Lucas <lu...@sexy.is> wrote: > Christian Weisgerber <na...@mips.inka.de> wrote: > > If you bought a new Intel laptop this year, chances are its hardware > > is capable of IBT (indirect branch tracking), and OpenBSD now enables > > this security feature by default. > > > > It is very likely that some packages are broken at runtime because > > they fail to handle IBT. This doesn't show up at build time, so > > people need to actually run their favorite packages from a snapshot > > _now_ and need to report SIGILL failures, or those problems will > > not be fixed in time for the release. > > I gave the ports that depend on boost-context a spin, after running into > issues trying out the Taisei Project update [0].
[0]: https://marc.info/?l=openbsd-ports&m=169502072928204&w=2 Thanks kn for pointing out that I forgot the link. > I used this command to hopefully find all the programs that potentially > consume boost-context: > > sqlite3 /usr/local/share/sqlports <<'_EOF' > SELECT FullPkgPath FROM PortsQ WHERE > (BUILD_DEPENDS LIKE '%devel/boost,-md%' OR > LIB_DEPENDS LIKE '%devel/boost,-md%' OR > WANTLIB LIKE '%boost_context-mt%') AND > USE_NOBTCFI IS NULL > ORDER BY FullPkgPath; > _EOF > > which returned > > - games/wesnoth: didn't find issues playing the campaign, nor I found > any clear usage of boost::context or boost::coroutine grepping the > code around. > - net/icinga/core2,-main: didn't find issues running it in foreground > nor any clear usage of boost::context or boost::coroutine grepping > the code, other than printing a backtrace (but I get the feeling it > can be hidden in boost::asio) > - net/powerdns_recursor: SIGILLs on start. otto@ in cc. > - sysutils/nix: tbh, I have no clue on how to test it. > > Lucas
