Commit Graph

28 Commits

Author SHA1 Message Date
Bryan Drewery
5608fd23c2 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
Baptiste Daroussin
bd0891ceb3 use .Mt to mark up email addresses consistently (part1)
PR:		191174
Submitted by:	Franco Fichtner  <franco@lastsummer.de>
2014-06-20 09:40:43 +00:00
Bryan Drewery
864c53ead8 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
Ed Schouten
ae824d80f2 Fix warnings found by -Wmising-variable-declarations.
This self-written compiler warning, which is hopefully going to be
committed into LLVM sources soon, warns about potentially missing
`static' keywords, similar to -Wmissing-prototypes.

- bin/pax: Move external declaration of chdname and s_mask into extern.h.
- bin/setfacl: Move setfacl.c-specific stuff out of setfacl.h.
- sbin/mount_fusefs: Remove char *progname; use getprogname().
- others: add `static' where possible.
2012-10-19 05:43:38 +00:00
Eitan Adler
50d675f7a9 Remove trailing whitespace per mdoc lint warning
Disussed with:	gavin
No objection from:	doc
Approved by:	joel
MFC after:	3 days
2012-03-29 05:02:12 +00:00
Ed Schouten
c2d582b918 Add more static keywords to rcorder(8).
The global variables and functions provided by rcorder.c are not used in
the other C files, as the other C files only provide memory allocation
and hash functions. This reduces the binary size by 10%.
2011-12-11 20:48:40 +00:00
Ed Schouten
1efe3c6b58 Add missing static keywords for global variables to tools in sbin/.
These tools declare global variables without using the static keyword,
even though their use is limited to a single C-file, or without placing
an extern declaration of them in the proper header file.
2011-11-04 13:36:02 +00:00
Doug Barton
7fab6043a0 Gavin documented these alternate options in good faith in r222751
based on the patch in the PR, however he was unaware that they were
undocumented intentionally. This patch moves the information about
these alternates into a comment which also explains why they are
undocumented.

Approved by:	re (hrs)
2011-08-06 09:13:09 +00:00
Gavin Atkinson
6fbdd4e705 Bump .Dd
Forgotten by:	gavin
MFC after:	1 week
2011-06-06 13:18:29 +00:00
Gavin Atkinson
c6852de31b Document that REQUIRES, PROVIDES and KEYWORDS are alos accepted. This
chnage is different to the one suggested in the PR to try to avoid
cluttering the man page too much.

PR:		docs/154494
Submitted by:	kilian <kilian.klimek googlemail.com>
MFC after:	1 week
2011-06-06 13:13:48 +00:00
Ulrich Spörlein
0afc94c17a mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the
bottom of the manpages and order them consistently.

GNU groff doesn't care about the ordering, and doesn't even mention
CAVEATS and SECURITY CONSIDERATIONS as common sections and where to put
them.

Found by:	mdocml lint run
Reviewed by:	ru
2010-05-13 12:07:55 +00:00
Ed Schouten
10bc3a7f42 ANSIfy almost all applications that use WARNS=6.
I was considering committing all these patches one by one, but as
discussed with brooks@, there is no need to do this. If we ever
need/want to merge these changes back, it is still possible to do this
per application.
2009-12-29 22:53:27 +00:00
Ruslan Ermilov
106d839190 Switch the default WARNS level for sbin/ to 6.
Submitted by:	Ulrich Spörlein
2009-10-19 16:00:24 +00:00
Mike Makonnen
e911e766b1 Document the misleading nature of the REQUIRE line. The patch in
the PR has been heavily edited for style(9) and clarity. Mistakes are
mine.

PR: bin/124251
2008-06-09 09:07:58 +00:00
Kevin Lo
784bddbc5b Cleanup of userland __P use 2007-11-07 10:53:41 +00:00
Xin LI
67914dcded do_file() is called recursively from several places and cannot
safely free() anything related to items that may be recursed on.

Obtained from:	DragonFly (rev 1.7, dillon)
PR:		bin/94767
MFC After:	1 month
2006-05-20 05:47:18 +00:00
Doug Barton
203aa73b68 Crank WARNS up to 6, just because we can. 2006-01-25 16:34:33 +00:00
Doug Barton
729e3c7a3a Fix a "free(): error: chunk is already free" under certain
circumstances that include circular dependencies.

PR:                     bin/91789
PR submitted by:        Frank Behrens <frank@pinky.sax.de>
Patch submitted by:     Divacky Roman <xdivac02@stud.fit.vutbr.cz>
2006-01-17 08:01:00 +00:00
Ruslan Ermilov
f0ccc7f972 Deal with harmful leading whitespace. 2004-07-02 18:37:52 +00:00
Johan Karlsson
604d24db95 style.Makefile(5):
Use WARNS?= instead of WARNS=.
2004-02-23 20:25:27 +00:00
Ruslan Ermilov
47d7e8a96f Fixed style of DPADD and LDADD assignments as per style.Makefile(5). 2004-02-05 22:44:25 +00:00
Ruslan Ermilov
35cf61f671 mdoc(7) police: Fixed markup now that it was taken out of vendor branch.
Approved by:	re
2002-11-25 16:23:03 +00:00
Philippe Charnier
960368f7ff The .Nm utility. Add FreeBSD Id. 2002-07-06 19:34:37 +00:00
David E. O'Brien
7c7af54f15 This commit was generated by cvs2svn to compensate for changes in r98567,
which included commits to RCS files with non-trunk default branches.
2002-06-21 15:56:16 +00:00
David E. O'Brien
d9bc822f0f Sync with NetBSD.
* don't whine about non-regular files. It is perfectly normal to keep a
  CVS or RCS directory in /etc/rc.d.
* manpage tweak
2002-06-21 15:56:16 +00:00
David E. O'Brien
0dbbb2e416 Reduce the -I's as we don't need them all. 2002-06-21 15:52:05 +00:00
David E. O'Brien
2a9dee3a68 FreeBSDize the NetBSD Makefile so that this compiles. 2002-06-13 17:09:30 +00:00
David E. O'Brien
9d62501fd8 Import the NetBSD 1.5 RC system.
Note that `rc' and `rc.shutdown' could not be imported because we already
have files with those names.
2001-06-16 07:16:14 +00:00