Commit a8af3aee authored by Ed Maste's avatar Ed Maste
Browse files

src.conf.5: regen after RELRO knob addition

parent 2f3a9614
.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman.
.\" $FreeBSD$
.Dd June 8, 2022
.Dd June 22, 2022
.Dt SRC.CONF 5
.Os
.Sh NAME
......@@ -196,6 +196,13 @@ Build all binaries with the
.Dv DF_BIND_NOW
flag set to indicate that the run-time loader should perform all relocation
processing at process startup rather than on demand.
The combination of the
.Va BIND_NOW
and
.Va RELRO
options provide "full" Relocation Read-Only (RELRO) support.
With full RELRO the entire GOT is made read-only after performing relocation at
startup, avoiding GOT overwrite attacks.
.It Va WITHOUT_BLACKLIST
Set this if you do not want to build
.Xr blacklistd 8
......@@ -651,8 +658,8 @@ Avoid installing examples to
Include experimental features in the build.
.It Va WITH_EXTRA_TCP_STACKS
Build extra TCP stack modules.
.It Va WITHOUT_FDT
Do not build Flattened Device Tree support as part of the base system.
.It Va WITH_FDT
Build Flattened Device Tree support as part of the base system.
This includes the device tree compiler (dtc) and libfdt support library.
.It Va WITHOUT_FILE
Do not build
......@@ -1416,6 +1423,11 @@ by proxy.
.It Va WITHOUT_RBOOTD
Do not build or install
.Xr rbootd 8 .
.It Va WITHOUT_RELRO
Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation.
See also the
.Va BIND_NOW
option.
.It Va WITH_REPRODUCIBLE_BUILD
Exclude build metadata (such as the build time, user, or host)
from the kernel, boot loaders, and uname output, so that builds produce
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment