Age | Commit message (Collapse) | Author |
|
|
|
Twice, I have seen the sigtramp mapping land inside that hole. This
causes grief for the upcoming pinsyscalls() work which operates on
address space ranges. But the micro-optimization is silly.
ok kettenis
|
|
placed head of the btext (boot.text) segment. (the boot.text segment is
"unmapped" after initization, as a self-protection mechanism). this meant
the LOAD's virtual addresses were not in sequence, which clearly isn't
what we intended.
|
|
|
|
|
|
noticed by gnezdo
|
|
ok deraadt@
|
|
|
|
function. Therefore we cannot create a precise pinsyscall label. Instead
create a duplicate entry (using inline asm) to force the kernel's pinsyscall
code to skip validation, rather than labelling it illegal. kbind(2) remains
safe because it self-protects by checking its calling address.
ok kettenis
|
|
Required for strict-alignment architectures and a good idea on others.
same as kettenis commit to libc
|
|
arguments, so we have to cope.
|
|
with {uint offset, uint syscall#} entries in libc & ld.so.
In libc a few syscall# entries (break, sigprocmask, _tfork, _threxit)
are duplicated because additional or inline uses occur (that situation
is handled elsewhere)
ok kettenis
|
|
ok tb gnezdo
|
|
non-libc users. This is a two-liner macro anyway, and this will make
deraadt@'s future changes in this area easier to make. NFC
|
|
intended, instead of filtering out everything.
OK sthen@
|
|
reproducing the relevant defines and code in a different place) to perform
minor relocations. If things go very wrong, it would call _dl_exit() --
a locally defined crt0 function which is syscall exit(2). We don't need
to call exit(2) for this obscure case which doesn't happen and provides no
debugging information. An 'abort' is going to provide better information.
So let's change the function name to _dso_abort() and make it a single
illegal instruction.
ok guenther
|
|
to be a descriptive name, where hrSWRunPath should give the full path to
the binary. While argv[0] can contain any of a simple binary name, the
full path, or a custom name given by the application itself, it gives us
the option to retrieve both pieces of information. This is also the
same distinction made by netsnmp.
This also keeps the default command column from top(1) and snmptop in
sync, and now allows for identical output in the column between `top -C`
and `snmptop -Cpa`
OK tb@
|
|
hrSWRunPerfCPU and hrSWRunPerfMem. This allows snmptop to work with
snmpd(8). Math copied from top(1).
OK tb@
|
|
fails
clang-16 warning reported by robert@, ok tb@ millert@
|
|
at the dlopen vs execve split, dropping either "proc" or "prot_exec".
ok gnezdo
|
|
is already loaded:
* add a 'trace' argument to _dl_show_objects() and exit the
walk-the-objects loop if you hit that traced object
* in dlopen(), pass the trace object to _dl_show_objects()
* also, invoke _dl_show_objects() + exit if the object was
already opened
* pass NULL to _dl_show_objects() for all the other calls
* oh hey, _dl_tracelib is now superfluous: _dl_show_objects()
should do the walk-the-objects loop only if trace is not NULL.
Problem noted by gnezdo@
ok millert@
|
|
Problem noted by gnezdo@
ok millert@
|
|
Promote size from int to size_t.
From: lucas at sexy dot is
Regress tests by gnezdo@
deraadt: yes
|
|
for more than a year code which could use it; but in all non-trivial
circumstances (programs which would benefit), I was stopped by issues
(in particular by environment variable behavious). But I never looked
in ldd(1). This is the FIRST one which is completely obvious.
spledge(NULL, "stdio rpath")
ok guenther
|
|
- reject non-sensical program header values which would result in a crash
when accessing the 0 bytes sized buffer allocated due to it
ok deraadt@ kettenis@
|
|
|
|
sure deraadt@
|
|
ok deraadt@
|
|
periodically read rules from pf(4) to consume all kernel
memory. The bug has been discovered and root caused by florian@.
In this particular case it was snmpd(8) what ate all kernel
memory.
This commit introduces DIOCXEND to pf(4) so applications such
as snmpd(8) and systat(1) to close ticket/transaction when
they are done with fetching the rules. This change also
updates snmpd(8) and systat(1) to use newly introduced
DIOCXEND ioctl(2).
OK claudio@, deraadt@, kn@
|
|
while here simplify the "From " check too.
ok millert@
|
|
indirect branch, so include an endbr64 Just In Case.
ok deraadt@
|
|
requested by deraadt@, ok tb@
|
|
reduces the diff with opensmtpd-portable.
ok tb@
|
|
|
|
|
|
ok patrick@
|
|
|
|
|
|
feedback tb@
|
|
The hash function is supposed to return a value less than or equal
to 0x0fffffff. Due to a bug in the sample code supplied with the
ELF SYSV ABI documentation, the hash function can overflow on 64-bit
systems. Apply the same fix used by GNU libc, MUSL libc and FreeBSD.
Prompted by https://maskray.me/blog/2023-04-12-elf-hash-function
OK tb@ miod@
|
|
Now symlinking an executable away from the rest of its installation
tree no longer prevents it from finding the libraries. This matches
the behavior of other OS linkers. Prompted by a behavior change in
lang/ghc test suite.
Swapped the order of dirname/realpath in _dl_origin_path.
Added some regress tests that pass and then bin3 that fails without
this change and reflects the behavior needd for lang/ghc.
Suggestion by semarie@, OK deraadt@
|
|
to be a normal C function that starts with "bti c" when BTI contro flow
integretry enforcement is in place. Add "bti c" to _dl_bind_start().
Remove unused _rtld_tlsdesc() function to avoid having to add "bti c" to it.
ok deraadt@
|
|
ok miod@ millert@
|
|
Reported by Peter J. Philipp. OK deraadt@
|
|
right, deraadt@
|
|
where it is with pinsyscall(). In non-static binaries, kernel execve(2)
will now insist upon being called from that small region. Arriving from
a different region smells like ROP methodology, and the process is killed.
|
|
|
|
This is the default value of the linker, but I really like placing the
comment "architecturally required data islands".
|
|
|
|
hardware enforcement for this, but uvm can some of it's own tricks
on occasion.
|