randomdev_wait_until_seeded()

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 262192] 13-STABLE: panic at boot when initial random seeding blocks"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 04 Mar 2022 11:16:30 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262192

--- Comment #7 from Olivier Certner <olivier.freebsd@free.fr> ---
(In reply to Conrad Meyer from comment #6)

Hi Conrad,

> As far as uncovering stack overflow bugs: doesn't a system without stack
> cookies also work to uncover stack overflow bugs?  Most of the time,
> accidental corruption of the return address will also crash the process.

Yes, you're right most of the time, but more subtle forms of corruption could
occur and create later problems or crashes, which are more difficult to debug.
So yes, I agree it's a small advantage, but still it is.

> The initialization described in this bug is only for the kernel's stack
> cookies.  The kernel is essentially a privileged process that lives for
> the entire boot.  As far as I know, there is no way to safely change the
> stack guard cookie values of the running kernel.

Yes. I was just thinking about starting with whatever (static or not) canary
and then later on have new kernel threads use a new random one. That's just
speculation at this point. I'd have to dive into code to see if it's realistic
or not. I'm now not sure if it's even worth it, fixing the original limitation
may be a better investment anyway.

Thanks a lot for the info you provided, it gives some starting points to better
understand SSP in FreeBSD.

Indeed, I'll probably choose (1) for now, since it is so easy to do, and come
back to (2) when I have enough time. Leaving this bug open for now.

-- 
You are receiving this mail because:
You are the assignee for the bug.