version 1.34, 2024/03/31 21:47:37 |
version 1.35, 2024/03/31 22:31:43 |
|
|
|
|
<li>Security improvements: |
<li>Security improvements: |
<ul> |
<ul> |
|
<li>Introduce pinsyscalls(2): The kernel and <a |
|
href="https://man.openbsd.org/ld.so.1">ld.so(1)</a> register the |
|
precise entry location of every system call used by a program, as |
|
described in the new ELF section .openbsd.syscalls inside ld.so and |
|
libc.so. ld.so uses the new syscall <a |
|
href="https://man.openbsd.org/pinsyscalls.2">pinsyscalls(2)</a> to |
|
tell the kernel the precise entry location of system calls in |
|
libc.so.<br> |
|
Attempting to use a different system call entry instruction to |
|
perform a non-corresponding system call operation will fail and the |
|
process will be terminated with signal SIGABRT. |
|
<li>Removed support for <a |
|
href="https://man.openbsd.org/syscall.2">syscall(2)</a>, the |
|
"indirection system call," a dangerous alternative entry point for all |
|
system calls.<br> |
|
Together with <a |
|
href="https://man.openbsd.org/pinsyscalls.2">pinsyscalls(2)</a> this |
|
change makes it ipmpossible to perform system call through any other |
|
way than the libc system cann wrapper functions.<br< |
|
Users of syscall(2), such as Perl and the Go programming |
|
languange were converted to use the libc functions. |
<li>Added <a href="https://man.openbsd.org/pledge.2">pledge(2)</a> |
<li>Added <a href="https://man.openbsd.org/pledge.2">pledge(2)</a> |
stdio before parsing pfkey messages to <a |
stdio before parsing pfkey messages to <a |
href="https://man.openbsd.org/ipsecctl.8">ipsecctl(8)</a> -m and -s. |
href="https://man.openbsd.org/ipsecctl.8">ipsecctl(8)</a> -m and -s. |
<li>Tightened <a href="https://man.openbsd.org/pax.1">pax(1)</a> <a |
<li>Tightened the <a |
href="https://man.openbsd.org/pledge.2">pledge(2)</a> in List and |
href="https://man.openbsd.org/pledge.2">pledge(2)</a> in <a |
Append modes. |
href="https://man.openbsd.org/pax.1">pax(1)</a> in List and Append |
<li>Created __OpenBSD versions of llvm cxa guard implementation using |
modes. |
futex() with the correct number of arguments and without using <a |
<li>Created __OpenBSD versions of llvm cxa guard implementation |
|
using <a href="https://man.openbsd.org/futex.2">futex(2)</a> with the |
|
correct number of arguments and without using <a |
href="https://man.openbsd.org/syscall.2">syscall(2)</a>. |
href="https://man.openbsd.org/syscall.2">syscall(2)</a>. |
<li>Removed support for <a |
<li>Improvements in Pointer Authentication (PAC) and Branch Target |
href="https://man.openbsd.org/syscall.2">syscall(2)</a>, the |
Identification (BTI) on arm64. |
"indirection system call," a dangerous alternative entry point for all |
|
system calls and incompatible with the precision system call entry |
|
point scheme a.k.a. <a href="https://man.openbsd.org/pinsyscalls.2">pinsyscalls(2)</a> |
|
|
|
<li>Enable BTI and PAC again on arm64. |
|
<li><a style="color:red;" href="https://man.openbsd.org/pinsyscalls.2">pinsyscalls(2)</a> |
|
|
|
</ul> |
</ul> |
|
|
<li>Changes in the network stack: |
<li>Changes in the network stack: |
|
|
|
|
<li>In <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, |
<li>In <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, |
<ul> |
<ul> |
<li>... |
<li>Rewrite the internal message passing mechanism to use a new |
|
memory-safe API. |
|
<li>Rewrite most protocol parsers to use the new memory-safe API. |
|
Convert the UPDATE parser, all of RTR, as well as both the MRT dump |
|
code in bgpd and the parser in bgpctl. |
|
<li>Improve RTR logging, error handling and version negotiation. |
</ul> |
</ul> |
|
|
<li><a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> saw these and more changes: |
<li><a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> saw these and more changes: |