From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 52974 invoked by alias); 22 Mar 2018 16:04:28 -0000 Mailing-List: contact gnu-gabi-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Subscribe: Sender: gnu-gabi-owner@sourceware.org Received: (qmail 52962 invoked by uid 89); 22 Mar 2018 16:04:28 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.99.4 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy= X-Spam-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org X-Spam-Level: X-HELO: mail-wr0-f179.google.com Received: from mail-wr0-f179.google.com (HELO mail-wr0-f179.google.com) (209.85.128.179) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 22 Mar 2018 16:04:27 +0000 Received: by mail-wr0-f179.google.com with SMTP id f14so9239407wre.8 for ; Thu, 22 Mar 2018 09:04:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=JvpFS7yV5DEIqT/wz6r5Uo/VOZlVODzYVIPTQrmj+aQ=; b=PafPDaeJ/iwITAC5wxDhgegc+TylP7+mGcMrcVyf7SsNbWofqFywa55EpigMHTK9El Hp6dRSqSVjlbJLvVNVbcOtRto9h5mVIa7nUhtsJYh9/ZLEg/W+dYo4xe1PnMiwvLzD1B bDTjUdix4brPB4o1/3c4aO1Z59mqmRf1m8cookNcvpY867i2VGQEuTMGmcCE67g/ZcQX 24FIIx7Yc1IrFAfJ6PNVEIPzzhWRSspsG4v3qaZ5cYX2Whbqxo5lGx2C5otviLXPOGt0 KHDvt+KYua3oz8W2TpbwxUAmh8HO+KGLvzp81wf0JH9VHULQxOR5PNYvj1S6hMzbk9XS tcWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=JvpFS7yV5DEIqT/wz6r5Uo/VOZlVODzYVIPTQrmj+aQ=; b=icMGmKnHeqm6z5KeQChwd3TocEvexkZXXyuCGRqdjJec5WgMFuk1Ynwcq5lx5QHu5E v1xN9NI+COzhdo7JtGj41yt8xiufwIWm9xBHxkz6xKBNa2QFskzevaovM5qcZqRdF3Yk W4v6lXodZ8sM8/H3NjSWdxIiWuEXyhZpw5tZJ09TDxxzeyvXvh3/i+s6XYeG2+Yp5bQi FPsJylrFMZDs0jdYbfpHYm7Pg+cYppyMQNJ4Y1vUIxAYZl23/PGOvvFP4drYV30pMb2v KCoDp3ft0DJmRtSfCU+z+jIN+RMx1ERSL+9KG7rYvhW1e50FEZp7nXGuHbIz5AviENqc YY4Q== X-Gm-Message-State: AElRT7GwAIjkgGHnUJ2tVtod6VsGNkP4zJkpxKpxABc91/iZv4iuI5Kb oDXdSSMpXiV/lJONcTwbrdGuoYCBfdORwaSdIcH8bA== X-Google-Smtp-Source: AG47ELvNpjstlg5nzB97b4VUgxSqKDCaR6MGAXc47PeQEM+AIIl1vx5IiEkN8LTNr+eQWnv4Jo3dtWZNSpXWPhTozDQ= X-Received: by 10.223.129.13 with SMTP id 13mr16684350wrm.20.1521734665071; Thu, 22 Mar 2018 09:04:25 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.150.146 with HTTP; Thu, 22 Mar 2018 09:04:24 -0700 (PDT) In-Reply-To: References: <20180317133115.GA4681@gmail.com> From: Cary Coutant Date: Mon, 01 Jan 2018 00:00:00 -0000 Message-ID: Subject: Re: RFC: Audit external function called indirectly via GOT To: generic-abi@googlegroups.com Cc: "Carlos O'Donell" , gnu-gabi@sourceware.org Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes X-SW-Source: 2018-q1/txt/msg00019.txt.bz2 >> I want to use both so that GOT is read-only after relocation in >> normal case and the writable PLTGOT is only used for LD_AUDIT. > > But if the program isn't linked with relro, the PLTGOT entries remain > writable and you have no need for both. If it's linked with immediate > binding and relro, the PLTGOT entries become relro, and again you have > no need for both. The only case where you can make an argument for > both is when the program is linked with both relro and lazy binding. > But I don't see why you need the additional security if you're not > bothering to link with immediate binding. Sorry, I meant to write "... if the program isn't linked with relro, the *GOT* entries remain writable ...." -cary