Re: [PATCH v7 03/14] x86/cet/ibt: Add IBT legacy code bitmap setup function

From: Dave Hansen
Date: Fri Jun 07 2019 - 16:04:20 EST


On 6/7/19 12:49 PM, Yu-cheng Yu wrote:
>>
>> This also gives us an excellent opportunity to make it read-only as seen from
>> userspace to prevent exploits from just poking it full of ones before
>> redirecting execution.
> GLIBC sets bits only for legacy code, and then makes the bitmap read-only. That
> avoids most issues:
>
> To populate bitmap pages, mprotect() is required.
> Reading zero bitmap pages would not waste more physical memory, right?

Huh, how does glibc know about all possible past and future legacy code
in the application?