in sqlports complete. (Before only the last set was shown.)
From espie, instigated by a less correct diff from me. Also feedback
from sthen@ ("makes a lot of sense")
if they don't match a valid identifier, as of 3.41.0 (2023-02-21) standard
builds of the cli no longer accept this and warn instead. currently builds
from the "autoconf" distribution file do still accept this, but sqlports
should not rely on something that upstream are trying to teach people not
to use. https://sqlite.org/quirks.html#dblquote
from espie
as a result:
- properly show errors at the end.
- show walker errors like I did for dpb.
- feature a "keepgoing" mode that will do the full walk BEFORE exiting
with an error if necessary (but switch from +++ path to !!! path after
the first error, so that interactive runs can be interrupted early on
if deemed applicable)
- feature a "testmode" for trying out a single path
- remove some old obsolete options
- embed some perldoc in the script proper.
record this information in the sqlports db. ok kn@ tb@
OpenBSD is starting to support branch target identification on amd64 and
arm64 (part of the features on Apple m2, and on Intel 11th gen/newer CPUs
with "control-flow enhancement technology").
On amd64 it is currently being enabled/disabled in snapshot kernels at
various times while we gain more information about which software in
ports is working/not.
This works by placing certain opcodes at legitimate targets of branch
instructions (which are ignored on earlier CPUs as they are NOPs there)
and trapping if an indirect call/jump is attempted to a location which
does not contain such an opcode. This makes it harder for an attacker
to jump to a location containing code of their choosing.
For more details on the Intel implementatios See chapter 17 of SDM vol.1
https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html
Our system compilers on amd64/arm64 add the required opcodes at valid
targets, but some code in ports is built with a compiler which does not
do that, also some ports have asm code which has not had the required
instructions added at those points yet (i.e. endbr64 on amd64).
In those cases, the whole binary can be annotated with a segment type
PT_OPENBSD_NOBTCFI as an indicator to the kernel not to enforce branch
target control flow integrity for the produced binary.
The relevant compiler options to enable (default on OpenBSD)/disable are:
amd64: -fcf-protection=branch, -fcf-protection=none
arm64: -mbranch-protection=bti, -mbranch-protection=none
thfr