On Do, 22.10.20 09:29, Szabolcs Nagy (szabolcs.nagy@xxxxxxx) wrote: > > > The dynamic loader has to process the LOAD segments to get to the ELF > > > note that says to enable BTI. Maybe we could do a first pass and load > > > only the segments that cover notes. But that requires lots of changes > > > to generic code in the loader. > > > > What if the loader always enabled BTI for PROT_EXEC pages, but then when > > discovering that this was a mistake, mprotect() the pages without BTI? Then > > both BTI and MDWX would work and the penalty of not getting MDWX would fall > > to non-BTI programs. What's the expected proportion of BTI enabled code vs. > > disabled in the future, is it perhaps expected that a distro would enable > > the flag globally so eventually only a few legacy programs might be > > unprotected? > > i thought mprotect(PROT_EXEC) would get filtered > with or without bti, is that not the case? We can adjust the filter in systemd to match any combination of flags to allow and to deny. Lennart -- Lennart Poettering, Berlin _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Lennart Poettering <mzxreary@xxxxxxxxxxx>
- Date: Thu, 22 Oct 2020 10:38:23 +0200
- Cc: Florian Weimer <fweimer@xxxxxxxxxx>, Mark Rutland <mark.rutland@xxxxxxx>, systemd-devel@xxxxxxxxxxxxxxxxxxxxx, Kees Cook <keescook@xxxxxxxxxxxx>, Catalin Marinas <Catalin.Marinas@xxxxxxx>, Will Deacon <will.deacon@xxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, Mark Brown <broonie@xxxxxxxxxx>, libc-alpha@xxxxxxxxxxxxxx, Dave Martin <dave.martin@xxxxxxx>, "linux-arm-kernel@xxxxxxxxxxxxxxxxxxx" <linux-arm-kernel@xxxxxxxxxxxxxxxxxxx>
- In-reply-to: <20201022082912.GQ3819@arm.com>
- References: <8584c14f-5c28-9d70-c054-7c78127d84ea@arm.com> <20201022071812.GA324655@gardel-login> <87sga6snjn.fsf@oldenburg2.str.redhat.com> <511318fd-efde-f2fc-9159-9d16ac8d33a7@gmail.com> <20201022082912.GQ3819@arm.com>
- References:
- BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Jeremy Linton
- Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Lennart Poettering
- Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Florian Weimer
- Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- From: Topi Miettinen
- BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Prev by Date: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Next by Date: Re: date/time set to epoch when using readonly rootfs
- Previous by thread: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Next by thread: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures
- Index(es):
 |