On Mon, Mar 23, 2020 at 02:55:46PM +0000, Mark Rutland wrote: > On Mon, Mar 23, 2020 at 02:39:55PM +0000, Catalin Marinas wrote: > > So this means that the interpreter will have to mprotect(PROT_BTI) the > > text section of the primary executable. > Yes, but after fixing up any relocations in that section it's going to > have to call mprotect() on it anyhow (e.g. in order to make it > read-only), and in doing so would throw away BTI unless it was BTI > aware. Ah, of course - I forgot that's not a read/modify/write cycle. I'll send the comment version. > > That's a valid point. If we have an old dynamic linker and the kernel > > enabled BTI automatically for the main executable, could things go wrong > > (e.g. does the PLT need to be BTI-aware)? > I believe that a PLT in an unguarded page needs no special treatment. A > PLT within a guarded page needs to be built specially for BTI. Unguarded stuff is unaffected.
Attachment:
signature.asc
Description: PGP signature