From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <adhemerval.zanella@linaro.org>
Received: from mail-oi1-x229.google.com (mail-oi1-x229.google.com
 [IPv6:2607:f8b0:4864:20::229])
 by sourceware.org (Postfix) with ESMTPS id 9775E3858022
 for <libc-alpha@sourceware.org>; Mon, 17 Jan 2022 18:16:43 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 9775E3858022
Received: by mail-oi1-x229.google.com with SMTP id s127so24725123oig.2
 for <libc-alpha@sourceware.org>; Mon, 17 Jan 2022 10:16:43 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:message-id:date:mime-version:user-agent:subject
 :content-language:to:cc:references:from:in-reply-to
 :content-transfer-encoding;
 bh=YbSXZb6U5/gBXtPoXH1tBfKbCD50u97JOowOL8+wMp0=;
 b=CJ7cGQzZ9X9tqdJdHsxdthCTezcjDsnNqwAklfmNwX40qZLtrVEvQW9DnJmlV19zWc
 ROneaqV/VfxzphcBfjTopA4so3ALwbatT59KlTwxUhOS33lydCW3JLsiRz8EI+lNZ+we
 5+EddCVL3GXUSGZN3Fxe851QCNLd/LhodnqPZr8ChNqnzwxKoC9NVb0CccwaP652Omog
 zTajGEB6SAgotPn2LcqqYRVXpm4JWrdD+tDUKfgcBkxZ0nuF27KIYjwR1zD3gIa95qKH
 3wKI4kUJkgyWA1c583FbEJuMdQgH16yZWem1Fs5oLuvVluRLo5z/GzWTt9Nzm4rON5o3
 gatA==
X-Gm-Message-State: AOAM530EZDd226Mq68GoyZmjHhW/i6yY398pNX0cIXSB1Cb7Pkp/aZg+
 NteGbluk35yFP/MZMZ5jXehx4w==
X-Google-Smtp-Source: ABdhPJx/1pyfb2/mB3ClEs+wAsLxuwIRXyTg2ZnbXc8jRPznydhuHYr65iv181eA7VFjivvgzmjXBQ==
X-Received: by 2002:a05:6808:189b:: with SMTP id
 bi27mr4283972oib.140.1642443402953; 
 Mon, 17 Jan 2022 10:16:42 -0800 (PST)
Received: from ?IPV6:2804:431:c7cb:989a:152:78c4:5eab:b8b5?
 ([2804:431:c7cb:989a:152:78c4:5eab:b8b5])
 by smtp.gmail.com with ESMTPSA id k24sm5946389otl.31.2022.01.17.10.16.40
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Mon, 17 Jan 2022 10:16:42 -0800 (PST)
Message-ID: <20ae043b-a013-068d-2d83-16e63f5b4989@linaro.org>
Date: Mon, 17 Jan 2022 15:16:39 -0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.5.0
Subject: Re: [PATCH v7 0/4] arm64: Enable BTI for the executable as well as
 the interpreter
Content-Language: en-US
To: Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>
Cc: linux-arch@vger.kernel.org, Yu-cheng Yu <yu-cheng.yu@intel.com>,
 libc-alpha@sourceware.org, Szabolcs Nagy <szabolcs.nagy@arm.com>,
 Jeremy Linton <jeremy.linton@arm.com>, Mark Rutland <mark.rutland@arm.com>,
 Will Deacon <will@kernel.org>, linux-arm-kernel@lists.infradead.org
References: <20211115152714.3205552-1-broonie@kernel.org>
 <YbD4LKiaxG2R0XxN@arm.com> <20211209111048.GM3294453@arm.com>
 <YdSEkt72V1oeVx5E@sirena.org.uk>
 <101d8e84-7429-bbf1-0271-5436eca0eea2@arm.com> <YdbL5kIzi0xqVTVd@arm.com>
 <8550afd2-268d-a25f-88fd-0dd0b184ca23@arm.com> <YdcxUZ06f60UQMKM@arm.com>
 <Ydc+AuagOD9GSooP@sirena.org.uk> <YdgrjWVxRGRtnf5b@arm.com>
 <YeWtRk0H30q38eM8@arm.com>
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
In-Reply-To: <YeWtRk0H30q38eM8@arm.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-5.8 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jan 2022 18:16:44 -0000



On 17/01/2022 14:54, Catalin Marinas via Libc-alpha wrote:
> On Fri, Jan 07, 2022 at 12:01:17PM +0000, Catalin Marinas wrote:
>> I think we can look at this from two angles:
>>
>> 1. Ignoring MDWE, should whoever does the original mmap() also honour
>>    PROT_BTI? We do this for static binaries but, for consistency, should
>>    we extend it to dynamic executable?
>>
>> 2. A 'simple' fix to allow MDWE together with BTI.
> 
> Thinking about it, (1) is not that different from the kernel setting
> PROT_EXEC on the main executable when the dynamic loader could've done
> it as well. There is a case for making this more consistent: whoever
> does the mmap() should use the full attributes.
> 
> Question for the toolchain people: would the compiler ever generate
> relocations in the main executable that the linker needs to resolve via
> an mprotect(READ|WRITE) followed by mprotect(READ|EXEC)? If yes, we'd
> better go for a proper MDWE implementation in the kernel.
> 

Yes, text relocations.  However these are deprecated (some libcs even do
not support it) and have a lot of drawbacks.