Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-09-02 | update tradcpp to 0.5.2 | Jonathan Gray | |
ok miko@ bcallah@ deraadt@ | |||
2018-08-29 | make ld.so build reproducible by including a FILE symbol and by removing | Robert Nagy | |
-x from ld; this is only used for syspatch creation so builds are still randomized just as before ok guenther@ | |||
2018-08-08 | lockspool only plays with files in _PATH_MAILDIR, so unveil that path. | Theo de Raadt | |
2018-08-03 | Move pledge to after getopt, when the finger program becomes known | Theo de Raadt | |
(defaults to /usr/bin/finger, but can be redefined with -P option). Then unveil that program for "x" (execution), and pledge as before. No other filesystem accesses occur after that point. | |||
2018-07-24 | Fix address calculation for _DYNAMIC. We want to address of _DYNAMIC itself, | Mark Kettenis | |
not the address of its GOT entry. The current code mixed the high bits of the GOT entry address with the low bits of the true address. This only worked by accident for small binaries where _DYNAMIC and its GOT entry happen to reside on the same page. ok guenther@, mortimer@ | |||
2018-07-09 | unify the various per-arch syscall.h as much as possible | Theo de Raadt | |
ok kettenis guenther | |||
2018-06-28 | add missing ${LIBCRYPTO} to DPADD | Gleydson Soares | |
OK deraadt@ millert@ jca@ | |||
2018-06-16 | Add add PIE support for m88k (requires gcc4 toolchain) | Philip Guenther | |
Convert __cerror to hidden visibility. from miod@ | |||
2018-06-14 | silence a compiler warning | Gleydson Soares | |
OK millert | |||
2018-06-13 | Call pledge(2) earlier before opening the auth channel and readpassphrase() | Reyk Floeter | |
Before this change, only the password validation was pledged, now it also includes some more code including the "Password:" prompt. To pledge the code earlier, the getpwnam_shadow() had to be moved up - it works under "getpw" but it does not return the actual password hash under pledge. This also works with yp(ldap). OK deraadt@ tb@ brynet@ | |||
2018-06-13 | Remove #ifdef PASSWD, it was always enabled and is a leftover from krb5 days. | Reyk Floeter | |
No other uses of -DPASSWD were found in the tree. OK deraadt@ tb@ brynet@ | |||
2018-06-08 | Bail out if fchmod(2) fails. | cheloha | |
Don't quietly install ld.so.hints with mode 0600 because this adds overhead to shlib lookup for non-root processes. From Nan Xiao. ok guenther@ | |||
2018-06-01 | Bump ELF_RANDOMIZE_LIMIT to 1MB. | mortimer | |
ok deraadt@ | |||
2018-05-15 | On arm64 negate the whole 64-bit register otherwise system call wrappers | Mark Kettenis | |
that return ssize_t will not return a negative value upon error. Fixes dynamical loading of shared objects using dlopen(). ok guenther@ | |||
2018-05-01 | Add an explanation to relink.log what a failed checksum of /bsd | Robert Peichaer | |
means and show how to re-enable KARL. Prodded by and OK deraadt Feedback and OK tb | |||
2018-04-27 | Make sure ld.so doesn't use floating point registers, as the lazy-binding | Philip Guenther | |
stub doesn't preserve them and some may be used for passing arguments ok kettenis@ deraadt@ mlarkin@ | |||
2018-04-26 | Use <fcntl.h> instead of <sys/file.h> for open() and friends. | Philip Guenther | |
Delete a bunch of unnecessary #includes and sort to match style(9) while doing the above cleanup. ok deraadt@ krw@ | |||
2018-04-26 | nuke trailing whitespace | Bob Beck | |
2018-03-09 | Add support for the DF_TEXTREL flag. | Mark Kettenis | |
ok patrick@, millert@ | |||
2018-02-09 | Use a static chacha instance to fill randomdata sections. Avoids looping | mortimer | |
over a syscall for randomdata sections larger than 256B. ok djm@ deraadt@ kettenis@ | |||
2018-02-07 | sync with libc malloc: use consistent style for for loop in unmap(), | Otto Moerbeek | |
no functional change | |||
2018-02-04 | Expand Type strings by one space, to fit ld.so, in the same ugly way "exe " | Theo de Raadt | |
was being handled. | |||
2018-02-01 | don't forget to increment loop var; infinite loops spotted by sthen@ | Otto Moerbeek | |
2018-01-30 | No need to add ffs.c as we use .VPATH to reach over into libc/string. | Mark Kettenis | |
ok otto@ | |||
2018-01-30 | provide ffs, gcc generates calls to it, even when __builtin_ffs() is used. | Otto Moerbeek | |
ok deraadt@ | |||
2018-01-30 | kill a gcc warning | Otto Moerbeek | |
2018-01-30 | port over the malloc changes from libc. prompted by deraadt@ | Otto Moerbeek | |
2018-01-18 | Unlike other archs, mips64 needs ld.so to know about symbol visibility and | Philip Guenther | |
skip symbol lookup on protected symbols. Add visibility #defines to <sys/exec_elf.h> to support that. ok kettenis@ visa@ | |||
2017-12-24 | Fix one possible buffer overflow and one underflow. Also some minor | Todd C. Miller | |
cleanups. From Jan Kokemueller. OK deraadt@ | |||
2017-12-21 | Implement missing bits to support lazy binding. Note that the code | Mark Kettenis | |
deliberately does not save the floating-point argument registers before calling _dl_bind(). Doing so would force an FPU context switch upon every function call through the PLT. But since we compile ld.so with -march=armv8-a+nofp+nosimd this is safe since nothing in the _dl_bind() codepath uses he FPU registers. ok guenther@, drahn@ | |||
2017-12-12 | ld.so's syscall _dl_* API/ABI doesn't reurn errno, but -errno. | Theo de Raadt | |
Reviewing behaviour artifacts with pledge, I discover a close(-ENOSYS).. ok guenther | |||
2017-12-12 | spacing | Theo de Raadt | |
2017-12-08 | also cleanout ld.so.a | Theo de Raadt | |
2017-12-08 | Everyone knows this as ld.so, nor by the ancient name rtld. | Theo de Raadt | |
ok guenther | |||
2017-12-01 | Redo the calculation of the alignment and placement of static TLS data to | Philip Guenther | |
correctly take into account the segment p_align. Previously, anything with a size belong the natural alignment or with alignment larger than the natural one would either not be intialized correctly, be misaligned, or result in the TIB being misaligned. Problems reported by Charles Collicutt (charles (at) collicutt.co.uk) ok kettenis@ | |||
2017-11-28 | Implement a DL_REFERENCE dlctl. To be used by the upcoming | Mark Kettenis | |
__cxa_thread_atexit() implementation. ok guenther@ | |||
2017-11-15 | Tweak bitmask calculation to match i386 and avoid clang warning. | Mark Kettenis | |
ok tom@ | |||
2017-11-05 | Consolidate lib.so.*.a, ld.so.a and the kernel relink kit into | Robert Peichaer | |
one location under /usr/share/relink. Be more specific in src/etc/rc reorder_libs() what filesystems need r/w remount and ensure that their mount state is restored. Idea and positive feedback from deraadt@ OK aja@ tb@ | |||
2017-10-29 | Prefer <elf.h> to the non portable <sys/exec_elf.h>. | Martin Pieuchot | |
ok jca@, deraadt@ | |||
2017-10-27 | Use <elf.h> instead of <elf_abi.h> | Martin Pieuchot | |
ok jasper@, jca@, deraadt@ | |||
2017-10-26 | If LD_BIND_NOW is in force then all relocations are performed eagerly, | Philip Guenther | |
when the object is loaded. Since kbind(2) will never be used in that case, disable it early, before invoking any library or application code. ok deraadt@ kettenis@ | |||
2017-10-24 | R_AARCH64_NONE should be zero, not 256. The latter was a deprecated | Philip Guenther | |
assignment and isn't used by clang/lld. ok jsg@ | |||
2017-10-18 | Make blacklist entries override the whitelist. When running spamd | Todd C. Miller | |
in greylisting mode, it is not uncommon for an IP to get whitelisted before it shows up on a spam blacklist. With this change, spamd will check its blacklists before adding a WHITE entry to the <spamd-white> pf table. If the IP matches a blacklist, the WHITE entry will be removed. OK phessler@ | |||
2017-10-17 | add missing HISTORY; based on CVS logs and release announcements | Ingo Schwarze | |
2017-10-17 | Use a binary search to speed up blacklist lookups. OK phessler@ | Todd C. Miller | |
2017-10-12 | Check for asprintf() returning -1 instead of assuming that the | Todd C. Miller | |
pointer will remain unchanged when fails. OK deraadt@ | |||
2017-10-10 | __plt_{start,end} are no longer generated or necessary, having been | Philip Guenther | |
superseded by the generic ?WX and RELRO support. Stop trying to look up and use them. ok kettenis@ deraadt@ | |||
2017-10-05 | Sync with libc malloc, doing delayed free double-free check always | Otto Moerbeek | |
2017-09-16 | Make sure to freezero() the wide-character copy of the user supplied password. | anton | |
While here, change the mbstowcs() error checking making it complaint with what's documented in the manual and zap some stray whitespace. ok benno@ tb@ | |||
2017-09-09 | Remove superfluous mprotect()ing of the PLT that's been obsoleted by | Philip Guenther | |
the generic handling of RWX segments. ok aoyama@ |