Contributed by Janne Johansson on from the don't pee on the electric fence dept.
If you run recent OpenBSD on certain amd64 or aarch64 platforms, indirect branching to an "unexpected" location will crash your program, in order to prevent ROP attacks and similar ways to have your program execute code where it shouldn't.
The OpenBSD compiler will insert an extra instruction in all the places where a branch is supposed to land, and if it lands anywhere else, a CPU fault is raised and your program gets an "Illegal Instruction".
Previously, crashes of this kind have looked more or less like any other kind of fault where code is executing random data or from random locations, but since the kernel knows when this has happened, we can make it explicit that the fault is due to missing branch target instructions, which will help a lot when debugging.
Link to the commit here.
(Comments are closed)
By sthen (2a02:8011:7003:5:dc2:efc:245b:5b31) on
Previously these just showed as SIGILL "Illegal instruction", and they still do, but this commit changed things so that the extra information is available when running under ktrace.
11th gen and newer Intel CPUs have this feature (look for IBT in the CPU attach line in dmesg). Support was added in 7.4 but a recent change to stop doing retpoline by default means that more programs are likely to accidentally trigger the mechanism (primarily those with asm code).
If you have such hardware, it will be helpful to update to a recent snapshot and packages to check if things still work for you - however a couple of problems in common packages have only very recently been fixed (including graphics/jpeg and graphics/imlib2) so at the moment you'll either want to update that from ports if installed, or wait until packages with jpeg-3.0.1p0v0 or jpeg-3.02vo show up.