On Tue, Apr 19, 2022 at 11:51:55AM +0100, Mark Brown wrote: > Currently the ELF code only attempts to parse properties on the image > that will start execution, either the interpreter or for statically linked > executables the main executable. The expectation is that any property > handling for the main executable will be done by the interpreter. This is > a bit inconsistent since we do map the executable and is causing problems > for the arm64 BTI support when used in conjunction with systemd's use of > seccomp to implement MemoryDenyWriteExecute which stops the dynamic linker > adjusting the permissions of executable segments. > > Allow architectures to handle properties for both the dynamic linker and > main executable, adjusting arch_parse_elf_properties() to have a new > flag is_interp flag as with arch_elf_adjust_prot() and calling it for > both the main executable and any intepreter. > > The user of this code, arm64, is adapted to ensure that there is no > functional change. > > Signed-off-by: Mark Brown <broonie@xxxxxxxxxx> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
