diff options
| author | Patrick Wildt <patrick@cvs.openbsd.org> | 2017-06-04 14:10:43 +0000 |
|---|---|---|
| committer | Patrick Wildt <patrick@cvs.openbsd.org> | 2017-06-04 14:10:43 +0000 |
| commit | bed5520b881648263221e601b3a2060f6664ef99 (patch) | |
| tree | 4529a8dc0fa9634db4d9995838e0a1d315a24411 /sys/arch/arm64/conf | |
| parent | decd1e7d7a9087db7bbfcf59213cc80dc4a3266c (diff) | |
Split early startup code out of locore.S into locore0.S. Adjust link
run so that this locore0.o is always at the start of the executable.
But randomize the link order of all other .o files in the kernel, so
that their exec/rodata/data/bss segments land all over the place.
Late during kernel boot, unmap the early startup code.
As a result, the internal layout of every newly build bsd kernel is
different from past kernels. Internal relative offsets are not known
to an outside attacker. The only known offsets are in the startup code,
which has been unmapped.
Ramdisk kernels cannot be compiled like this, because they are gzip'd.
When the internal pointer references change, the compression dictionary
bloats and results in poorer compression.
With guidance and ok deraadt@
Diffstat (limited to 'sys/arch/arm64/conf')
| -rw-r--r-- | sys/arch/arm64/conf/Makefile.arm64 | 25 | ||||
| -rw-r--r-- | sys/arch/arm64/conf/files.arm64 | 3 |
2 files changed, 21 insertions, 7 deletions
diff --git a/sys/arch/arm64/conf/Makefile.arm64 b/sys/arch/arm64/conf/Makefile.arm64 index ae0251b0b54..233e3956cf9 100644 --- a/sys/arch/arm64/conf/Makefile.arm64 +++ b/sys/arch/arm64/conf/Makefile.arm64 @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.arm64,v 1.6 2017/06/03 22:21:33 deraadt Exp $ +# $OpenBSD: Makefile.arm64,v 1.7 2017/06/04 14:10:42 patrick Exp $ # For instructions on building kernels consult the config(8) and options(4) # manual pages. @@ -32,9 +32,13 @@ CMACHFLAGS= -march=armv8-a+nofp+nosimd \ -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer \ -ffixed-x18 CMACHFLAGS+= -ffreestanding ${NOPIE_FLAGS} +SORTR= sort -R .if ${IDENT:M-DNO_PROPOLICE} CMACHFLAGS+= -fno-stack-protector .endif +.if ${IDENT:M-DSMALL_KERNEL} +SORTR= cat +.endif DEBUG?= -g COPTS?= -O2 @@ -68,8 +72,8 @@ NORMAL_S= ${CC} ${AFLAGS} ${CPPFLAGS} -c $< # ${SYSTEM_LD_HEAD} # ${SYSTEM_LD} swapxxx.o # ${SYSTEM_LD_TAIL} -SYSTEM_HEAD= locore.o param.o ioconf.o -SYSTEM_OBJ= ${SYSTEM_HEAD} ${OBJS} +SYSTEM_HEAD= locore0.o gap.o +SYSTEM_OBJ= ${SYSTEM_HEAD} ${OBJS} param.o ioconf.o SYSTEM_DEP= Makefile ${SYSTEM_OBJ} SYSTEM_LD_HEAD= @rm -f $@ SYSTEM_LD_HEAD+=; \ @@ -78,7 +82,8 @@ SYSTEM_LD_HEAD+=; \ -e 's/@KERNEL_BASE_VIRT@/${KERNEL_BASE_VIRT}/' > ldscript SYSTEM_LD= @echo ${LD} ${LINKFLAGS} -o $@ '$${SYSTEM_HEAD} vers.o $${OBJS}'; \ umask 007; \ - ${LD} ${LINKFLAGS} -o $@ ${SYSTEM_HEAD} vers.o ${OBJS} + echo ${OBJS} param.o ioconf.o vers.o | tr " " "\n" | ${SORTR} > lorder; \ + ${LD} ${LINKFLAGS} -o $@ ${SYSTEM_HEAD} `cat lorder` SYSTEM_LD_TAIL= @${SIZE} $@ .if ${DEBUG} == "-g" @@ -122,8 +127,15 @@ vers.o: ${SYSTEM_DEP} ${SYSTEM_SWAP_DEP} sh $S/conf/newvers.sh ${CC} ${CFLAGS} ${CPPFLAGS} ${PROF} -c vers.c +gap.S: ${SYSTEM_SWAP_DEP} Makefile + umask 077; sh $S/conf/makegap.sh 0xd4 > gap.S + +gap.o: gap.S + umask 077; ${CC} ${AFLAGS} ${CPPFLAGS} ${PROF} -c gap.S + clean: - rm -f *bsd *bsd.gdb *.[dio] [a-z]*.s assym.* ${DB_STRUCTINFO} param.c + rm -f *bsd *bsd.gdb *.[dio] [a-z]*.s assym.* ${DB_STRUCTINFO} \ + gap.S lorder param.c cleandir: clean rm -f Makefile *.h ioconf.c options machine ${_mach} vers.c @@ -135,9 +147,10 @@ db_structinfo.h: $S/ddb/db_structinfo.c $S/ddb/parse_structinfo.pl objdump -g db_structinfo.o | perl $S/ddb/parse_structinfo.pl > $@ rm -f db_structinfo.o -locore.o: ${_archdir}/${_arch}/locore.S assym.h +locore0.o: ${_archdir}/${_arch}/locore0.S assym.h in_cksum_arm.o fiq_subr.o bcopyinout.o copystr.o sigcode.o copy.o: assym.h vectors.o cpuswitch.o exception.o bcopy_page.o irq_dispatch.o support.o: assym.h +locore.o: assym.h # The install target can be redefined by putting a # install-kernel-${MACHINE_NAME} target into /etc/mk.conf diff --git a/sys/arch/arm64/conf/files.arm64 b/sys/arch/arm64/conf/files.arm64 index 8dae608f001..00a6bac4f73 100644 --- a/sys/arch/arm64/conf/files.arm64 +++ b/sys/arch/arm64/conf/files.arm64 @@ -1,4 +1,4 @@ -# $OpenBSD: files.arm64,v 1.14 2017/04/30 14:00:06 kettenis Exp $ +# $OpenBSD: files.arm64,v 1.15 2017/06/04 14:10:42 patrick Exp $ maxpartitions 16 maxusers 2 8 64 @@ -14,6 +14,7 @@ file arch/arm64/arm64/copystr.S file arch/arm64/arm64/cpuswitch.S file arch/arm64/arm64/conf.c file arch/arm64/arm64/disksubr.c +file arch/arm64/arm64/locore.S file arch/arm64/arm64/machdep.c file arch/arm64/arm64/mem.c file arch/arm64/arm64/pmap.c |