K 10
svn:author
V 6
emaste
K 8
svn:date
V 27
2019-09-26T18:56:41.280448Z
K 7
svn:log
V 1036
MFS r352752: Add a WITH_BIND_NOW build knob

MFC r340186: Add a WITH_BIND_NOW build knob

The linker's -z now flag sets the DF_BIND_NOW flag, which signals to the
runtime loader that all relocation processing should be performed at
process startup rather than on demand.  In combination with lld's
default of enabling relro this causes the GOT to be made read-only when
the process starts, preventing straightforward GOT overwrite attacks.

MFC r341429: disable BIND_NOW in libc, libthr, and rtld

An issue remains with BIND_NOW and processes using threads.  For now,
restore libc's BIND_NOW disable, and also disable BIND_NOW in rtld and
libthr.

MFC r345625: revert r341429 "disable BIND_NOW in libc, libthr, and rtld"

r345620 by kib@ fixed the rtld issue that caused a crash at startup
during resolution of libc's ifuncs with BIND_NOW.

MFC r345638: Revert change accidentally committed along with r345625

MFC r345640: Revert other accidentally committed part of r345625

Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation

END