This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] binfmt_elf: Extract .note.gnu.property from an ELF file
- From: Florian Weimer <fweimer at redhat dot com>
- To: Andy Lutomirski <luto at kernel dot org>
- Cc: Dave Martin <Dave dot Martin at arm dot com>, Yu-cheng Yu <yu-cheng dot yu at intel dot com>, X86 ML <x86 at kernel dot org>, "H. Peter Anvin" <hpa at zytor dot com>, Thomas Gleixner <tglx at linutronix dot de>, Ingo Molnar <mingo at redhat dot com>, LKML <linux-kernel at vger dot kernel dot org>, "open list\:DOCUMENTATION" <linux-doc at vger dot kernel dot org>, Linux-MM <linux-mm at kvack dot org>, linux-arch <linux-arch at vger dot kernel dot org>, Linux API <linux-api at vger dot kernel dot org>, Arnd Bergmann <arnd at arndb dot de>, Balbir Singh <bsingharora at gmail dot com>, Cyrill Gorcunov <gorcunov at gmail dot com>, Dave Hansen <dave dot hansen at linux dot intel dot com>, Eugene Syromiatnikov <esyr at redhat dot com>, "H.J. Lu" <hjl dot tools at gmail dot com>, Jann Horn <jannh at google dot com>, Jonathan Corbet <corbet at lwn dot net>, Kees Cook <keescook at chromium dot org>, Mike Kravetz <mike dot kravetz at oracle dot com>, Nadav Amit <nadav dot amit at gmail dot com>, Oleg Nesterov <oleg at redhat dot com>, Pavel Machek <pavel at ucw dot cz>, Peter Zijlstra <peterz at infradead dot org>, Randy Dunlap <rdunlap at infradead dot org>, "Ravi V. Shankar" <ravi dot v dot shankar at intel dot com>, Vedvyas Shanbhogue <vedvyas dot shanbhogue at intel dot com>, Szabolcs Nagy <szabolcs dot nagy at arm dot com>, libc-alpha <libc-alpha at sourceware dot org>
- Date: Thu, 27 Jun 2019 11:38:45 +0200
- Subject: Re: [PATCH] binfmt_elf: Extract .note.gnu.property from an ELF file
- References: <20190501211217.5039-1-yu-cheng.yu@intel.com> <20190502111003.GO3567@e103592.cambridge.arm.com> <CALCETrVZCzh+KFCF6ijuf4QEPn=R2gJ8FHLpyFd=n+pNOMMMjA@mail.gmail.com>
* Andy Lutomirski:
> Also, I don't think there's any actual requirement that the upstream
> kernel recognize existing CET-enabled RHEL 8 binaries as being
> CET-enabled. I tend to think that RHEL 8 jumped the gun here.
The ABI was supposed to be finalized and everyone involved thought it
had been reviewed by the GNU gABI community and other interested
parties. It had been included in binutils for several releases.
>From my point of view, the kernel is just a consumer of the ABI. The
kernel would not change an instruction encoding if it doesn't like it
for some reason, either.
> While the upstream kernel should make some reasonble effort to make
> sure that RHEL 8 binaries will continue to run, I don't see why we
> need to go out of our way to keep the full set of mitigations
> available for binaries that were developed against a non-upstream
> kernel.
They were developed against the ABI specification.
I do not have a strong opinion what the kernel should do going forward.
I just want to make clear what happened.
Thanks,
Florian