| Age | Commit message (Collapse) | Author |
|---|
|
john/erts/spectre-configure-flag-otp_20/OTP-15430/ERIERL-237
* john/erts/spectre-configure-flag/OTP-15430/ERIERL-237:
Allow disabling retpoline in interpreter loop
Add a ./configure flag for spectre mitigation
|
|
Note that the ERTS_NO_RETPOLINE macro introduced by this commit is
completely inert unless spectre-mitigation is set to 'incomplete.'
This includes when mitigation has been manually enabled through
CFLAGS, so it should be impossible for it to unintentionally
disable mitigation.
|
|
|
|
* rickard/statistics-time-fixes/OTP-14597/ERL-465:
Bug fixes of statistics(wall_clock) and statistics(runtime)
Conflicts:
erts/emulator/beam/erl_time_sup.c
|
|
|
|
On macOS, it was not possible to start crypto after running
observer. (ERL_251)
On the beta of macOS 10.13 (High Sierra), crypto does not work
at all. (ERL-439)
The problem is that the use of the -flat_namespace option when
linking dynamic drivers such as the one for crypto. With that
option, all function names must be unique among all linked
libraries and frameworks, or the wrong function could be called.
Resolve the problem by using the two-level namespace as recommended by
Apple. We need to use the -bundle_loader option to point out beam.smp
when building all drivers and NIF libraries.
https://bugs.erlang.org/browse/ERL-251
https://bugs.erlang.org/browse/ERL-439
|
|
"./configure --enable-lock-counter" would modify the behavior
of the default emulator (usually SMP).
To make lock counting more accessible, change --enable-lock-counter
to build an additional emulator in the same way as:
(cd erts/emulator && make lcnt)
(The next commit will make it easier to start the built lock-counter
emulator.)
|
|
|
|
|
|
* ingela/openssl-version:
crypto: Update documentation to reflect new version policy
erts: Update configure check for OpenSSL
|
|
Allow HiPE-enabled VMs to be built with --enable-m32-build
|
|
We have never officially supported OpenSSL-0.9.7*
Update to OpenSSL-0.9.8c or later, but OpenSSL-1.0.2 or later is recommended
|
|
HiPE compiles and runs perfectly well with --enable-m32-build on linux.
If there are some darwin-specific issues with --enable-m32-build and
--enable-hipe, a more specific test for these conditions should be added.
|
|
Also remove i386 clause, as ARCH can never have that value.
|
|
The above commit erroneously declared 'ppc64le' as a 'ppc64' for
HiPE enabling. These two architectures are different and one can
NOT expect that native code generated for one architecture runs
on the other one. Rather than reverting this commit, make sure
that the architecture is declared correctly instead of pretending
it's a PPC64.
|
|
Some linkers, for example on Gentoo Hardened, do not accept the -no-pie
flag but require the -fno-PIE flag instead.
|
|
Magic references are *intentionally* indistinguishable from ordinary
references for the Erlang software. Magic references do not change
the language, and are intended as a pure runtime internal optimization.
An ordinary reference is typically used as a key in some table. A
magic reference has a direct pointer to a reference counted magic
binary. This makes it possible to implement various things without
having to do lookups in a table, but instead access the data directly.
Besides very fast lookups this can also improve scalability by
removing a potentially contended table. A couple of examples of
planned future usage of magic references are ETS table identifiers,
and BIF timer identifiers.
Besides future optimizations using magic references it should also
be possible to replace the exposed magic binary cludge with magic
references. That is, magic binaries that are exposed as empty
binaries to the Erlang software.
|
|
|
|
In OpenSSL 1.1.0, HMAC_CTX no longer has a complete definition,
and can no longer be allocated as a stack variable. Therefore,
the code in the configure test for usable OpenSSL library will
not compile.
Call the HMAC() function instead since it exists in all versions of
of OpenSSL that we support. Note that the code will only be compiled
and linked, not run, so the argument values don't matter as long as
they have the correct type.
|
|
OpenSSL 1.1.0 and higher does not support Kerberos and no longer
defines OPENSSL_NO_KRB5 to indicate that. Test the version number
as well as OPENSSL_NO_KRB5.
|
|
|
|
to get errors for "#if UNDEFINED_MACRO"
|
|
|
|
* sverker/hipe-no-pie-amd64:
erts: Disable -fPIE for HiPE on x86_64
erts: Fix correct link flags for hipe_mkliterals
|
|
|
|
Only x86_64 needs to reserve low virtual memory for its
amd64 small code model.
|
|
Just merge the two if's
|
|
|
|
|
|
Conflicts:
erts/emulator/beam/beam_bif_load.c
erts/emulator/beam/beam_load.c
and added macro DBG_TRACE_MFA_P in beam_load.h
|
|
For non-amd64 it's a "normal" allocator with a
wrapper around mseg_alloc to call mprotect(PROT_EXEC).
|
|
This reverts commit 52fae83743a6e84d719f4f82fe45e6e0efdbd6f0:
Check libsctp for sctp funcs in configure.in
Call AC_CHECK_LIB before calling AC_CHECK_FUNCS to check for functions in libsctp.
Otherwise AC_CHECK_FUNCS will not link with libsctp to see if function exists.
Reverting to the old behaviour of not checking for libsctp before checking for
sctp functions. Then it works on Linux by loading libsctp and looking up the
symbols i runtime, and it works on FreeBSD since there is no separate libsctp
to link against - the functions are part of the default system libraries.
|
|
Conflicts:
lib/crypto/c_src/crypto.c
lib/ssl/src/ssl_cipher.erl
|
|
* maint:
Try to handle not yet available functionality in MacOSX SDK
Check deployment target in configure on MacOSX
Fix posix_memalign configure test
|
|
* rickard/macosx-config-mess/OTP-13904:
Try to handle not yet available functionality in MacOSX SDK
Check deployment target in configure on MacOSX
Fix posix_memalign configure test
|
|
For consistency with other applications.
|
|
FIPS mode support needs to be enabled at compile time, by configuring
Erlang/OTP with --enable-fips option. In FIPS mode the non-FIPS
algorithms are disabled and raise error notsup.
The supported protocols list is properly updated in FIPS mode to
advertise only the enabled protocols.
FIPS mode is off by default even if Erlang/OTP was built with FIPS
support. It needs to be turned on at runtime.
The official approach is to set the fips_mode application environment
parameter of the crypto application to true. This would turn FIPS mode
on when the NIF is loaded and would prevent loading the module on
error.
Another method is provided via the crypto:enable_fips_mode/1
function, but it is not recommended to be used in production, as it
won't prevent the use of the crypto module in case of an error, and
would risk OpenSSL crashing the emulator. It is very useful for test
suites however that need to check both validated and non-validated
functionality.
This commit is based on commit
00b3a04d17a653b4abddeebd6dd8a2c38df532d0.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* maint:
Fix tracing of processes executing dirty
Perform check_process_code while process is executing dirty
Fix purge of code
Reclaim literal area after purge has completed
Separate literal area from code
Conflicts:
erts/emulator/beam/global.h
|
|
'rickard/new-purge-strategy/OTP-13833' into maint
* rickard/fun-purge-bug/OTP-13809:
Fix purge of code
Reclaim literal area after purge has completed
Separate literal area from code
Conflicts:
erts/doc/src/erlang.xml
erts/emulator/beam/beam_bif_load.c
erts/emulator/beam/erl_init.c
erts/preloaded/ebin/init.beam
|
|
* g-andrade/kernel/fetch_ztream_dictionary/PR-1139/OTP-13842:
Update preloaded modules
Specify min zlib ver on inflateGetDictionary doc
Skip inflateGetDictionary test case if unsupported
zlib: Only link inflateGetDictionary if available
zlib: Add test case for inflateGetDictionary
zlib: support extraction of inflation dictionary
|
|
|
|
Which at the moment means zlib versions >= 1.2.8.
|
|
* binarin/even-more-absolute-paths/PR-1103/OTP-13800:
Use perl discovered by configure
Don't make assumptions about build tools paths
|
|
Call AC_CHECK_LIB before calling AC_CHECK_FUNCS to check for functions in libsctp.
Otherwise AC_CHECK_FUNCS will not link with libsctp to see if function exists.
|
