diff options
| author |   deraadt <deraadt@openbsd.org> | 2016-05-10 18:39:40 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2016-05-10 18:39:40 +0000 |
| commit | 7730d1d9cb84cef07e5a404bafac47d7e8e531c6 (patch) | |
| tree | ad036b14ced3b636562575a7b22fbfd1974fda32 /sys/kern/exec_elf.c | |
| parent | The hppa trapframe PC is marked (in the low two bits) to indicate a (diff) | |
| download | wireguard-openbsd-7730d1d9cb84cef07e5a404bafac47d7e8e531c6.tar.xz wireguard-openbsd-7730d1d9cb84cef07e5a404bafac47d7e8e531c6.zip | |
SROP mitigation. sendsig() stores a (per-process ^ &sigcontext) cookie
inside the sigcontext. sigreturn(2) checks syscall entry was from the
exact PC addr in the (per-process ASLR) sigtramp, verifies the cookie,
and clears it to prevent sigcontext reuse.
not yet tested on landisk, sparc, *88k, socppc.
ok kettenis
Diffstat (limited to 'sys/kern/exec_elf.c')
| -rw-r--r-- | sys/kern/exec_elf.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c index 1c607ddf3aa..bc344f334b2 100644 --- a/sys/kern/exec_elf.c +++ b/sys/kern/exec_elf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf.c,v 1.120 2016/02/28 15:46:18 naddy Exp $ */ +/* $OpenBSD: exec_elf.c,v 1.121 2016/05/10 18:39:51 deraadt Exp $ */ /* * Copyright (c) 1996 Per Fogelstrom @@ -108,7 +108,7 @@ void ELFNAME(load_psection)(struct exec_vmcmd_set *, struct vnode *, Elf_Phdr *, Elf_Addr *, Elf_Addr *, int *, int); int ELFNAMEEND(coredump)(struct proc *, void *); -extern char sigcode[], esigcode[]; +extern char sigcode[], esigcode[], sigcoderet[]; #ifdef SYSCALL_DEBUG extern char *syscallnames[]; #endif @@ -145,6 +145,7 @@ struct emul ELFNAMEEND(emul) = { ELFNAMEEND(coredump), sigcode, esigcode, + sigcoderet, EMUL_ENABLED | EMUL_NATIVE, }; |