| Age | Commit message (Collapse) | Author |
|---|
|
ok tedu@
|
|
print SKIPPED. This helps to detect such incomplete tests.
OK anton@
|
|
OK deraadt@
|
|
with base gcc, whereas with clang it causes an error.
Suggested by and OK kettenis@
|
|
ok kettenis@ deraadt@
|
|
compiler flags. Pass DIST_CFLAGS from the crunchgen-generated .mk
file.
Compile the install media with -fno-unwind-tables to avoid emitting
.eh_frame sections. This saves substantial space on amd64.
with/ok kettenis@
|
|
OK anton@ benno@
|
|
OK anton@ jca@ tb@ benno@
|
|
|
|
will be installed as /usr/bin/ld.bfd on supported systems. This allows
users to fall back on the old linker by using the -fuse-ld=bfd option on
systems where lld is the default linker.
Switch armv7 to use lld as the default linker. On arm64 we already use lld
as the default linker. Other platforms will keep using the GNU linker for
now.
ok patrick@, deraadt@, phessler@
|
|
random cookies to protect access to function return instructions, with the
effect that the integrity of the return address is protected, and function
return instructions are harder to use in ROP gadgets.
On function entry the return address is combined with a per-function random
cookie and stored in the stack frame. The integrity of this value is verified
before function return, and if this check fails, the program aborts. In this way
RETGUARD is an improved stack protector, since the cookies are per-function. The
verification routine is constructed such that the binary space immediately
before each ret instruction is padded with int03 instructions, which makes these
return instructions difficult to use in ROP gadgets. In the kernel, this has the
effect of removing approximately 50% of total ROP gadgets, and 15% of unique
ROP gadgets compared to the 6.3 release kernel. Function epilogues are
essentially gadget free, leaving only the polymorphic gadgets that result from
jumping into the instruction stream partway through other instructions. Work to
remove these gadgets will continue through other mechanisms.
Remaining work includes adding this mechanism to assembly routines, which must
be done by hand. Many thanks to all those who helped test and provide feedback,
especially deaadt, tb, espie and naddy.
ok deraadt@
|
|
|
|
ok deraadt@
|
|
ok patrick@
|
|
compatibility layer.
|
|
ok guenther@
|
|
one location under /usr/share/relink.
Be more specific in src/etc/rc reorder_libs() what filesystems
need r/w remount and ensure that their mount state is restored.
Idea and positive feedback from deraadt@
OK aja@ tb@
|
|
ok jsg@, patrick@, deraadt@
|
|
any longer; ok espie@ deraadt@
|
|
|
|
ok espie@
|
|
deleting ../ in the path
|
|
but keep gcc4 in the build for these as well
ok deraadt@
|
|
|
|
clang optimizes better for size with -Oz so use that as a default to avoid
overflowing the ramdisk floppies. gcc now accepts -Oz as an alias for -Os.
ok kettenis@
|
|
okay schwarze@
|
|
years ago when we formatted manual pages at build time.
Opportunity for cleanup discovered by espie@.
Make build & release in base and Xenocara checked myself,
and checked in a bulk build by ajacoutot@.
OK espie@ millert@ deraadt@
|
|
Outdated terminology noticed by espie@.
|
|
remnant from the remote past when we used to install preformatted
manuals.
2. The list of files deleted by the clean target grew out of date
and was incomplete, but we already know that it will change again
soon, so delete overdocumentation.
Feedback and OK espie@.
|
|
bsd.sys.mk more specific; wording with one tweak from espie@
|
|
|
|
closely related to. Delete the example involving PARALLEL, which no
longer exists. Instead, add a different example involving yacc(1).
OK espie@
|
|
instead of using / where the libraries are re-ordered on reboot
ok aja@
|
|
|
|
|
|
"noticed" by Ingo.
|
|
|
|
proper english usage and okay jmc@
|
|
by using alternate setup
PROGS = a b c along with SRCS_a = ... , SRCS_b = ... , SRCS_c = ...
okay millert@
|
|
files. This fixes up parallel builds in the default case.
FreeBSD does something similar.
okay millert@
|
|
no functional change
|
|
this specific rule is only triggered twice in the whole ports tree
(sysutils/xjobs and print/l2a)
This fixes them
|
|
make -j will be happier.
okay millert@
|
|
don't include .d files during obj and cleanup, because those files might
be utterly bogus following an untimely reboot.
This allows cleaning stuff up without needing to manually remove those
files.
okay millert@, kettenis@
|
|
|
|
kernel Makefiles (thank you!), also add lex and yacc generated files to
that list.
Let those lex/yacc variables be defined for bsd.lib.mk as well.
Complete the SRCS -> OBJS hints with the library dependency
This should fix most dependency problems.
Commit now, so that people can check if something else is still amiss.
krw@ agrees
|
|
the old mkdep run did walk the SRCS list and write those as a side-effect.
Without this, bsd.prog.mk .SUFFIXES order will have OBJS depend on the
wrong src file.
Causes of the alpha/stand/bootxx breakage.
|
|
on the command line, things will still work
|
|
commit the right DEPS definition.
|
|
I asked jmc, told me to go ahead and he'd review it when he can.
|
