Seems legit.
The strange thing about how they are emulating ASR direct from inside
the program is there's no attempt at reducing fragmentation. Without
such attempts, process teardown is very expensive as the kernel's
address space tracking datastructures have become very complicated.
That's why it is better to have the kernel do ASR. It can provide random
addresses, which are still organized to keep the address space tracking
a bit more dense.
Still, I'm astounded. I haven't seen any other program trying to do this,
and I doubt even mozilla has sufficient braintrust to review the impact
of this decision on all the platforms they run. Just weird.
k...@intricatesoftware.com wrote:
> Similar to devel/spidermonkey60 change. Allow OpenBSD's mmap to
> handle ASLR by using NULL as hint to mmap.
>
> Built and lightly tested on amd64 (although not exactly sure
> how to ensure java script is executed in thunderbird).
>
> okay?
>
> Did I miss any copies of mozilla java script in other ports?
>
> Index: mail/mozilla-thunderbird/Makefile
> ===================================================================
> RCS file: /cvs/ports/mail/mozilla-thunderbird/Makefile,v
> retrieving revision 1.296
> diff -u -p -u -r1.296 Makefile
> --- mail/mozilla-thunderbird/Makefile 22 Sep 2019 17:19:07 -0000 1.296
> +++ mail/mozilla-thunderbird/Makefile 30 Sep 2019 18:21:54 -0000
> @@ -10,6 +10,7 @@ MOZILLA_VERSION = 68.1.0
> MOZILLA_BRANCH = release
> MOZILLA_PROJECT = thunderbird
> MOZILLA_CODENAME = comm/mail
> +REVISION = 0
> EXTRACT_SUFX = .tar.xz
>
> MULTI_PACKAGES = -main -lightning
> Index:
> mail/mozilla-thunderbird/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> ===================================================================
> RCS file:
> mail/mozilla-thunderbird/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> diff -N
> mail/mozilla-thunderbird/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++
> mail/mozilla-thunderbird/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> 30 Sep 2019 18:21:54 -0000
> @@ -0,0 +1,26 @@
> +$OpenBSD$
> +
> +Index: js/src/jit/ProcessExecutableMemory.cpp
> +--- js/src/jit/ProcessExecutableMemory.cpp.orig
> ++++ js/src/jit/ProcessExecutableMemory.cpp
> +@@ -318,6 +318,12 @@ static void DecommitPages(void* addr, size_t bytes) {
> + }
> + #else // !XP_WIN
> + static void* ComputeRandomAllocationAddress() {
> ++#ifdef __OpenBSD__
> ++ // OpenBSD already has random mmap and the idea that all x64 cpus
> ++ // have 48-bit address space is not correct. Returning nullptr
> ++ // allows OpenBSD do to the right thing.
> ++ return nullptr;
> ++#else
> + uint64_t rand = js::GenerateRandomSeed();
> +
> + # ifdef HAVE_64BIT_BUILD
> +@@ -337,6 +343,7 @@ static void* ComputeRandomAllocationAddress() {
> + // Ensure page alignment.
> + uintptr_t mask = ~uintptr_t(gc::SystemPageSize() - 1);
> + return (void*)uintptr_t(rand & mask);
> ++#endif
> + }
> +
> + static void* ReserveProcessExecutableMemory(size_t bytes) {
> Index:
> mail/mozilla-thunderbird/patches/patch-mozilla_js_src_jit_ProcessExecutableMemory_h
> ===================================================================
> RCS file:
> /cvs/ports/mail/mozilla-thunderbird/patches/patch-mozilla_js_src_jit_ProcessExecutableMemory_h,v
> retrieving revision 1.5
> diff -u -p -u -r1.5 patch-mozilla_js_src_jit_ProcessExecutableMemory_h
> ---
> mail/mozilla-thunderbird/patches/patch-mozilla_js_src_jit_ProcessExecutableMemory_h
> 13 Sep 2019 15:05:17 -0000 1.5
> +++
> mail/mozilla-thunderbird/patches/patch-mozilla_js_src_jit_ProcessExecutableMemory_h
> 30 Sep 2019 18:21:54 -0000
> @@ -11,4 +11,4 @@ Index: js/src/jit/ProcessExecutableMemor
> +#if JS_BITS_PER_WORD == 32 || defined (__OpenBSD__)
> static const size_t MaxCodeBytesPerProcess = 140 * 1024 * 1024;
> #else
> - static const size_t MaxCodeBytesPerProcess = 1 * 1024 * 1024 * 1024;
> + // This is the largest number which satisfies various alignment static
> Index:
> mail/mozilla-thunderbird/patches/patch-mozilla_security_manager_pki_resources_content_exceptionDialog_js
> ===================================================================
> RCS file:
> /cvs/ports/mail/mozilla-thunderbird/patches/patch-mozilla_security_manager_pki_resources_content_exceptionDialog_js,v
> retrieving revision 1.9
> diff -u -p -u -r1.9
> patch-mozilla_security_manager_pki_resources_content_exceptionDialog_js
> ---
> mail/mozilla-thunderbird/patches/patch-mozilla_security_manager_pki_resources_content_exceptionDialog_js
> 13 Sep 2019 15:05:17 -0000 1.9
> +++
> mail/mozilla-thunderbird/patches/patch-mozilla_security_manager_pki_resources_content_exceptionDialog_js
> 30 Sep 2019 18:21:54 -0000
> @@ -3,7 +3,7 @@ $OpenBSD: patch-mozilla_security_manager
> Index: security/manager/pki/resources/content/exceptionDialog.js
> --- security/manager/pki/resources/content/exceptionDialog.js.orig
> +++ security/manager/pki/resources/content/exceptionDialog.js
> -@@ -241,6 +241,7 @@ function updateCertStatus() {
> +@@ -248,6 +248,7 @@ function updateCertStatus() {
>
> // In these cases, we do want to enable the "Add Exception" button
> gDialog.getButton("extra1").disabled = false;
> Index:
> mail/mozilla-thunderbird/patches/patch-mozilla_storage_mozStorageConnection_cpp
> ===================================================================
> RCS file:
> /cvs/ports/mail/mozilla-thunderbird/patches/patch-mozilla_storage_mozStorageConnection_cpp,v
> retrieving revision 1.5
> diff -u -p -u -r1.5 patch-mozilla_storage_mozStorageConnection_cpp
> ---
> mail/mozilla-thunderbird/patches/patch-mozilla_storage_mozStorageConnection_cpp
> 13 Sep 2019 15:05:17 -0000 1.5
> +++
> mail/mozilla-thunderbird/patches/patch-mozilla_storage_mozStorageConnection_cpp
> 30 Sep 2019 18:21:54 -0000
> @@ -3,7 +3,7 @@ $OpenBSD: patch-mozilla_storage_mozStora
> Index: storage/mozStorageConnection.cpp
> --- storage/mozStorageConnection.cpp.orig
> +++ storage/mozStorageConnection.cpp
> -@@ -775,6 +775,13 @@ nsresult Connection::initializeInternal() {
> +@@ -782,6 +782,13 @@ nsresult Connection::initializeInternal() {
> return convertResultCode(srv);
> }
>
> Index: www/mozilla-firefox/Makefile
> ===================================================================
> RCS file: /cvs/ports/www/mozilla-firefox/Makefile,v
> retrieving revision 1.395
> diff -u -p -u -r1.395 Makefile
> --- www/mozilla-firefox/Makefile 22 Sep 2019 17:19:06 -0000 1.395
> +++ www/mozilla-firefox/Makefile 30 Sep 2019 18:21:54 -0000
> @@ -9,6 +9,7 @@ MOZILLA_VERSION = 69.0.1
> MOZILLA_BRANCH = release
> MOZILLA_PROJECT = firefox
> MOZILLA_CODENAME = browser
> +REVISION = 0
>
> WRKDIST = ${WRKDIR}/${MOZILLA_DIST}-${MOZILLA_DIST_VERSION:C/b[0-9]*//}
> HOMEPAGE = https://www.mozilla.org/firefox/
> Index:
> www/mozilla-firefox/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> ===================================================================
> RCS file:
> www/mozilla-firefox/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> diff -N
> www/mozilla-firefox/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ www/mozilla-firefox/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> 30 Sep 2019 18:21:54 -0000
> @@ -0,0 +1,26 @@
> +$OpenBSD$
> +
> +Index: js/src/jit/ProcessExecutableMemory.cpp
> +--- js/src/jit/ProcessExecutableMemory.cpp.orig
> ++++ js/src/jit/ProcessExecutableMemory.cpp
> +@@ -318,6 +318,12 @@ static void DecommitPages(void* addr, size_t bytes) {
> + }
> + #else // !XP_WIN
> + static void* ComputeRandomAllocationAddress() {
> ++#ifdef __OpenBSD__
> ++ // OpenBSD already has random mmap and the idea that all x64 cpus
> ++ // have 48-bit address space is not correct. Returning nullptr
> ++ // allows OpenBSD do to the right thing.
> ++ return nullptr;
> ++#else
> + uint64_t rand = js::GenerateRandomSeed();
> +
> + # ifdef HAVE_64BIT_BUILD
> +@@ -337,6 +343,7 @@ static void* ComputeRandomAllocationAddress() {
> + // Ensure page alignment.
> + uintptr_t mask = ~uintptr_t(gc::SystemPageSize() - 1);
> + return (void*)uintptr_t(rand & mask);
> ++#endif
> + }
> +
> + static void* ReserveProcessExecutableMemory(size_t bytes) {
> Index: www/firefox-esr/Makefile
> ===================================================================
> RCS file: /cvs/ports/www/firefox-esr/Makefile,v
> retrieving revision 1.106
> diff -u -p -r1.106 Makefile
> --- www/firefox-esr/Makefile 22 Sep 2019 17:19:06 -0000 1.106
> +++ www/firefox-esr/Makefile 1 Oct 2019 12:31:10 -0000
> @@ -7,7 +7,7 @@ MOZILLA_VERSION = 68.1.0esr
> MOZILLA_BRANCH = release
> MOZILLA_PROJECT = firefox
> MOZILLA_CODENAME = browser
> -REVISION = 1
> +REVISION = 2
>
> WRKDIST = ${WRKDIR}/${MOZILLA_DIST}-${MOZILLA_DIST_VERSION:C/esr//}
> HOMEPAGE = https://www.mozilla.org/firefox/organizations/
> Index: www/firefox-esr/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> ===================================================================
> RCS file: www/firefox-esr/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> diff -N www/firefox-esr/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ www/firefox-esr/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
> 1 Oct 2019 12:31:10 -0000
> @@ -0,0 +1,26 @@
> +$OpenBSD$
> +
> +Index: js/src/jit/ProcessExecutableMemory.cpp
> +--- js/src/jit/ProcessExecutableMemory.cpp.orig
> ++++ js/src/jit/ProcessExecutableMemory.cpp
> +@@ -318,6 +318,12 @@ static void DecommitPages(void* addr, size_t bytes) {
> + }
> + #else // !XP_WIN
> + static void* ComputeRandomAllocationAddress() {
> ++#ifdef __OpenBSD__
> ++ // OpenBSD already has random mmap and the idea that all x64 cpus
> ++ // have 48-bit address space is not correct. Returning nullptr
> ++ // allows OpenBSD do to the right thing.
> ++ return nullptr;
> ++#else
> + uint64_t rand = js::GenerateRandomSeed();
> +
> + # ifdef HAVE_64BIT_BUILD
> +@@ -337,6 +343,7 @@ static void* ComputeRandomAllocationAddress() {
> + // Ensure page alignment.
> + uintptr_t mask = ~uintptr_t(gc::SystemPageSize() - 1);
> + return (void*)uintptr_t(rand & mask);
> ++#endif
> + }
> +
> + static void* ReserveProcessExecutableMemory(size_t bytes) {
> Index: www/firefox-esr/patches/patch-old-configure
> ===================================================================
> RCS file: /cvs/ports/www/firefox-esr/patches/patch-old-configure,v
> retrieving revision 1.1
> diff -u -p -r1.1 patch-old-configure
> --- www/firefox-esr/patches/patch-old-configure 6 Sep 2019 17:13:22
> -0000 1.1
> +++ www/firefox-esr/patches/patch-old-configure 1 Oct 2019 12:31:10
> -0000
> @@ -5,7 +5,7 @@ https://bugzilla.mozilla.org/show_bug.cg
> Index: old-configure
> --- old-configure.orig
> +++ old-configure
> -@@ -10113,7 +10113,7 @@ fi
> +@@ -10191,7 +10191,7 @@ fi
>
>
> case "$OS_TARGET" in
>
