Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-11-02 | ld.so's malloc has no runtime option processing, so remove the | Otto Moerbeek | |
setting flags and replace them by constants. ok deraadt@ guenther@ | |||
2018-10-25 | The compilers already put static arrays in .rodata when not written to; | Philip Guenther | |
marking them const will keep a source change from silently moving them back to .data ok deraadt@ kettenis@ | |||
2018-10-25 | When spamd(8) runs in greylist mode in the parent process (which runs | Ricardo Mestre | |
greywatcher()) we know that the only files that it will ever access are PATH_SPAMD_DB in rw mode, alloweddomains_file in r and that it will need to execute PATH_PFCTL so we can unveil(2) them with those permissions. OK deraadt@ millert@ beck@ | |||
2018-10-25 | The only file that spamlogd(8) needs to access after calling pledge(2) is | Ricardo Mestre | |
PATH_SPAMD_DB, so unveil(2) it with O_RDWR permissions. OK millert@ beck@ | |||
2018-10-23 | Delay processing of ld.so's own PT_GNU_RELRO section until after environment | Philip Guenther | |
processing and malloc initialization, and then move variables set by those steps, including malloc's mopts structure, into the .data.rel.ro segment. This protects more data and eliminates the extra padding of the mopts. ok kettenis@ | |||
2018-10-22 | More "explicitely" -> "explicitly" in various comments. | Kenneth R Westerback | |
ok guenther@ tb@ deraadt@ | |||
2018-10-22 | Use int, not char*, for booleans | Philip Guenther | |
ok millert@ | |||
2018-10-01 | Add retguard to arm64 ld.so. | mortimer | |
ok kettenis@ | |||
2018-09-30 | Remove the hopefully last remnants of kerberos in there: arg_login, | Antoine Jacoutot | |
arg_notickets and invokinguser. ok kn@ millert@ | |||
2018-09-25 | document HUP; | Jason McIntyre | |
based on a diff from katherine rohl, shortened by request of deraadt | |||
2018-09-24 | unveil maildir, utmp, /tmp, and /dev. For the vast number of people | Theo de Raadt | |
using biff. | |||
2018-09-24 | unveil(2) in getty. This has been in snaps for more than 2 months, | Theo de Raadt | |
since I worry that a mistake in here will cause significant grief. | |||
2018-09-02 | update tradcpp to 0.5.2 | Jonathan Gray | |
ok miko@ bcallah@ deraadt@ | |||
2018-08-29 | make ld.so build reproducible by including a FILE symbol and by removing | Robert Nagy | |
-x from ld; this is only used for syspatch creation so builds are still randomized just as before ok guenther@ | |||
2018-08-08 | lockspool only plays with files in _PATH_MAILDIR, so unveil that path. | Theo de Raadt | |
2018-08-03 | Move pledge to after getopt, when the finger program becomes known | Theo de Raadt | |
(defaults to /usr/bin/finger, but can be redefined with -P option). Then unveil that program for "x" (execution), and pledge as before. No other filesystem accesses occur after that point. | |||
2018-07-24 | Fix address calculation for _DYNAMIC. We want to address of _DYNAMIC itself, | Mark Kettenis | |
not the address of its GOT entry. The current code mixed the high bits of the GOT entry address with the low bits of the true address. This only worked by accident for small binaries where _DYNAMIC and its GOT entry happen to reside on the same page. ok guenther@, mortimer@ | |||
2018-07-09 | unify the various per-arch syscall.h as much as possible | Theo de Raadt | |
ok kettenis guenther | |||
2018-06-28 | add missing ${LIBCRYPTO} to DPADD | Gleydson Soares | |
OK deraadt@ millert@ jca@ | |||
2018-06-16 | Add add PIE support for m88k (requires gcc4 toolchain) | Philip Guenther | |
Convert __cerror to hidden visibility. from miod@ | |||
2018-06-14 | silence a compiler warning | Gleydson Soares | |
OK millert | |||
2018-06-13 | Call pledge(2) earlier before opening the auth channel and readpassphrase() | Reyk Floeter | |
Before this change, only the password validation was pledged, now it also includes some more code including the "Password:" prompt. To pledge the code earlier, the getpwnam_shadow() had to be moved up - it works under "getpw" but it does not return the actual password hash under pledge. This also works with yp(ldap). OK deraadt@ tb@ brynet@ | |||
2018-06-13 | Remove #ifdef PASSWD, it was always enabled and is a leftover from krb5 days. | Reyk Floeter | |
No other uses of -DPASSWD were found in the tree. OK deraadt@ tb@ brynet@ | |||
2018-06-08 | Bail out if fchmod(2) fails. | cheloha | |
Don't quietly install ld.so.hints with mode 0600 because this adds overhead to shlib lookup for non-root processes. From Nan Xiao. ok guenther@ | |||
2018-06-01 | Bump ELF_RANDOMIZE_LIMIT to 1MB. | mortimer | |
ok deraadt@ | |||
2018-05-15 | On arm64 negate the whole 64-bit register otherwise system call wrappers | Mark Kettenis | |
that return ssize_t will not return a negative value upon error. Fixes dynamical loading of shared objects using dlopen(). ok guenther@ | |||
2018-05-01 | Add an explanation to relink.log what a failed checksum of /bsd | Robert Peichaer | |
means and show how to re-enable KARL. Prodded by and OK deraadt Feedback and OK tb | |||
2018-04-27 | Make sure ld.so doesn't use floating point registers, as the lazy-binding | Philip Guenther | |
stub doesn't preserve them and some may be used for passing arguments ok kettenis@ deraadt@ mlarkin@ | |||
2018-04-26 | Use <fcntl.h> instead of <sys/file.h> for open() and friends. | Philip Guenther | |
Delete a bunch of unnecessary #includes and sort to match style(9) while doing the above cleanup. ok deraadt@ krw@ | |||
2018-04-26 | nuke trailing whitespace | Bob Beck | |
2018-03-09 | Add support for the DF_TEXTREL flag. | Mark Kettenis | |
ok patrick@, millert@ | |||
2018-02-09 | Use a static chacha instance to fill randomdata sections. Avoids looping | mortimer | |
over a syscall for randomdata sections larger than 256B. ok djm@ deraadt@ kettenis@ | |||
2018-02-07 | sync with libc malloc: use consistent style for for loop in unmap(), | Otto Moerbeek | |
no functional change | |||
2018-02-04 | Expand Type strings by one space, to fit ld.so, in the same ugly way "exe " | Theo de Raadt | |
was being handled. | |||
2018-02-01 | don't forget to increment loop var; infinite loops spotted by sthen@ | Otto Moerbeek | |
2018-01-30 | No need to add ffs.c as we use .VPATH to reach over into libc/string. | Mark Kettenis | |
ok otto@ | |||
2018-01-30 | provide ffs, gcc generates calls to it, even when __builtin_ffs() is used. | Otto Moerbeek | |
ok deraadt@ | |||
2018-01-30 | kill a gcc warning | Otto Moerbeek | |
2018-01-30 | port over the malloc changes from libc. prompted by deraadt@ | Otto Moerbeek | |
2018-01-18 | Unlike other archs, mips64 needs ld.so to know about symbol visibility and | Philip Guenther | |
skip symbol lookup on protected symbols. Add visibility #defines to <sys/exec_elf.h> to support that. ok kettenis@ visa@ | |||
2017-12-24 | Fix one possible buffer overflow and one underflow. Also some minor | Todd C. Miller | |
cleanups. From Jan Kokemueller. OK deraadt@ | |||
2017-12-21 | Implement missing bits to support lazy binding. Note that the code | Mark Kettenis | |
deliberately does not save the floating-point argument registers before calling _dl_bind(). Doing so would force an FPU context switch upon every function call through the PLT. But since we compile ld.so with -march=armv8-a+nofp+nosimd this is safe since nothing in the _dl_bind() codepath uses he FPU registers. ok guenther@, drahn@ | |||
2017-12-12 | ld.so's syscall _dl_* API/ABI doesn't reurn errno, but -errno. | Theo de Raadt | |
Reviewing behaviour artifacts with pledge, I discover a close(-ENOSYS).. ok guenther | |||
2017-12-12 | spacing | Theo de Raadt | |
2017-12-08 | also cleanout ld.so.a | Theo de Raadt | |
2017-12-08 | Everyone knows this as ld.so, nor by the ancient name rtld. | Theo de Raadt | |
ok guenther | |||
2017-12-01 | Redo the calculation of the alignment and placement of static TLS data to | Philip Guenther | |
correctly take into account the segment p_align. Previously, anything with a size belong the natural alignment or with alignment larger than the natural one would either not be intialized correctly, be misaligned, or result in the TIB being misaligned. Problems reported by Charles Collicutt (charles (at) collicutt.co.uk) ok kettenis@ | |||
2017-11-28 | Implement a DL_REFERENCE dlctl. To be used by the upcoming | Mark Kettenis | |
__cxa_thread_atexit() implementation. ok guenther@ | |||
2017-11-15 | Tweak bitmask calculation to match i386 and avoid clang warning. | Mark Kettenis | |
ok tom@ | |||
2017-11-05 | Consolidate lib.so.*.a, ld.so.a and the kernel relink kit into | Robert Peichaer | |
one location under /usr/share/relink. Be more specific in src/etc/rc reorder_libs() what filesystems need r/w remount and ensure that their mount state is restored. Idea and positive feedback from deraadt@ OK aja@ tb@ |