From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) by sourceware.org (Postfix) with ESMTPS id 6B02E3858D38 for ; Thu, 23 May 2024 09:36:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6B02E3858D38 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=google.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 6B02E3858D38 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::42b ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1716456999; cv=none; b=cVPMrTf5dR9z/cbzssgOoC1+AawvH5lNI83it1yTft6U3NttV9xiEKE0+wbu51+7f1sCntGM3e3Y/FM+9zsZ4bU1vpXxr8MskG818CTYA+voAs3u1ypyGUzp7iH/wYHfiTXJUsJ6MbgXor5HAPFYTl0MaERsfdEbXbOZbeoyaYo= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1716456999; c=relaxed/simple; bh=Hmqwq4B81BKMdMKwu+qAacrc7jXiB4c0BfexDOk/KLk=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=mRieYHCB74+d+xupdkpXGL2xhpJFg1KT/lVXChNfUdVDfAIv18J+KHAt6gY8rYxS78D1Lc7d2nU/O7tIP1DGOQiOoaklu+yqYvTneZV/Dj/da0SaA07Ct9J2q2sEy+3cKgNgdxXDwWiouhd9AqyivRcDEUExJ1X5LTSaILGIsiM= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-wr1-x42b.google.com with SMTP id ffacd0b85a97d-354e0d4db6cso1007512f8f.0 for ; Thu, 23 May 2024 02:36:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1716456996; x=1717061796; darn=sourceware.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=wHFhyNkluhTQTvnskrKr0WFKPTc3usOWDdU4KuEbkyA=; b=XjxuUBQFqJIPlaKO1fvRVkiZvX7k87r5bPQNNqy9uzeRPG7QVbvPUYZcN2MSbfJDwO PoJFaoANeJcUJgBvVWwXwObg8JiR3d2k0EL+0EInQjccOPr8og/IjgmXhhBV9I1rSfyU Keeev+ycGYdTeRiG+8GDZRfIwBTpe9evLWyfTYfbYD1y3sXEoU9qJnoPRu4HzdnAgvOI 03VQpaiO/Gm8qLbh2pKtLf6Bl7JnwiMzRCVf5KIEmmCI5sW7W5l2yUxyF80pOO3FZe+a D6LGtx1i37jo9vNAB3FCDtllkC51KEcqKSh9VzbpqMlBSd6/1Dvrv3QX6OjenUs3LL6s IIoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716456996; x=1717061796; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=wHFhyNkluhTQTvnskrKr0WFKPTc3usOWDdU4KuEbkyA=; b=sAvjw3rszdjsGPWiAlzkB/EAl5yhhlFCnm31SpY2RZGN+Qlu4yumtpr2TJLsYuUGOo fQV+xLqBlNuawvXoMEkKfjke2+YMMRTQJfEzQqZCiiv/Sw0sBKOkdP4VBJVwkw08U7hy brkuqaekKf30+p2nvFYBzhaxCV2Qyu/WYsyn4MhRFbrwm5ay991/NS0tfzCl5c9x6+td jnj2T9fs+FzWWzS+CqpN0r4EUc0K3Nq89XNJWSNTp70SO9oqnUCOfJ6h5onph1BVEHeI BKgyrlsWDpa37Koa9ylj1KCzBURuy3RZpZpSfFYy0EyBwA/Bl7HYjgeAp4ZNdRiuuWoV OZ4A== X-Gm-Message-State: AOJu0Yw6MHPQ6vzTnKwwzFw9GALKflKRnFf85+wnEFfsCdS/hvF2w2WE K12WrV9WoEC504wOC668G5DF0zdlgX2edTj4S5RkOKrYWNHDYN1vxKWCYyUN6K7wDwSRm8DXuri k0RaXzKz+AbMeh0bNhgxeu09r0o+r6PThbLGm X-Google-Smtp-Source: AGHT+IHAF0BKKn2IE+qSqr87k8mko62UKEIsTaSjZuXi33I6msPcLvJjLzz26V/nPb9EfA1BfgvYVLUVWjsc8Gjf5A4= X-Received: by 2002:adf:e94b:0:b0:34c:77bd:2508 with SMTP id ffacd0b85a97d-354f7511372mr1748158f8f.11.1716456995780; Thu, 23 May 2024 02:36:35 -0700 (PDT) MIME-Version: 1.0 References: <20240522112933.2005066-1-sroettger@google.com> <87sey9eira.fsf@oldenburg.str.redhat.com> In-Reply-To: <87sey9eira.fsf@oldenburg.str.redhat.com> From: =?UTF-8?Q?Stephen_R=C3=B6ttger?= Date: Thu, 23 May 2024 11:36:17 +0200 Message-ID: Subject: Re: [RFC 0/1] elf: mseal non-writable segments To: Florian Weimer Cc: libc-alpha@sourceware.org, jeffxu@chromium.org Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="0000000000008a68ce06191bc9a7" X-Spam-Status: No, score=-19.1 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: --0000000000008a68ce06191bc9a7 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, May 22, 2024 at 9:42=E2=80=AFPM Florian Weimer = wrote: > > * Stephen Roettger: > > > In my basic testing, this seems to work fine. But a few questions that > > I'd like some feedback on: > > * Does it sound ok to apply sealing by default? Should this be a flag i= n > > the ELF, e.g. maybe the p_flags could have a sealable bit? > > It depends on how the integration with RELRO should look like. In that case, the PT_GNU_RELRO could have this sealable bit set, so rtld co= uld apply sealing just after the mprotecting it read only. > > > * Does it make sense to piggyback on the RTLD_NODELETE bit and apply it > > to more objects? It seems to have the right semantics: the object > > should never get deleted =3D> it's ok to seal the mappings. > > Doesn't this inhibit many forms of debugging? We wouldn't want to do > that by default, I think. Is the concern that a debugger injects code that then calls mprotect on the mappings for binary patching? --0000000000008a68ce06191bc9a7 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIIPrAYJKoZIhvcNAQcCoIIPnTCCD5kCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0BBwGg gg0GMIIEtjCCA56gAwIBAgIQeAMYYHb81ngUVR0WyMTzqzANBgkqhkiG9w0BAQsFADBMMSAwHgYD VQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UE AxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0yOTAzMTgwMDAwMDBaMFQxCzAJBgNVBAYT AkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSowKAYDVQQDEyFHbG9iYWxTaWduIEF0bGFz IFIzIFNNSU1FIENBIDIwMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvLe9xPU9W dpiHLAvX7kFnaFZPuJLey7LYaMO8P/xSngB9IN73mVc7YiLov12Fekdtn5kL8PjmDBEvTYmWsuQS 6VBo3vdlqqXZ0M9eMkjcKqijrmDRleudEoPDzTumwQ18VB/3I+vbN039HIaRQ5x+NHGiPHVfk6Rx c6KAbYceyeqqfuJEcq23vhTdium/Bf5hHqYUhuJwnBQ+dAUcFndUKMJrth6lHeoifkbw2bv81zxJ I9cvIy516+oUekqiSFGfzAqByv41OrgLV4fLGCDH3yRh1tj7EtV3l2TngqtrDLUs5R+sWIItPa/4 AJXB1Q3nGNl2tNjVpcSn0uJ7aFPbAgMBAAGjggGKMIIBhjAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0l BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHzM CmjXouseLHIb0c1dlW+N+/JjMB8GA1UdIwQYMBaAFI/wS3+oLkUkrk1Q+mOai97i3Ru8MHsGCCsG AQUFBwEBBG8wbTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3Ry MzA7BggrBgEFBQcwAoYvaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvcm9vdC1y My5jcnQwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIz LmNybDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBKDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5n bG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEANyYcO+9JZYyqQt41 TMwvFWAw3vLoLOQIfIn48/yea/ekOcParTb0mbhsvVSZ6sGn+txYAZb33wIb1f4wK4xQ7+RUYBfI TuTPL7olF9hDpojC2F6Eu8nuEf1XD9qNI8zFd4kfjg4rb+AME0L81WaCL/WhP2kDCnRU4jm6TryB CHhZqtxkIvXGPGHjwJJazJBnX5NayIce4fGuUEJ7HkuCthVZ3Rws0UyHSAXesT/0tXATND4mNr1X El6adiSQy619ybVERnRi5aDe1PTwE+qNiotEEaeujz1a/+yYaaTY+k+qJcVxi7tbyQ0hi0UB3myM A/z2HmGEwO8hx7hDjKmKbDCCA18wggJHoAMCAQICCwQAAAAAASFYUwiiMA0GCSqGSIb3DQEBCwUA MEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBDQSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWdu MRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTA5MDMxODEwMDAwMFoXDTI5MDMxODEwMDAwMFowTDEg MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzAR BgNVBAMTCkdsb2JhbFNpZ24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMJXaQeQZ4 Ihb1wIO2hMoonv0FdhHFrYhy/EYCQ8eyip0EXyTLLkvhYIJG4VKrDIFHcGzdZNHr9SyjD4I9DCuu l9e2FIYQebs7E4B3jAjhSdJqYi8fXvqWaN+JJ5U4nwbXPsnLJlkNc96wyOkmDoMVxu9bi9IEYMpJ pij2aTv2y8gokeWdimFXN6x0FNx04Druci8unPvQu7/1PQDhBjPogiuuU6Y6FnOM3UEOIDrAtKeh 6bJPkC4yYOlXy7kEkmho5TgmYHWyn3f/kRTvriBJ/K1AFUjRAjFhGV64l++td7dkmnq/X8ET75ti +w1s4FRpFqkD2m7pg5NxdsZphYIXAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E BTADAQH/MB0GA1UdDgQWBBSP8Et/qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEA S0DbwFCq/sgM7/eWVEVJu5YACUGssxOGhigHM8pr5nS5ugAtrqQK0/Xx8Q+Kv3NnSoPHRHt44K9u bG8DKY4zOUXDjuS5V2yq/BKW7FPGLeQkbLmUY/vcU2hnVj6DuM81IcPJaP7O2sJTqsyQiunwXUaM ld16WCgaLx3ezQA3QY/tRG3XUyiXfvNnBB4V14qWtNPeTCekTBtzc3b0F5nCH3oO4y0IrQocLP88 q1UOD5F+NuvDV0m+4S4tfGCLw0FREyOdzvcya5QBqJnnLDMfOjsl0oZAzjsshnjJYS8Uuu7bVW/f hO4FCU29KNhyztNiUGUe65KXgzHZs7XKR1g/XzCCBOUwggPNoAMCAQICEAHjJN0wI2mc/3+MzksT WnAwDQYJKoZIhvcNAQELBQAwVDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYt c2ExKjAoBgNVBAMTIUdsb2JhbFNpZ24gQXRsYXMgUjMgU01JTUUgQ0EgMjAyMDAeFw0yNDA0MDYx MTE4MjJaFw0yNDEwMDMxMTE4MjJaMCUxIzAhBgkqhkiG9w0BCQEWFHNyb2V0dGdlckBnb29nbGUu Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIHXIMI0HWqTtuhfkP/r3i3ZPdl6 fxE2LLAUFgSs5ndj996CGvTxRYdPcAhoavN/iUJgkfIfvV7vw+/cvuIM9NOS6A3yU2HekBUlJQgU Cfqv38txrgXmMnilmpJSakN6e5gncvYbvgqe/yQwbMEIe6QaXu8203QFm2FhzENw7OzeemhkEEGs a/BLh3fLnMnlrvzKwm40ilWbHWiLxfwlSGBGitj3/Hodz8s7YH+5+BehR/xzjjmnx2tgJNllE7xe 7yM6mFqqMbe2kOvXeW5Xa1jbXviYA32lurhF3X6LSOMROBZsKkEEHiJ+uNe6KA5tpiQ/IRZVs1AS +7i9H6Z/YQIDAQABo4IB4DCCAdwwHwYDVR0RBBgwFoEUc3JvZXR0Z2VyQGdvb2dsZS5jb20wDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMEBggrBgEFBQcDAjAdBgNVHQ4EFgQURDMQ nR7ecpsA+puTzvCj96qHvYYwVwYDVR0gBFAwTjAJBgdngQwBBQEBMEEGCSsGAQQBoDIBKDA0MDIG CCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAMBgNVHRMB Af8EAjAAMIGaBggrBgEFBQcBAQSBjTCBijA+BggrBgEFBQcwAYYyaHR0cDovL29jc3AuZ2xvYmFs c2lnbi5jb20vY2EvZ3NhdGxhc3Izc21pbWVjYTIwMjAwSAYIKwYBBQUHMAKGPGh0dHA6Ly9zZWN1 cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzYXRsYXNyM3NtaW1lY2EyMDIwLmNydDAfBgNVHSME GDAWgBR8zApo16LrHixyG9HNXZVvjfvyYzBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLmds b2JhbHNpZ24uY29tL2NhL2dzYXRsYXNyM3NtaW1lY2EyMDIwLmNybDANBgkqhkiG9w0BAQsFAAOC AQEAjdDkknrFd4TBCpRrVBt7+ONjRp1zmdXUj/RxRT+qPBVlu7PsoOsBvxcG6Yg4x19K5mjePIp2 6cFz/ERHyouaKp3TVj1i3H1iogUiCJtHinSibDdn3Pr/yMg5yC7g/VHuIhbfbklDISfbxBYd8cm5 eirGRzYGQ2/1AdJeeqIEYG9gc2pU/Ayh+6VBMrJre0PmBHHsyxIqA4+BUjqiPGZZHLmRFiX5DBlg 6aC+iAfkHtv3URQt3UOsCDRzbkCEEghp/6IaQMv9TgEw+yi3zrQMRY5Z9C89WvguS/U1EtnuUtct /sAaI8yuXlr7J22WGHghs+ECtTVMvgRlJOKj36rhYDGCAmowggJmAgEBMGgwVDELMAkGA1UEBhMC QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExKjAoBgNVBAMTIUdsb2JhbFNpZ24gQXRsYXMg UjMgU01JTUUgQ0EgMjAyMAIQAeMk3TAjaZz/f4zOSxNacDANBglghkgBZQMEAgEFAKCB1DAvBgkq hkiG9w0BCQQxIgQglWfqd+6uULSV/Wgrfv0P+aS+SsbzawRMIg15l0MgG6swGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjQwNTIzMDkzNjM2WjBpBgkqhkiG9w0BCQ8x XDBaMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMAsG CSqGSIb3DQEBCjALBgkqhkiG9w0BAQcwCwYJYIZIAWUDBAIBMA0GCSqGSIb3DQEBAQUABIIBAIu1 HkzysnBw5z0Pw3ERYx4y1nXyjh5kPtEcgasg0Gb9aSY1hwbXb9ES9TCGqAgVsiGtNefUzplc7Lmy kes9yoQ1cktJg8J9qrKchKSgtYZSExh0O7zt/l5YS840wMOQ2fKMMovnSBZvyqtBabD19mC9EGci +L03QFAkvqpJ9CjjiMfe+kfrqdU/VkypA4F6B50nlHbrQf0Mn4IMh1VXr9y874FSyG6hHyuw4TUI +qhqVZ2zMmTZAOUvcQQJev2b9psh3u5ly6c7E5rBsltqBiXL0rEQiYXf9nw/6NFY6Wuq81lLtcB8 NBLsOctbPQ9+zpH7KkAr+zsc8pRxjBFeSt0= --0000000000008a68ce06191bc9a7--