Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386


I've just enabled Stack Smash Protection by default for NetBSD/amd64
and NetBSD/i386 in current. As a result kernels and userland will be
build with "-fstack-protector" and eventually also "-Wstack-protector".
I've tested full release builds of both ports on a NetBSD/i386 machine
which uses SSP userland and kernel.

SSP will result in a slowdown of about 5%, please read this thread
for more details:

You can still build NetBSD/amd64 and NetBSD/i386 with SSP turned off
by adding "USE_SSP=no" to "/etc/mk.conf" or by using the command line
argument "-V USE_SSP=no" when invoking "".

There is a risk that SSP causes application crashes or even
kernel panics in buggy code. Here is a simple example:

tron@lyssa:~>cat ssp.c 

#include <stdio.h>
#include <stdlib.h>

static void
        char a[5];

        a[5] = 'E';

main(int argc, char **argv)
        (void)puts("I survived");

        return EXIT_SUCCESS;
tron@lyssa:~>gcc ssp.c -Wall -o ssp
I survived
zsh: segmentation fault  ./ssp
tron@lyssa:~>gcc ssp.c -fstack-protector --param ssp-buffer-size=1 -Wall -o ssp
zsh: abort      ./ssp
tron@lyssa:~>tail -1 /var/log/messages
Nov 11 16:49:04 ssp -: stack overflow detected; terminated

As you can see the stack overflow was detected in the second case but not
the first one (which instead lead to a crash later). Although I'm using
SSP for a long time (including my NetBSD 5.0_STABLE server) it is
possible that are bugs in code which I'm not using (e.g. drivers for
hardware that I don't own) which will now cause problems. Please report
such problems with "send-pr".

        Kind regards

Matthias Scheler                        

Attachment: pgpTB56kn7Hz9.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index