Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.8 |
|
02-Nov-2004 |
miod |
Merge conflicts, bringing our changes back in: - extra $(SHELL) and sugar for make (so that files not mode +x still work) - safer temp file handling - our W^X binary layout changes in ld - OpenBSD policy for library file selection in ld - arm and m88k changes which were not merged in time for official 2.15 - bfd core file handling - a couple typos
New for 2.15: - ld(1) and as(1) manpages now generated at build time - binutils/stabs.c reverted to use our in-tree libiberty for now - we still use our VIA C3 crypto code over stock binutils, as it recognizes more instructions - new emulations for OpenBSD on mips64 machines, to help OpenBSD/sgi - relaxed %f# handling in gas on OpenBSD/sparc64 (same as was in 2.14)
Tested on all platforms by various people; special thanks to sturm@ and otto@.
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.7 |
|
17-May-2004 |
drahn |
Resolve merge conflicts, adjust method of W^X handing (.sh files) remove testsuites (not useable) remove mmalloc (not part of new binutils).
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.6 |
|
17-Apr-2003 |
drahn |
Switch i386 to new binutils, i386 tools now do ELF. RODATA_* align macros to preserve current behavior on other archs and allow for 1G sep between beginning of exe and beginning of data DARPA funded work.
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.5 |
|
30-Jan-2003 |
drahn |
ELF security enhancement: put .rodata into it's own load section instead of putting it with the text. This removes the execute permission from readonly data. This constrains the executable region to portions of the executable which need to be executable. Note: not all processors or mmus are capable of -X protection at the page level, but should handle ELF images which specify specific RWX protections on each section.
|
#
1.4 |
|
17-Jan-2003 |
drahn |
This is a project to modify executables so that they do not have any executable regions which are writable. If a section of an executable is writable and executable, it is much easier for errant code to modify the executable's behavior.
Two current areas in shared library environments which have this critical problem are the GOT (Global Offset Table) and PLT (Procedure Linkage Table). The PLT is required to be executable and both GOT and PLT are writable on most architectures. On most ELF architecture machines this would cause shared libraries to have data and BSS marked as executable.
Padding to the linker script for programs and shared libraries/objects to isolate the GOT and PLT into their own load sections in the executables. This allows only the text(readonly) region and the PLT region to be marked executable with the normal data and BSS not marked as executable. The PLT region is still marked executable on most architectures because the PLT lives in the "data" or "BSS" regions and the dynamic loader will need to modify it. Since the GOT and PLT should only ever be written by the dynamic linker, it will be modified to mprotect those regions so that they are not writable during normal execution. If the dynamic linker needs to modify the regions later, (eg for lazy binding), it will mprotect the region, make the necessary changes, and mprotect it back. Since it is possible to receive a signal which would interrupt the program flow and perhaps cause the dynamic linker to modify the same (or nearby) PLT references, it is now necessary for signals to be blocked for the duration of the mprotect.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.3 |
|
13-May-2002 |
fgsch |
resolve conflicts.
|
Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.2 |
|
07-Mar-2001 |
niklas |
Revert my bfd change, and instead make ld match bfd, which is the way Red hat choose. Both ways work, the important thing is that things match. However if we use the red hat solution we will not need to merge local changes when importing new binutils releases; espie made me aware of the import issues which I forgot due to lack of sleep :-).
|
#
1.1 |
|
04-Sep-1996 |
niklas |
branches: 1.1.1; Initial revision
|