StackGhost Support Implemented for sparc64

Contributed by jolan on 2005-03-30 from the foil-stack-smashers-for-fun-and-profit dept.

Thanks to the many submitters who pointed out that Theo and Mark Kettenis have integrated StackGhost support for the sparc64 platform. StackGhost was fully enabled for sparc in May 2004 when Mark Kettenis finished the gdb support and now sparc64 also gets to enjoy this very cheap protection mechanism.

Theo's mail to misc@

StackGhost: Hardware Facilitated Stack Protection 2001 USENIX proceedings paper

StackGhost homepage at CERIAS

(Comments are closed)

Comments

By Anonymous Coward (66.252.43.53) on 2005-03-30 15:08

Anyone know of any exploits that would have worked if not for stackghost or other protections on OpenBSD?
By baldusi (24.232.80.40) on 2005-03-30 15:44

So it's going to appear integrated in 3.8, right?
Comments
1. By Brad (204.101.180.70) brad at comstyle dot com on 2005-03-30 16:26
  
  Yes, StackGhost for sparc64 will be integrated into the 3.8 release.
By Marc Gayles (168.12.253.66) mgayles@pobox-ready.com on 2005-03-30 17:57

Most sparc64 systems are SMP. When will we have sparc64 SMP? Can I donate explicitly for that purpouse?
Comments
1. By tedu (69.227.45.201) on 2005-03-31 07:05
  
  only if you know a developer who wants to work on it now. i don't know any.
  Comments
  1. By Miod Vallat (80.65.224.82) miod@ on 2005-04-01 00:02
    
    Actually, I have started to work on this some time ago now that I have a dual-proc U2, but I keep being distracted by other useless things (as well as real life issues, does someone want to hire me?), so don't hold your breath.
    jason@ also said he would be interested in working on this, if he had time... which, as you may know, is a very scarce resource among free software developers, unfortunately.
2. By Brad (204.101.180.70) brad at comstyle dot com on 2005-03-31 22:20
  
  Assuming most sparc64 systems have more than one processor is wrong.
By Anonymous Coward (203.10.110.133) on 2005-03-31 05:05

From what I've read, it seems sparc64 provides the most added security features in hardware and combined with OpenBSD's support of them and the added proactive security mechanisms in software, is sparc64 the best arch for exposed hosts running OpenBSD?
Or does AMD64 come neck and neck or best sparc64?
I like the fact that sparc64 won't execute all the x86 shellcode out there even if the hackers could get past OpenBSD's defenses. For my home servers, I would like 3 small embedded style sparc64's for firewall, web server and mail server. Anyone know of some cheap embedded systems based on the sparc64? I've found some SBC's but it seems they are expensive. Something like Soekris gear but not $10k US!
I might just go with some Sun Ultra 5's, but I would like to minimise power if these are to be left on 24/7.
Thanks.
Comments
1. By Anonymous Coward (12.33.122.68) on 2005-03-31 15:53
  
  look at the 1u netra machines. they are reasonably low-power
  Comments
  1. By Anonymous Coward (203.10.110.133) on 2005-03-31 21:07
    
    look at the 1u netra machines. they are reasonably low-power
    Okay, thank you.
By Chris (199.250.8.220) on 2005-03-31 15:29

Is there a sparc64 snapshot available with StackGhost yet?

Latest Articles

Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (12)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (2)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)
Fri, Mar 08
- 06:46 OpenBGPD 8.4 released (0)
Mon, Mar 04
- 06:32 rpki-client 9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]