This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Encoding page size in the ELF header
- From: Florian Weimer <fweimer at redhat dot com>
- To: Szabolcs Nagy <szabolcs dot nagy at arm dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Fri, 25 Sep 2015 17:22:22 +0200
- Subject: Re: Encoding page size in the ELF header
- Authentication-results: sourceware.org; auth=none
- References: <56054662 dot 2010106 at redhat dot com> <56055FE9 dot 7050106 at arm dot com>
On 09/25/2015 04:53 PM, Szabolcs Nagy wrote:
> On 25/09/15 14:04, Florian Weimer wrote:
>> Not sure if this the right mailing list for this discussion.
>>
>> I think we should record the expected page size in the ELF header in
>> some way. It affects the behavior of the static linker, the dynamic
>> linker, and even some applications. (For example, an application might
>> want to make a part of .data read-only after initialization, as a
>> hardening measure.)
>>
>
> you mean to fail when the runtime page size does
> not match the expected page size of the binary?
> (that would make binaries non-portable so each
> page size would be a different abi).
Such binaries already exist, see âsuhosin_write_protect_configurationâ.
This is quite a useful feature, and it would be nice to be able to do
this with greater reliability. (Something similar would have helped
Exim earlier this year, for instance.)
> or do you want a hint that makes things more
> efficient/secure in the normal case, but there
> is still some fall back?
> (i'm not sure how this could work)
That's the current state, ld.so will make additional segments writable
if the system page size is larger than what the static linker expected.
--
Florian Weimer / Red Hat Product Security