| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
syscall) confirm the stack register points at MAP_STACK memory, otherwise
SIGSEGV is delivered. sigaltstack() and pthread_attr_setstack() are modified
to create a MAP_STACK sub-region which satisfies alignment requirements.
Observe that MAP_STACK can only be set/cleared by mmap(), which zeroes the
contents of the region -- there is no mprotect() equivalent operation, so
there is no MAP_STACK-adding gadget.
This opportunistic software-emulation of a stack protection bit makes
stack-pivot operations during ROPchain fragile (kind of like removing a
tool from the toolbox).
original discussion with tedu, uvm work by stefan, testing by mortimer
ok kettenis
|
| | |
|
| |
|
|
|
|
| |
Bump lib minor
ok otto@ kurt@ marc@; doc review by jmc@
|
| |
|
|
|
| |
Correct misnaming in STANDARDS section
ok brad@ otto@
|
| | |
|
| |
|
|
|
|
| |
From: FreeBSD's libc_r
ok marc@
|
| |
|
|
| |
also new sentence, new line.
|
| |
|
|
|
| |
these are all David Leonard, and Public Domain
ok deraadt@
|
| |
|
|
|
|
|
| |
o) always close .Bl tags;
o) fix usage of .Xr;
millert@ ok
|
| | |
|
| | |
|
| |
|
deraadt
tedu
guenther
jmc
brad
mpech
aaron
d