From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A0DE6C433F5 for ; Thu, 27 Jan 2022 14:49:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242671AbiA0Os7 (ORCPT ); Thu, 27 Jan 2022 09:48:59 -0500 Received: from mail-eopbgr140074.outbound.protection.outlook.com ([40.107.14.74]:53098 "EHLO EUR01-VE1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S238164AbiA0Os6 (ORCPT ); Thu, 27 Jan 2022 09:48:58 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fpre9LfVjvmqU1C7IQSDLCKfZApWVeD0w1MPrT/qSK8=; b=uEp/y9qAaHJJ3I6C1ql7RN7dF6+6vJ5JpF1nOlusjpwUuBlvv0LljoqyAt9lENrCF4W6rFTDaVhCRflh5jchS5aKj4k3ZWvOfyGBQxDkeh6gRffWXWd2u7TqXxiRKd+PRfq+e2vCOwDJ5cl+bbempSp/Rhh013vPxPDLsoRoZRs= Received: from DU2PR04CA0256.eurprd04.prod.outlook.com (2603:10a6:10:28e::21) by VI1PR0801MB1757.eurprd08.prod.outlook.com (2603:10a6:800:5a::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.17; Thu, 27 Jan 2022 14:48:43 +0000 Received: from DB5EUR03FT025.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:28e:cafe::b2) by DU2PR04CA0256.outlook.office365.com (2603:10a6:10:28e::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4909.17 via Frontend Transport; Thu, 27 Jan 2022 14:48:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT025.mail.protection.outlook.com (10.152.20.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.15 via Frontend Transport; Thu, 27 Jan 2022 14:48:43 +0000 Received: ("Tessian outbound 63bb5eb69ee8:v113"); Thu, 27 Jan 2022 14:48:43 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 5cd3e99686449da8 X-CR-MTA-TID: 64aa7808 Received: from a0d92831d203.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 2E7EE147-6AB5-433D-AD87-93345D001B42.1; Thu, 27 Jan 2022 14:48:34 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id a0d92831d203.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 27 Jan 2022 14:48:34 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q8nffH8gk65Q4yAuzbHdO2O1m4gpsjHTLQOEYvAXgfnrOkbTDk9zmadMpyLMG/p7Zur43lGxLrLLD7FjxBw0tQVbdm2qi9lK9rTek3mM0AzZ+hX3v8IEXRRjaU0c/VgVtoQwjPN3oo7QsPT1dT8lEbytVz2c+UWeWQyGa4uD/tFWEwAyoJ0RmDfclS9h4HkcTV0JnQJBoGZNdjRd9sdkyWWpG3N5MrqWEKGoUVuIgkhlQvtDeE8MmMF5F65qMrTDcoTHNereDxulHD0iEf4NEjLh5s/iTzePVmmjq40aaNLo1RXoCeluxqMjxh1dL/NXOxWLlHbaQ6HcRkBpKsrTkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Fpre9LfVjvmqU1C7IQSDLCKfZApWVeD0w1MPrT/qSK8=; b=dl0rcbyvCVlZZKzy19yVKA4yupbRO+h/GmjcNHk/XBJg4E8TKoYcgPPq5YHbJDIzbrrAFskd1fHSTninNhOCJXZF8ZO/KSI2Gr/E7bf7E8pd/13L7ORajXCdd4CjSRocqi7S+016p/xOT5xzWGmQH8tXVbU8+JKHe8NYIdgzSl1CHNaX7T+BusU1T/t3Dn+LKN0syBp0+047k0jlPU0hIx9Eid3OxEbKDD1Mi0GLFCJtRjO420IBGvLkBnA8lNjVhpNzrRQmG162RSsnl56kq69FsnwVvrAaz66HYD7Ocf6XCgC1UYyFE4D9Xds4STVgEjCopyGBOnOKOiGs8yByOQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fpre9LfVjvmqU1C7IQSDLCKfZApWVeD0w1MPrT/qSK8=; b=uEp/y9qAaHJJ3I6C1ql7RN7dF6+6vJ5JpF1nOlusjpwUuBlvv0LljoqyAt9lENrCF4W6rFTDaVhCRflh5jchS5aKj4k3ZWvOfyGBQxDkeh6gRffWXWd2u7TqXxiRKd+PRfq+e2vCOwDJ5cl+bbempSp/Rhh013vPxPDLsoRoZRs= Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; Received: from DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) by AM8PR08MB6322.eurprd08.prod.outlook.com (2603:10a6:20b:361::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4909.7; Thu, 27 Jan 2022 14:48:29 +0000 Received: from DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::dca:9146:2814:3f63]) by DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::dca:9146:2814:3f63%5]) with mapi id 15.20.4930.017; Thu, 27 Jan 2022 14:48:29 +0000 Date: Thu, 27 Jan 2022 14:48:20 +0000 From: Szabolcs Nagy To: Catalin Marinas Cc: Mark Brown , Jeremy Linton , Will Deacon , "H . J . Lu" , Yu-cheng Yu , linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, libc-alpha@sourceware.org, Mark Rutland Subject: Re: [PATCH v7 0/4] arm64: Enable BTI for the executable as well as the interpreter Message-ID: <20220127144820.GF1989194@arm.com> References: <101d8e84-7429-bbf1-0271-5436eca0eea2@arm.com> <8550afd2-268d-a25f-88fd-0dd0b184ca23@arm.com> <20220118110255.GC3294453@arm.com> Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-ClientProxiedBy: SN4PR0401CA0014.namprd04.prod.outlook.com (2603:10b6:803:21::24) To DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: 2c5042c5-7388-4a10-054e-08d9e1a41d8f X-MS-TrafficTypeDiagnostic: AM8PR08MB6322:EE_|DB5EUR03FT025:EE_|VI1PR0801MB1757:EE_ X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true NoDisclaimer: true X-MS-Oob-TLC-OOBClassifiers: OLM:9508;OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: VYwLRK3pB15OeAB+sXaK8oYyTiDuc1BNLRhu8REDjPUDgd2mfOwnsVjSjvpS7pX9GSROri2LQa2sfLSEf7+MLgD9DpCXTzmrbdLiWre40dwsLYuMLwxG6q16/kuorog2WyHEPWRFkWzT9CjgnGRsuZ5D/UOCHSfOmzh0ZHGbCXlJfCXyTliu3ioOgzpn+XNnTD0CjyQO/HP5LvGyG1E74ISW5bfNTrqf3+v12xzPSR9EQhYxzMxUHS/+Bgm+I7Xh60oWeX3wmD12tDGbOZkvkktjM/NNnjfHMV/q4vsDVxKtWTMwoxzvrsaAnRyTQTMJ6tG9uLO+jicL2isg5oAd2LhqcKuIOb86feF+4PpxJJfSJknw4IG/T3ocK8chBr3P6PNiC/F1ynow1GBfpqrWEgCxdM8Z7V2/iwud+vEtFn2N6Sy0xq+gzb6Q6hnZZJw/HC9jYWDpsiCPVZpsneeqqFSe53RfEqsDUUYdCWDU5bfKmHtyPgJ332vRmwWiXs5ac1vycVwl5SyWkY7zs6rQzwBsQ9jDY5UdoWLZv4fYncJMUX31INKf4wT5UuRbXPpdWNeEnb0EvDaDmlt6urfHUsGmknp8AEv/Gk4XqnfDKs07kySrXdgiC/yT/8wrI0V6K9u40P2Vd3Ee5RANRepJNQrowHZNJO3kkjtyyUey2lTjxny7ffkIMdTPdK2ermGP5o/0xyvNW8Zr56zdZcdKjW2CvpzqXPR38BGQiQu+25hHsk7J3/ROxDXpaiIzeYgY/ZYEIKEGerCIp6AM/faUc+7gigJFeY550ZYsomgf/wI= X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB9PR08MB7179.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(36756003)(1076003)(6666004)(66946007)(26005)(6636002)(83380400001)(33656002)(66556008)(66476007)(2616005)(52116002)(2906002)(508600001)(6486002)(8936002)(6506007)(966005)(8676002)(186003)(4326008)(86362001)(316002)(54906003)(38100700002)(38350700002)(37006003)(44832011)(5660300002)(6862004)(6512007);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR08MB6322 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT025.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 63200a58-2166-4868-f459-08d9e1a414e9 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: mqOvqPdvVHbhhHpqfxT9KRa0GVZr1Ovakkhk4CyLGo3j687jnqe+u1DXvjQDU693GS3oozwx90Wu+iKCzqzXc3i2weTjN+wRUZm9moTHvGhtCi+n+GNtTt5wNoRyTLIkOx4IALqCFFHjXZo/z4flSMBXSPtLdyNoca49+wZ2RoD3V7PgAbzuY1hwqrHpVLemhLD+qqUcSfjSo02XgIrS9mKDqe+eHo+5ZK/w8ggbS2CzPZw4tQLl7GhzZ5xQ8LMTisbBz77F5IR7Y2RjBqEtcsKWMMy8uZ1Z/uPWcknS7PRTRtM4rAz0+fyl0wLPn/ob946zRNFyObJLWFJhKSJ3Ucf6LDGqx59aPkvGOlxxF9xmhR4vp2Hs5ANmzFea6c1dhOtRuMihD/aMuYczQh1rmS4orDAo+Kt4CE7ijPFxvD1aayJnqp4hHHG1SmtDk4RWHWnsuQhJEyu8wEQKc/iP+bF66i9pRA5AqqX3u8324Mx4fVDGt8etQOwF0xQW1x6wXxLhBV581MxK/iRN5cFV36vIkKenofydUDPiLqoVbeUxmGS5MNSGpSwVBRYUsNkz4s14rrTXqrlhU7FlXYCFh9aeulpTi6IIatEei5SVvf66LyP+iCDIPLGGLaYIIXaDW6HadsyCVF66/ydgeUDCGp/gSIMm2zHBS7gPam124CNJp09m7afaPOk8pFkFiTjGtxde+3rS4paGKD93U+TLEdBtZhSih5z5tuzeMvNmLLNf0XL+oeGl1ZQxxAq6XcBJXritCb911Q7rxyn4YSzooQ== X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230001)(4636009)(46966006)(40470700004)(36840700001)(54906003)(36860700001)(316002)(70586007)(82310400004)(70206006)(37006003)(6636002)(356005)(81166007)(6512007)(5660300002)(508600001)(2906002)(186003)(4326008)(36756003)(2616005)(44832011)(1076003)(966005)(6486002)(6506007)(26005)(6666004)(8936002)(47076005)(40460700003)(86362001)(6862004)(8676002)(33656002)(336012)(83380400001)(20210929001);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jan 2022 14:48:43.6278 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2c5042c5-7388-4a10-054e-08d9e1a41d8f X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DB5EUR03FT025.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB1757 Precedence: bulk List-ID: X-Mailing-List: linux-arch@vger.kernel.org The 01/27/2022 12:24, Catalin Marinas wrote: > (Mark posted another series but I'm replying here to clarify some > aspects) > > On Tue, Jan 18, 2022 at 11:02:55AM +0000, Szabolcs Nagy wrote: > > The 01/17/2022 17:54, Catalin Marinas wrote: > > > On Fri, Jan 07, 2022 at 12:01:17PM +0000, Catalin Marinas wrote: > > > > I think we can look at this from two angles: > > > > > > > > 1. Ignoring MDWE, should whoever does the original mmap() also honour > > > > PROT_BTI? We do this for static binaries but, for consistency, should > > > > we extend it to dynamic executable? > > > > > > > > 2. A 'simple' fix to allow MDWE together with BTI. > > > > > > Thinking about it, (1) is not that different from the kernel setting > > > PROT_EXEC on the main executable when the dynamic loader could've done > > > it as well. There is a case for making this more consistent: whoever > > > does the mmap() should use the full attributes. > > > > Yeah that was my original idea that it should be consistent. > > One caveat is that protection flags are normally specified > > in the program header, but the BTI marking is in > > PT_GNU_PROPERTY which is harder to get to, so glibc does not > > try to get it right for the initial mapping either: it has > > to re-mmap or mprotect. (In principle we could use read > > syscalls to parse the ELF headers and notes before mmap, > > but that's more complicated with additional failure modes.) > > > > i.e. if (2) is fixed then mprotect can be used for library > > mapping too which is simpler than re-mmap. > > I lost track of the userspace fixes here, was glibc changed to attempt a > re-mmap of the dynamic libraries instead of mprotect()? yes (so under mdwe, bti is lost on the exe but not on libs) see the commit message for the fix https://sourceware.org/bugzilla/show_bug.cgi?id=26831 > > It looks like (2) is a simpler fix and (1) could still be added for > consistency, it's complementary. i agree. if (2) is fixed then i would change glibc to use mprotect and handle the failure (this will require an update to systemd and disabling mdwe on old kernels) if (1) is fixed then i would probably still keep doing mprotect on the main exe so bti protection works on old kernels. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 53621C433F5 for ; Thu, 27 Jan 2022 14:50:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:In-Reply-To:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=VlLnM1R9T3yGXcbHFVVBUeY4zwt4miMsLMPec6S+gKY=; b=DpxDsCnbRNNvoT P8TbH05jDh2TkhuKuTWcTRUTGQlCO9ky9lWkxoQlq2ZdjUW2oDzaxUoGEitABs5g84y5WK9ABGfWy ZL8zQmmC/rKDuZq7CZ5O9srIN+7WoD+GhgO2TW1a9MiEjhKOhwgvL4FHrE00SzWQY7CxD0uhxHu/s aBMt9B7XizQpsYaPlKarKidTQStwsmEQyyfauI+jEBEsNKZdHS+JVZtX6kq0dZR85hA+z5GUaBWsk cVZ5yq71XmNSkTJN1+DoT7nG6I4aUC+gyrDEiCgLFt3H/rBwZJZIBTSFYMJYXZrqXRhPOJRr+pm/Y qRTl/+tWkloe9bf2TLCQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nD653-00G82z-85; Thu, 27 Jan 2022 14:48:57 +0000 Received: from mail-vi1eur05on2064.outbound.protection.outlook.com ([40.107.21.64] helo=EUR05-VI1-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nD64w-00G80T-4o for linux-arm-kernel@lists.infradead.org; Thu, 27 Jan 2022 14:48:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fpre9LfVjvmqU1C7IQSDLCKfZApWVeD0w1MPrT/qSK8=; b=uEp/y9qAaHJJ3I6C1ql7RN7dF6+6vJ5JpF1nOlusjpwUuBlvv0LljoqyAt9lENrCF4W6rFTDaVhCRflh5jchS5aKj4k3ZWvOfyGBQxDkeh6gRffWXWd2u7TqXxiRKd+PRfq+e2vCOwDJ5cl+bbempSp/Rhh013vPxPDLsoRoZRs= Received: from DB3PR08CA0017.eurprd08.prod.outlook.com (2603:10a6:8::30) by AM6PR08MB4818.eurprd08.prod.outlook.com (2603:10a6:20b:cb::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.15; Thu, 27 Jan 2022 14:48:43 +0000 Received: from DB5EUR03FT032.eop-EUR03.prod.protection.outlook.com (2603:10a6:8:0:cafe::11) by DB3PR08CA0017.outlook.office365.com (2603:10a6:8::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.15 via Frontend Transport; Thu, 27 Jan 2022 14:48:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT032.mail.protection.outlook.com (10.152.20.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.15 via Frontend Transport; Thu, 27 Jan 2022 14:48:43 +0000 Received: ("Tessian outbound 63bb5eb69ee8:v113"); Thu, 27 Jan 2022 14:48:43 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 5cd3e99686449da8 X-CR-MTA-TID: 64aa7808 Received: from a0d92831d203.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 2E7EE147-6AB5-433D-AD87-93345D001B42.1; Thu, 27 Jan 2022 14:48:34 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id a0d92831d203.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 27 Jan 2022 14:48:34 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q8nffH8gk65Q4yAuzbHdO2O1m4gpsjHTLQOEYvAXgfnrOkbTDk9zmadMpyLMG/p7Zur43lGxLrLLD7FjxBw0tQVbdm2qi9lK9rTek3mM0AzZ+hX3v8IEXRRjaU0c/VgVtoQwjPN3oo7QsPT1dT8lEbytVz2c+UWeWQyGa4uD/tFWEwAyoJ0RmDfclS9h4HkcTV0JnQJBoGZNdjRd9sdkyWWpG3N5MrqWEKGoUVuIgkhlQvtDeE8MmMF5F65qMrTDcoTHNereDxulHD0iEf4NEjLh5s/iTzePVmmjq40aaNLo1RXoCeluxqMjxh1dL/NXOxWLlHbaQ6HcRkBpKsrTkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Fpre9LfVjvmqU1C7IQSDLCKfZApWVeD0w1MPrT/qSK8=; b=dl0rcbyvCVlZZKzy19yVKA4yupbRO+h/GmjcNHk/XBJg4E8TKoYcgPPq5YHbJDIzbrrAFskd1fHSTninNhOCJXZF8ZO/KSI2Gr/E7bf7E8pd/13L7ORajXCdd4CjSRocqi7S+016p/xOT5xzWGmQH8tXVbU8+JKHe8NYIdgzSl1CHNaX7T+BusU1T/t3Dn+LKN0syBp0+047k0jlPU0hIx9Eid3OxEbKDD1Mi0GLFCJtRjO420IBGvLkBnA8lNjVhpNzrRQmG162RSsnl56kq69FsnwVvrAaz66HYD7Ocf6XCgC1UYyFE4D9Xds4STVgEjCopyGBOnOKOiGs8yByOQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fpre9LfVjvmqU1C7IQSDLCKfZApWVeD0w1MPrT/qSK8=; b=uEp/y9qAaHJJ3I6C1ql7RN7dF6+6vJ5JpF1nOlusjpwUuBlvv0LljoqyAt9lENrCF4W6rFTDaVhCRflh5jchS5aKj4k3ZWvOfyGBQxDkeh6gRffWXWd2u7TqXxiRKd+PRfq+e2vCOwDJ5cl+bbempSp/Rhh013vPxPDLsoRoZRs= Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; Received: from DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) by AM8PR08MB6322.eurprd08.prod.outlook.com (2603:10a6:20b:361::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4909.7; Thu, 27 Jan 2022 14:48:29 +0000 Received: from DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::dca:9146:2814:3f63]) by DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::dca:9146:2814:3f63%5]) with mapi id 15.20.4930.017; Thu, 27 Jan 2022 14:48:29 +0000 Date: Thu, 27 Jan 2022 14:48:20 +0000 From: Szabolcs Nagy To: Catalin Marinas Cc: Mark Brown , Jeremy Linton , Will Deacon , "H . J . Lu" , Yu-cheng Yu , linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, libc-alpha@sourceware.org, Mark Rutland Subject: Re: [PATCH v7 0/4] arm64: Enable BTI for the executable as well as the interpreter Message-ID: <20220127144820.GF1989194@arm.com> References: <101d8e84-7429-bbf1-0271-5436eca0eea2@arm.com> <8550afd2-268d-a25f-88fd-0dd0b184ca23@arm.com> <20220118110255.GC3294453@arm.com> Content-Disposition: inline In-Reply-To: X-ClientProxiedBy: SN4PR0401CA0014.namprd04.prod.outlook.com (2603:10b6:803:21::24) To DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: e56cef85-d838-4a12-e2ce-08d9e1a41d90 X-MS-TrafficTypeDiagnostic: AM8PR08MB6322:EE_|DB5EUR03FT032:EE_|AM6PR08MB4818:EE_ X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true NoDisclaimer: true X-MS-Oob-TLC-OOBClassifiers: OLM:9508;OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: VYwLRK3pB15OeAB+sXaK8oYyTiDuc1BNLRhu8REDjPUDgd2mfOwnsVjSjvpS7pX9GSROri2LQa2sfLSEf7+MLgD9DpCXTzmrbdLiWre40dwsLYuMLwxG6q16/kuorog2WyHEPWRFkWzT9CjgnGRsuZ5D/UOCHSfOmzh0ZHGbCXlJfCXyTliu3ioOgzpn+XNnTD0CjyQO/HP5LvGyG1E74ISW5bfNTrqf3+v12xzPSR9EQhYxzMxUHS/+Bgm+I7Xh60oWeX3wmD12tDGbOZkvkktjM/NNnjfHMV/q4vsDVxKtWTMwoxzvrsaAnRyTQTMJ6tG9uLO+jicL2isg5oAd2LhqcKuIOb86feF+4PpxJJfSJknw4IG/T3ocK8chBr3P6PNiC/F1ynow1GBfpqrWEgCxdM8Z7V2/iwud+vEtFn2N6Sy0xq+gzb6Q6hnZZJw/HC9jYWDpsiCPVZpsneeqqFSe53RfEqsDUUYdCWDU5bfKmHtyPgJ332vRmwWiXs5ac1vycVwl5SyWkY7zs6rQzwBsQ9jDY5UdoWLZv4fYncJMUX31INKf4wT5UuRbXPpdWNeEnb0EvDaDmlt6urfHUsGmknp8AEv/Gk4XqnfDKs07kySrXdgiC/yT/8wrI0V6K9u40P2Vd3Ee5RANRepJNQrowHZNJO3kkjtyyUey2lTjxny7ffkIMdTPdK2ermGP5o/0xyvNW8Zr56zdZcdKjW2CvpzqXPR38BGQiQu+25hHsk7J3/ROxDXpaiIzeYgY/ZYEIKEGerCIp6AM/faUc+7gigJFeY550ZYsomgf/wI= X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR08MB7179.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(36756003)(1076003)(6666004)(66946007)(26005)(6636002)(83380400001)(33656002)(66556008)(66476007)(2616005)(52116002)(2906002)(508600001)(6486002)(8936002)(6506007)(966005)(8676002)(186003)(4326008)(86362001)(316002)(54906003)(38100700002)(38350700002)(37006003)(44832011)(5660300002)(6862004)(6512007); DIR:OUT; SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR08MB6322 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT032.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 63200a58-2166-4868-f459-08d9e1a414e9 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ibRDM+pE6tiobmSPzoHBXM62JeyFL+IC6a1Jwsmp/EXfXo/Vj4yNknpqO+GiQBbyEm1/J2Ye2YBP5Y9GSyh1wqO7Gu0ajbgpRzAA2s23In51/ik5bn9qUjqAfI0RbIPofEqKFr3BgiKvldqW/gmluMD0/G/P93eJQNIQYit0gwvlnPCZ2XM76fgogo4obPaBJAvXz9H3mktXl/+waz8kv7eLf6ndoBDmdpAARh3M5uU+nesBFgbTtyWXu8nCeDDt9S2jJzDaOB4hvLoSTL3iJsnvVDtqUqNMjtCmftmu9MAzxKsYhUcDq9Kqa9N2ILgTCIF6fY3eqJAHV3NsOpx8vuDL7l9l0oOwvcSVYfraf69mv9ofGeT3hS8hSwiFeOHXhzu94mCY+APCXvajXzA7Gcaz0rep0aLzDK0siry5Dr/sSG/6YTT6SOr+p5Rcds6D7CgxZwS+WnZSPdeX1l8cWZ5Ig0aqEkzjHVT0q1j4R7m/fFAtVDjoC71mFt7RzF/WyL8FzU58czrdCMSOUe9gORYUPcdaqVRezNNKcB4WYnc1sE3oxU5fFx69vx202cMfgjqO1+RDXmsKEItjAeruyb6XgrGQJJCQpnawiNN8sQ6ugaaNiEYRNEH75HZJ/QRg9msDWkPfn8Dn3na9ReTJItT6m8iKbJ7QnoibTVkwAS10oKIRcH0FOOzne2562VClZlbfdXdpszrIHIJr5E5Zo/C6ELkywgXziOxSh0hP6ePQckhf7VsgvDBDeWDerHZN1VDkAQGExq3TSYyjBh+C/A== X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230001)(4636009)(46966006)(40470700004)(36840700001)(54906003)(37006003)(86362001)(70206006)(70586007)(83380400001)(6636002)(186003)(26005)(6506007)(1076003)(33656002)(6666004)(4326008)(8936002)(2616005)(82310400004)(8676002)(6862004)(316002)(81166007)(36756003)(47076005)(5660300002)(36860700001)(40460700003)(356005)(966005)(336012)(6486002)(6512007)(2906002)(508600001)(44832011)(20210929001); DIR:OUT; SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jan 2022 14:48:43.6486 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e56cef85-d838-4a12-e2ce-08d9e1a41d90 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DB5EUR03FT032.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4818 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220127_064850_277941_B63CDAED X-CRM114-Status: GOOD ( 29.48 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org The 01/27/2022 12:24, Catalin Marinas wrote: > (Mark posted another series but I'm replying here to clarify some > aspects) > > On Tue, Jan 18, 2022 at 11:02:55AM +0000, Szabolcs Nagy wrote: > > The 01/17/2022 17:54, Catalin Marinas wrote: > > > On Fri, Jan 07, 2022 at 12:01:17PM +0000, Catalin Marinas wrote: > > > > I think we can look at this from two angles: > > > > > > > > 1. Ignoring MDWE, should whoever does the original mmap() also honour > > > > PROT_BTI? We do this for static binaries but, for consistency, should > > > > we extend it to dynamic executable? > > > > > > > > 2. A 'simple' fix to allow MDWE together with BTI. > > > > > > Thinking about it, (1) is not that different from the kernel setting > > > PROT_EXEC on the main executable when the dynamic loader could've done > > > it as well. There is a case for making this more consistent: whoever > > > does the mmap() should use the full attributes. > > > > Yeah that was my original idea that it should be consistent. > > One caveat is that protection flags are normally specified > > in the program header, but the BTI marking is in > > PT_GNU_PROPERTY which is harder to get to, so glibc does not > > try to get it right for the initial mapping either: it has > > to re-mmap or mprotect. (In principle we could use read > > syscalls to parse the ELF headers and notes before mmap, > > but that's more complicated with additional failure modes.) > > > > i.e. if (2) is fixed then mprotect can be used for library > > mapping too which is simpler than re-mmap. > > I lost track of the userspace fixes here, was glibc changed to attempt a > re-mmap of the dynamic libraries instead of mprotect()? yes (so under mdwe, bti is lost on the exe but not on libs) see the commit message for the fix https://sourceware.org/bugzilla/show_bug.cgi?id=26831 > > It looks like (2) is a simpler fix and (1) could still be added for > consistency, it's complementary. i agree. if (2) is fixed then i would change glibc to use mprotect and handle the failure (this will require an update to systemd and disabling mdwe on old kernels) if (1) is fixed then i would probably still keep doing mprotect on the main exe so bti protection works on old kernels. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel