Page MenuHomeFreeBSD
Files F132912490

D42596.id130079.diff
No OneTemporary
Actions

D42596.id130079.diff
View Options

diff --git a/cddl/lib/libicp/Makefile b/cddl/lib/libicp/Makefile
--- a/cddl/lib/libicp/Makefile
+++ b/cddl/lib/libicp/Makefile
@@ -139,4 +139,7 @@
LDFLAGS.bfd+= -Wl,-znoexecstack
+# sha256-armv8.S and sha512-armv8.S are missing the BTI elf note
+MK_BRANCH_PROTECTION=no
+
.include <bsd.lib.mk>
diff --git a/cddl/lib/libicp_rescue/Makefile b/cddl/lib/libicp_rescue/Makefile
--- a/cddl/lib/libicp_rescue/Makefile
+++ b/cddl/lib/libicp_rescue/Makefile
@@ -136,4 +136,7 @@
LDFLAGS.bfd+= -Wl,-znoexecstack
+# sha256-armv8.S and sha512-armv8.S are missing the BTI elf note
+MK_BRANCH_PROTECTION=no
+
.include <bsd.lib.mk>
diff --git a/lib/libomp/Makefile b/lib/libomp/Makefile
--- a/lib/libomp/Makefile
+++ b/lib/libomp/Makefile
@@ -1,4 +1,7 @@
+# z_Linux_asm.S is missing BTI support
+MK_BRANCH_PROTECTION=no
+
.include <bsd.compiler.mk>
SHLIB_NAME= libomp.so
diff --git a/rescue/rescue/Makefile b/rescue/rescue/Makefile
--- a/rescue/rescue/Makefile
+++ b/rescue/rescue/Makefile
@@ -1,5 +1,8 @@
# @(#)Makefile 8.1 (Berkeley) 6/2/93
+# libicp is built without BTI support
+MK_BRANCH_PROTECTION=no
+
.include <src.opts.mk>
.include <bsd.linker.mk>
diff --git a/share/mk/bsd.lib.mk b/share/mk/bsd.lib.mk
--- a/share/mk/bsd.lib.mk
+++ b/share/mk/bsd.lib.mk
@@ -99,6 +99,12 @@
.endif
# LLD sensibly defaults to -znoexecstack, so do the same for BFD
LDFLAGS.bfd+= -Wl,-znoexecstack
+.if ${MK_BRANCH_PROTECTION} != "no"
+CFLAGS+= -mbranch-protection=standard
+.if ${MACHINE_ARCH} == "aarch64" && defined(BTI_REPORT_ERROR)
+LDFLAGS+= -Wl,-zbti-report=error
+.endif
+.endif
# Initialize stack variables on function entry
.if ${OPT_INIT_ALL} != "none"
diff --git a/share/mk/bsd.opts.mk b/share/mk/bsd.opts.mk
--- a/share/mk/bsd.opts.mk
+++ b/share/mk/bsd.opts.mk
@@ -52,6 +52,7 @@
__DEFAULT_YES_OPTIONS = \
ASSERT_DEBUG \
+ BRANCH_PROTECTION \
DEBUG_FILES \
DOCCOMPRESS \
INCLUDES \
@@ -101,6 +102,10 @@
__DEFAULT_YES_OPTIONS+=PIE
.endif
+.if ${MACHINE} != "arm64"
+BROKEN_OPTIONS+=BRANCH_PROTECTION
+.endif
+
__SINGLE_OPTIONS = \
INIT_ALL
diff --git a/share/mk/bsd.prog.mk b/share/mk/bsd.prog.mk
--- a/share/mk/bsd.prog.mk
+++ b/share/mk/bsd.prog.mk
@@ -69,6 +69,12 @@
.endif
# LLD sensibly defaults to -znoexecstack, so do the same for BFD
LDFLAGS.bfd+= -Wl,-znoexecstack
+.if ${MK_BRANCH_PROTECTION} != "no"
+CFLAGS+= -mbranch-protection=standard
+.if ${MACHINE_ARCH} == "aarch64" && defined(BTI_REPORT_ERROR)
+LDFLAGS+= -Wl,-zbti-report=error
+.endif
+.endif
# Initialize stack variables on function entry
.if ${OPT_INIT_ALL} != "none"
diff --git a/stand/Makefile.inc b/stand/Makefile.inc
--- a/stand/Makefile.inc
+++ b/stand/Makefile.inc
@@ -1,4 +1,7 @@
SUBDIR_PARALLEL= yes
+# Firmware may not be able to handle branch protection failures
+MK_BRANCH_PROTECTION= no
+
.include "defs.mk"

File Metadata

Mime Type
text/plain
Expires
Wed, Oct 22, 3:12 AM (7 h, 2 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
24038476
Default Alt Text
D42596.id130079.diff (2 KB)

Event Timeline