From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hjl.tools@gmail.com>
Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com
 [IPv6:2607:f8b0:4864:20::42b])
 by sourceware.org (Postfix) with ESMTPS id 77A493858416
 for <libc-alpha@sourceware.org>; Mon, 17 Jan 2022 19:02:02 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 77A493858416
Received: by mail-pf1-x42b.google.com with SMTP id f144so10222871pfa.6
 for <libc-alpha@sourceware.org>; Mon, 17 Jan 2022 11:02:02 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=lo/AvfHyW3iFZTGH4cnw2d9o9fuu0exnrNpQyWlKhSU=;
 b=7vV8xro1JxjVEDRd1NctMLj/jqdsylDHXCfrXqWWQaayDrWk0SPf1t02RJt1KDsEOh
 GBGIa1MaMbIpDfjhinup80SCCgswFamkA/8RK5GNyZZZiShTPiAls6acwtdxVGLXPuOv
 /PjuKPWjBUP7+FGud+gU2ORhwbzuzvX7iYLSCW4iQDruEYg/F8HwQdgudiLHo7OH0C/5
 j8e6HtZ6GqpAwb+VBaEuF7QOc5yB3gpMcu0QyhrRa1CGmSFUMyU1uIOYinXoOer877sZ
 pQ9CAwA39mdP9orwCd6a8EPQ/PeGiHEE6SIl4RJBGxx/tIw4AqQPknsakZZILd03QVw0
 uHmA==
X-Gm-Message-State: AOAM533znA5lxWhUi7cnTiN90jyYIPLDzRLYXNiKvO/xCuwA9JwAeSzc
 1U4IJUXtzx88wHSSmx9ChZlRhSO6WfC142n9Fhw=
X-Google-Smtp-Source: ABdhPJx963povf1oBbLiouBrgDZPahhoz9NMlMXMiTqKRQbULZi90/3jtr9+XylXI7dRSweX1QjCgKEVD/yOKKi+d5U=
X-Received: by 2002:a05:6a00:124c:b0:4ba:1288:67dc with SMTP id
 u12-20020a056a00124c00b004ba128867dcmr10797519pfi.43.1642446121518; Mon, 17
 Jan 2022 11:02:01 -0800 (PST)
MIME-Version: 1.0
References: <20211115152714.3205552-1-broonie@kernel.org>
 <YbD4LKiaxG2R0XxN@arm.com>
 <20211209111048.GM3294453@arm.com> <YdSEkt72V1oeVx5E@sirena.org.uk>
 <101d8e84-7429-bbf1-0271-5436eca0eea2@arm.com> <YdbL5kIzi0xqVTVd@arm.com>
 <8550afd2-268d-a25f-88fd-0dd0b184ca23@arm.com> <YdcxUZ06f60UQMKM@arm.com>
 <Ydc+AuagOD9GSooP@sirena.org.uk> <YdgrjWVxRGRtnf5b@arm.com>
 <YeWtRk0H30q38eM8@arm.com> <20ae043b-a013-068d-2d83-16e63f5b4989@linaro.org>
In-Reply-To: <20ae043b-a013-068d-2d83-16e63f5b4989@linaro.org>
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Mon, 17 Jan 2022 11:01:25 -0800
Message-ID: <CAMe9rOo5zWO1BwZGhqGdWuCjsq86YUo4ptqXkFVNSwXbU+ZS-Q@mail.gmail.com>
Subject: Re: [PATCH v7 0/4] arm64: Enable BTI for the executable as well as
 the interpreter
To: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>,
 linux-arch <linux-arch@vger.kernel.org>, Mark Rutland <mark.rutland@arm.com>, 
 Yu-cheng Yu <yu-cheng.yu@intel.com>, GNU C Library <libc-alpha@sourceware.org>,
 Szabolcs Nagy <szabolcs.nagy@arm.com>, Jeremy Linton <jeremy.linton@arm.com>, 
 Will Deacon <will@kernel.org>, linux-arm-kernel@lists.infradead.org
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-3021.6 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jan 2022 19:02:05 -0000

On Mon, Jan 17, 2022 at 10:17 AM Adhemerval Zanella via Libc-alpha
<libc-alpha@sourceware.org> wrote:
>
>
>
> On 17/01/2022 14:54, Catalin Marinas via Libc-alpha wrote:
> > On Fri, Jan 07, 2022 at 12:01:17PM +0000, Catalin Marinas wrote:
> >> I think we can look at this from two angles:
> >>
> >> 1. Ignoring MDWE, should whoever does the original mmap() also honour
> >>    PROT_BTI? We do this for static binaries but, for consistency, should
> >>    we extend it to dynamic executable?
> >>
> >> 2. A 'simple' fix to allow MDWE together with BTI.
> >
> > Thinking about it, (1) is not that different from the kernel setting
> > PROT_EXEC on the main executable when the dynamic loader could've done
> > it as well. There is a case for making this more consistent: whoever
> > does the mmap() should use the full attributes.
> >
> > Question for the toolchain people: would the compiler ever generate
> > relocations in the main executable that the linker needs to resolve via
> > an mprotect(READ|WRITE) followed by mprotect(READ|EXEC)? If yes, we'd
> > better go for a proper MDWE implementation in the kernel.
> >
>
> Yes, text relocations.  However these are deprecated (some libcs even do
> not support it) and have a lot of drawbacks.

We are taking a different approach for CET enabling.   CET will be
changed to be enabled from user space:

https://gitlab.com/x86-glibc/glibc/-/tree/users/hjl/cet/enable

and the CET kernel no longer enables CET automatically:

https://github.com/hjl-tools/linux/tree/hjl/cet%2F5.16.0-v4

-- 
H.J.