1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-09 13:42:56 +00:00
freebsd/contrib
Dimitry Andric ba9b2ede8a Pull in r366369 from upstream llvm trunk (by Francis Visoiu Mistrih):
[CodeGen][NFC] Simplify checks for stack protector index checking

  Use `hasStackProtectorIndex()` instead of `getStackProtectorIndex()
  >= 0`.

Pull in r366371 from upstream llvm trunk (by Francis Visoiu Mistrih):

  [PEI] Don't re-allocate a pre-allocated stack protector slot

  The LocalStackSlotPass pre-allocates a stack protector and makes sure
  that it comes before the local variables on the stack.

  We need to make sure that later during PEI we don't re-allocate a new
  stack protector slot. If that happens, the new stack protector slot
  will end up being **after** the local variables that it should be
  protecting.

  Therefore, we would have two slots assigned for two different stack
  protectors, one at the top of the stack, and one at the bottom. Since
  PEI will overwrite the assigned slot for the stack protector, the
  load that is used to compare the value of the stack protector will
  use the slot assigned by PEI, which is wrong.

  For this, we need to check if the object is pre-allocated, and re-use
  that pre-allocated slot.

  Differential Revision: https://reviews.llvm.org/D64757

Pull in r367068 from upstream llvm trunk (by Francis Visoiu Mistrih):

  [CodeGen] Don't resolve the stack protector frame accesses until PEI

  Currently, stack protector loads and stores are resolved during
  LocalStackSlotAllocation (if the pass needs to run). When this is the
  case, the base register assigned to the frame access is going to be
  one of the vregs created during LocalStackSlotAllocation. This means
  that we are keeping a pointer to the stack protector slot, and we're
  using this pointer to load and store to it.

  In case register pressure goes up, we may end up spilling this
  pointer to the stack, which can be a security concern.

  Instead, leave it to PEI to resolve the frame accesses. In order to
  do that, we make all stack protector accesses go through frame index
  operands, then PEI will resolve this using an offset from sp/fp/bp.

  Differential Revision: https://reviews.llvm.org/D64759

Together, these fix a issue where the stack protection feature in LLVM's
ARM backend can be rendered ineffective when the stack protector slot is
re-allocated so that it appears after the local variables that it is
meant to protect, leaving the function potentially vulnerable to a
stack-based buffer overflow.

Reported by:	andrew
Security:	https://kb.cert.org/vuls/id/129209/
MFC after:	3 days
2019-07-26 18:49:20 +00:00
..
amd Fix two mismatches between function declaration and definition. 2019-07-16 16:03:08 +00:00
apr
apr-util
atf
bearssl Add libbearssl 2019-02-26 05:59:22 +00:00
binutils Fix binutils compilation error with Clang 8 2019-03-05 04:16:50 +00:00
blacklist Fixup syslog() call that should have used logging function pointer 2019-03-18 15:45:06 +00:00
bmake Merge bmake-20181221 2018-12-23 01:05:52 +00:00
bsnmp Follow the declared behaviour that specifies server string format in 2019-04-03 12:47:49 +00:00
byacc
bzip2 Upgrade to Bzip2 version 1.0.7. 2019-06-28 05:11:02 +00:00
capsicum-test Integrate capsicum-test into the FreeBSD test suite 2019-04-01 21:24:50 +00:00
com_err
compiler-rt Upgrade our copies of clang, llvm, lld, lldb, compiler-rt, libc++, 2019-06-12 21:10:37 +00:00
cortex-strings
dialog
diff
dma
dtc
ee
elftoolchain strings: extends rights 2019-07-16 04:17:25 +00:00
expat
file [PowerPC64] Add ABI flags to 'file' magic 2019-06-28 15:52:40 +00:00
flex
gcc powerpc: Transition to Secure-PLT, like most other OSs 2019-06-25 00:40:44 +00:00
gcclibs
gdb
gdtoa
googletest Import proof-of-concept for handling GTEST_SKIP() in Environment::SetUp 2019-04-01 18:07:48 +00:00
gperf
hyperv/tools
ipfilter Fix a typo. 2019-06-28 04:52:24 +00:00
jemalloc
ldns
ldns-host
less MFV r349535: less v551. 2019-06-29 18:41:40 +00:00
libarchive MFV r349454: 2019-06-28 22:41:17 +00:00
libbegemot
libc-pwcache
libc-vis
libc++ Merge ^/head r344178 through r344512. 2019-02-25 11:59:29 +00:00
libcxxrt Merge libcxxrt master f96846efbfd508f66d91fcbbef5dd808947c7f6d. 2019-07-26 16:55:06 +00:00
libdivsufsort
libevent
libexecinfo
libgnuregex
libpcap
libstdc++
libucl
libunwind Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp 2019-07-20 15:26:21 +00:00
libxo Fix expected output after r347207 2019-05-08 18:46:12 +00:00
llvm Pull in r366369 from upstream llvm trunk (by Francis Visoiu Mistrih): 2019-07-26 18:49:20 +00:00
lua
mandoc Update mandoc to cvs snapshot 2019-07-23 2019-07-26 10:00:33 +00:00
mknod
mtree
ncurses
netbsd-tests Temporarily skip lib.libc.regex.exhaust_test.regcomp_too_big and 2019-07-22 18:42:55 +00:00
netcat
ngatm
ntp MFV r344878: 2019-03-07 13:36:00 +00:00
nvi
ofed Add ConnectX-6 DX HCA ID to libmlx5. 2019-05-08 11:04:09 +00:00
one-true-awk Another partial revert of r301289. 2019-06-03 05:25:22 +00:00
openbsm Create new EINTEGRITY error with message "Integrity check failed". 2019-01-17 06:35:45 +00:00
opencsd/decoder
openmp Upgrade our copies of clang, llvm, lld, lldb, compiler-rt, libc++, 2019-07-06 18:02:29 +00:00
openpam Upgrade to OpenPAM Tabebuia. 2019-02-25 18:41:16 +00:00
openresolv
opie
pam_modules/pam_passwdqc
pf
pjdfstest
pnpinfo
processor-trace
sendmail
serf
smbfs
sqlite3 MFV r350080: 2019-07-18 00:27:28 +00:00
subversion
tcp_wrappers Remove a duplicate global (rfc931_timeout). 2019-07-17 23:43:14 +00:00
tcpdump tcpdump: disable Capsicum if -E option is provided. 2019-04-16 04:12:41 +00:00
tcsh
telnet telnet: fix minor style violation 2019-07-10 22:36:14 +00:00
tnftp
traceroute The variable names in the description of the port number usage is 2019-06-20 12:38:41 +00:00
tzcode
tzdata Import tzdata 2019b 2019-07-02 01:12:23 +00:00
unbound Upgrade Unbound to 1.9.2. 2019-07-04 08:40:10 +00:00
unvis
vis
wpa The driver list prints "(null)" for the NDIS driver when -h (help) or 2019-05-16 02:41:25 +00:00
xz Clamp tuklib_physmem() return value to SIZE_T_MAX. 2019-01-06 23:59:04 +00:00