[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC: Audit external function called indirectly via GOT

To: generic-abi@googlegroups.com
Subject: Re: RFC: Audit external function called indirectly via GOT
From: Cary Coutant <ccoutant@gmail.com>
Date: Thu, 22 Mar 2018 09:04:24 -0700
Authentication-results: sourceware.org; auth=none
Cc: "Carlos O'Donell" <carlos@redhat.com>, gnu-gabi@sourceware.org
Delivered-to: listarch-gnu-gabi@sourceware.org
Delivered-to: mailing list gnu-gabi@sourceware.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=JvpFS7yV5DEIqT/wz6r5Uo/VOZlVODzYVIPTQrmj+aQ=; b=PafPDaeJ/iwITAC5wxDhgegc+TylP7+mGcMrcVyf7SsNbWofqFywa55EpigMHTK9El Hp6dRSqSVjlbJLvVNVbcOtRto9h5mVIa7nUhtsJYh9/ZLEg/W+dYo4xe1PnMiwvLzD1B bDTjUdix4brPB4o1/3c4aO1Z59mqmRf1m8cookNcvpY867i2VGQEuTMGmcCE67g/ZcQX 24FIIx7Yc1IrFAfJ6PNVEIPzzhWRSspsG4v3qaZ5cYX2Whbqxo5lGx2C5otviLXPOGt0 KHDvt+KYua3oz8W2TpbwxUAmh8HO+KGLvzp81wf0JH9VHULQxOR5PNYvj1S6hMzbk9XS tcWA==
In-reply-to: <CAJimCsFfdnGWkvy2xxubGLa-jVmc+C9pgFYioxRnWNy=pM=vCg@mail.gmail.com>
List-help: <mailto:gnu-gabi-help@sourceware.org>
List-id: <gnu-gabi.sourceware.org>
List-post: <mailto:gnu-gabi@sourceware.org>
List-subscribe: <mailto:gnu-gabi-subscribe@sourceware.org>
Mailing-list: contact gnu-gabi-help@sourceware.org; run by ezmlm
References: <20180317133115.GA4681@gmail.com> <CAJimCsHksFELv9xi851jFN6_tdgRTP+8N9OAnZkiGX79phnD+Q@mail.gmail.com> <f9510da0-385b-621d-138c-38e36f89f171@redhat.com> <CAJimCsE4kOwuAZnjcOf3d7Ke_N0SVVH4oUFogEwBYZP-sG7MQA@mail.gmail.com> <CAMe9rOrFHkvAOfdckNEpXaUD6zFszDuzqKm9u+kCzR_H4PYEBA@mail.gmail.com> <CAJimCsFfdnGWkvy2xxubGLa-jVmc+C9pgFYioxRnWNy=pM=vCg@mail.gmail.com>
Sender: gnu-gabi-owner@sourceware.org

>> I want to use both so that GOT is read-only after relocation in
>> normal case and the writable PLTGOT is only used for LD_AUDIT.
>
> But if the program isn't linked with relro, the PLTGOT entries remain
> writable and you have no need for both. If it's linked with immediate
> binding and relro, the PLTGOT entries become relro, and again you have
> no need for both. The only case where you can make an argument for
> both is when the program is linked with both relro and lazy binding.
> But I don't see why you need the additional security if you're not
> bothering to link with immediate binding.

Sorry, I meant to write "... if the program isn't linked with relro,
the *GOT* entries remain writable ...."

-cary

References:
- RFC: Audit external function called indirectly via GOT
  - From: "H.J. Lu" <hjl.tools@gmail.com>
- Re: RFC: Audit external function called indirectly via GOT
  - From: Cary Coutant <ccoutant@gmail.com>
- Re: RFC: Audit external function called indirectly via GOT
  - From: Carlos O'Donell <carlos@redhat.com>
- Re: RFC: Audit external function called indirectly via GOT
  - From: Cary Coutant <ccoutant@gmail.com>
- Re: RFC: Audit external function called indirectly via GOT
  - From: "H.J. Lu" <hjl.tools@gmail.com>
- Re: RFC: Audit external function called indirectly via GOT
  - From: Cary Coutant <ccoutant@gmail.com>

Prev by Date: Re: RFC: Audit external function called indirectly via GOT
Next by Date: Re: RFC: Audit external function called indirectly via GOT
Previous by thread: Re: RFC: Audit external function called indirectly via GOT
Next by thread: Re: RFC: Audit external function called indirectly via GOT
Index(es):
- Date
- Thread