Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386

To: tron%NetBSD.org@localhost
Subject: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
From: yamt%mwd.biglobe.ne.jp@localhost (YAMAMOTO Takashi)
Date: Thu, 12 Nov 2009 05:50:21 +0000 (UTC)

hi,

>       Hello,
> 
> I've just enabled Stack Smash Protection by default for NetBSD/amd64
> and NetBSD/i386 in current. As a result kernels and userland will be
> build with "-fstack-protector" and eventually also "-Wstack-protector".
> I've tested full release builds of both ports on a NetBSD/i386 machine
> which uses SSP userland and kernel.
> 
> SSP will result in a slowdown of about 5%, please read this thread
> for more details:
> 
>       http://mail-index.netbsd.org/port-i386/2009/10/18/msg001465.html
> 
> You can still build NetBSD/amd64 and NetBSD/i386 with SSP turned off
> by adding "USE_SSP=no" to "/etc/mk.conf" or by using the command line
> argument "-V USE_SSP=no" when invoking "build.sh".

is there a way to achieve the same as the previous default?
ie. enable it only for libc etc.

YAMAMOTO Takashi

> 
> There is a risk that SSP causes application crashes or even
> kernel panics in buggy code. Here is a simple example:
> 
> tron@lyssa:~>cat ssp.c 
> 
> #include <stdio.h>
> #include <stdlib.h>
> 
> static void
> broken(void)
> {
>         char a[5];
> 
>         a[5] = 'E';
> }
> 
> int
> main(int argc, char **argv)
> {
>         broken();
>         (void)puts("I survived");
> 
>         return EXIT_SUCCESS;
> }
> tron@lyssa:~>gcc ssp.c -Wall -o ssp
> tron@lyssa:~>./ssp
> I survived
> zsh: segmentation fault  ./ssp
> tron@lyssa:~>gcc ssp.c -fstack-protector --param ssp-buffer-size=1 -Wall -o 
> ssp
> tron@lyssa:~>./ssp
> zsh: abort      ./ssp
> tron@lyssa:~>tail -1 /var/log/messages
> Nov 11 16:49:04 ssp -: stack overflow detected; terminated
> 
> As you can see the stack overflow was detected in the second case but not
> the first one (which instead lead to a crash later). Although I'm using
> SSP for a long time (including my NetBSD 5.0_STABLE server) it is
> possible that are bugs in code which I'm not using (e.g. drivers for
> hardware that I don't own) which will now cause problems. Please report
> such problems with "send-pr".
> 
>       Kind regards
> 
> -- 
> Matthias Scheler                                  http://zhadum.org.uk/

Follow-Ups:
- Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
  - From: Matthias Scheler

References:
- HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
  - From: Matthias Scheler

Prev by Date: Drive a 2009 car from R699p/m
Next by Date: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
Previous by Thread: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
Next by Thread: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
Indexes:

Home | Main Index | Thread Index | Old Index