On Wed, Apr 17, 2019 at 9:06 AM John Baldwin <j...@freebsd.org> wrote: > > On 4/16/19 4:48 PM, Conrad Meyer wrote: > > Perhaps cryptographically random stack-protector cookies are simply > > inappropriate for MIPS or RISCV. Do we have any other examples of > > kernel random consumers blocking after that immediate hiccup is > > overcome? > > There may be MIPS and RISCV designs that do have suitable entropy available > (especially I would expect future RISCV designs to have them), so I think > blacklisting stack protector wholesale on those architectures is overboard.
The difficulty is how early __stack_chk_init runs vs when entropy might be available. If some MIPS or RISCV design shows up with a fast HWRNG source, great! > I think some sort of off-by-default knob (even a compile option) is fine for > people who need fast and loose vs safe as you already agreed to earlier. > > Also, for development testing we still want coverage of using stack cookies > on MIPS and RISCV even if the simulator environment gives not-very-strong > cookie values. Right. There's a difference between removing random stack cookies and removing stack cookies entirely; I agree some benefit remains for development. Best, Conrad _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
