On Tue, Apr 19, 2022 at 10:33:06PM -0700, Kees Cook wrote: > On Tue, 19 Apr 2022 11:51:54 +0100, Mark Brown wrote: > > Deployments of BTI on arm64 have run into issues interacting with > > systemd's MemoryDenyWriteExecute feature. Currently for dynamically > > linked executables the kernel will only handle architecture specific > > properties like BTI for the interpreter, the expectation is that the > > interpreter will then handle any properties on the main executable. > > For BTI this means remapping the executable segments PROT_EXEC | > > PROT_BTI. > > > > [...] > > Applied to for-next/execve, thanks! > > [1/2] elf: Allow architectures to parse properties on the main executable > https://git.kernel.org/kees/c/b2f2553c8e89 > [2/2] arm64: Enable BTI for main executable as well as the interpreter > https://git.kernel.org/kees/c/b65c760600e2 Kees, please can you drop this series while Catalin's alternative solution is under discussion (his Reviewed-by preceded the other patches)? https://lore.kernel.org/r/20220413134946.2732468-1-catalin.marinas@xxxxxxx Both series expose new behaviours to userspace and we don't need both. Thanks, Will
