d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2350a089e7
freebsd-skq/tools/build
History
Ed Maste bf81eb3ca9 Add a WITH_BIND_NOW build knob 
The linker's -z now flag sets the DF_BIND_NOW flag, which signals to the
runtime loader that all relocation processing should be performed at
process startup rather than on demand.  In combination with lld's
default of enabling relro this causes the GOT to be made read-only when
the process starts, preventing straightforward GOT overwrite attacks.

Shawn Webb discovered a failure on HardenedBSD with BIND_NOW and ifunc
use, which resulted in my rtld fix in r340137.  Add a BIND_NOW knob as
it is trivial to do so and is a useful ELF hardening feature.  This
change is equivalent to HardenedBSD's but not identical as there are
other diffs/conflicts nearby.

Note that our ELF Tool Chain readelf does not currently decode the
DF_BIND_NOW flag - see PR232983.

Reviewed by:	brooks
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17846
2018-11-06 15:52:49 +00:00
..
cross-build Allow building mkimg as cross-tool 2017-03-03 01:56:55 +00:00
make_check
mk Do not remove ld man page if lld is enabled and binutils is not 2018-09-25 18:54:18 +00:00
options Add a WITH_BIND_NOW build knob 2018-11-06 15:52:49 +00:00
beinstall.sh beinstall: perform pre-installworld steps. 2018-07-29 01:44:26 +00:00
check-links.sh
dummy.c
futimens.c
Makefile Fix -DNO_CLEAN build after r340157 2018-11-05 21:30:00 +00:00
Makefile.depend
stat.h
stdlib.h
strings.h Fix buildworld on FreeBSD 10 2018-07-16 11:03:05 +00:00
utimensat.c