On 08/26/16 10:08, Warner Losh wrote:
On Fri, Aug 26, 2016 at 9:06 AM, Pedro Giffuni <p...@freebsd.org> wrote:
On 08/26/16 10:01, Warner Losh wrote:
On Fri, Aug 26, 2016 at 8:36 AM, Ed Maste <ema...@freebsd.org> wrote:
On 26 August 2016 at 10:18, Warner Losh <i...@bsdimp.com> wrote:
So what's the summary of why we'd want to do that? What benefit does it
bring?
Sure, other folks do it, but why?
It's a relatively low cost technique to mitigate certain
vulnerabilities. rtld needs to write to some sections during load but
they don't need to be writeable after starting the program. relro
reorders the output sections so that they are grouped together, and
rtld remaps them read-only on start. This is often called "partial
relro." I don't know of any real downside to enabling it, other than
it could possibly break some strangely built third party software.
It's been enabled on other platforms for quite some time though and I
doubt we'd run into new issues.
It doesn't bring a huge benefit by itself though; the PLT is still
writeable. Adding "-z now" to the linker invocation produces "full
relro" which makes the PLT read-only too. It has a negative impact on
process start-up time though.
Sounds like this has implications for all the RTLD on all our
architectures. Has this been tested across all of them?
It affects anything ELF yes, but AFAICT the change is platform independent.
That's a different answer than 'it's been tested on all platforms and
it's fine.'
It's the best answer I have.
I will test running buildworld on i386. If you can kindly test on other
platforms, it would be very welcome.
In any case I will not commit anything unless there is complete
consensus, which is why I asked in this list in the first place :).
Pedro.
_______________________________________________
freebsd-toolchain@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-toolchain
To unsubscribe, send any mail to "freebsd-toolchain-unsubscr...@freebsd.org"
