[$] OpenBSD system-call pinning

Return-oriented programming (ROP) attacks are hard to defend against.Partial mitigations such as address-space layout randomization, stackcanaries, and other techniques are commonly deployed to try and frustrateROP attacks. Now, OpenBSD is experimenting with a newmitigation that makes it harder for attackers to make systemcalls, although some security researchers have expressed doubt that it willprove effective at stopping real-world attacks.In hisannouncement message, Theo de Raadt said that this work"makes some specific low-level attackmethods unfeasable on OpenBSD, which will force the use of other methods."