summaryrefslogtreecommitdiff
path: root/gnu
AgeCommit message (Collapse)Author
2016-01-14fix typommcc
from Jan Schreiber, ok deraadt@
2016-01-11Fix perl CVE-2015-8607 - XS File::Spec::canonpath loses taintAndrew Fresh
https://rt.perl.org/Ticket/Display.html?id=126862
2014-11-17Import perl-5.20.1Andrew Fresh
2015-12-27add missing header needed for pledge(2)Charles Longeau
ok deraadt@
2015-12-26Fix branch delay slots. Found while making test builds of ports.Visa Hankala
2015-12-21Recognise the rdseed instruction introduced with Broadwell.Jonathan Gray
Similar to changes made in FreeBSD. ok kettenis@
2015-12-18Add library-based __sync functions for mips64.Visa Hankala
Help with testing and ok kettenis@
2015-12-17Implement a memory barrier for mips. Basically this makes __sync_synchronize()Mark Kettenis
emit a "sync" instruction. ok visa@
2015-12-10Actually install OpenBSD::Pledge perl moduleAndrew Fresh
2015-12-05Implement the .inst assembler directive for arm.Tobias Ulmer
Required for building gcc 4.9 ok jsg@
2015-12-01Fix __sync_val_compare_and_swap_8() on i386 for code compiled with -fPIC.Mark Kettenis
In some cases GCC would generate a cmpxchg8b instruction with a memory reference that used %ebx. This is wrong (and will almost certainly result in SIGSEGV). This fix uses a new memory constraint "W" to prevent the use of %ebx in this case. This differs from the approach taken by upstream so there are no GPLv3 issues here. Fixes the Mesa i965 dri module on i386. ok jsg@
2015-11-29OpenBSD::Pledge - perl interface to pledge(2)Andrew Fresh
okay espie@ "we should be wary" deraadt@
2015-11-28Back out previous commit. Not emitting DT_RPATH isn't helpful if our ld.soMark Kettenis
doesn't grok DT_RUNPATH yet.
2015-11-26Fix "Bad value" error seen when building Mesa 11.0.6 which uses -Bsymbolic.Mark Kettenis
Inspired by https://sourceware.org/ml/binutils/2010-08/msg00333.html, but expressed differently so there are no GPLv3 issues.
2015-11-26change the name "as" in the NAME section of the as(1) manuals to lowercase;Ingo Schwarze
requested by and OK jmc@
2015-11-22Use yy_size_t instead of int in yy_input(). Makes things work on BE 64-bitMark Kettenis
architectures when yy_size_t becomes size_t instead of unsigned int. ok millert@, tedu@
2015-11-20Regen.Jeremie Courreges-Anglas
2015-11-20Server-side pserver support is broken, and we don't plan to support it.Jeremie Courreges-Anglas
ok sthen@ semarie@
2015-11-20Unbreak, tcflow and its underlying ioctls aren't allowed by pledge(2).Jeremie Courreges-Anglas
Just delete the tcflow(3) calls, the use case for tcflow(3) here is a bit far-fetched. looks good to deraadt@, ok espie@
1995-12-19raw import of cvs-1.6Theo de Raadt
2015-11-17Pledge cvs(1).Jeremie Courreges-Anglas
The initial pledge(2) call is broad, we can refine later when we know whether we run in server, pserver client mode or regular client mode. pserver server mode is likely broken, it will either be fixed or removed. With and ok semarie@, "let's proceed." deraadt@
2015-11-15Same as in binutils-2.17, only restore regular permission bits.Jeremie Courreges-Anglas
But don't restore ownership/setuid/etc bits. ok deraadt@
2015-11-15In smart_rename, restore at least the regular permissions bits.Jeremie Courreges-Anglas
But don't try to chown or set special bits. This fixes several ports. ok deraadt@
2000-09-12Import binutils-2.10Marc Espie
- only the binutils package (no gdb here) - don't import libiberty and texinfo, they are elsewhere - remove all .info* generated files
2015-11-15Now that the (setuid bit related) bad-practice audit and repair is complete,Theo de Raadt
ar/ranlib and objcopy/strip can pledge "stdio rpath wpath cpath fattr" ok guenther
2015-11-15In most cases binutils strips off setuid/setgid bits when creating copiesTheo de Raadt
of files. In two cases however they were not being masked. These are build tools -- therefore they should not encourage further propogation of such unsafe bits. ok guenther
2015-11-15Using #ifndef __OpenBSD__, disable the really dangerous and sillyTheo de Raadt
setuid-preserving code in the so-called smart_rename() function. I don't want my tools (ar, ranlib, objcopy, strip) going through the effort to preserve setuid bits on ``build-directory'' files when they sense a symbolic link, thank you very much. The modern way is to build code, then set such modes at install-time. Our kernel goes through the effort to clear setuid flags, and this was neutering that attempt. Also has atrocious error handling. (Identified as an issue of concern while doing the audit for pledge) ok guenther
2015-11-14info - pledge stdio rpath wpath cpath getpw tty proc execTheo de Raadt
infokey - stdio rpath wpath cpath tty makeinfo - stdio rpath wpath cpath getpw install-info - stdio rpath wpath cpath proc exec texindex - stdio rpath wpath cpath tmppath ok schwarze
2015-11-14Betting pledge "stdio rpath wpath cpath" works for this. Let's get it intoTheo de Raadt
the ports build cycle to find out for sure.
2015-11-14pledge 'stdio rpath wpath cpath", since that is all large program does.Theo de Raadt
NOTE: cc1 uses brk/sbrk, which was only enabled in pledge a few hours ago. So this requires a fairly new kernel if compiling monster c++ programs..
2002-06-10TeXinfo 4.2, much more robust html (and other formats) output, and a few Marc Espie
features that new FSF programs will need (e.g., gcc snapshots). looked at by fgs@, thanks.
2015-11-13Both gcc & collect2 can pledge "stdio rpath wpath cpath proc exec".Theo de Raadt
(cc1 "toplev.c" uses brk/sbrk, so it is on hold to figure out the right direction...) ok semarie pascal
2015-11-13pledge "stdio rpath wpath cpath fattr" for both as & ldTheo de Raadt
ok semarie
2015-11-12With --enable-new-dtags, only generate DT_RUNPATH and no DT_RPATHPhilip Guenther
ok kettenis@
2015-11-11update NAME;Jason McIntyre
kettenis ok'd me poking around in here; ingo ok'd the diff
2004-05-17import binutils 2.14 (excluding testsuites, .info files, and .po files)Dale Rahn
2015-11-11Correct several DT_foo (tag id) vs DF_* (flag bit) errorsPhilip Guenther
ok deraadt@ kettenis@
2015-11-09Start moving some vmm things into the tree. First up is binutils so we willMike Larkin
be able to use the virtualization instructions. ok'ed a long time ago, I forgot who, but deraadt@ ok'ed it again anyway.
2015-11-08Revert 1.2 and 1.3 in order to go back to the default upstream behaviourMiod Vallat
of registering an explicit dependency upon libstdc++.so when linking a shared library with c++. The explicit dependency had been reverted a long time ago when most of our platforms were still usinc gcc 2.95, in order to have the same behaviour between g++ 2.95 and g++ 3.3, for the sake of ports. However, when we started using gcc 4, the default behaviour was not modified, and nowadays, it's g++ 3 which differs from g++ 4. By reverting to the original behaviour, g++ 3 is on par with g++ 4 again.
2015-10-30Use crypt_checkpass() instead of strcmp(hash, crypt(password, hash)).Todd C. Miller
Fixes a crash in pserver mode when CVSROOT/passwd contains an old DES password.
2015-10-22Add pledge(2) to some binutils that handle untrusted data. Most can do withPascal Stumpf
"stdio rpath", while objdump(1) also needs "tmppath" for objdump -i. ok deraadt@, comments sthen@ kettenis@
2015-10-20On xmalloc failure, stop trying to determine the total amount of allocatedPascal Stumpf
memory up to this point by using sbrk(2). This is of course wildly incorrect for any mmap-based malloc(3). This also makes it possible to bring pledge(2) to gnu/. comments kettenis@, ok miod@
2015-10-07Correct handling of enum attributes with g++Jonathan Gray
gcc and g++ can currently have different ideas on the size of a packed enum type: enum __attribute__((packed)) foo { a = 0, b}; gcc: 1 g++: 4 enum foo { a = 0, b} __attribute__((packed)); gcc: 1 g++: 1 The first format is actually the preferred one according to the documentation. https://gcc.gnu.org/onlinedocs/gcc-4.2.1/gcc/Type-Attributes.html g++ will accept the first format and silently not actually choose a smaller size. This was responsible for memory corruption with recent versions of Mesa where c and c++ code share a header with a packed enum type. The problem was reported in https://gcc.gnu.org/bugzilla/show_bug.cgi?id=39219 and fixed in gcc >= 4.3.6 in rev 144284. This was after the switch from gplv2 but it's a trivial one line change. ok guenther@ deraadt@ kettenis@
2015-09-16Enable -msecure-plt by default (on powerpc).Mark Kettenis
ok pascal@
2015-09-15Make the famous _S_debug_messages warning go away, by hidining that symbol.Vadim Zhukov
This symbol isn't used anywhere outside libstdc++, thus no bump. Upstream initially went the samy way, but then implemented a different fix, which don't work for us. Eventually we should move to whitelisting the list of symbols exported anyway. okay miod@, no objections from sthen@; also supported by a few a while ago
2015-09-11Avoid undefined behavior with isascii, cast its argument to unsigned char.Jeremie Courreges-Anglas
Suggested earlier by guenther@, discussed with miod@
2015-09-10Makde gcc handle __stack_smash_handler similarly to memcpy and memset whenPhilip Guenther
creating calls: cache the RTL, let a declaration alter the asm spec, and set the same RTL attributes. For all three, let a declaration set the ELF visibility. ok miod@
2015-09-09Fix various buffer overflows (caused by the way struct iso_directory_recordMiod Vallat
is defined), and make this work on unsigned char platforms by using isascii() instead of < 0. While there, do not use the local getopt() implementation, as libc has had getopt_long() support for years now. With help from jca@ and guenther@. ok millert@, deraadt@ (on an earlier diff)
2015-09-09For truly static binaries, force .ctors, .dtors and .got to be read-only.Mark Kettenis
This will make the segment containing those sections read-only for binaries that use the OpenBSD W^X layout, preventing W^X violations on architectures that need an executable GOT (basically BSS-PLT powerpc). ok miod@
2015-08-31The code that guesstimates the number of local GOT entries assumes that thereMark Kettenis
are only two loadable segments. With W^X on OpenBSD, we will typically create more than two. Most shared libraries and binaries end up with five of them. One of them is the GOT itself so we don't need to take that one into account. So raise the number of spare local GOT entries from 5 to 7. This fixes building liblto_plugin.so in the gcc 4.9 port. ok miod@, jasper@, pascal@