[Bug 241960] ASLR impacted ports

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Thu Nov 14 02:16:45 UTC 2019 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241960

            Bug ID: 241960
           Summary: ASLR impacted ports
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: cy at FreeBSD.org
          Reporter: dewayne at heuristicsystems.com.au
          Assignee: cy at FreeBSD.org
             Flags: maintainer-feedback?(cy at FreeBSD.org)

I've created this PR to help others avoiding the time losses in tracking down
problems with ports that are adversely impacted when ASLR is enabled;
specifically when the following sysctl's are set:
kern.elf64.aslr.enable=1
kern.elf64.aslr.pie_enable=1
kern.elf64.aslr.stack_gap=1
kern.elf32.aslr.enable=1
kern.elf32.aslr.pie_enable=1
kern.elf32.aslr.stack_gap=1

When there is a problem, a workable solution is to disable ASLR for that
particular process with, for example:
proccontrol -m aslr -s disable $Dir/$Image; for example
proccontrol -m aslr -s disable /usr/local/sbin/clamd
which results in 
# proccontrol -m aslr -q -p 64596
not forced, not active.

net/ntp - fails to reliably start.  With ASLR enabled it may take up to 60
attempts to start, when it does, it functions correctly.

security/clamd - often starts first time, but when it doesn't, it usually
results in messages which fill the logging disk with:
LibClamAV Error: mpool_malloc(): Can't allocate memory (16781312 bytes).
adjusting memorylock in login.conf is futile, that is not the problem.

Other reports include:
firefox/thunderbird ref: 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228964 

Please feel free to add to this PR (might be better as a wiki).  The intention
is to provide a vehicle where we can identify which ports have a problem, so
that we can save time.  I'd spent four hours reviewing clamd and freshclam only
to recall a prior change to kern.elf32...(a human memory swapout!)

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list