CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2018/07/06 00:55:10
Modified files:
devel/llvm : Makefile
devel/llvm/patches: patch-lib_CodeGen_AsmPrinter_AsmPrinter_cpp
patch-lib_Target_X86_X86MCInstLower_cpp
patch-tools_clang_include_clang_Driver_Options_td
patch-tools_clang_lib_Driver_ToolChains_Clang_cpp
patch-tools_clang_lib_Driver_ToolChains_OpenBSD_cpp
patch-tools_lld_ELF_Writer_cpp
Added files:
devel/llvm/patches:
patch-include_llvm_CodeGen_MachineFrameInfo_h
patch-include_llvm_CodeGen_Passes_h
patch-include_llvm_CodeGen_TargetFrameLowering_h
patch-include_llvm_InitializePasses_h
patch-lib_CodeGen_CMakeLists_txt
patch-lib_CodeGen_PrologEpilogInserter_cpp
patch-lib_CodeGen_ReturnProtectorPass_cpp
patch-lib_CodeGen_TargetPassConfig_cpp
patch-lib_Target_X86_CMakeLists_txt
patch-lib_Target_X86_X86FixupGadgets_cpp
patch-lib_Target_X86_X86FrameLowering_cpp
patch-lib_Target_X86_X86FrameLowering_h
patch-lib_Target_X86_X86InstrCompiler_td
patch-lib_Target_X86_X86TargetMachine_cpp
patch-lib_Target_X86_X86_h
patch-tools_clang_include_clang_Driver_CC1Options_td
patch-tools_clang_include_clang_Frontend_CodeGenOptions_def
patch-tools_clang_lib_CodeGen_CGCall_cpp
patch-tools_clang_lib_Frontend_CompilerInvocation_cpp
patch-tools_lld_ELF_SyntheticSections_cpp
Log message:
Merge in diffs from base:
- Add ret protector options as no-ops.
- Add a clang pass that identifies potential ROP gadgets and replaces ROP
friendly instructions with safe alternatives. This initial commit fixes
this framework.
- Add RETGUARD to clang for amd64. This security mechanism uses per-function
random cookies to protect access to function return instructions, with the
effect that the integrity of the return address is protected, and function
return instructions are harder to use in ROP gadgets.
- Put the new retguard symbols in their own section,
'.openbsd.randomdata.retguard', to make them easier to work with in the
kernel hibernate code.
- Pass -nopie to the linker when -pg is specified to make the
profiler(gprof) work properly.
- Work around a bug where discarding the .ARM.exidx section in the armv7 kernel
linker script makes ld.lld(1) crash. This has been fixed in a different
(proper?) way upstream but backporting their fix is a bit too invasive.
- Merge '.openbsd.randomdata.*' sections into a single '.openbsd.randomdata'
section when linking, as we do when using ld from binutils.
from Brad (maintainer)