svn commit: r44449 - head/en_US.ISO8859-1/htdocs/news/status

Gabor Pali pgj at FreeBSD.org
Sat Apr 5 09:15:15 UTC 2014 

Author: pgj
Date: Sat Apr  5 09:15:14 2014
New Revision: 44449
URL: http://svnweb.freebsd.org/changeset/doc/44449

Log:
  - Add 2014Q1 status report for ASLR
  
  Submitted by:	Shawn Webb <lattera at gmail.com>

Modified:
  head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml

Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml	Sat Apr  5 02:09:17 2014	(r44448)
+++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml	Sat Apr  5 09:15:14 2014	(r44449)
@@ -18,7 +18,7 @@
 
     <!-- XXX: Keep the number of entries updated -->
     <p>Thanks to all the reporters for the excellent work!  This report
-      contains 13 entries and we hope you enjoy reading it.</p>
+      contains 14 entries and we hope you enjoy reading it.</p>
 
     <p>The deadline for submissions covering between April and
       June 2014 is July 7th, 2014.</p>
@@ -775,4 +775,70 @@
 	ports tree.</task>
     </help>
   </project>
+
+  <project cat='kern'>
+    <title>ASLR and PIE</title>
+
+    <contact>
+      <person>
+	<name>
+	  <given>Shawn</given>
+	  <common>Webb</common>
+	</name>
+	<email>lattera at gmail.com</email>
+      </person>
+
+      <person>
+	<name>
+	  <given>Olivér</given>
+	  <common>Pintér</common>
+	</name>
+	<email>oliver.pntr at gmail.com</email>
+      </person>
+    </contact>
+
+    <links>
+      <url href="http://0xfeedface.org/blog/lattera/2014-04-03/awesome-freebsd-aslr-progress">Blog post with latest status update</url>
+      <url href="https://github.com/lattera/freebsd/tree/soldierx/lattera/aslr">Shawn's ASLR branch</url>
+      <url href="https://github.com/opntr/opBSD/tree/op/stable/10-aslr">Olivér's ASLR branch</url>
+    </links>
+
+    <body>
+      <p>Address space layout randomization (ASLR) is a computer
+	security technique involved in protection from buffer overflow
+	attacks.  In order to prevent an attacker from reliably jumping
+	to a particular exploited function in memory, ASLR involves
+	randomly arranging the positions of key data areas of a program,
+	including the base of the executable and the positions of the
+	stack, heap, and libraries, in a process' address space.</p>
+
+      <p>We have added (a potentially buggy) ASLR support to all
+	supported &os; architectures.  Focus is still on <tt>amd64</tt> as
+	that is what the developers have access to.  We have added
+	support for Position-Independent Executables (PIEs) in a number
+	of applications in base.  We have identified a number of bugs
+	and are actively working on targeting them.</p>
+    </body>
+
+    <help>
+      <task>Shawn has access to a Raspberry Pi (RPI).  PIE is 90%
+	broken.  Debug and fix major issues on the RPI.  The existing NX
+	stack protections are not obeyed on RPI.  Properly implemented
+	ASLR requires NX stack.</task>
+
+      <task>Shawn will be receiving a <tt>sparc64</tt> box on April 6,
+	2014.  He will test ASLR on <tt>sparc64</tt>, identifying and
+	fixing any bugs that pop up.</task>
+
+      <task>Olivér has identified one or more bugs with the Linuxulator.
+	He will be looking into that and fixing those.</task>
+
+      <task>Shawn will be cleaning up code and adding more applications
+	in base to support PIE.  He will also add PIE support to the
+	ports framework for general consumption.</task>
+
+      <task>Shawn will be giving a presentation regarding ASLR at
+	BSDCan 2014.</task>
+    </help>
+  </project>
 </report>

More information about the svn-doc-all mailing list