From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DEF49C433F5 for ; Thu, 21 Apr 2022 17:59:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1379708AbiDUSB7 (ORCPT ); Thu, 21 Apr 2022 14:01:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57558 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348891AbiDUSB6 (ORCPT ); Thu, 21 Apr 2022 14:01:58 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A174F4AE16 for ; Thu, 21 Apr 2022 10:59:06 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4DA4DB822B6 for ; Thu, 21 Apr 2022 17:59:05 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B04CAC385A1; Thu, 21 Apr 2022 17:59:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1650563944; bh=zZ6iahhKD1V1II6VvAjOnWgLjjv3sTcvXy4h3KvxXfg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=oFMBByso7lprhIPZqf7CJV3hKNAsVj57Y3PwLYThccKkEDtaxIB9TI6MarReGpS/T TxIs9qdMFYVhxQ+Z0JWpT37UeVDay+elVTkkvMZZT1d8m85Y52DgPYQE9/UnOhKj8e XUCfARXmNW1V6dG6D6sSn1OxtRRtWk7Yp/o3F8tIynQlzuyUufrZQHC7VnZZfYb1d/ 9JOQ8XTV+ACnwDcM5OqI6N6PjIhMnhEvPswtpTwQUWFe6I9uPXjlXi907l3BGhxBLX qEdRmRQCwf9qCsEUxa4/2+a8xuBvNgSbguKVFEZU12DicAxBmTvxVh5PR2fHZM5TMF wGv85/HHMwS4Q== Date: Thu, 21 Apr 2022 18:58:58 +0100 From: Mark Brown To: Jeremy Linton Cc: Catalin Marinas , Will Deacon , Kees Cook , linux-arm-kernel@lists.infradead.org, hjl.tools@gmail.com, libc-alpha@sourceware.org, szabolcs.nagy@arm.com, yu-cheng.yu@intel.com, ebiederm@xmission.com, linux-arch@vger.kernel.org Subject: Re: [PATCH v13 0/2] arm64: Enable BTI for the executable as well as the interpreter Message-ID: References: <20220419105156.347168-1-broonie@kernel.org> <165043278356.1481705.13924459838445776007.b4-ty@chromium.org> <20220420093612.GB6954@willie-the-truck> <52a79b24-deec-108e-4b7f-5bc33500c802@arm.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="zY7P2cSeDhvk3jaq" Content-Disposition: inline In-Reply-To: <52a79b24-deec-108e-4b7f-5bc33500c802@arm.com> X-Cookie: Two percent of zero is almost nothing. Precedence: bulk List-ID: X-Mailing-List: linux-arch@vger.kernel.org --zY7P2cSeDhvk3jaq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Apr 21, 2022 at 10:52:52AM -0500, Jeremy Linton wrote: > Or maybe simpler yet, we provide a tool which wipes out the gnu BTI note on > binaries that are found to have BTI bugs, thereby (correctly) fixing the > problem at its source. This is at least presumably doable if we are also > assuming we can update glibc/etc in any environment with the problem. This seems like the most sensible thing if we do find we're running into BTI executables that are incorrectly annotated and difficult to fix - it avoids having to manage any new permissions for bypassing BTI. --zY7P2cSeDhvk3jaq Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmJhm2EACgkQJNaLcl1U h9D22Qf/bUhryTD+1wfEMb4NyHbQxFkOHPHvqtaRR1jHrV1Vv/uWpgokevT1PDHJ MV9lWmacUNvzqn3Vj3jNaJxZcfPHhRS2kUa2kpLa5VF+GnXxRQgie9JKlicSEor7 EJLQqVpA6YYS2F0ywDaBRu/O1B00nf/aSI/Vpcgl5yHjcvdOymnhwUES8qXFTkCU 5UnIIouImngnDo0UczLiEfOKn7bO1B1KhtpYDBk9Q1QwZowVyyPK5bFQe7ezsSZ1 MKyGTlaroN/Jq91wohwhJlYmhrd3U/ok2Q7tKH+cosapOoWu968dbFDFGNoIDe5U MnwWNuS1BVkpxUYC95b70ScwItDStw== =qeXh -----END PGP SIGNATURE----- --zY7P2cSeDhvk3jaq-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B0566C433F5 for ; Thu, 21 Apr 2022 18:01:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: In-Reply-To:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date: Reply-To:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=RnHUf/c91wiuanar97FtY15E8Viq5hzj5DzJ1mNR9tI=; b=ysh7lDFIMFAreXkM9IcyE0wDyS vRSqlf600UffyJ4Xvu/ZTK4kdbuHbAPzO8heMeWExuz1h0JBdyeyQn9AC8muR5EY/+0bloeA3rR9N 70ZNuQxg0XzAk2bQCDAbKELd6A57hZdBtAtGCmO3uItTgbNrmAgcQQVzil/yAcJekI7ul9PDhdpFz RCdsXy4ZamiRPEOchMp7huMDC2peLAhOofvUi1ejKMLyd8CCdKe0tmb1ua/PGB4bIwj3zeCKLw3Tm 3YjiWytl3rPPJ5z9zXYOEcKBiBIHrwhVatBjdw1rfhRX9nmWIuG7Om3bSY6tmfVbviI/xBB0H+tLS g75zj1cA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nhb6Y-00EXpR-RU; Thu, 21 Apr 2022 18:00:35 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nhb57-00EXAA-Bj for linux-arm-kernel@lists.infradead.org; Thu, 21 Apr 2022 17:59:06 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 9D46A61E53; Thu, 21 Apr 2022 17:59:04 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B04CAC385A1; Thu, 21 Apr 2022 17:59:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1650563944; bh=zZ6iahhKD1V1II6VvAjOnWgLjjv3sTcvXy4h3KvxXfg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=oFMBByso7lprhIPZqf7CJV3hKNAsVj57Y3PwLYThccKkEDtaxIB9TI6MarReGpS/T TxIs9qdMFYVhxQ+Z0JWpT37UeVDay+elVTkkvMZZT1d8m85Y52DgPYQE9/UnOhKj8e XUCfARXmNW1V6dG6D6sSn1OxtRRtWk7Yp/o3F8tIynQlzuyUufrZQHC7VnZZfYb1d/ 9JOQ8XTV+ACnwDcM5OqI6N6PjIhMnhEvPswtpTwQUWFe6I9uPXjlXi907l3BGhxBLX qEdRmRQCwf9qCsEUxa4/2+a8xuBvNgSbguKVFEZU12DicAxBmTvxVh5PR2fHZM5TMF wGv85/HHMwS4Q== Date: Thu, 21 Apr 2022 18:58:58 +0100 From: Mark Brown To: Jeremy Linton Cc: Catalin Marinas , Will Deacon , Kees Cook , linux-arm-kernel@lists.infradead.org, hjl.tools@gmail.com, libc-alpha@sourceware.org, szabolcs.nagy@arm.com, yu-cheng.yu@intel.com, ebiederm@xmission.com, linux-arch@vger.kernel.org Subject: Re: [PATCH v13 0/2] arm64: Enable BTI for the executable as well as the interpreter Message-ID: References: <20220419105156.347168-1-broonie@kernel.org> <165043278356.1481705.13924459838445776007.b4-ty@chromium.org> <20220420093612.GB6954@willie-the-truck> <52a79b24-deec-108e-4b7f-5bc33500c802@arm.com> MIME-Version: 1.0 In-Reply-To: <52a79b24-deec-108e-4b7f-5bc33500c802@arm.com> X-Cookie: Two percent of zero is almost nothing. X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220421_105905_501217_0AEA07F5 X-CRM114-Status: GOOD ( 13.88 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============5713765994696184723==" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org --===============5713765994696184723== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="zY7P2cSeDhvk3jaq" Content-Disposition: inline --zY7P2cSeDhvk3jaq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Apr 21, 2022 at 10:52:52AM -0500, Jeremy Linton wrote: > Or maybe simpler yet, we provide a tool which wipes out the gnu BTI note on > binaries that are found to have BTI bugs, thereby (correctly) fixing the > problem at its source. This is at least presumably doable if we are also > assuming we can update glibc/etc in any environment with the problem. This seems like the most sensible thing if we do find we're running into BTI executables that are incorrectly annotated and difficult to fix - it avoids having to manage any new permissions for bypassing BTI. --zY7P2cSeDhvk3jaq Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmJhm2EACgkQJNaLcl1U h9D22Qf/bUhryTD+1wfEMb4NyHbQxFkOHPHvqtaRR1jHrV1Vv/uWpgokevT1PDHJ MV9lWmacUNvzqn3Vj3jNaJxZcfPHhRS2kUa2kpLa5VF+GnXxRQgie9JKlicSEor7 EJLQqVpA6YYS2F0ywDaBRu/O1B00nf/aSI/Vpcgl5yHjcvdOymnhwUES8qXFTkCU 5UnIIouImngnDo0UczLiEfOKn7bO1B1KhtpYDBk9Q1QwZowVyyPK5bFQe7ezsSZ1 MKyGTlaroN/Jq91wohwhJlYmhrd3U/ok2Q7tKH+cosapOoWu968dbFDFGNoIDe5U MnwWNuS1BVkpxUYC95b70ScwItDStw== =qeXh -----END PGP SIGNATURE----- --zY7P2cSeDhvk3jaq-- --===============5713765994696184723== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel --===============5713765994696184723==--