Introduction
<Intro paragraph>
Status
last edited 2022-05-04 14:44 BST (UTC+1)
- results of building ports-mgmt/pkg against various mitigations in make.conf
- correct as of FreeBSD 14.0-CURRENT #2 main-n255058-fa8a6585c75: Tue Apr 26 21:04:18 BST 2022 arm64 nodebug
- ports as of Wed May 4 00:18:21 2022 +0000 n582590
SSP_CFLAGS |
USE_EXTRA_QA |
USE_GREAT_QA |
USE_HARDENING |
RELRO_FULL |
USE_FORTIFY |
USE_LTO |
USE_CFI |
USE_CFI_X_DSO |
USE_SAFESTACK |
USE_PIE |
USE_ASAN |
|
|
|
|
|
|
|
|
|
Things
Link Time Optimization
- Build time: over 7 mins to build in comparison with about one and a half minutes without
See Also: KubilayKocak/Ports/LinkTimeOptimization
Control Flow Integrity
[00:00:32] Build C compiler...cc [00:00:33] Checking for stdlib.h...ok [00:00:33] Warning: Failed to find llvm-ranlib, falling back to ranlib which may be incorrect [00:00:33] Warning: Failed to find /usr/local/bin/strip, falling back to strip which may be incorrect [00:00:33] Checking for git...no [00:00:33] Checking for archive_read_open...not found [00:00:33] Error: Unable to find libarchive
Address Sanitizer
[00:00:39] Build C compiler...cc [00:00:39] Checking for stdlib.h...ok [00:00:39] Warning: Failed to find llvm-ranlib, falling back to ranlib which may be incorrect [00:00:39] Warning: Failed to find /usr/local/bin/strip, falling back to strip which may be incorrect [00:00:39] Checking for git...no [00:00:39] Checking for archive_read_open...not found [00:00:39] Error: Unable to find libarchive
TODO
- FAMP stack
- FNMP stack
- FASP stack
- FNSP stack
- ssh jumphost