summaryrefslogtreecommitdiff
path: root/libexec
AgeCommit message (Collapse)Author
2023-12-20create a stub for pinsyscalls(2)Theo de Raadt
2023-12-20there is a super-alignment between btext and text, this creates a hole.Theo de Raadt
Twice, I have seen the sigtramp mapping land inside that hole. This causes grief for the upcoming pinsyscalls() work which operates on address space ranges. But the micro-optimization is silly. ok kettenis
2023-12-20For strange reasons which made sense at the time, the text segment wasTheo de Raadt
placed head of the btext (boot.text) segment. (the boot.text segment is "unmapped" after initization, as a self-protection mechanism). this meant the LOAD's virtual addresses were not in sequence, which clearly isn't what we intended.
2023-12-19whitespacesTheo de Raadt
2023-12-19correct alignment placementTheo de Raadt
2023-12-18correct section the SYS_kbind syscall pin record goes intoTheo de Raadt
noticed by gnezdo
2023-12-16Fix phdr name in ld.script.Kenji Aoyama
ok deraadt@
2023-12-12repair type for 2nd arg of read(2)Theo de Raadt
2023-12-12To avoid kbind(2) becoming a powerful gadget, it is called inline to aTheo de Raadt
function. Therefore we cannot create a precise pinsyscall label. Instead create a duplicate entry (using inline asm) to force the kernel's pinsyscall code to skip validation, rather than labelling it illegal. kbind(2) remains safe because it self-protects by checking its calling address. ok kettenis
2023-12-11Make sure the syscall table entries are aligned on a 4-byte boundary.Theo de Raadt
Required for strict-alignment architectures and a good idea on others. same as kettenis commit to libc
2023-12-11arm just had to be different and change the syntax for .pushsectionTheo de Raadt
arguments, so we have to cope.
2023-12-10Populate the non-LOAD openbsd.syscalls section (and PT_OPENBSD_SYSCALL)Theo de Raadt
with {uint offset, uint syscall#} entries in libc & ld.so. In libc a few syscall# entries (break, sigprocmask, _tfork, _threxit) are duplicated because additional or inline uses occur (that situation is handled elsewhere) ok kettenis
2023-12-08locally us MAXIMUM() rather than MAX()Theo de Raadt
ok tb gnezdo
2023-12-06Move CALLSYS_NOERROR macro from <machine/asm.h> to libc, and expand it forMiod Vallat
non-libc users. This is a two-liner macro anyway, and this will make deraadt@'s future changes in this area easier to make. NFC
2023-11-21Set sc_rtfilter to specific ROUTE_FILTER() values, as was originallyMartijn van Duren
intended, instead of filtering out everything. OK sthen@
2023-11-18crt0 uses a helper function in a MD src/libexec/ld.so .h file (rather thanTheo de Raadt
reproducing the relevant defines and code in a different place) to perform minor relocations. If things go very wrong, it would call _dl_exit() -- a locally defined crt0 function which is syscall exit(2). We don't need to call exit(2) for this obscure case which doesn't happen and provides no debugging information. An 'abort' is going to provide better information. So let's change the function name to _dso_abort() and make it a single illegal instruction. ok guenther
2023-10-24Make hrSWRunPath use argv[0], instead of p_comm. hrSWRunName is supposedMartijn van Duren
to be a descriptive name, where hrSWRunPath should give the full path to the binary. While argv[0] can contain any of a simple binary name, the full path, or a custom name given by the application itself, it gives us the option to retrieve both pieces of information. This is also the same distinction made by netsnmp. This also keeps the default command column from top(1) and snmptop in sync, and now allows for identical output in the column between `top -C` and `snmptop -Cpa` OK tb@
2023-10-24Add support for HOST-RESOURCES-MIB:hrSWRunPerfTable by addingMartijn van Duren
hrSWRunPerfCPU and hrSWRunPerfMem. This allows snmptop to work with snmpd(8). Math copied from top(1). OK tb@
2023-09-05Log a dummy "<unknown>" IP address in the unlikely event that genameinfo(3) ↵Jeremie Courreges-Anglas
fails clang-16 warning reported by robert@, ok tb@ millert@
2023-08-15ldd can pledge "stdio rpath proc exec prot_exec". We can later bifurbicateTheo de Raadt
at the dlopen vs execve split, dropping either "proc" or "prot_exec". ok gnezdo
2023-08-15Improve handling of dlopen(RTLD_TRACE) aka ldd, of a library thatPhilip Guenther
is already loaded: * add a 'trace' argument to _dl_show_objects() and exit the walk-the-objects loop if you hit that traced object * in dlopen(), pass the trace object to _dl_show_objects() * also, invoke _dl_show_objects() + exit if the object was already opened * pass NULL to _dl_show_objects() for all the other calls * oh hey, _dl_tracelib is now superfluous: _dl_show_objects() should do the walk-the-objects loop only if trace is not NULL. Problem noted by gnezdo@ ok millert@
2023-08-15Skip the _dl_msyscall() invocation if tracing library loading.Philip Guenther
Problem noted by gnezdo@ ok millert@
2023-08-12Check for a full read, avoid warn when errno might be unmodifiedGreg Steuck
Promote size from int to size_t. From: lucas at sexy dot is Regress tests by gnezdo@ deraadt: yes
2023-07-24I added the 2nd argument (execpromises) to pledge(2), and then huntedTheo de Raadt
for more than a year code which could use it; but in all non-trivial circumstances (programs which would benefit), I was stopped by issues (in particular by environment variable behavious). But I never looked in ldd(1). This is the FIRST one which is completely obvious. spledge(NULL, "stdio rpath") ok guenther
2023-07-13- use IS_ELF() to check the ELF magic bytesJasper Lievisse Adriaanse
- reject non-sensical program header values which would result in a crash when accessing the 0 bytes sized buffer allocated due to it ok deraadt@ kettenis@
2023-07-12validate alignment of ELF program headersJasper Lievisse Adriaanse
2023-07-08turn an ifdef'd _dl_printf call into DL_DEB and various whitespace fixesJasper Lievisse Adriaanse
sure deraadt@
2023-07-08zap stray backslashJasper Lievisse Adriaanse
ok deraadt@
2023-07-04The recent change to DIOCGETRULE allows applications whichAlexandr Nedvedicky
periodically read rules from pf(4) to consume all kernel memory. The bug has been discovered and root caused by florian@. In this particular case it was snmpd(8) what ate all kernel memory. This commit introduces DIOCXEND to pf(4) so applications such as snmpd(8) and systat(1) to close ticket/transaction when they are done with fetching the rules. This change also updates snmpd(8) and systat(1) to use newly introduced DIOCXEND ioctl(2). OK claudio@, deraadt@, kn@
2023-06-05use getline(3) instead of fgetln(3)Omar Polo
while here simplify the "From " check too. ok millert@
2023-05-18If you disable retpolineplt then _dl_bind_start is called with anPhilip Guenther
indirect branch, so include an endbr64 Just In Case. ok deraadt@
2023-05-15cast to '(long long)' instead of '(long long int)'Omar Polo
requested by deraadt@, ok tb@
2023-05-10cast off_t to long long int for printingOmar Polo
reduces the diff with opensmtpd-portable. ok tb@
2023-04-27revert cache lookup for full pathnamesRobert Nagy
2023-04-25endbr64 is potentially neccessary in the syscall stubs.Theo de Raadt
2023-04-24Since ENTRY() already inserts a BTI instructions so don't add another one.Mark Kettenis
ok patrick@
2023-04-24do a cache lookup as well in case a full pathname is passed to dlopenRobert Nagy
2023-04-19remove duplicate includesJonathan Gray
2023-04-19remove duplicate includeJonathan Gray
feedback tb@
2023-04-13Avoid an overflow in the ELF SYSV ABI hash function.Todd C. Miller
The hash function is supposed to return a value less than or equal to 0x0fffffff. Due to a bug in the sample code supplied with the ELF SYSV ABI documentation, the hash function can overflow on 64-bit systems. Apply the same fix used by GNU libc, MUSL libc and FreeBSD. Prompted by https://maskray.me/blog/2023-04-12-elf-hash-function OK tb@ miod@
2023-04-09Treat symlinks better in $ORIGIN determination in ld.soGreg Steuck
Now symlinking an executable away from the rest of its installation tree no longer prevents it from finding the libraries. This matches the behavior of other OS linkers. Prompted by a behavior change in lang/ghc test suite. Swapped the order of dirname/realpath in _dl_origin_path. Added some regress tests that pass and then bin3 that fails without this change and reflects the behavior needd for lang/ghc. Suggestion by semarie@, OK deraadt@
2023-03-31Call entry point of the executable through register x17. This allows itMark Kettenis
to be a normal C function that starts with "bti c" when BTI contro flow integretry enforcement is in place. Add "bti c" to _dl_bind_start(). Remove unused _rtld_tlsdesc() function to avoid having to add "bti c" to it. ok deraadt@
2023-03-08Delete obsolete /* ARGSUSED */ lint comments.Philip Guenther
ok miod@ millert@
2023-03-02rad_recv: verify length field in received auth_hdr_t before using it.Todd C. Miller
Reported by Peter J. Philipp. OK deraadt@
2023-02-20Adjust inline !libc check to match the intent in ld.soGreg Steuck
right, deraadt@
2023-02-18Lookup the start,len of the "execve" stub in libc.so, and tell the kernelTheo de Raadt
where it is with pinsyscall(). In non-static binaries, kernel execve(2) will now insist upon being called from that small region. Arriving from a different region smells like ROP methodology, and the process is killed.
2023-02-17Remove unused variables; ok millert@Miod Vallat
2023-02-10Explicitly mark the text LOAD as FLAGS(5), meaning RX, with a comment.Theo de Raadt
This is the default value of the linker, but I really like placing the comment "architecturally required data islands".
2023-02-02unify spacing for LOAD FLAGS linesTheo de Raadt
2023-02-02i386 and alpha ld.so also work with X-only text LOAD. There is noTheo de Raadt
hardware enforcement for this, but uvm can some of it's own tricks on occasion.