artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 01f24c1) | patch
add -fret-clean option (amd64 and i386 only at first), defaulting to off.
authorderaadt <deraadt@openbsd.org>
Sun, 2 Jun 2024 15:40:38 +0000 (15:40 +0000)
committerderaadt <deraadt@openbsd.org>
Sun, 2 Jun 2024 15:40:38 +0000 (15:40 +0000)
commit896063e4d924bef6229f6695f274b5282f1e3d23
tree7856b11416692e9725648851152571067c81e626tree | snapshot
parent01f24c16bb1cc4b212099464ff0a602366b6aa29commit | diff
add -fret-clean option (amd64 and i386 only at first), defaulting to off.
This causes the caller to cleans the return address off the stack after
a callq completes.  The option is best used in low-level libraries (such as
libc), because libc contains low-level system call stubs.  The option
reduces hints (found on the stale parts of the stack) about libc.so's mapping
location, and together with random-relinking, relro got/pic, and xonly
makes some exploit methods more difficult.
ok mortimer, mlarkin, much discussion with kettenis, in snaps for 2 weeks.
gnu/llvm/clang/include/clang/Driver/Options.td diff | blob | history
gnu/llvm/clang/lib/Driver/ToolChains/Clang.cpp diff | blob | history
gnu/llvm/llvm/lib/Target/X86/X86.h diff | blob | history
gnu/llvm/llvm/lib/Target/X86/X86TargetMachine.cpp diff | blob | history
gnu/usr.bin/clang/libLLVMX86CodeGen/Makefile diff | blob | history
share/man/man1/clang-local.1 diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim