svn commit: r44449 - head/en_US.ISO8859-1/htdocs/news/status
Gabor Pali
pgj at FreeBSD.org
Sat Apr 5 09:15:15 UTC 2014
Author: pgj
Date: Sat Apr 5 09:15:14 2014
New Revision: 44449
URL: http://svnweb.freebsd.org/changeset/doc/44449
Log:
- Add 2014Q1 status report for ASLR
Submitted by: Shawn Webb <lattera at gmail.com>
Modified:
head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml
Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 02:09:17 2014 (r44448)
+++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 09:15:14 2014 (r44449)
@@ -18,7 +18,7 @@
<!-- XXX: Keep the number of entries updated -->
<p>Thanks to all the reporters for the excellent work! This report
- contains 13 entries and we hope you enjoy reading it.</p>
+ contains 14 entries and we hope you enjoy reading it.</p>
<p>The deadline for submissions covering between April and
June 2014 is July 7th, 2014.</p>
@@ -775,4 +775,70 @@
ports tree.</task>
</help>
</project>
+
+ <project cat='kern'>
+ <title>ASLR and PIE</title>
+
+ <contact>
+ <person>
+ <name>
+ <given>Shawn</given>
+ <common>Webb</common>
+ </name>
+ <email>lattera at gmail.com</email>
+ </person>
+
+ <person>
+ <name>
+ <given>Olivér</given>
+ <common>Pintér</common>
+ </name>
+ <email>oliver.pntr at gmail.com</email>
+ </person>
+ </contact>
+
+ <links>
+ <url href="http://0xfeedface.org/blog/lattera/2014-04-03/awesome-freebsd-aslr-progress">Blog post with latest status update</url>
+ <url href="https://github.com/lattera/freebsd/tree/soldierx/lattera/aslr">Shawn's ASLR branch</url>
+ <url href="https://github.com/opntr/opBSD/tree/op/stable/10-aslr">Olivér's ASLR branch</url>
+ </links>
+
+ <body>
+ <p>Address space layout randomization (ASLR) is a computer
+ security technique involved in protection from buffer overflow
+ attacks. In order to prevent an attacker from reliably jumping
+ to a particular exploited function in memory, ASLR involves
+ randomly arranging the positions of key data areas of a program,
+ including the base of the executable and the positions of the
+ stack, heap, and libraries, in a process' address space.</p>
+
+ <p>We have added (a potentially buggy) ASLR support to all
+ supported &os; architectures. Focus is still on <tt>amd64</tt> as
+ that is what the developers have access to. We have added
+ support for Position-Independent Executables (PIEs) in a number
+ of applications in base. We have identified a number of bugs
+ and are actively working on targeting them.</p>
+ </body>
+
+ <help>
+ <task>Shawn has access to a Raspberry Pi (RPI). PIE is 90%
+ broken. Debug and fix major issues on the RPI. The existing NX
+ stack protections are not obeyed on RPI. Properly implemented
+ ASLR requires NX stack.</task>
+
+ <task>Shawn will be receiving a <tt>sparc64</tt> box on April 6,
+ 2014. He will test ASLR on <tt>sparc64</tt>, identifying and
+ fixing any bugs that pop up.</task>
+
+ <task>Olivér has identified one or more bugs with the Linuxulator.
+ He will be looking into that and fixing those.</task>
+
+ <task>Shawn will be cleaning up code and adding more applications
+ in base to support PIE. He will also add PIE support to the
+ ports framework for general consumption.</task>
+
+ <task>Shawn will be giving a presentation regarding ASLR at
+ BSDCan 2014.</task>
+ </help>
+ </project>
</report>
More information about the svn-doc-all
mailing list