Age | Commit message (Collapse) | Author |
|
fails
clang-16 warning reported by robert@, ok tb@ millert@
|
|
at the dlopen vs execve split, dropping either "proc" or "prot_exec".
ok gnezdo
|
|
is already loaded:
* add a 'trace' argument to _dl_show_objects() and exit the
walk-the-objects loop if you hit that traced object
* in dlopen(), pass the trace object to _dl_show_objects()
* also, invoke _dl_show_objects() + exit if the object was
already opened
* pass NULL to _dl_show_objects() for all the other calls
* oh hey, _dl_tracelib is now superfluous: _dl_show_objects()
should do the walk-the-objects loop only if trace is not NULL.
Problem noted by gnezdo@
ok millert@
|
|
Problem noted by gnezdo@
ok millert@
|
|
Promote size from int to size_t.
From: lucas at sexy dot is
Regress tests by gnezdo@
deraadt: yes
|
|
for more than a year code which could use it; but in all non-trivial
circumstances (programs which would benefit), I was stopped by issues
(in particular by environment variable behavious). But I never looked
in ldd(1). This is the FIRST one which is completely obvious.
spledge(NULL, "stdio rpath")
ok guenther
|
|
- reject non-sensical program header values which would result in a crash
when accessing the 0 bytes sized buffer allocated due to it
ok deraadt@ kettenis@
|
|
|
|
sure deraadt@
|
|
ok deraadt@
|
|
periodically read rules from pf(4) to consume all kernel
memory. The bug has been discovered and root caused by florian@.
In this particular case it was snmpd(8) what ate all kernel
memory.
This commit introduces DIOCXEND to pf(4) so applications such
as snmpd(8) and systat(1) to close ticket/transaction when
they are done with fetching the rules. This change also
updates snmpd(8) and systat(1) to use newly introduced
DIOCXEND ioctl(2).
OK claudio@, deraadt@, kn@
|
|
while here simplify the "From " check too.
ok millert@
|
|
indirect branch, so include an endbr64 Just In Case.
ok deraadt@
|
|
requested by deraadt@, ok tb@
|
|
reduces the diff with opensmtpd-portable.
ok tb@
|
|
|
|
|
|
ok patrick@
|
|
|
|
|
|
feedback tb@
|
|
The hash function is supposed to return a value less than or equal
to 0x0fffffff. Due to a bug in the sample code supplied with the
ELF SYSV ABI documentation, the hash function can overflow on 64-bit
systems. Apply the same fix used by GNU libc, MUSL libc and FreeBSD.
Prompted by https://maskray.me/blog/2023-04-12-elf-hash-function
OK tb@ miod@
|
|
Now symlinking an executable away from the rest of its installation
tree no longer prevents it from finding the libraries. This matches
the behavior of other OS linkers. Prompted by a behavior change in
lang/ghc test suite.
Swapped the order of dirname/realpath in _dl_origin_path.
Added some regress tests that pass and then bin3 that fails without
this change and reflects the behavior needd for lang/ghc.
Suggestion by semarie@, OK deraadt@
|
|
to be a normal C function that starts with "bti c" when BTI contro flow
integretry enforcement is in place. Add "bti c" to _dl_bind_start().
Remove unused _rtld_tlsdesc() function to avoid having to add "bti c" to it.
ok deraadt@
|
|
ok miod@ millert@
|
|
Reported by Peter J. Philipp. OK deraadt@
|
|
right, deraadt@
|
|
where it is with pinsyscall(). In non-static binaries, kernel execve(2)
will now insist upon being called from that small region. Arriving from
a different region smells like ROP methodology, and the process is killed.
|
|
|
|
This is the default value of the linker, but I really like placing the
comment "architecturally required data islands".
|
|
|
|
hardware enforcement for this, but uvm can some of it's own tricks
on occasion.
|
|
ok gkoehler
|
|
OK deraadt
|
|
OK deraadt
|
|
|
|
is no longer a NOP on those systems, let's do it.
|
|
|
|
the x86 one.
|
|
came up in two seperate conversations with miod and kettenis
|
|
|
|
|
|
exonly transition for people building through an upcoming commit series
|
|
--execute-only ld.so (meaning FLAGS (1) on the LOAD line for the text
segment, in the ld.script). the linker, when using built-in linker scripts,
is not ready yet for other libraries / binaries..
|
|
Since we got rid of padded syscalls we have enough registers to do this.
ok deraadt@ ok kettenis@
|
|
|
|
ok kettenis
|
|
standard PIC magic. This makes the code similar to what we already use
for rcrt0.o. This makes it ready for execute-only.
Build C code using -fno-jump-tables to make it ready for execute-only.
ok deraadt@, miod@
|
|
instruction used by __canonicalize_funcptr_for_compare() from "bl" into "b".
This allows __canonicalize_funcptr_for_compare() to execute the branch
instead of decoding the instruction to find the address of _dl_bind().
This is the first step in the transition to a new ABI. Once an updated
ld.so has been installed, we can change __canonicalize_funcptr_for_compare()
(which lives in libgcc) and rebuild everything with a new libgcc. Only
then we can actually make ld.so executable-only.
ok deraadt@, miod@
|
|
|