git: af949c590bd8 - main - Disable stack gap for ntpd during build.
Shawn Webb
shawn.webb at hardenedbsd.org
Fri May 21 13:37:16 UTC 2021
On Fri, May 21, 2021 at 01:34:52PM +0000, Marcin Wojtas wrote:
> The branch main has been updated by mw:
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=af949c590bd8a00a5973b5875d7e0fa6832ea64a
>
> commit af949c590bd8a00a5973b5875d7e0fa6832ea64a
> Author: Marcin Wojtas <mw at FreeBSD.org>
> AuthorDate: 2021-05-21 09:29:22 +0000
> Commit: Marcin Wojtas <mw at FreeBSD.org>
> CommitDate: 2021-05-21 13:33:06 +0000
>
> Disable stack gap for ntpd during build.
>
> When starting, ntpd calls setrlimit(2) to limit maximum size of its
> stack. The stack limit chosen by ntpd is 200K, so when stack gap
> is enabled, the stack gap is larger than this limit, which results
> in ntpd crashing.
Would it make sense to update the stack limit enforcement code to take
the stack gap into account? I haven't looked at HardenedBSD's stack
randomization for a while, but if memory serves correctly, we made
that change.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/dev-commits-src-all/attachments/20210521/01bae378/attachment.sig>
More information about the dev-commits-src-all
mailing list