| Age | Commit message (Collapse) | Author |
|---|
|
and not the file it points to. OK deraadt@ tb@
|
|
ok deraadt@
|
|
|
|
Prompted by deraadt
|
|
will be installed as /usr/bin/ld.bfd on supported systems. This allows
users to fall back on the old linker by using the -fuse-ld=bfd option on
systems where lld is the default linker.
Switch armv7 to use lld as the default linker. On arm64 we already use lld
as the default linker. Other platforms will keep using the GNU linker for
now.
ok patrick@, deraadt@, phessler@
|
|
ok benno@ jca@
|
|
strings, add a couple of braces, ansify a few functions, add and remove
a few extra parens.
ok jcs
|
|
|
|
|
|
ok mlarkin@ deraadt@ mpi@ kettenis@
|
|
the PPL on top, store it where trapframe puts the trap number. This
makes interrupt handlers get called with the correct stack alignment.
Also, document the use of if_err to differentiate resumed/recursed
interrupts from 'real' ones.
tested in snaps
ok deraadt@
|
|
Addresses CVE-2018-12015
From Silamael <silamael () coronamundi ! de>
Original bug reports:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
https://rt.cpan.org/Public/Bug/Display.html?id=125523
Original commit with the fix:
https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5
OK bluhm@, they should already be committed! deraadt@
|
|
random cookies to protect access to function return instructions, with the
effect that the integrity of the return address is protected, and function
return instructions are harder to use in ROP gadgets.
On function entry the return address is combined with a per-function random
cookie and stored in the stack frame. The integrity of this value is verified
before function return, and if this check fails, the program aborts. In this way
RETGUARD is an improved stack protector, since the cookies are per-function. The
verification routine is constructed such that the binary space immediately
before each ret instruction is padded with int03 instructions, which makes these
return instructions difficult to use in ROP gadgets. In the kernel, this has the
effect of removing approximately 50% of total ROP gadgets, and 15% of unique
ROP gadgets compared to the 6.3 release kernel. Function epilogues are
essentially gadget free, leaving only the polymorphic gadgets that result from
jumping into the instruction stream partway through other instructions. Work to
remove these gadgets will continue through other mechanisms.
Remaining work includes adding this mechanism to assembly routines, which must
be done by hand. Many thanks to all those who helped test and provide feedback,
especially deaadt, tb, espie and naddy.
ok deraadt@
|
|
From Sebastien Marie
|
|
layout. Simplify how we identify which frames have trapframes while here.
ok kettenis@
|
|
friendly instructions with safe alternatives. This initial commit fixes
3 instruction forms that will lower to include a c3 (return) byte.
Additional problematic instructions can be fixed incrementally using
this framework.
ok deraadt@
|
|
don't barf on binaries created by ld.lld(1). From FreeBSD.
ok millert@, deraadt@, guenther@
|
|
|
|
|
|
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in
Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and
Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in
S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and
Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
|
and probably firefox on amd64/i386.
ok patrick@
|
|
|
|
Noticed by sthen@
|
|
Noticed by sthen@
|
|
when compiling with LLVM 6.0.0. This is a good enough temporary fix.
"where's the kaboom?" deraadt@
|
|
|
|
pointers. Since binutils 2.17 is compiled with -Werror, this breaks the
build. Change the function to return -1 as suggested by the comment in
said function.
ok kettenis@
|
|
present in lld 5.0.1 removed (--build-id=fast, -z muldefs,
-z retpolineplt). This includes a bunch of mdoc changes suggested
by schwarze@ that were recently committed upstream.
ok jmc@ schwarze@ kettenis@ deraadt@
|
|
actual error if "install" was done parallelly.
ok espie todd andrew1, input andrew1
|
|
state.
ok patrick@
|
|
|
|
This allows linking code compiled by clang with the gcc compiler driver
and makes sure we always use the softfloat implementation in libc. The
libc softfloat implementation is preferred over the one in libgcc as it
implements rounding modes and floating point exceptions.
ok patrick@
|
|
Requested by Brad
Tested by me on amd64
Tested by bluhm on i386
Tested by kettenis on arm64, armv7 and sparc64
|
|
Makes gas work when compiled with clang.
ok patrick@, millert@
|
|
Fixes issues with cross-device moves, noticed with autoconf
|
|
Reporting OpenBSD bugs to GNU makes no sense...
|
|
ok millert@
|
|
While it is not clear (to me) why that ports ends up with corrupted
shared libs, reverting those changes fixes the issue and should allow us
to close p2k17 more smoothly.
Discussed with a bunch, ok ajacoutot@ guenther@
|
|
We don't link libc into shared-libraries by default to avoid binding libraries
to specific libc majors, so those options have always suffered false positives
for us, but with the move of functions from libpthread to libc the problem has
gotten even worse. A version-agnostic binding to libc would solve this better
but it's on back-order behind the pony I requested.
tweak and ok deraadt@
|
|
ok bluhm@
|
|
OK bluhm@
|
|
ok bluhm@
|
|
ok bluhm@
|
|
ok guenther@
|
|
assignment and isn't used by clang/lld.
ok jsg@
|
|
sparc64 where it doesn't use the integrated assembler (yet).
ok mpi@, patrick@, guenther@
|
|
m88k-specific dynamic tags
ok deraadt@ jsg@
|
|
ok patrick@
|
|
|
|
During subsequent Perl updates, all the documentation changes etc.
got carried along, but the actual code change was deleted
in Rev. 1.3 and never restored. Restore it now.
Bug found by bentley@; OK afresh1@ bentley@.
|
