Re: [fbsd] Re: Integrating ProPolice/SSP into FreeBSD

From: Jeremie Le Hen <jeremie_at_le-hen.org>
Date: Sat, 27 May 2006 19:23:58 +0200
On Fri, May 26, 2006 at 06:35:54PM -0400, Alexander Kabaev wrote:
> On Fri, 26 May 2006 17:34:22 +0200
> Jeremie Le Hen <jeremie_at_le-hen.org> wrote:
> 
> > Hi,
> > 
> > first sorry for cross-posting but I thought this patch might interest
> > -CURRENT users as well as people concerned by security.
> > 
> > I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step
> > further than it has been realized so far.
> > 
> > It is available here :
> >     http://tataz.chchile.org/~tataz/FreeBSD/SSP/
> > 
> > Everything is explained on the web page, but I will repeat some
> > informations here.  The patchset is splitted in two parts to ease the
> > review of the patch.  The -propolice patch is only the original
> > ProPolice patch for GCC 3.4.4 applied on FreeBSD source tree.  The
> > -freebsd patch contains the glue I have written to make things neat.
> > 
> > The patch exists in both for CURRENT and RELENG_6.  Both introduce a
> > new make.conf(5) (and src.conf(5)) knob to enable stack protection
> > on a per Makefile basis.  It if of course possible to compile your
> > world with it.  Please refer to the web page for more informations.
> >  
> > The patch has been tested and works pretty well.  My laptop and my
> > workstation at work are compiled with SSP : world, kernel and ports,
> > including X.org.
> > 
> > I hope you will enjoy it.
> > Regards,
> > -- 
> > Jeremie Le Hen
> > < jeremie at le-hen dot org >< ttz at chchile dot org >
> > _______________________________________________
> > freebsd-security_at_freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-security
> > To unsubscribe, send any mail to
> > "freebsd-security-unsubscribe_at_freebsd.org"
> 
> How does this compare to GCC 4.x mudflap feature? I do not plan to
> include Propolice patch into base system any time soon and will object
> anyone trying to do so due to future maintenance headaches this will
> inevitably create. GCC 4.1.1 import is in the works though and should be
> available shortly.

I wasn't aware of the mudflap feature.  I had a quick look at it
through [1], and it appears mudflap focuses on pointer dereferencement.
ProPolice focuses on stack-based buffer overflows, this is mostly the
same as StackGuard, which is presented in the paper.  According to
Wikipedia [2], StackGuard isn't maintained any longuer, while
ProPolice has been merged into GCC 4.1.

I understand you are working on GCC 4.1.1 import and that modifying
contributed sources will be a problem for you, though I must admit I
am not sure to understand the whole pain this creates.  I will try to
maintain the patch on my own until GCC 4.1.1 import, so that users
will be able to make the best of ProPolice.

BTW, given that GCC 4.1.1 will contain ProPolice bits, I think I will
be worth having some knobs to turn SSP on or off for the base system.
I have become pretty confident with the build system and problems
that libssp triggers.  I would be glad to provide you some of the
glue I have written so far in my patch (the -freebsd part).
Please, let me know if you are interested in this.  If your current
work is publicly accessible, I'd be glad if you gave me the URL.

[1] http://gcc.fyxm.net/summit/2003/mudflap.pdf
[2] http://en.wikipedia.org/wiki/ProPolice

Thank you.
Best regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
Received on Sat May 27 2006 - 15:23:47 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:56 UTC