[PATCH v7 0/4] arm64: Enable BTI for the executable as well as the interpreter
Catalin Marinas
catalin.marinas at arm.com
Mon Jan 17 09:54:14 PST 2022
On Fri, Jan 07, 2022 at 12:01:17PM +0000, Catalin Marinas wrote:
> I think we can look at this from two angles:
>
> 1. Ignoring MDWE, should whoever does the original mmap() also honour
> PROT_BTI? We do this for static binaries but, for consistency, should
> we extend it to dynamic executable?
>
> 2. A 'simple' fix to allow MDWE together with BTI.
Thinking about it, (1) is not that different from the kernel setting
PROT_EXEC on the main executable when the dynamic loader could've done
it as well. There is a case for making this more consistent: whoever
does the mmap() should use the full attributes.
Question for the toolchain people: would the compiler ever generate
relocations in the main executable that the linker needs to resolve via
an mprotect(READ|WRITE) followed by mprotect(READ|EXEC)? If yes, we'd
better go for a proper MDWE implementation in the kernel.
--
Catalin
More information about the linux-arm-kernel
mailing list