[PATCH v11 2/2] arm64: Enable BTI for main executable as well as the interpreter

[Catalin Marinas]

On Tue, Mar 08, 2022 at 12:01:17PM -0600, Jeremy Linton wrote:
> On 3/8/22 07:22, Mark Brown wrote:
> > Currently for dynamically linked ELF executables we only enable BTI for
> > the interpreter, expecting the interpreter to do this for the main
> > executable. This is a bit inconsistent since we do map main executable and
> > is causing issues with systemd's MemoryDenyWriteExecute feature which is
> > implemented using a seccomp filter which prevents setting PROT_EXEC on
> > already mapped memory and lacks the context to be able to detect that
> > memory is already mapped with PROT_EXEC.
> > 
> > Resolve this by adding a sysctl abi.bti_main which causes the kernel to
> > checking the BTI property for the main executable and enable BTI if it
> > is present when doing the initial mapping. This sysctl is disabled by
> > default.
> 
> This seems less than ideal, maybe the default can be flipped with a CONFIG
> option?

I'm not keen on config options changing the ABI. If there's a good
chance that this feature won't be turned on (via sysfs) in distros with
MDWE, I'd rather drop the whole series than maintain unused code in the
kernel.

(we can go back fixing this properly at the mprotect() level, as long as
systemd folk are willing to move away from eBPF for MDWE; happy to
provide kernel patches to start the discussion)

-- 
Catalin