CVSROOT: /cvs
Module name: src
Changes by: dera...@cvs.openbsd.org 2020/10/15 10:30:23
Modified files:
lib/csu/aarch64: md_init.h
lib/csu/alpha : md_init.h
lib/csu/amd64 : md_init.h
lib/csu/arm : md_init.h
lib/csu/hppa : md_init.h
lib/csu/i386 : md_init.h
lib/csu/m88k : md_init.h
lib/csu/mips64 : md_init.h
lib/csu/powerpc: md_init.h
lib/csu/powerpc64: md_init.h
lib/csu/sh : md_init.h
lib/csu/sparc64: md_init.h
Log message:
crt0 MD _dl_exit() performs syscall to SYS_exit directly, but then
some of these functions were returning. That makes the +1word address
a fairly strong and easily located gadget. Put a hard-trap
instruction after the syscall. This remains a gadget for 'terminal
system' calls (such as execve), but hey that's why we have pledge w/o
"exec" throughout the tree.
Quite surprisingly, hppa's delay-slot load of SYS_exit makes it the
safest of the bunch, not that this helps anyone.
ok kettenis
