Age | Commit message (Collapse) | Author |
|
from Jan Schreiber, ok deraadt@
|
|
https://rt.perl.org/Ticket/Display.html?id=126862
|
|
|
|
ok deraadt@
|
|
|
|
Similar to changes made in FreeBSD.
ok kettenis@
|
|
Help with testing and ok kettenis@
|
|
emit a "sync" instruction.
ok visa@
|
|
|
|
Required for building gcc 4.9
ok jsg@
|
|
In some cases GCC would generate a cmpxchg8b instruction with a memory
reference that used %ebx. This is wrong (and will almost certainly result
in SIGSEGV). This fix uses a new memory constraint "W" to prevent the use
of %ebx in this case. This differs from the approach taken by upstream so
there are no GPLv3 issues here.
Fixes the Mesa i965 dri module on i386.
ok jsg@
|
|
okay espie@ "we should be wary" deraadt@
|
|
doesn't grok DT_RUNPATH yet.
|
|
Inspired by https://sourceware.org/ml/binutils/2010-08/msg00333.html, but
expressed differently so there are no GPLv3 issues.
|
|
requested by and OK jmc@
|
|
architectures when yy_size_t becomes size_t instead of unsigned int.
ok millert@, tedu@
|
|
|
|
ok sthen@ semarie@
|
|
Just delete the tcflow(3) calls, the use case for tcflow(3) here is
a bit far-fetched.
looks good to deraadt@, ok espie@
|
|
|
|
The initial pledge(2) call is broad, we can refine later when we know
whether we run in server, pserver client mode or regular client mode.
pserver server mode is likely broken, it will either be fixed or
removed.
With and ok semarie@, "let's proceed." deraadt@
|
|
But don't restore ownership/setuid/etc bits. ok deraadt@
|
|
But don't try to chown or set special bits. This fixes several ports.
ok deraadt@
|
|
- only the binutils package (no gdb here)
- don't import libiberty and texinfo, they are elsewhere
- remove all .info* generated files
|
|
ar/ranlib and objcopy/strip can pledge "stdio rpath wpath cpath fattr"
ok guenther
|
|
of files. In two cases however they were not being masked. These are build
tools -- therefore they should not encourage further propogation of such
unsafe bits.
ok guenther
|
|
setuid-preserving code in the so-called smart_rename() function. I
don't want my tools (ar, ranlib, objcopy, strip) going through the
effort to preserve setuid bits on ``build-directory'' files when they
sense a symbolic link, thank you very much. The modern way is to build
code, then set such modes at install-time.
Our kernel goes through the effort to clear setuid flags, and this was
neutering that attempt. Also has atrocious error handling.
(Identified as an issue of concern while doing the audit for pledge)
ok guenther
|
|
infokey - stdio rpath wpath cpath tty
makeinfo - stdio rpath wpath cpath getpw
install-info - stdio rpath wpath cpath proc exec
texindex - stdio rpath wpath cpath tmppath
ok schwarze
|
|
the ports build cycle to find out for sure.
|
|
NOTE: cc1 uses brk/sbrk, which was only enabled in pledge a few hours
ago. So this requires a fairly new kernel if compiling monster c++
programs..
|
|
features that new FSF programs will need (e.g., gcc snapshots).
looked at by fgs@, thanks.
|
|
(cc1 "toplev.c" uses brk/sbrk, so it is on hold to figure out the right
direction...)
ok semarie pascal
|
|
ok semarie
|
|
ok kettenis@
|
|
kettenis ok'd me poking around in here; ingo ok'd the diff
|
|
|
|
ok deraadt@ kettenis@
|
|
be able to use the virtualization instructions.
ok'ed a long time ago, I forgot who, but deraadt@ ok'ed it again anyway.
|
|
of registering an explicit dependency upon libstdc++.so when linking a shared
library with c++.
The explicit dependency had been reverted a long time ago when most of our
platforms were still usinc gcc 2.95, in order to have the same behaviour between
g++ 2.95 and g++ 3.3, for the sake of ports. However, when we started using
gcc 4, the default behaviour was not modified, and nowadays, it's g++ 3 which
differs from g++ 4. By reverting to the original behaviour, g++ 3 is on par
with g++ 4 again.
|
|
Fixes a crash in pserver mode when CVSROOT/passwd contains an old
DES password.
|
|
"stdio rpath", while objdump(1) also needs "tmppath" for objdump -i.
ok deraadt@, comments sthen@ kettenis@
|
|
memory up to this point by using sbrk(2). This is of course wildly incorrect
for any mmap-based malloc(3).
This also makes it possible to bring pledge(2) to gnu/.
comments kettenis@, ok miod@
|
|
gcc and g++ can currently have different ideas on the size of a
packed enum type:
enum __attribute__((packed)) foo { a = 0, b};
gcc: 1
g++: 4
enum foo { a = 0, b} __attribute__((packed));
gcc: 1
g++: 1
The first format is actually the preferred one according to the
documentation.
https://gcc.gnu.org/onlinedocs/gcc-4.2.1/gcc/Type-Attributes.html
g++ will accept the first format and silently not actually choose a
smaller size.
This was responsible for memory corruption with recent versions
of Mesa where c and c++ code share a header with a packed enum type.
The problem was reported in
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=39219
and fixed in gcc >= 4.3.6 in rev 144284.
This was after the switch from gplv2 but it's a trivial one line change.
ok guenther@ deraadt@ kettenis@
|
|
ok pascal@
|
|
This symbol isn't used anywhere outside libstdc++, thus no bump.
Upstream initially went the samy way, but then implemented a different fix,
which don't work for us. Eventually we should move to whitelisting the list
of symbols exported anyway.
okay miod@, no objections from sthen@; also supported by a few a while ago
|
|
Suggested earlier by guenther@, discussed with miod@
|
|
creating calls: cache the RTL, let a declaration alter the asm spec, and
set the same RTL attributes. For all three, let a declaration set the ELF
visibility.
ok miod@
|
|
is defined), and make this work on unsigned char platforms by using
isascii() instead of < 0.
While there, do not use the local getopt() implementation, as libc has had
getopt_long() support for years now.
With help from jca@ and guenther@. ok millert@, deraadt@ (on an earlier diff)
|
|
This will make the segment containing those sections read-only for binaries
that use the OpenBSD W^X layout, preventing W^X violations on architectures
that need an executable GOT (basically BSS-PLT powerpc).
ok miod@
|
|
are only two loadable segments. With W^X on OpenBSD, we will typically
create more than two. Most shared libraries and binaries end up with
five of them. One of them is the GOT itself so we don't need to take that
one into account. So raise the number of spare local GOT entries from 5 to 7.
This fixes building liblto_plugin.so in the gcc 4.9 port.
ok miod@, jasper@, pascal@
|