Add a new PT_OPENBSD_NOBTCFI "segment type" to indicate that the kernel
should not enforce branch target control flow integrety for a binary.
This works analoguous to PT_OPENBSD_WXNEEDED in that we will set it on
binaries that don't have the necessary landing pads (yet). The kernel
will enforce branch target CFI by default in the near future!
This is a better match for what we want to achieve than the GNU property
note mechanism that the Linux folks came up with. We can still use the
GNU property notes for diagnostic purposes so we won't disable their
generation in the toolchain. But ports will need to pass an explicit
-Wl,-z,nobtcfi option to disable branch target CFI.
Like with PT_OPENBSD_WXNEEDED we convert the presence of PT_OPENBSD_NOBTCFI
into a flag in struct exec_package. From there MD code can pick it up
and set a struct process flag or take action in setregs().
ok deraadt@
projects / openbsd / commit