| Age | Commit message (Collapse) | Author |
|---|
|
section when linking, as we do when using ld from binutils.
ok mortimer@ deraadt@
|
|
profiler(gprof) work properly.
ok mpi
|
|
random cookies to protect access to function return instructions, with the
effect that the integrity of the return address is protected, and function
return instructions are harder to use in ROP gadgets.
On function entry the return address is combined with a per-function random
cookie and stored in the stack frame. The integrity of this value is verified
before function return, and if this check fails, the program aborts. In this way
RETGUARD is an improved stack protector, since the cookies are per-function. The
verification routine is constructed such that the binary space immediately
before each ret instruction is padded with int03 instructions, which makes these
return instructions difficult to use in ROP gadgets. In the kernel, this has the
effect of removing approximately 50% of total ROP gadgets, and 15% of unique
ROP gadgets compared to the 6.3 release kernel. Function epilogues are
essentially gadget free, leaving only the polymorphic gadgets that result from
jumping into the instruction stream partway through other instructions. Work to
remove these gadgets will continue through other mechanisms.
Remaining work includes adding this mechanism to assembly routines, which must
be done by hand. Many thanks to all those who helped test and provide feedback,
especially deaadt, tb, espie and naddy.
ok deraadt@
|
|
ok hackroom@
|
|
|
|
linker script makes ld.lld(1) crash. This has been fixed in a different
(proper?) way upstream but backporting their fix is a bit too invasive.
ok patrick@
|
|
the "soft" floating-point ABI but this does allow the compiler to generate
FPU instructions.
ok deraadt@
|
|
|
|
was used to compile and object
ok kettenis@
|
|
|
|
|
|
|
|
"where is the kaboom?" deraadt@
|
|
development effort on OpenBSD/arm64.
|
|
|
|
ok hackroom@
|
|
present in lld 5.0.1 removed (--build-id=fast, -z muldefs,
-z retpolineplt). This includes a bunch of mdoc changes suggested
by schwarze@ that were recently committed upstream.
ok jmc@ schwarze@ kettenis@ deraadt@
|
|
suggested by jmc@ ok patrick@
|
|
ok hackroom@
|
|
the generation of gap.o.
ok patrick@
|
|
|
|
more closer to GNU linkers. This should help with autoconf/libtool
compatibility in ports.
Requested by Brad
"no objection" kettenis@
|
|
|
|
|
|
|
|
ok kettenis@ deraadt@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ok hackroom@
|
|
ok florian@
|
|
optimizing code around an lgamma(3) call a bit too much. Fixes the
lib/libm/lgamma regress test.
ok patrick@, millert@
|
|
ok hackroom@
|
|
While these warnings have the potential to be useful, there are too manu
false positives right now.
ok deraadt@
|
|
they can perform strange transforms and optimizations. Some of those could
gain a slight advantage, but would avoid the variety of important runtime
checks our malloc(3) code does. In essence, the transforms performed are
considered "anti-mitigation".
ok kettenis robert, discussions with others
|
|
ok deraadt@
|
|
warning
ok kettenis@, deraadt@
|
|
ok hackroom@
|
|
as defined. This is done to prevent dangerous optimisations which could
remove security critical overflow checks.
Base gcc has -fno-strict-overflow by default, with clang this is
identical to -fwrapv.
Prompted by naddy@ discovering a hang with a clang compiled i386 kernel
that was resolved with -fwrapv.
ok kettenis@ pascal@
|
|
scripting.
(got it into upstream, it's just a backport)
okay kettenis@, patrick@
|
|
ok hackroom@
|
|
runtime support code libcompiler_rt for this. This code uses functions that
live in libpthread, so code that uses TLS support will need to be linked
with -lpthread. This should allow more ports to build with base clang.
ok espie@
|
|
Requested by deraadt@
|
|
libtool generated configure scripts expect. Otherwise they might assume
shared libraries aren't supported.
From lld svn revisions 298568 and 298571.
Discussed with kettenis@
|
|
problems with configure scripts generated with libtool.m4 that would
otherwise have to be regenerated with a patched libtool.
Among other things this fixes the build of Mesa on arm64 with lld.
From lld svn revision 298532. ok kettenis@
|
|
versioned and end up as local symbols despite being explicitly listed as
global in the version script. This breaks out brk()/sbrk() implementation.
The diff is only a partial solution and unlikely to be accepted as-is
upstream. We'll keep it as a local diff until a better solution is found.
ok guenther@
|
|
|
