user stack randomization: only enable by default for 64bit processes
ClosedPublic
Actions

Authored by kib on Oct 24 2023, 9:47 PM.

Details

Reviewers

emaste
markj

Commits

rG1798b44fda38: user stack randomization: only enable by default for 64bit processes

Summary

All aslr knobs are disabled by default for 32bit processes, except
stack.  This results in weird stack location, typically making around 1G
of user address space hard to use.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

kib created this revision.Oct 24 2023, 9:47 PM

Herald added a subscriber: imp. · View Herald TranscriptOct 24 2023, 9:47 PM

kib requested review of this revision.Oct 24 2023, 9:47 PM

Yes, it makes sense to have this consistent with other 32/64-bit ASLR knobs.

The description in mitigations.7 and security.7 says If ASLR is enabled for a process, also randomize the stack location.(or equivalent) but it looks like that may be referring to an older implementation. I can update that text.

This revision is now accepted and ready to land.Oct 24 2023, 10:00 PM

Closed by commit rG1798b44fda38: user stack randomization: only enable by default for 64bit processes (authored by kib). · Explain WhyOct 24 2023, 10:07 PM

This revision was automatically updated to reflect the committed changes.

kib added a commit: rG1798b44fda38: user stack randomization: only enable by default for 64bit processes.