* Topi Miettinen: >> The dynamic loader has to process the LOAD segments to get to the ELF >> note that says to enable BTI. Maybe we could do a first pass and >> load only the segments that cover notes. But that requires lots of >> changes to generic code in the loader. > > What if the loader always enabled BTI for PROT_EXEC pages, but then > when discovering that this was a mistake, mprotect() the pages without > BTI? Is that architecturally supported? How costly is the mprotect change if the pages have not been faulted in yet? > Then both BTI and MDWX would work and the penalty of not getting > MDWX would fall to non-BTI programs. What's the expected proportion of > BTI enabled code vs. disabled in the future, is it perhaps expected > that a distro would enable the flag globally so eventually only a few > legacy programs might be unprotected? Eventually, I expect that mainstream distributions build everything for BTI, so yes, the PROT_BTI removal would only be needed for legacy programs. Thanks, Florian -- Red Hat GmbH, https://de.redhat.com/ , Registered seat: Grasbrunn, Commercial register: Amtsgericht Muenchen, HRB 153243, Managing Directors: Charles Cachera, Brian Klemm, Laurie Krebs, Michael O'Neill _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Florian Weimer <fweimer@xxxxxxxxxx>
- Date: Thu, 22 Oct 2020 10:25:22 +0200
- Cc: Mark Rutland <mark.rutland@xxxxxxx>, systemd-devel@xxxxxxxxxxxxxxxxxxxxx, Kees Cook <keescook@xxxxxxxxxxxx>, Catalin Marinas <Catalin.Marinas@xxxxxxx>, Will Deacon <will.deacon@xxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, Mark Brown <broonie@xxxxxxxxxx>, Lennart Poettering <mzxreary@xxxxxxxxxxx>, libc-alpha@xxxxxxxxxxxxxx, Dave Martin <dave.martin@xxxxxxx>, "linux-arm-kernel@xxxxxxxxxxxxxxxxxxx" <linux-arm-kernel@xxxxxxxxxxxxxxxxxxx>
- In-reply-to: <511318fd-efde-f2fc-9159-9d16ac8d33a7@gmail.com> (Topi Miettinen's message of "Thu, 22 Oct 2020 11:17:19 +0300")
- References: <8584c14f-5c28-9d70-c054-7c78127d84ea@arm.com> <20201022071812.GA324655@gardel-login> <87sga6snjn.fsf@oldenburg2.str.redhat.com> <511318fd-efde-f2fc-9159-9d16ac8d33a7@gmail.com>
- User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
- References:
- BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Jeremy Linton
- Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Lennart Poettering
- Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Florian Weimer
- Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Topi Miettinen
- BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Prev by Date: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Next by Date: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Previous by thread: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Next by thread: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Index(es):
 |