===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/innovations.html,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -r1.80 -r1.81
--- www/innovations.html 2019/06/01 22:54:16 1.80
+++ www/innovations.html 2019/06/01 23:12:48 1.81
@@ -129,7 +129,7 @@
(sigreturn(2)
oriented programming) mitigation: attacks researched by
Eric Bosman
- and Herbert Bos in 2014, solution implemented by Theo de Raadt in May 2016,
+ and Herbert Bos in 2014, solution implemented by Theo de Raadt in May 2016,
enabled by default since OpenBSD 6.0.
Library order randomization:
In rc(8), re-link
@@ -164,7 +164,7 @@
innaccurately target gadgets. These NOP sequences are converted into
trap sequences where possible. Todd Mortimer and Theo de Raadt, June
2017.
- Kernel relinking at boot:
+ Kernel relinking at boot:
the .o files of the kernel are relinked in random order from a
link-kit, before every reboot. This provides substantial interior
randomization in the kernel's text and data segments for layout and
@@ -172,7 +172,7 @@
kernel boot, similar to the userland fork+exec model described above
but for the kernel. Theo de Raadt, June 2017.
- Rearranged i386/amd64 register allocator order in
+ Rearranged i386/amd64 register allocator order in
clang(1)
to reduce polymorphic RET instructions:
Todd Mortimer, November 20, 2017.
@@ -181,7 +181,7 @@
embedded polymorphic RET instructions. Enhancements to
clang(1)
Todd Mortimer, April 28, 2018 and onwards.
- MAP_STACK addition to
+ MAP_STACK addition to
mmap(2)
allows opportunistic verification that the stack-register
points at stack memory, therefore catching pivots to non-stack
@@ -192,7 +192,7 @@
.openbsd.randomdata section) to consistency-check the
return address on the stack. Implemented for AMD64 and ARM64
by Todd Mortimer in OpenBSD 6.4.
- MAP_CONCEAL addition to
+ MAP_CONCEAL addition to
mmap(2)
disallows memory pages to be written to core dumps, preventing
accidental exposure of private information.
@@ -562,7 +562,7 @@
ping(8):
Restructured to include IPv6 functionality and maintained by Florian Obser.
The separate
- ping6(8)
+ ping6(8)
was superseded on September 17, 2016,
and the new, combined version was released with OpenBSD 6.1.
xenodm(1):