Revision tags: release/13.4.0, release/14.1.0, release/13.3.0, release/14.0.0, release/13.2.0, release/12.4.0, release/13.1.0 |
|
#
e7a629c8 |
| 08-Mar-2022 |
Kyle Evans <kevans@FreeBSD.org> |
libmd, kern, stand: consolidate md5 implementations (NFC)
Reduce the number of md5c.c between the three of these from two to one by just reaching into the kernel build for both userland builds. The
libmd, kern, stand: consolidate md5 implementations (NFC)
Reduce the number of md5c.c between the three of these from two to one by just reaching into the kernel build for both userland builds. The precedent for this already exists for sha2 in both cases.
_libmd_ symbol privatization bits have been moved to sys/md5.h and md5.h remains to #include <sys/md5.h> for compatibility.
This stops exporting MD5Pad() in the process because the kernel stopped exporting it in 502a35d60f4c. soversion is bumped accordingly.
This also renames the libc version of stack_protector.c; it previously only worked by coincidence because .PATH ordering worked out such that we got the right one, but this is not the case anymore. Remove the landmine.
PR: 280784 (exp-run) Reviewed by: allanjude, delphij Differential Revision: https://reviews.freebsd.org/D34497
show more ...
|
#
e9ac4169 |
| 15-Jul-2024 |
Warner Losh <imp@FreeBSD.org> |
Remove residual blank line at start of Makefile
This is a residual of the $FreeBSD$ removal.
MFC After: 3 days (though I'll just run the command on the branches) Sponsored by: Netflix
|
#
8b068264 |
| 13-May-2024 |
Kyle Evans <kevans@FreeBSD.org> |
Fix the GCC build after _FORTIFY_SOURCE import
We haven't exposed gets(3) in a long time, rip out __gets_chk before it's too late and something builds a gets(3) user with it enabled.
|
#
be04fec4 |
| 13-May-2024 |
Kyle Evans <kevans@FreeBSD.org> |
Import _FORTIFY_SOURCE implementation from NetBSD
This is a mostly-unmodified copy of the various *_chk implementations and headers from NetBSD, without yet modifying system headers to start actuall
Import _FORTIFY_SOURCE implementation from NetBSD
This is a mostly-unmodified copy of the various *_chk implementations and headers from NetBSD, without yet modifying system headers to start actually including them. A future commit will also apply the needed bits to fix ssp/unistd.h.
Reviewed by: imp, pauamma_gundo.com (both previous versions), kib Sponsored by: Stormshield Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D32306
show more ...
|
#
d0b2dbfa |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
Revision tags: release/12.3.0, release/13.0.0, release/12.2.0, release/11.4.0 |
|
#
19fe57fd |
| 14-Mar-2020 |
Kyle Evans <kevans@FreeBSD.org> |
libssp: don't compile with -fstack-protector*
This similarly matches what we do in libc; compiling libssp with -fstack-protector* is actively harmful. For instance, if the canary ctor ends up with
libssp: don't compile with -fstack-protector*
This similarly matches what we do in libc; compiling libssp with -fstack-protector* is actively harmful. For instance, if the canary ctor ends up with a stack protector then it will trivially trigger a false positive as the canary's being initialized.
This was noted by the reporter as irc/ircd-hybrid started crashing at start after our libssp was MFC'd to stable/11, as its build will explicitly link in libssp. On FreeBSD, this isn't necessary as SSP bits are included in libc, but it should absolutely not trigger runtime breakage -- it does mean that the canary will get initialized twice, but as this is happening early on in application startup it should just be redundant work.
Reported by: Tod McQuillin <devin@sevenlayer.studio> MFC after: 3 days
show more ...
|
#
cd0d51ba |
| 04-Jan-2020 |
Kyle Evans <kevans@FreeBSD.org> |
Provide libssp based on libc
For libssp.so, rebuild stack_protector.c with FORTIFY_SOURCE stubs that just abort built into it.
For libssp_nonshared.a, steal stack_protector_compat.c from ^/lib/libc
Provide libssp based on libc
For libssp.so, rebuild stack_protector.c with FORTIFY_SOURCE stubs that just abort built into it.
For libssp_nonshared.a, steal stack_protector_compat.c from ^/lib/libc/secure and massage it to maintain that __stack_chk_fail_local is a hidden symbol.
libssp is now built unconditionally regardless of {WITH,WITHOUT}_SSP in the build environment, and the gcclibs version has been disconnected from the build in favor of this one.
PR: 242950 (exp-run) Reviewed by: kib, emaste, pfg, Oliver Pinter (earlier version) Also discussed with: kan MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D22943
show more ...
|