[Bug 241960] ASLR impacted ports
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Nov 14 02:16:45 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241960
Bug ID: 241960
Summary: ASLR impacted ports
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: cy at FreeBSD.org
Reporter: dewayne at heuristicsystems.com.au
Assignee: cy at FreeBSD.org
Flags: maintainer-feedback?(cy at FreeBSD.org)
I've created this PR to help others avoiding the time losses in tracking down
problems with ports that are adversely impacted when ASLR is enabled;
specifically when the following sysctl's are set:
kern.elf64.aslr.enable=1
kern.elf64.aslr.pie_enable=1
kern.elf64.aslr.stack_gap=1
kern.elf32.aslr.enable=1
kern.elf32.aslr.pie_enable=1
kern.elf32.aslr.stack_gap=1
When there is a problem, a workable solution is to disable ASLR for that
particular process with, for example:
proccontrol -m aslr -s disable $Dir/$Image; for example
proccontrol -m aslr -s disable /usr/local/sbin/clamd
which results in
# proccontrol -m aslr -q -p 64596
not forced, not active.
net/ntp - fails to reliably start. With ASLR enabled it may take up to 60
attempts to start, when it does, it functions correctly.
security/clamd - often starts first time, but when it doesn't, it usually
results in messages which fill the logging disk with:
LibClamAV Error: mpool_malloc(): Can't allocate memory (16781312 bytes).
adjusting memorylock in login.conf is futile, that is not the problem.
Other reports include:
firefox/thunderbird ref:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228964
Please feel free to add to this PR (might be better as a wiki). The intention
is to provide a vehicle where we can identify which ports have a problem, so
that we can save time. I'd spent four hours reviewing clamd and freshclam only
to recall a prior change to kern.elf32...(a human memory swapout!)
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list