Mark Millard
2017-Jul-17 22:09 UTC
stack_guard hardening bsdinstall option in STABLE and 11.1
Vlad K. vlad-fbsd at acheronmedia.com wrote on Mon Jul 17 15:03:11 UTC 2017 :> I also asked why wasn't the bsdinstall-er option change > MFC'd after 1 day, two weeks ago, whether it's by omission, simply > ENOTIME, or something else...Given what Konstantin Belousov described (default stack space sizes and apparently guard pages eat into stack space instead of the overall space being bigger by the guard size), I think that would explain not moving from CURRENT: it was known to be a problem. (Although I expect Konstantin Belousov's note here is the first public description of the problem's details.) I agree that you did not get an answer for the other part:> I simply asked if it's safe to assume the sysctl to be an integer in> 11.1I've not gone through any draft 11.1-release code to check. ==Mark Millard markmi at dsl-only.net
On 2017-07-18 00:09, Mark Millard wrote:> (Although I expect Konstantin Belousov's note here is > the first public description of the problem's details.)Thanks for explaining the problem. I guess this was the reason why I failed to parse kib's reply, this was the first bit of info I encountered on that patch being effectively "broken" that way.> I agree that you did not get an answer for the other > part: > >> I simply asked if it's safe to assume the sysctl to be an integer in > >> 11.1 > > > I've not gone through any draft 11.1-release code to > check.It appears to be, the code is MFC'd with (if I'm correct) r320666. I've ran some tests in -RC3 and indeed it works, though probably for the reason you explained above (guard page eating into the stack), raising the stack_guard_pages sufficiently high (eg. 512 pages like the bsdinstaller in CURRENT defaults to) crashes threaded programs. If that is so, though, I wonder why it's not reverted, or at least the sysctl temporarily patched to remain boolean (or turned off completely). And the bsdinstaller option in CURRENT now essentially enables buggy and unstable behavior. If this is a known issue, why default to it in CURRENT. Anyway thanks for taking time to explain, this answers my questions. -- Vlad K.