Annotation of wikisrc/users/maya.mdwn, revision 1.7
1.7 ! maya 1: # NetBSD-8 release notes items #
! 2:
! 3: Below list needs to be expanded about ARM, MPSAFE networking changes.
! 4: Then expanded to be readable by an average technically inclined person.
! 5: Then reordered for most cool things on top.
! 6:
! 7: * W^X memory protection enforced by default on architectures with fine-grained memory protection
! 8: * ASLR in some archs, MKPIE default for userland
! 9: XXX list of archs
! 10: * SSP/FORTIFY default for userland and packages.
! 11: XXX is SSP / MKPIE new to userland?
! 12: * In-kernel audio mixer
! 13:
! 14: * USB system rework. added USB3 support.
! 15:
! 16: The following networking components and drivers have been made MPSAFE:
! 17: XXX long list, TODO.smpnet is a start
! 18:
! 19:
! 20: * Reproducible build (link to blog)
! 21: * Dynamic tracing (DTrace) for kernel code (link to guide/intro)
! 22:
! 23:
! 24: amd64, i386:
! 25:
! 26: * Meltdown fixes
! 27: * SMEP
! 28: * SMAP
! 29: * amd64 kernel W^X
! 30: * EFI bootloader
! 31:
! 32: xen:
! 33:
! 34: * kernel modules support
! 35:
! 36: ARM:
! 37:
! 38: * awin, FDT
! 39: XXX elaborate
! 40:
! 41:
! 42: * TC-USB, TurboChannel USB support for ...
! 43: * mntva, driver for mntmn's VA2000 amiga graphics card
! 44:
! 45: * bta2dpd - new Bluetooth Advanced Audio Distribution Profile daemon
! 46: * iwm(4), a driver for Intel Wireless devices (AC7260, AC7265, AC3160...)
! 47: * nvme(4), a driver for NVMe hardware, ported from OpenBSD
! 48: * nouveau, an open source driver for modern nVidia graphics, ported from linux, available by default.
! 49: (this is at the bottom because we mentioned it in 7.1 too)
! 50:
! 51:
1.1 maya 52: # Tips for using analyzers on NetBSD #
53:
54: ## Address Sanitizer (+UBsan) (preliminary) ##
55:
1.3 maya 56: ASan reports memory violations, and detects many off-by-ones. It seems to produce very high quality reports.
1.1 maya 57:
1.3 maya 58: It only needs to be compiled on the resulting binary[1]. It cannot compile static objects so requires some fiddling with makefiles to disable those.
1.1 maya 59:
60: I've been running it on netbsd tests in the following manner[2]:
61:
62: cd /usr/src/tests/lib/libc
63: env USETOOLS=never MK_SSP=no HAVE_SSP=no CFLAGS="-fno-omit-frame-pointer -O0 -g -ggdb -U_FORTIFY_SOURCE -fsanitize=address -fsanitize=undefined" LDFLAGS="-lasan -lubsan" make -j20
64:
1.3 maya 65: env ASAN_OPTIONS=alloc_dealloc_mismatch=0 LD_PRELOAD="/usr/lib/libasan.so /usr/lib/libubsan.so" atf-run # [3]
1.1 maya 66:
1.3 maya 67: sysctl -w security.pax.aslr.enabled=0 # [4]
1.2 maya 68:
1.1 maya 69: 1. Seems like this is a cause of worse reports, as in-library functions
70: are not intercepted.
71:
72: 2. Not even close to canonical commands, should probably be improved.
73:
1.7 ! maya 74: 3. To workaround "Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly". An alternative is to LD_PRELOAD and LD_LIBRARY_PATH an entirely separate libc, ld.elf_so, etc.
1.3 maya 75:
1.7 ! maya 76: 4. ASan can be wrong about which function is faulting, if we're talking about functions internal to the library. Running it on a separate file or in GDB can be helpful. Worth trying if the failure doesn't make sense.
1.1 maya 77:
1.6 maya 78: **Important note: ASan should not be run on production systems. [It can pose a security risk](http://www.openwall.com/lists/oss-security/2016/02/17/9).**
1.1 maya 79:
80: ## Coverity ##
81:
82: Coverity is a static analyzer.
83:
84: You can see a part of its output in coverity-updates@, and a lot more
85: if you go to the website (sign up with your netbsd email or poke someone
86: for access).
87:
88: A lot of the reports are about strncpy/strcpy or in code that belongs
89: to GCC (in the case of userland), you can tackle this by limiting
90: results to a particular directory (click the folder icon). You can
91: also sort by issue.
92:
93: Some suggestions for things to focus on, as there are many defects
94: reported:
1.4 maya 95:
1.1 maya 96: - Setuid programs
97: - Anything kernel
98: - Stuff that runs as root
99: - Library or other code you know well already
100: - Drivers for hardware you actually own and can test
101:
1.5 maya 102: ## Future ideas: ##
1.1 maya 103:
1.2 maya 104: - GCC could be told to add ASan flags for all shared objects, making it easier to build world with those flags
1.1 maya 105: - We could run all of NetBSD with ASan for some real world tests.
1.2 maya 106: - ASan for kernel? (subr_kmem.c has some flags which do some of the work, could it do more?)
1.1 maya 107: - Fuzzers are cool.
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb