search for: hardenedbsd

...it fixes compilation, but produces a non-working system. I know that's kinda vague and I'll have more details soon, including sample binaries. I at least wanted to give a status update so you didn't think you were being ignored. Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: lattera at is.a.hacker.sx GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE On Wed, Nov 28, 2018 at 09:16:24PM -0800, Peter Collingbourne wrote: > https://reviews.llvm.org/D5...

...frame #6: 0x000000000021b103 pid`_start(ap=<unavailable>, cleanup=<unavailable>) at crt1.c:75 > (lldb) > > [1]: https://gist.github.com/lattera/758b28c1e315cd70e670dd5211388864 > > The CSU can be found here: > https://github.com/HardenedBSD/hardenedBSD/tree/hardened/current/master/lib/csu > > I'm working on amd64 (so crt1.c would be at lib/csu/amd64/crt1.c). The > handle_static_init function is here: > https://github.com/HardenedBSD/hardenedBSD/blob/hardened/current/master/lib/csu/common/ignore_init.c > > Thank...

Hey Peter, Here you go! https://hardenedbsd.org/~shawn/2018-11-28_reproduce-01.tar Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: lattera at is.a.hacker.sx GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245...

Hey LLVM folks, I've run into an interesting assertion. In one of HardenedBSD's feature branches, we're working on integration llvm's Cross-DSO CFI implementation. Using Cross-DSO CFI requires building libs with LTO, which causes clang to emit LLVM IR intermediate object files rather than ELF intermediate object files. I've found that with lld, attempting to...

Greetings All, I was wondering what projects seem to improve the most from lld as a linker. It s seems to mostly be browsers and games but if someone has something else I would be interested to hear what. The site doesn't really talk about what projects improve the most so I would be curious to hear what does and even if possible why. Nick

On Mon, Jun 24, 2019 at 3:37 PM Jake Ehrlich <jakehehrlich at google.com> wrote: > disclaimer: I work at Google so don't take my +1 as an independent vote > forward. > > We would like to use this on Fuchsia and I am particularly interested in > creating a dynamic linking library for ELF with Roland McGrath's guidance. > We spoke about creating a library for writing

...plt]) OSSH_CHECK_CFLAG_COMPILE([-D_FORTIFY_SOURCE=2]) OSSH_CHECK_LDFLAG_LINK([-Wl,-z,relro]) ... I've not had any issues, yet, with any other of many packages I build with this GCC env; this fail is, so far, unique to this openssh build attempt. Not clear yet if relevant, noting @ HardenedBSD, "HBSD: Do not enable RETPOLINE if LLD_UNSAFE or USE_GCC is set" https://github.com/HardenedBSD/hardenedbsd-ports/commit/e57638c87f44c91c12539bb9fc5d00b862a4974a Should the retpoline flag be getting added? If so, what's needed to make LD happy with it?

Hey All, [NOTE: crossposting between freebsd-current@, freebsd-security@, and freebsd-stable at . Please forgive me if crossposting is frowned upon.] Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology. It helps secure applications against low-level exploits. A popular secure implementation is known as PaX ASLR, which is a third-party patch for Linux. Our

Hey All, [NOTE: crossposting between freebsd-current@, freebsd-security@, and freebsd-stable at . Please forgive me if crossposting is frowned upon.] Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology. It helps secure applications against low-level exploits. A popular secure implementation is known as PaX ASLR, which is a third-party patch for Linux. Our

Hello LLVM Developers, Within Google, we have a growing range of needs that existing libc implementations don't quite address. This is pushing us to start working on a new libc implementation. Informal conversations with others within the LLVM community has told us that a libc in LLVM is actually a broader need, and we are increasingly consolidating our toolchains around LLVM. Hence, we