Re: [PATCH v10 00/13] arm64: Branch Target Identification support
From: Mark Brown
Date: Mon Mar 23 2020 - 11:32:32 EST
On Mon, Mar 23, 2020 at 02:55:46PM +0000, Mark Rutland wrote:
> On Mon, Mar 23, 2020 at 02:39:55PM +0000, Catalin Marinas wrote:
> > So this means that the interpreter will have to mprotect(PROT_BTI) the
> > text section of the primary executable.
> Yes, but after fixing up any relocations in that section it's going to
> have to call mprotect() on it anyhow (e.g. in order to make it
> read-only), and in doing so would throw away BTI unless it was BTI
> aware.
Ah, of course - I forgot that's not a read/modify/write cycle. I'll
send the comment version.
> > That's a valid point. If we have an old dynamic linker and the kernel
> > enabled BTI automatically for the main executable, could things go wrong
> > (e.g. does the PLT need to be BTI-aware)?
> I believe that a PLT in an unguarded page needs no special treatment. A
> PLT within a guarded page needs to be built specially for BTI.
Unguarded stuff is unaffected.
Attachment:
signature.asc
Description: PGP signature