This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 0/2] aarch64: Enable pointer auth in PLT
- From: Szabolcs Nagy <Szabolcs dot Nagy at arm dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: nd <nd at arm dot com>, GNU C Library <libc-alpha at sourceware dot org>, Sudakshina Das <Sudi dot Das at arm dot com>
- Date: Fri, 21 Jun 2019 10:10:22 +0000
- Subject: Re: [PATCH 0/2] aarch64: Enable pointer auth in PLT
- References: <5ec73433-43c3-5e7a-62cb-a3b203cf41c5@arm.com> <87v9wzz4hi.fsf@oldenburg2.str.redhat.com>
On 21/06/2019 10:12, Florian Weimer wrote:
> * Szabolcs Nagy:
>
>> Pointer authentication is an armv8.3-a extension and it can be used
>> to harden PLTGOT entries when that is not read-only protected.
>>
>> binutils bfd linker now supports creating binaries with -z pac-plt
>> and then PLT entries authenticate the pointers loaded from PLTGOT.
>>
>> To support such binaries the glibc dynamic linker has to "sign" the
>> pointers in the PLTGOT. On cpus without pointer authentication support,
>> both the sign and authentication operations are nops, so such binaries
>> may appear to work now, but on a new cpu they will crash without glibc
>> support.
>
> I think you need to enable this feature in a different way, similar to
> the non-executable stack. Otherwise, people will have to decide whether
> they want to build portable binaries or binaries with security
> hardening, which is not desirable.
with non-executable stack, a hardened binary works on
an old system that uses executable stack.
in this case a hardened binary does not work on an old
system that's unaware of pointer auth.
i'm not sure how to resolve this.
or do you mean that LDFLAGS+=-Wl,-z,pac-plt is problematic?