Page MenuHomeFreeBSD

aslr: make it a feature
Needs ReviewPublic

Authored by bapt on Dec 22 2023, 2:43 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Dec 17, 10:49 PM
Unknown Object (File)
Nov 25 2024, 2:23 AM
Unknown Object (File)
Oct 26 2024, 10:37 PM
Unknown Object (File)
Oct 21 2024, 5:56 AM
Unknown Object (File)
Oct 17 2024, 5:15 PM
Unknown Object (File)
Oct 17 2024, 5:14 PM
Unknown Object (File)
Oct 17 2024, 5:14 PM
Unknown Object (File)
Oct 17 2024, 4:54 PM

Details

Reviewers
bofh
Group Reviewers
portmgr

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 55091
Build 51980: arc lint + arc unit

Event Timeline

bapt requested review of this revision.Dec 22 2023, 2:43 PM
bapt created this revision.

this is clearly an abuse of the Feature Framework as the WITHOUT_ASLR or WITH_ASLR will not be exactly doing what people would expect, but I think this is worth it.

I will test this after the sunset of 12 as we have systems with both ASLR as default and non-default. :/

But so far this looks good to me.

tcberner added inline comments.
lang/php83/Makefile
110

^why does the port need to specify more than the path to the binary?

this could be

ASLR_UNSAFE+=sapi/cli/php

as far as I can see, the Mk/Features/aslr.mk already assumes its only the path, no?

bapt marked an inline comment as done.Apr 2 2024, 2:09 PM

To make it less an abuse I'd name the feature something like enforce_aslr. So that it underlines the fact that enabling this feature will force ASLR setting for each port.

I totally forgot about this. I will need to test this on php but I would really like to push this ASAP. Although I want to take a little while for changing php82.