Differential D48651

Add stack clash protection to the WITH_SSP flag
ClosedPublic
Actions

Authored by netchild on Jan 24 2025, 9:24 AM.

Details

Reviewers

emaste

Group Reviewers

security

Commits

rGf934e629dc22: Add stack clash protection to the WITH_SSP flag

Summary

See

https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
https://developers.redhat.com/blog/2020/05/22/stack-clash-mitigation-in-gcc-part-3
https://blog.llvm.org/posts/2021-01-05-stack-clash-protection/

Short: this adds a guard page every PAGE_SIZE chunk to detect stack clash attacks. This needs stack guard pages support in the kernel, but it seems it doesn't need architecture / OS specific support in userland.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

netchild created this revision.Jan 24 2025, 9:24 AM

Herald added a subscriber: imp. · View Herald TranscriptJan 24 2025, 9:24 AM

netchild requested review of this revision.Jan 24 2025, 9:24 AM

LGTM with a suggested update for the mitigations text

man/man7/mitigations.7
251 ↗	(On Diff #149866)	Maybe "and stack probing in PAGE_SIZE chunks"? The guard page(s) already existed, stack clash protection adds the probing so that we can't skip over the guard page.