On Wed, Aug 12, 2020 at 10:56:56AM +0200, Ard Biesheuvel wrote: > The module .lds has BYTE(0) in the section contents to prevent the > linker from pruning them entirely. The (NOLOAD) is there to ensure > that this byte does not end up in the .ko, which is more a matter of > principle than anything else, so we can happily drop that if it helps. > > However, this should only affect the PROGBITS vs NOBITS designation, > and so I am not sure whether it makes a difference. > > Depending on where the w^x check occurs, we might simply override the > permissions of these sections, and strip the writable permission if it > is set in the PLT handling init code, which manipulates the metadata > of all these 3 sections before the module space is vmalloc'ed.
What's curious is that this seems the result of some recent binutils change. Every build with binutils-2.34 (or older) does not seem to generate these as WAX, but has the much more sensible WA. I suppose we can change the kernel check and 'allow' W^X for 0 sized sections, but I think we should still figure out why binutils-2.35 is now generating WAX sections all of a sudden, it might come bite us elsewhere.
