Re: [PATCH v1 2/2] arm64: Enable BTI for main executable as well as the interpreter

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jun 03, 2021 at 05:51:34PM +0100, Mark Brown wrote:
> On Thu, Jun 03, 2021 at 04:40:35PM +0100, Dave Martin wrote:
> > Do we know how libcs will detect that they don't need to do the
> > mprotect() calls?  Do we need a detection mechanism at all?
> > 
> > Ignoring certain errors from mprotect() when ld.so is trying to set
> > PROT_BTI on the main executable's code pages is probably a reasonable,
> > backwards-compatible compromise here, but it seems a bit wasteful.
> 
> I think the theory was that they would just do the mprotect() calls and
> ignore any errors as they currently do, or declare that they depend on a
> new enough kernel version I guess (not an option for glibc but might be
> for others which didn't do BTI yet).

I think we discussed the possibility of an AT_FLAGS bit. Until recently,
this field was 0 but it gained a new bit now. If we are to expose this
to arch-specific things, it may need some reservations. Anyway, that's
an optimisation that can be added subsequently.

-- 
Catalin



[Index of Archives]     [Linux Kernel]     [Kernel Newbies]     [x86 Platform Driver]     [Netdev]     [Linux Wireless]     [Netfilter]     [Bugtraq]     [Linux Filesystems]     [Yosemite Discussion]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]

  Powered by Linux