| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
to builtins like mem{set,cpy,move} and __stack_smash_handler. So, when
building with clang, instead mark those as protected visibility to get rid
of the PLT relocations. We can't take the address of them then, but that's
ok: it's a build-time error not a run-time error.
ok kettenis@
|
| |
|
|
|
|
| |
as osendsyslog for a while. The three argument variant is the only
one that will stay.
input kettenis@; OK deraadt@
|
| |
|
|
|
|
| |
in libc's hidden/stdlib.h instead of in each .c file that needs one
ok deraadt@ gsoares@ mpi@
|
| | |
|
| |
|
|
|
|
|
|
| |
string using simpler strings functions and use sendsyslog2() directly.
Also, use the LOG_CONS flag so that single-user reports are more clear.
Use a buffer size of 1024 (from bluhm)
discussed with guenther and matthew
ok millert
|
| |
|
|
|
|
|
|
|
|
|
|
| |
thrkill(2), rolling the kill(2) syscall number with the ABI change to
avoid breaking binaries during during the transition. thrkill(2) includes
a 'tcb' argument that eliminates the need for locking in pthread_kill()
and simplifies pthread_cancel(). Switch __stack_smash_handler() to use
thrkill(2) and explicitly unblock SIGABRT.
Minor bump to both libc and libpthread: make sure you install a new kernel!
ok semarie@
|
| |
|
|
|
|
|
|
|
|
|
| |
stubs for the executable from crtbegin.o into libc, which lets them be
excluded from static links that don't use them.
For this, drop the normal crt{begin,end}S.o from libc.so: the .init and .fini
sections for libc aren't called at the right times anyway, so it's good that
they're unused. libc.so just needs __guard_local and the .note.openbsd.ident
section, so add them to stack_protector.c for now (this will be improved)
"good time" deraadt@
|
| |
|
|
|
|
|
|
| |
so that we can provide asm labels for the memcpy/memset/__stack_smash_handler
calls that it generates ab initio. Eliminate direct #includes of it. Make
sure it's a dependency of all objects (unnecessary for asm, but close enough).
ok deraadt@
|
| |
|
|
| |
review by millert, binary checking process with doug, concept with guenther
|
| |
|
|
|
| |
for a while already
ok miod kettenis
|
| |
|
|
|
| |
since the kernel supplies a .openbsd.randomdata segment.
ok matthew miod guenther
|
| |
|
|
| |
ok miod matthew
|
| |
|
|
|
|
| |
too early to assume that everyone has updated their compiler
toolchains, and it seems to cause problems at least on armish when an
out-of-date binutils is used.
|
| |
|
|
|
|
|
|
|
|
| |
initializing their __guard values. For the time being, we're leaving
libc's constructor method as a backup to make sure __guard actually
gets initialized and to emit syslog warnings when it's not.
Not really an ABI change, so no shlib bump... "hold on to your butts"
ok deraadt, kettenis
|
| | |
|
| |
|
|
|
|
|
| |
and remove fallback code. If somebody is dumb enough to make the
sysctl fail using systrace, he deserves what he gets. Saves 7 syscalls
on process startup.
looks good miod@ ok deraadt@ tedu@
|
| |
|
|
|
|
| |
Kill old files that are no longer compiled.
okay theo
|
| | |
|
| |
|
|
|
|
| |
wrapper.
ok deraadt@ millert@
|
| |
|
|
| |
ok tedu@
|
| | |
|
| | |
|
| | |
|
|
|
attack protection scheme, into gcc.
This protection is enabled by default. It can be turned off by using the
-fno-stack-protector flag.
Code by Hiroaki Etoh (etoh at jp dot ibm dot com); work on openbsd-specific
integration by fgsch@, deraadt@ and myself; tests by fgsch@, naddy@ and
myself; beer drinking by myself.
Please note that system upgrades with this new code will require a new
libc and ld.so to be build and installed before the propolice-enabled
compiler can be installed.
|
guenther
bluhm
canacar
deraadt
matthew
otto
espie
miod
david
etoh