[RFC] ASLR Whitepaper and Candidate Final Patch

Shawn Webb lattera at gmail.com
Sun Jul 20 20:19:02 UTC 2014 

On Jul 19, 2014 06:35 PM -0500, Pedro Giffuni wrote:
> (Assuming @FreeBSD addresses are subscribed to arch, or check the archives)
> 
> FWIW,
> 
> The issues I pointed out are still standing:
> 
> - It is yet undetermined what the performance effect will be, and it is not clear (but seems likely from past measurements) if there will be a performance hit even when ASLR is off.
> -Apparently there are applications that will segfault (?).

So I have an old Dell Latitude E6500 that I bought at Defcon a year or
so ago that I'm doing testing on. Even though it's quite an underpowered
laptop, I'm running ZFS on it for BE support (in case one of our changes
kills it). I'll run unixbench on it a few times to benchmark the ASLR
patch. I'll test these three scenarios:
    1) ASLR compiled in and enabled;
    2) ASLR compiled in and disabled;
    3) ASLR compiled out (GENERIC kernel).

In each of these three scenarios, I'll have the kernel debugging
features (WITNESS, INVARIANTS, etc.) turned off to better simulate a
production system and to remove just one more variable in the tests.

I'll run unixbench ten times under each scenario and I'll compute
averages.

Since this is an older laptop (and it's running ZFS), these tests will
take a couple days. I'll have an answer for you soon.

> 
> I wouldn?t object to see it in the tree though: it has obviously been the result of a lot of work and it is configurable and well integrated. It will certainly have to be some time in the tree and undergo extensive testing before turning it on by default though so it sounds reasonable to bring it in but leave it initially inactive.

That's great to hear. Oliver and I didn't make the PAX_ASLR option
default in the GENERIC kernel, so there really isn't anything that needs
to happen to make ASLR disabled by default. It's up to the user to add
the PAX_ASLR option to their kernel config. The same goes for the
WITH_PIE {src,make}.conf tunable.

Thanks,

Shawn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20140720/bb3b70ff/attachment.sig>

More information about the freebsd-arch mailing list