| #
ea6088e7 |
| 29-Nov-2017 |
guenther <guenther@openbsd.org> |
clang doesn't propagate attributes like "asm labels" and "visibility(hidden)"
to builtins like mem{set,cpy,move} and __stack_smash_handler. So, when
building with clang, instead mark those as protec
clang doesn't propagate attributes like "asm labels" and "visibility(hidden)"
to builtins like mem{set,cpy,move} and __stack_smash_handler. So, when
building with clang, instead mark those as protected visibility to get rid
of the PLT relocations. We can't take the address of them then, but that's
ok: it's a build-time error not a run-time error.
ok kettenis@
show more ...
|
| #
46afc4a4 |
| 21-Mar-2016 |
bluhm <bluhm@openbsd.org> |
Rename the system call sendsyslog2 to sendsyslog. Keep the old one
as osendsyslog for a while. The three argument variant is the only
one that will stay.
input kettenis@; OK deraadt@
|
| #
e4224292 |
| 13-Mar-2016 |
guenther <guenther@openbsd.org> |
environ and __progname are not declared in a public header; declare them
in libc's hidden/stdlib.h instead of in each .c file that needs one
ok deraadt@ gsoares@ mpi@
|
| #
2282c45e |
| 01-Dec-2015 |
canacar <canacar@openbsd.org> |
use strlcat instead of strlcpy with modified arguments. ok deraadt@
|
| #
0e278963 |
| 25-Nov-2015 |
deraadt <deraadt@openbsd.org> |
Rather than using syslog(3) (which pulls in snprintf), creating the report
string using simpler strings functions and use sendsyslog2() directly.
Also, use the LOG_CONS flag so that single-user repor
Rather than using syslog(3) (which pulls in snprintf), creating the report
string using simpler strings functions and use sendsyslog2() directly.
Also, use the LOG_CONS flag so that single-user reports are more clear.
Use a buffer size of 1024 (from bluhm)
discussed with guenther and matthew
ok millert
show more ...
|
| #
60d49506 |
| 10-Nov-2015 |
guenther <guenther@openbsd.org> |
Split the intra-thread functionality from kill(2) into its own syscall
thrkill(2), rolling the kill(2) syscall number with the ABI change to
avoid breaking binaries during during the transition. thr
Split the intra-thread functionality from kill(2) into its own syscall
thrkill(2), rolling the kill(2) syscall number with the ABI change to
avoid breaking binaries during during the transition. thrkill(2) includes
a 'tcb' argument that eliminates the need for locking in pthread_kill()
and simplifies pthread_cancel(). Switch __stack_smash_handler() to use
thrkill(2) and explicitly unblock SIGABRT.
Minor bump to both libc and libpthread: make sure you install a new kernel!
ok semarie@
show more ...
|
| #
6897476f |
| 10-Nov-2015 |
guenther <guenther@openbsd.org> |
libc.so can't be unloaded, so move the hidden atexit() and pthread_atfork()
stubs for the executable from crtbegin.o into libc, which lets them be
excluded from static links that don't use them.
For
libc.so can't be unloaded, so move the hidden atexit() and pthread_atfork()
stubs for the executable from crtbegin.o into libc, which lets them be
excluded from static links that don't use them.
For this, drop the normal crt{begin,end}S.o from libc.so: the .init and .fini
sections for libc aren't called at the right times anyway, so it's good that
they're unused. libc.so just needs __guard_local and the .note.openbsd.ident
section, so add them to stack_protector.c for now (this will be improved)
"good time" deraadt@
show more ...
|
| #
e6f98e3a |
| 10-Sep-2015 |
guenther <guenther@openbsd.org> |
Pull in namespace.h when building all .c files using gcc's -include option,
so that we can provide asm labels for the memcpy/memset/__stack_smash_handler
calls that it generates ab initio. Eliminate
Pull in namespace.h when building all .c files using gcc's -include option,
so that we can provide asm labels for the memcpy/memset/__stack_smash_handler
calls that it generates ab initio. Eliminate direct #includes of it. Make
sure it's a dependency of all objects (unnecessary for asm, but close enough).
ok deraadt@
show more ...
|
| #
aea60bee |
| 16-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther
|
| #
b42c354f |
| 28-Dec-2013 |
deraadt <deraadt@openbsd.org> |
Do not need __guard[] anymore since we are now relying on __guard_local
for a while already
ok miod kettenis
|
| #
9bb65f61 |
| 27-Dec-2013 |
deraadt <deraadt@openbsd.org> |
do not need to create the stack cookie using a constructor anymore,
since the kernel supplies a .openbsd.randomdata segment.
ok matthew miod guenther
|
| #
9d256a1d |
| 27-Dec-2013 |
deraadt <deraadt@openbsd.org> |
remove non-openbsd.randomdata parts
ok miod matthew
|
| #
910c9818 |
| 24-Aug-2012 |
matthew <matthew@openbsd.org> |
Don't attempt to warn about uninitialized __guard values yet. It's
too early to assume that everyone has updated their compiler
toolchains, and it seems to cause problems at least on armish when an
Don't attempt to warn about uninitialized __guard values yet. It's
too early to assume that everyone has updated their compiler
toolchains, and it seems to cause problems at least on armish when an
out-of-date binutils is used.
show more ...
|
| #
119111e6 |
| 22-Aug-2012 |
matthew <matthew@openbsd.org> |
Change ld.so and libc to use .openbsd.randomdata on ELF platforms for
initializing their __guard values. For the time being, we're leaving
libc's constructor method as a backup to make sure __guard
Change ld.so and libc to use .openbsd.randomdata on ELF platforms for
initializing their __guard values. For the time being, we're leaving
libc's constructor method as a backup to make sure __guard actually
gets initialized and to emit syslog warnings when it's not.
Not really an ABI change, so no shlib bump... "hold on to your butts"
ok deraadt, kettenis
show more ...
|
| #
3fb315b1 |
| 31-Mar-2006 |
deraadt <deraadt@openbsd.org> |
ARGSUSED where needed
|
| #
05aaf954 |
| 30-Nov-2005 |
otto <otto@openbsd.org> |
Use sysctl(KERN_ARND) to get n bytes, instead of just 4 at a time
and remove fallback code. If somebody is dumb enough to make the
sysctl fail using systrace, he deserves what he gets. Saves 7 syscal
Use sysctl(KERN_ARND) to get n bytes, instead of just 4 at a time
and remove fallback code. If somebody is dumb enough to make the
sysctl fail using systrace, he deserves what he gets. Saves 7 syscalls
on process startup.
looks good miod@ ok deraadt@ tedu@
show more ...
|
| #
c2c925de |
| 08-Aug-2005 |
espie <espie@openbsd.org> |
zap remaining rcsid.
Kill old files that are no longer compiled.
okay theo
|
| #
1b24ffd0 |
| 14-Sep-2004 |
deraadt <deraadt@openbsd.org> |
lint says unsigned...
|
| #
1109a95f |
| 01-Oct-2003 |
miod <miod@openbsd.org> |
Directly invoke the sysctl system call, rather than going through the sysctl(3)
wrapper.
ok deraadt@ millert@
|
| #
26fda0ef |
| 18-Jul-2003 |
david <david@openbsd.org> |
add missing includes
ok tedu@
|
| #
dcbc515c |
| 03-Mar-2003 |
deraadt <deraadt@openbsd.org> |
in the handler, block signals handlers as soon as possible; ok miod millert
|
| #
e021611e |
| 10-Dec-2002 |
etoh <etoh@openbsd.org> |
bug fix
|
| #
6bbdf169 |
| 02-Dec-2002 |
deraadt <deraadt@openbsd.org> |
KNF
|
| #
fb929c0d |
| 02-Dec-2002 |
miod <miod@openbsd.org> |
Import propolice (http://www.trl.ibm.com/projects/security/ssp), a stack
attack protection scheme, into gcc.
This protection is enabled by default. It can be turned off by using the
-fno-stack-prote
Import propolice (http://www.trl.ibm.com/projects/security/ssp), a stack
attack protection scheme, into gcc.
This protection is enabled by default. It can be turned off by using the
-fno-stack-protector flag.
Code by Hiroaki Etoh (etoh at jp dot ibm dot com); work on openbsd-specific
integration by fgsch@, deraadt@ and myself; tests by fgsch@, naddy@ and
myself; beer drinking by myself.
Please note that system upgrades with this new code will require a new
libc and ld.so to be build and installed before the propolice-enabled
compiler can be installed.
show more ...
|