From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by sourceware.org (Postfix) with ESMTPS id 98EE33858C53 for ; Wed, 20 Apr 2022 09:36:21 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 98EE33858C53 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4C957B81DD6; Wed, 20 Apr 2022 09:36:20 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D94ACC385A0; Wed, 20 Apr 2022 09:36:16 +0000 (UTC) Date: Wed, 20 Apr 2022 10:36:13 +0100 From: Will Deacon To: Kees Cook Cc: broonie@kernel.org, catalin.marinas@arm.com, linux-arm-kernel@lists.infradead.org, jeremy.linton@arm.com, hjl.tools@gmail.com, libc-alpha@sourceware.org, szabolcs.nagy@arm.com, yu-cheng.yu@intel.com, ebiederm@xmission.com, linux-arch@vger.kernel.org Subject: Re: [PATCH v13 0/2] arm64: Enable BTI for the executable as well as the interpreter Message-ID: <20220420093612.GB6954@willie-the-truck> References: <20220419105156.347168-1-broonie@kernel.org> <165043278356.1481705.13924459838445776007.b4-ty@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <165043278356.1481705.13924459838445776007.b4-ty@chromium.org> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Apr 2022 09:36:23 -0000 On Tue, Apr 19, 2022 at 10:33:06PM -0700, Kees Cook wrote: > On Tue, 19 Apr 2022 11:51:54 +0100, Mark Brown wrote: > > Deployments of BTI on arm64 have run into issues interacting with > > systemd's MemoryDenyWriteExecute feature. Currently for dynamically > > linked executables the kernel will only handle architecture specific > > properties like BTI for the interpreter, the expectation is that the > > interpreter will then handle any properties on the main executable. > > For BTI this means remapping the executable segments PROT_EXEC | > > PROT_BTI. > > > > [...] > > Applied to for-next/execve, thanks! > > [1/2] elf: Allow architectures to parse properties on the main executable > https://git.kernel.org/kees/c/b2f2553c8e89 > [2/2] arm64: Enable BTI for main executable as well as the interpreter > https://git.kernel.org/kees/c/b65c760600e2 Kees, please can you drop this series while Catalin's alternative solution is under discussion (his Reviewed-by preceded the other patches)? https://lore.kernel.org/r/20220413134946.2732468-1-catalin.marinas@arm.com Both series expose new behaviours to userspace and we don't need both. Thanks, Will