diff --git a/mold-2.2.0.tar.gz b/mold-2.2.0.tar.gz deleted file mode 100644 index ea06768..0000000 --- a/mold-2.2.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:78ddddaaa004e50f8d92a13d8e792a46a1b37745fab48d39ad16aeb5a776e7c6 -size 9956678 diff --git a/mold-2.3.0.tar.gz b/mold-2.3.0.tar.gz new file mode 100644 index 0000000..22f7708 --- /dev/null +++ b/mold-2.3.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6cfc1af0214f993be1b0ae4a2f0278d32b7fc48155c15b2d03758f6d81e7250b +size 9958893 diff --git a/mold.changes b/mold.changes index f0305cf..2e7a93e 100644 --- a/mold.changes +++ b/mold.changes @@ -1,3 +1,39 @@ +------------------------------------------------------------------- +Wed Oct 18 12:34:13 UTC 2023 - Martin Liska + +- Update to version 2.3.0 + * [x86-64] mold 2.3.0 has introduced an experimental flag, -z rewrite-endbr, which + rewrites superfluous endbr64 instructions as nop. + * endbr64 is a relatively recent x86 instruction used to mark locations where an + indirect jump instruction can transfer control. With control-flow integrity + enabled (meaning endbr64 is effective), an indirect jump can only target an + endbr64 or it will trigger a runtime exception. This mechanism significantly + hinders certain control hijacking attacks, such as ROP or JOP, since attackers + cannot jump to just any location. + * When given the -fcf-protection flag, GCC conservatively places an endbr64 at the + beginning of every global function. This is because the function's address might + be taken as a pointer by other translation units. However, in most cases, + function addresses are not actually taken. This conservative approach results in + an overabundance of unnecessary endbr64 instructions, leading to not only code + bloating but also a potential decrease in security as there are more locations + for an attacker to exploit. + * The new linker option, -z rewrite-endbr, aims to alleviate this issue. The + linker can carry out a whole-program analysis on the input files to identify + functions whose addresses are never taken. If -z rewrite-endbr is specified, + mold will conduct this analysis and replace the initial endbr64 with a nop for + functions whose addresses aren't taken. (17f0d85) + * mold now produces a more compact .gdb_index section when using the --gdb-index + flag. Additionally, mold now generates a correct .gdb_index section for object + files created by Clang. (a396fa4) + * mold is now capable of handling input sections larger than 4 GiB. (0ce32d3) + * [PPC] mold can now generate executables for POWER10 processors. Previously, + executables produced by mold would crash immediately on startup on POWER10. + (0f71471) + * [ARM64] When a function with a non-standard calling convention is exported, it's + mandatory for the linker to turn on the STO_AARCH64_VARIANT_PCS flag to notify + the dynamic linker. mold now appropriately sets this flag. (2e3b56e) + * [RISC-V] mold now supports new GP-relative relocations. (ac3ee91) + ------------------------------------------------------------------- Tue Sep 26 20:11:13 UTC 2023 - Martin Liška diff --git a/mold.spec b/mold.spec index a1aa178..55c322c 100644 --- a/mold.spec +++ b/mold.spec @@ -17,7 +17,7 @@ Name: mold -Version: 2.2.0 +Version: 2.3.0 Release: 0 Summary: A Modern Linker (mold) License: MIT