pixman: drop support for MMX on x86
LLVM has dropped the ability to generate vectorized code using compiler
intrinsics for chips with MMX but without SSE2. The pixman library
detects available CPU features at runtime and will either fall back
to the generic implementation or use the SSE2 or SSSE3 code paths.
ok kettenis@ matthieu@ jsg@
Handle sections that specify alignment as 0 when loading an ELF interpreter
(i.e. ld.so). Since the smallest possible alignment actually is a the
page size just start with that and only increase it if a larger alignment
is requested. Also reject interpreters without loadable segments, just
like we did for ld.so a few weeks ago.
Distilled from a report by Andrew Griffiths.
ok jsg@, deraadt@
Validate size of chunks copied to piglet during hibernate unpack
Ensure that the compressed size of the chunk read from the hibernate image
will fit into the reserved space in the piglet for such chunks. Prevents
chunks with invalid sizes from overrunning the piglet. Such corrupted
chunks could be present in tampered or corrupt on-disk hibernate images.
Reported by Frank Denis
Validate sizes against integer overflow when reading chunks in unhibernate
Validate that chunk sizes stored in the chunktable don't result in integer
overflow. Such invalid chunk sizes could be present in tampered or corrupt
on-disk hibernate images.
Reported by Frank Denis
Prevent overread when reading the chunktable in unhibernate
Ensure we don't read past the end of the chunktable, which could happen
with a tampered or corrupted on-disk hibernate image.
Reported by Frank Denis
Disable builtins in strlcpytest.c. Otherwise, clang w/ optimizations
enabled will treat strlcpy(NULL, ...) as undefined behavior and optimize
the invocation away.
Regression introduced after the llvm 22 upgrade.
Disable kbind() and pinsyscalls() for static binaries at the correct
time, which is inside exec_elf_makecmds(). Amusingly, it looks like
these protection mechanisms are not needed because other process state
protects against kbind use since we completed the switch to static pie.
Also any priviledged static binary (which we ship, setuid or daemon) is
not going to contain a pinsyscall or kbind slot in the loaded pinsyscalls
table, so they cannot perform those. Only synthetic binaries with their
own pinsyscalls table could play, but of course they won't run with
priviledge..
from Andrew Griffiths at Calif
ok kettenis, andrew also approves of this approach
But the NVMe controller integrated on Apple silicon (M1, M2, etc.)
advertises support for 128-byte submission queue entries but only works
with 64-byte entries. So let aplns(4) override the size.
ok jcs@