SecBSD's official ports repository

2023-08-16 22:26:55 +00:00 · 2023-08-16 22:26:55 +00:00 · 2c0afcbbf3
commit 2c0afcbbf3
64331 changed files with 5339189 additions and 0 deletions
--- a/devel/clang-tools-extra/patches/patch-include_llvm_CodeGen_TargetFrameLowering_h
+++ b/devel/clang-tools-extra/patches/patch-include_llvm_CodeGen_TargetFrameLowering_h
@ -0,0 +1,41 @@
+- Add RETGUARD to clang for amd64. This security mechanism uses per-function
+  random cookies to protect access to function return instructions, with the
+  effect that the integrity of the return address is protected, and function
+  return instructions are harder to use in ROP gadgets.
+
+  On function entry the return address is combined with a per-function random
+  cookie and stored in the stack frame. The integrity of this value is verified
+  before function return, and if this check fails, the program aborts. In this way
+  RETGUARD is an improved stack protector, since the cookies are per-function. The
+  verification routine is constructed such that the binary space immediately
+  before each ret instruction is padded with int03 instructions, which makes these
+  return instructions difficult to use in ROP gadgets. In the kernel, this has the
+  effect of removing approximately 50% of total ROP gadgets, and 15% of unique
+  ROP gadgets compared to the 6.3 release kernel. Function epilogues are
+  essentially gadget free, leaving only the polymorphic gadgets that result from
+  jumping into the instruction stream partway through other instructions. Work to
+  remove these gadgets will continue through other mechanisms.
+- Refactor retguard to make adding additional arches easier.
+
+Index: include/llvm/CodeGen/TargetFrameLowering.h
+--- include/llvm/CodeGen/TargetFrameLowering.h.orig
+++ include/llvm/CodeGen/TargetFrameLowering.h
+@@ -14,6 +14,7 @@
+ #define LLVM_CODEGEN_TARGETFRAMELOWERING_H
+ 
+ #include "llvm/CodeGen/MachineBasicBlock.h"
+#include "llvm/CodeGen/ReturnProtectorLowering.h"
+ #include "llvm/Support/TypeSize.h"
+ #include <vector>
+ 
+@@ -209,6 +210,10 @@ class TargetFrameLowering { (public)
+                             MachineBasicBlock &MBB) const = 0;
+   virtual void emitEpilogue(MachineFunction &MF,
+                             MachineBasicBlock &MBB) const = 0;
+
+  virtual const ReturnProtectorLowering *getReturnProtector() const {
+    return nullptr;
+  }
+ 
+   /// With basic block sections, emit callee saved frame moves for basic blocks
+   /// that are in a different section.