CVSROOT: /cvs
Module name: src
Changes by: dera...@cvs.openbsd.org 2017/05/31 13:18:19
Modified files:
sys/arch/i386/conf: Makefile.i386 files.i386 ld.script
sys/arch/i386/i386: autoconf.c locore.s
sys/arch/amd64/amd64: autoconf.c locore.S
sys/arch/amd64/conf: Makefile.amd64 files.amd64 ld.script
Added files:
sys/conf : makegap.sh
sys/arch/i386/i386: locore0.S
sys/arch/amd64/amd64: locore0.S
Log message:
Split early startup code out of locore.S into locore0.S. Adjust link
run so that this locore0.o is always at the start of the executable.
But randomize the link order of all other .o files in the kernel, so
that their exec/rodata/data/bss segments land all over the place.
Late during kernel boot, unmap the early startup code.
As a result, the internal layout of every newly build bsd kernel is
different from past kernels. Internal relative offsets are not known
to an outside attacker. The only known offsets are in the startup code,
which has been unmapped.
Ramdisk kernels cannot be compiled like this, because they are gzip'd.
When the internal pointer references change, the compression dictionary
bloats and results in poorer compression.
ok kettenis mlarkin visa, also thanks to tedu for getting me back to this
