ntpd doesn't like ASLR on stable/12 post-r350672

Konstantin Belousov kostikbel at gmail.com
Sat Aug 24 22:28:26 UTC 2019


On Sun, Aug 25, 2019 at 12:19:43AM +0200, Trond Endrestøl wrote:
> On Sat, 24 Aug 2019 23:41+0300, Konstantin Belousov wrote:
> > > I tried changing command="/usr/sbin/${name}" to 
> > > command="/usr/bin/proccontrol -m aslr -s disable /usr/sbin/${name}" in 
> > > /etc/rc.d/ntpd, but that didn't go well.
> > 
> > If you set kern.elf64.aslr.stack_gap to zero, does it help ?
> 
> That helped. Thank you again.

Can you verify is ntpd sets new rlimit(RLIMIT_STACK) for the main thread,
and if yes, what this new limit is ?

aslr.stack_gap is the percentage for the gap on that stack, and since
default size of the main stack limit is quite large 512M, even 3%
(default gap upper limit) are whole 15M. If the new limit is less than
15M, there is a likely probability that only the gap is left after the
rlimit(2) call, leaving no space for the program frames.

At least this looks like a nice theory.


More information about the freebsd-stable mailing list