Wed Oct 6 06:28:08 2021 UTC ()
doc/pkgsrc.*: regen


(nia)
diff -r1.322 -r1.323 pkgsrc/doc/pkgsrc.html
diff -r1.320 -r1.321 pkgsrc/doc/pkgsrc.txt
cvs diff -r1.322 -r1.323 pkgsrc/doc/pkgsrc.html (expand / switch to unified diff)

--- pkgsrc/doc/pkgsrc.html 2021/10/01 17:59:05 1.322
+++ pkgsrc/doc/pkgsrc.html 2021/10/06 06:28:08 1.323
@@ -11404,26 +11404,34 @@ Dynamic Section: @@ -11404,26 +11404,34 @@ Dynamic Section:
11404 BIND_NOW 0x0000000000000000 11404 BIND_NOW 0x0000000000000000
11405</pre> 11405</pre>
11406<p> 11406<p>
11407This has to be combined with partial RELRO (see above) to be fully efficient. 11407This has to be combined with partial RELRO (see above) to be fully efficient.
11408</p> 11408</p>
11409<p> 11409<p>
11410This check is now performed automatically (where supported) if 11410This check is now performed automatically (where supported) if
11411<code class="varname">PKG_DEVELOPER</code> is set. 11411<code class="varname">PKG_DEVELOPER</code> is set.
11412</p> 11412</p>
11413</div> 11413</div>
11414<div class="sect2"> 11414<div class="sect2">
11415<div class="titlepage"><div><div><h3 class="title"> 11415<div class="titlepage"><div><div><h3 class="title">
11416<a name="hardening.audit.ssp"></a>B.3.4. Checking for SSP</h3></div></div></div> 11416<a name="hardening.audit.ssp"></a>B.3.4. Checking for SSP</h3></div></div></div>
 11417<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 11418<h3 class="title">Note</h3>
 11419<p>
 11420Checking for SSP using this method only works where the operating system
 11421uses <code class="literal">libssp</code>. <code class="literal">libssp</code> is not used
 11422on recent NetBSD/FreeBSD/Linux versions.
 11423</p>
 11424</div>
11417<p> 11425<p>
11418Building objects, binaries and libraries with SSP will affect the presence of 11426Building objects, binaries and libraries with SSP will affect the presence of
11419additional symbols in the resulting file: 11427additional symbols in the resulting file:
11420</p> 11428</p>
11421<pre class="programlisting"> 11429<pre class="programlisting">
11422<strong class="userinput"><code>$ nm /path/to/bin/ary</code></strong> 11430<strong class="userinput"><code>$ nm /path/to/bin/ary</code></strong>
11423[...] 11431[...]
11424 U __stack_chk_fail 11432 U __stack_chk_fail
114250000000000600ea0 B __stack_chk_guard 114330000000000600ea0 B __stack_chk_guard
11426</pre> 11434</pre>
11427<p> 11435<p>
11428This is an indicator that the program was indeed built with support for SSP. 11436This is an indicator that the program was indeed built with support for SSP.
11429</p> 11437</p>
cvs diff -r1.320 -r1.321 pkgsrc/doc/pkgsrc.txt (expand / switch to unified diff)

--- pkgsrc/doc/pkgsrc.txt 2021/10/01 17:59:05 1.320
+++ pkgsrc/doc/pkgsrc.txt 2021/10/06 06:28:08 1.321
@@ -9273,26 +9273,31 @@ $ objdump -x /path/to/bin/ary @@ -9273,26 +9273,31 @@ $ objdump -x /path/to/bin/ary
9273/path/to/bin/ary: file format elf64-x86-64 9273/path/to/bin/ary: file format elf64-x86-64
9274 9274
9275Dynamic Section: 9275Dynamic Section:
9276[...] 9276[...]
9277 BIND_NOW 0x0000000000000000 9277 BIND_NOW 0x0000000000000000
9278 9278
9279This has to be combined with partial RELRO (see above) to be fully efficient. 9279This has to be combined with partial RELRO (see above) to be fully efficient.
9280 9280
9281This check is now performed automatically (where supported) if PKG_DEVELOPER is 9281This check is now performed automatically (where supported) if PKG_DEVELOPER is
9282set. 9282set.
9283 9283
9284B.3.4. Checking for SSP 9284B.3.4. Checking for SSP
9285 9285
 9286Note
 9287
 9288Checking for SSP using this method only works where the operating system uses
 9289libssp. libssp is not used on recent NetBSD/FreeBSD/Linux versions.
 9290
9286Building objects, binaries and libraries with SSP will affect the presence of 9291Building objects, binaries and libraries with SSP will affect the presence of
9287additional symbols in the resulting file: 9292additional symbols in the resulting file:
9288 9293
9289$ nm /path/to/bin/ary 9294$ nm /path/to/bin/ary
9290[...] 9295[...]
9291 U __stack_chk_fail 9296 U __stack_chk_fail
92920000000000600ea0 B __stack_chk_guard 92970000000000600ea0 B __stack_chk_guard
9293 9298
9294This is an indicator that the program was indeed built with support for SSP. 9299This is an indicator that the program was indeed built with support for SSP.
9295 9300
9296This check is now performed automatically (where supported) if PKG_DEVELOPER is 9301This check is now performed automatically (where supported) if PKG_DEVELOPER is
9297set and SSP is enabled. 9302set and SSP is enabled.
9298 9303