Page MenuHomeFreeBSD

aslr: make it a feature
Needs ReviewPublic

Authored by bapt on Dec 22 2023, 2:43 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, May 19, 5:55 AM
Unknown Object (File)
Sun, May 19, 12:56 AM
Unknown Object (File)
Thu, May 9, 2:42 PM
Unknown Object (File)
Thu, May 9, 10:45 AM
Unknown Object (File)
Thu, May 9, 4:09 AM
Unknown Object (File)
Sat, May 4, 1:16 PM
Unknown Object (File)
Fri, Apr 26, 4:45 PM
Unknown Object (File)
Fri, Apr 26, 2:45 AM

Details

Reviewers
bofh
Group Reviewers
portmgr

Diff Detail

Repository
R11 FreeBSD ports repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 56871
Build 53759: arc lint + arc unit

Event Timeline

bapt requested review of this revision.Dec 22 2023, 2:43 PM
bapt created this revision.

this is clearly an abuse of the Feature Framework as the WITHOUT_ASLR or WITH_ASLR will not be exactly doing what people would expect, but I think this is worth it.

I will test this after the sunset of 12 as we have systems with both ASLR as default and non-default. :/

But so far this looks good to me.

tcberner added inline comments.
lang/php83/Makefile
108

^why does the port need to specify more than the path to the binary?

this could be

ASLR_UNSAFE+=sapi/cli/php

as far as I can see, the Mk/Features/aslr.mk already assumes its only the path, no?

bapt marked an inline comment as done.Apr 2 2024, 2:09 PM

To make it less an abuse I'd name the feature something like enforce_aslr. So that it underlines the fact that enabling this feature will force ASLR setting for each port.

I totally forgot about this. I will need to test this on php but I would really like to push this ASAP. Although I want to take a little while for changing php82.