Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

Mark usage function as __dead2 in programs where it does not return

In most cases, usage does not return, so mark them as __dead2. For the
cases where they do return, they have not been marked __dea

Mark usage function as __dead2 in programs where it does not return

In most cases, usage does not return, so mark them as __dead2. For the
cases where they do return, they have not been marked __dead2.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/735

show more ...

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

show more ...

elfctl: whitespace cleanup

Reported by: jrm (in review D34283)

elfctl: fix operations with multiple features on multiple files

Previously an invocation like

elfctl -e +feature1,feature2 file1 file2

would set both feature flags in file 1 but only feature1 in

elfctl: fix operations with multiple features on multiple files

Previously an invocation like

elfctl -e +feature1,feature2 file1 file2

would set both feature flags in file 1 but only feature1 in file2 (due
to the string being modified by strsep()).

Reported by: jrm
Tested by: jrm
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34283

show more ...

elfctl: fix -e invalid operation error handling

Validate the operation prior to parsing the feature string, so that e.g.
-e 0x1 reports invalid operation '0' rather than invalid feature 'x11'.
Also

elfctl: fix -e invalid operation error handling

Validate the operation prior to parsing the feature string, so that e.g.
-e 0x1 reports invalid operation '0' rather than invalid feature 'x11'.
Also make it an error rather than a warning, so that it is not repeated
if multiple files are specified.

(Previously an invalid operation resulted in a segfault.)

MFC after: 3 days
Sponsored by: The FreeBSD Foundation

show more ...

elfctl: error if -e is specified multiple times

Reported by: jrm
MFC after: 3 days
Sponsored by: The FreeBSD Foundation

exec: Remove the stack gap implementation

ASLR stack randomization will reappear in a forthcoming commit. Rather
than inserting a random gap into the stack mapping, the entire stack
mapping itself

exec: Remove the stack gap implementation

ASLR stack randomization will reappear in a forthcoming commit. Rather
than inserting a random gap into the stack mapping, the entire stack
mapping itself will be randomized in the same way that other mappings
are when ASLR is enabled.

No functional change intended, as the stack gap implementation is
currently disabled by default.

Reviewed by: kib
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33704

show more ...

elfctl: avoid touching file if no change made

Suggested by: brooks
Reviewed by: brooks, markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.or

elfctl: avoid touching file if no change made

Suggested by: brooks
Reviewed by: brooks, markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30452

show more ...

usr.bin/elfctl: Allow for cross-endian operations.

Detect if host endian is different than target endian and swap
byte order of ELF note fields instead of failing.

Submitted by: Dawid Gorecki <dgr@

usr.bin/elfctl: Allow for cross-endian operations.

Detect if host endian is different than target endian and swap
byte order of ELF note fields instead of failing.

Submitted by: Dawid Gorecki <dgr@semihalf.com>
Reviewed by: imp
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D29550

show more ...

elfctl: Fix type errors.

Target value for val has uint32_t type, not uint, adjust used constant.
Change val type to unsigned so that left and right sides of comparision
operator do not expose differ

elfctl: Fix type errors.

Target value for val has uint32_t type, not uint, adjust used constant.
Change val type to unsigned so that left and right sides of comparision
operator do not expose different signed types of same range [*].

Switch to unsigned long long and strtoll(3) so that 0x80000000 is
accepted by conversion function [**].

Reported by: kargl [*]
Noted by: emaste [**]
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28301

show more ...

elfctl: fix typo from last-minute refactoring

Reported by: jkim
Fixes: 86f33b5fcf6087bf4439881011b920ff99e6e300

elfctl: allow features to be specified by value

This will allow elfctl on older releases to set bits that are not yet
known there, so that the binary will have the correct settings applied
if run on

elfctl: allow features to be specified by value

This will allow elfctl on older releases to set bits that are not yet
known there, so that the binary will have the correct settings applied
if run on a later FreeBSD version.

PR: 252629 (related)
Suggested by: kib
Reviewed by: gbe (manpage, earlier), kib
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28284

show more ...

elfctl: prefix disable flags with "no"

Some ELF feature flags indicate a request to opt-out of some feature,
for example NT_FREEBSD_FCTL_ASLR_DISABLE indicates that ASLR should be
disabled for the t

elfctl: prefix disable flags with "no"

Some ELF feature flags indicate a request to opt-out of some feature,
for example NT_FREEBSD_FCTL_ASLR_DISABLE indicates that ASLR should be
disabled for the tagged binary. Using "aslr" as the short name for the
flag is confusing as it seems to indicate a request for ASLR to be
enabled. Rename "noaslr", and make a similar change for other opt-out
flags.

Reviewed by: bapt, manu, markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28139

show more ...

elfctl: add backwards compatibility for "no" prefixes

I am going to prefix opt-out ELF feature flag names with "no" to make
their meaning more clear (review D28139), but there are some uses of the
e

elfctl: add backwards compatibility for "no" prefixes

I am going to prefix opt-out ELF feature flag names with "no" to make
their meaning more clear (review D28139), but there are some uses of the
existing names already (e.g., the PR referenced below).

For now accept the older, unprefixed name as well, and emit a warning.
We can revert this after FreeBSD 13 branches.

% elfctl -e +aslr foo
elfctl: interpreting aslr as noaslr; please specify noaslr

PR: 239873 (related)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28140

show more ...

elftcl: add -i flag to ignore unknown flags

This may allow an identical elfctl invocation to be used on multiple
FreeBSD versions, with features not implemented on older releases being
silently igno

elftcl: add -i flag to ignore unknown flags

This may allow an identical elfctl invocation to be used on multiple
FreeBSD versions, with features not implemented on older releases being
silently ignored.

PR: 252629 (related)
Reviewed by: kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28130

show more ...

Add ELF flag to disable ASLR stack gap.

Also centralize and unify checks to enable ASLR stack gap in a new
helper exec_stackgap().

PR: 239873
Sponsored by: The FreeBSD Foundation
MFC after: 1 week

Reserve FreeBSD ELF feature control bit LA48 to control VA layout on amd64.

Tested by: pho
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D25273

elfctl: remove memory leak

CID: 1420356
Reported by: Coverity Scan
Sponsored by: The FreeBSD Foundation

Reserve WXNEEDED ELF feature control flag

This will be used to tag binaries that require W+X mappings, in advance
of the ability to prevent W^X in mmap/mprotect.

There is still some discussion abou

Reserve WXNEEDED ELF feature control flag

This will be used to tag binaries that require W+X mappings, in advance
of the ability to prevent W^X in mmap/mprotect.

There is still some discussion about the flag's name, but the ABI won't
change even if the name does (as kib pointed out in the review).

Reviewed by: csjp, kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D23909

show more ...

elfctl: check read return value

CID: 1420212, 1420213
Reported by: Coverity Scan
Sponsored by: The FreeBSD Foundation

elfctl: style(9): use C99 uintX_t types

Sponsored by: The FreeBSD Foundation

elfctl: tiny style(9) cleanup, use bool where appropriate

elfctl: initialize features

GCC points out a couple levels down in convert_to_features that this may be
used uninitialized. Indeed, this is true- initialize it to NULL so that we
at least deref a nu

elfctl: initialize features

GCC points out a couple levels down in convert_to_features that this may be
used uninitialized. Indeed, this is true- initialize it to NULL so that we
at least deref a null pointer.

show more ...

Move ELF feature note tool to usr.bin/elfctl

elfctl is a tool for modifying the NT_FREEBSD_FEATURE_CTL ELF note,
which contains a set of flags for enabling or disabling vulnerability
mitigations and

Move ELF feature note tool to usr.bin/elfctl

elfctl is a tool for modifying the NT_FREEBSD_FEATURE_CTL ELF note,
which contains a set of flags for enabling or disabling vulnerability
mitigations and other features.

Reviewed by: csjp, kib
MFC after: 2 weeks
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D23910

show more ...