Hello,
I've just enabled Stack Smash Protection by default for NetBSD/amd64
and NetBSD/i386 in current. As a result kernels and userland will be
build with "-fstack-protector" and eventually also "-Wstack-protector".
I've tested full release builds of both ports on a NetBSD/i386 machine
which uses SSP userland and kernel.
SSP will result in a slowdown of about 5%, please read this thread
for more details:
http://mail-index.netbsd.org/port-i386/2009/10/18/msg001465.html
You can still build NetBSD/amd64 and NetBSD/i386 with SSP turned off
by adding "USE_SSP=no" to "/etc/mk.conf" or by using the command line
argument "-V USE_SSP=no" when invoking "build.sh".
There is a risk that SSP causes application crashes or even
kernel panics in buggy code. Here is a simple example:
tron@lyssa:~>cat ssp.c
#include <stdio.h>
#include <stdlib.h>
static void
broken(void)
{
char a[5];
a[5] = 'E';
}
int
main(int argc, char **argv)
{
broken();
(void)puts("I survived");
return EXIT_SUCCESS;
}
tron@lyssa:~>gcc ssp.c -Wall -o ssp
tron@lyssa:~>./ssp
I survived
zsh: segmentation fault ./ssp
tron@lyssa:~>gcc ssp.c -fstack-protector --param ssp-buffer-size=1 -Wall -o ssp
tron@lyssa:~>./ssp
zsh: abort ./ssp
tron@lyssa:~>tail -1 /var/log/messages
Nov 11 16:49:04 ssp -: stack overflow detected; terminated
As you can see the stack overflow was detected in the second case but not
the first one (which instead lead to a crash later). Although I'm using
SSP for a long time (including my NetBSD 5.0_STABLE server) it is
possible that are bugs in code which I'm not using (e.g. drivers for
hardware that I don't own) which will now cause problems. Please report
such problems with "send-pr".
Kind regards
--
Matthias Scheler http://zhadum.org.uk/
Attachment:
pgpTB56kn7Hz9.pgp
Description: PGP signature