|
Message-ID: <20201026165125.GF7402@sirena.org.uk>
Date: Mon, 26 Oct 2020 16:51:25 +0000
From: Mark Brown <broonie@...nel.org>
To: Dave Martin <Dave.Martin@....com>
Cc: Catalin Marinas <catalin.marinas@....com>,
Topi Miettinen <toiwoton@...il.com>,
Mark Rutland <mark.rutland@....com>,
Salvatore Mesoraca <s.mesoraca16@...il.com>,
systemd-devel@...ts.freedesktop.org,
Kees Cook <keescook@...omium.org>,
kernel-hardening@...ts.openwall.com,
Will Deacon <will.deacon@....com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Jeremy Linton <jeremy.linton@....com>,
linux-hardening@...r.kernel.org, libc-alpha@...rceware.org,
"linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>
Subject: Re: BTI interaction between seccomp filters in systemd and glibc
mprotect calls, causing service failures
On Mon, Oct 26, 2020 at 03:56:35PM +0000, Dave Martin wrote:
> On Mon, Oct 26, 2020 at 02:52:46PM +0000, Catalin Marinas via Libc-alpha wrote:
> > Now, if the dynamic loader silently ignores the mprotect() failure on
> > the main executable, is there much value in exposing a flag in the aux
> > vectors? It saves a few (one?) mprotect() calls but I don't think it
> > matters much. Anyway, I don't mind the flag.
> I don't see a problem with the aforementioned patch [2] to pre-set BTI
> on the pages of the main binary.
Me either FWIW.
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.