| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
get that info via the PT_OPENBSD_RANDOM segment info, so kill the symbols
While here, delete the commented out lines for __DYNAMIC as the question
they ask is answered 'no'
ok matthew@ back in May
|
| |
|
|
|
|
|
|
| |
segments to the kernel, ld (2.15), and ld.so. Tested on alpha, amd64,
i386, macppc, and sparc64 (thanks naddy, mpi, and okan!).
Idea discussed for some time; committing now for further testing.
ok deraadt
|
| |
|
|
|
|
| |
ldscripts). Correct the xd and xdc ldscripts (pie and pie + combreloc)
on i386 and add two new variants for pie + combreloc + Z and pie + Z on
all arches. ok drahn@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- extra $(SHELL) and sugar for make (so that files not mode +x still work)
- safer temp file handling
- our W^X binary layout changes in ld
- OpenBSD policy for library file selection in ld
- arm and m88k changes which were not merged in time for official 2.15
- bfd core file handling
- a couple typos
New for 2.15:
- ld(1) and as(1) manpages now generated at build time
- binutils/stabs.c reverted to use our in-tree libiberty for now
- we still use our VIA C3 crypto code over stock binutils, as it recognizes
more instructions
- new emulations for OpenBSD on mips64 machines, to help OpenBSD/sgi
- relaxed %f# handling in gas on OpenBSD/sparc64 (same as was in 2.14)
Tested on all platforms by various people; special thanks to sturm@ and
otto@.
|
| | |
|
| |
|
|
|
|
|
| |
of sections were moved for protections purposes. This causes problems
with emacs undump. Only move the sections if the W^X padding is active.
Generate the scripts properly for newer binutils, on i386 if -Z is
active, move the executable start address back to the classic base address.
|
| | |
|
| |
|
|
| |
remove testsuites (not useable) remove mmalloc (not part of new binutils).
|
| | |
|
| |
|
|
| |
and the location of the GOT. reorder GOT and the CTOR/DTOR section.
|
| | |
|
| |
|
|
|
|
| |
RODATA_* align macros to preserve current behavior on other
archs and allow for 1G sep between beginning of exe and beginning of data
DARPA funded work.
|
| | |
|
| |
|
|
|
|
|
|
| |
of putting it with the text. This removes the execute permission
from readonly data. This constrains the executable region to portions
of the executable which need to be executable. Note: not all processors
or mmus are capable of -X protection at the page level, but should
handle ELF images which specify specific RWX protections on each section.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
executable regions which are writable. If a section of an executable is
writable and executable, it is much easier for errant code to modify the
executable's behavior.
Two current areas in shared library environments which have this
critical problem are the GOT (Global Offset Table) and PLT (Procedure
Linkage Table). The PLT is required to be executable and both GOT and
PLT are writable on most architectures. On most ELF architecture
machines this would cause shared libraries to have data and BSS marked
as executable.
Padding to the linker script for programs and shared libraries/objects
to isolate the GOT and PLT into their own load sections in the
executables. This allows only the text(readonly) region and the PLT
region to be marked executable with the normal data and BSS not marked
as executable. The PLT region is still marked executable on most
architectures because the PLT lives in the "data" or "BSS" regions
and the dynamic loader will need to modify it. Since the GOT and PLT
should only ever be written by the dynamic linker, it will be modified
to mprotect those regions so that they are not writable during normal
execution. If the dynamic linker needs to modify the regions later,
(eg for lazy binding), it will mprotect the region, make the necessary
changes, and mprotect it back. Since it is possible to receive a
signal which would interrupt the program flow and perhaps cause the
dynamic linker to modify the same (or nearby) PLT references, it is now
necessary for signals to be blocked for the duration of the mprotect.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
- only the binutils package (no gdb here)
- don't import libiberty and texinfo, they are elsewhere
- remove all .info* generated files
|
| |
|
|
| |
of a program is done...
|
| |
|
|
| |
bug-fixes...
|
| |
|
|
| |
(trivial part done, `interesting' patches remain)
|
| | |
|
| |
|
|
|
|
| |
- only the binutils package (no gdb here)
- don't import libiberty and texinfo, they are elsewhere
- remove all .info* generated files
|
| | |
|
| |
|
|
|
| |
the shm sizing method it uses for the moment, so loading many shlibs
effectively makes a proram run out of VM.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
guenther
matthew
kurt
miod
drahn
mickey
fgsch
espie
niklas
pefo