![[BACK]](/icons/back.gif){kind=icon}
Return to 65.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www|
Return to 65.html CVS log | Up to [local] / www |
| version 1.69, 2019/04/12 14:41:47 | version 1.70, 2019/04/12 16:55:56 | ||
|---|---|---|---|
|
|
||
| <a href="https://man.openbsd.org/ifstated">ifstated(8)</a>. | <a href="https://man.openbsd.org/ifstated">ifstated(8)</a>. | ||
| Some <a href="https://man.openbsd.org/pledge.2">pledge(2)</a> | Some <a href="https://man.openbsd.org/pledge.2">pledge(2)</a> | ||
| changes were required to accommodate unveil. | changes were required to accommodate unveil. | ||
| <li>ROP mitigations in <a href="https://man.openbsd.org/clang-local.1">clang(1)</a> | |||
| have been improved, resulting in a significant decrease in the number | |||
| of polymorphic ROP gadgets in binaries on i386/amd64. | |||
| <li>RETGUARD performance and security has been improved in | |||
| <a href="https://man.openbsd.org/clang-local.1">clang(1)</a> | |||
| by keeping data on registers instead of on the stack when possible, | |||
| and lengthing the epilogue trapsled on amd64 to consume the rest | |||
| of the cache line before the return. | |||
| <li>RETGUARD replaces the stack protector on amd64 and arm64, | |||
| since RETGUARD instruments every function that returns and provides | |||
| better security properties than the traditional stack protector. | |||
| </ul> | </ul> | ||
| <p> | <p> | ||