Commit 93ee2f9d authored by Oliver Pinter +'s avatar Oliver Pinter +
Browse files

Merge remote-tracking branch 'origin/hardened/current/master' into...

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/userlandenhanced
parents 04950f05 720d135a
......@@ -2142,15 +2142,15 @@ randomize_neededs(Obj_Entry *obj, int flags)
static int
load_needed_objects(Obj_Entry *first, int flags)
{
Obj_Entry *obj;
Obj_Entry *obj;
for (obj = first; obj != NULL; obj = obj->next) {
randomize_neededs(obj, flags);
if (process_needed(obj, obj->needed, flags) == -1)
return (-1);
}
for (obj = first; obj != NULL; obj = obj->next) {
randomize_neededs(obj, flags);
if (process_needed(obj, obj->needed, flags) == -1)
return (-1);
}
return (0);
return (0);
}
static int
......
......@@ -1852,16 +1852,17 @@ makectx(struct trapframe *tf, struct pcb *pcb)
int
ptrace_set_pc(struct thread *td, unsigned long addr)
{
/*
* DragonflyBSD's safety towards
* SYSRET's potential issue handling
* DragonflyBSD's safety towards:
* enforce canonical addresses - this should
* fix SYSRET's potential issue handling
*/
if (addr & 0x0000800000000000LLU)
td->td_frame->tf_rip = addr | 0xFFFF000000000000LLU;
addr = addr | 0xFFFF000000000000LLU;
else
td->td_frame->tf_rip = addr & 0x0000FFFFFFFFFFFFLLU;
addr = addr & 0x0000FFFFFFFFFFFFLLU;
td->td_frame->tf_rip = addr;
set_pcb_flags(td->td_pcb, PCB_FULL_IRET);
return (0);
}
......
......@@ -44,10 +44,10 @@
#include "opt_compat.h"
#include "opt_ddb.h"
#include "opt_pax.h"
#include "opt_platform.h"
#include "opt_sched.h"
#include "opt_timer.h"
#include "opt_pax.h"
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
......@@ -70,6 +70,7 @@ __FBSDID("$FreeBSD$");
#include <sys/malloc.h>
#include <sys/msgbuf.h>
#include <sys/mutex.h>
#include <sys/pax.h>
#include <sys/pcpu.h>
#include <sys/ptrace.h>
#include <sys/rwlock.h>
......@@ -117,10 +118,6 @@ __FBSDID("$FreeBSD$");
#include <ddb/ddb.h>
#endif
#ifdef PAX_ASLR
#include <sys/pax.h>
#endif
#ifdef DEBUG
#define debugf(fmt, args...) printf(fmt, ##args)
#else
......
......@@ -43,8 +43,8 @@ __FBSDID("$FreeBSD$");
#include <sys/mutex.h>
#include <sys/mman.h>
#include <sys/namei.h>
#include <sys/pioctl.h>
#include <sys/pax.h>
#include <sys/pioctl.h>
#include <sys/proc.h>
#include <sys/procfs.h>
#include <sys/resourcevar.h>
......
......@@ -64,6 +64,10 @@ __FBSDID("$FreeBSD$");
#include <machine/elf.h>
#if __FreeBSD_version < 1100000
#define kern_unsetenv unsetenv
#endif
#ifdef PAX_HARDENING
static int pax_map32_enabled_global = PAX_FEATURE_SIMPLE_DISABLED;
static int pax_procfs_harden_global = PAX_FEATURE_SIMPLE_ENABLED;
......
......@@ -50,8 +50,8 @@ __FBSDID("$FreeBSD$");
#include <sys/mount.h>
#include <sys/mman.h>
#include <sys/namei.h>
#include <sys/pioctl.h>
#include <sys/pax.h>
#include <sys/pioctl.h>
#include <sys/proc.h>
#include <sys/procfs.h>
#include <sys/racct.h>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment