From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.7 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 300E9C47082 for ; Tue, 8 Jun 2021 11:33:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 147006128E for ; Tue, 8 Jun 2021 11:33:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231922AbhFHLf0 (ORCPT ); Tue, 8 Jun 2021 07:35:26 -0400 Received: from mail.kernel.org ([198.145.29.99]:34654 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231630AbhFHLfZ (ORCPT ); Tue, 8 Jun 2021 07:35:25 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 77BAA6128A; Tue, 8 Jun 2021 11:33:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1623152013; bh=QzbcLiB/1N7DzVrdDjK7OIq1u6I9+VzWWocOiQGnpk8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=gl9vC8a4foBMWq2vzc5Me8TxdKRjcfkiQzlTmLPHsJp459vNNrFZ5usv/qQn2R2/T RSypUzzCWPm0uMUsGAmGOXTdNCCxfELZKQo9z0Rx7Pwj/DZxtw5mC7S2spC20SxQHx Z0K8JY4xACpLYsHQ+gX4XsJB1/VnC5M7Z8iEFsZH+GoBTVAamFxEU3cu/XYK9hlZTD Q+CJXINa0mVtvY1hYZa5jqTKkiL3XxG5rvWOkRPFoDLjYSHdojyVOMaxaly57ysSN4 LGstvsRTsIs06sJrxyWIOGl2XFItMOTd8NjqeD5/EtLFDAyaEJVUTBnvUaH0LWygiK 0E+gTdavN+6vg== Date: Tue, 8 Jun 2021 12:33:18 +0100 From: Mark Brown To: Catalin Marinas Cc: Dave Martin , linux-arch@vger.kernel.org, libc-alpha@sourceware.org, Szabolcs Nagy , Jeremy Linton , Will Deacon , linux-arm-kernel@lists.infradead.org Subject: Re: [PATCH v1 2/2] arm64: Enable BTI for main executable as well as the interpreter Message-ID: <20210608113318.GA4200@sirena.org.uk> References: <20210521144621.9306-1-broonie@kernel.org> <20210521144621.9306-3-broonie@kernel.org> <20210603154034.GH4187@arm.com> <20210603165134.GF4257@sirena.org.uk> <20210603180429.GI20338@arm.com> <20210607112536.GI4187@arm.com> <20210607181212.GD17957@arm.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="r5Pyd7+fXNt84Ff3" Content-Disposition: inline In-Reply-To: <20210607181212.GD17957@arm.com> X-Cookie: Auction: User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-arch@vger.kernel.org --r5Pyd7+fXNt84Ff3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Jun 07, 2021 at 07:12:13PM +0100, Catalin Marinas wrote: > I don't think we can document all the filters that can be added on top > various syscalls, so I'd leave it undocumented (or part of the systemd > documentation). It was a user space program (systemd) breaking another > user space program (well, anything with a new enough glibc). The kernel > ABI was still valid when /sbin/init started ;). Indeed. I think from a kernel point of view the main thing is to look at why userspace feels the need to do things like this and see if there's anything we can improve or do better with in future APIs, part of the original discussion here was figuring out that there's not really any other reasonable options for userspace to implement this check at the minute. --r5Pyd7+fXNt84Ff3 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmC/VX0ACgkQJNaLcl1U h9DQdwf/TJzRu5jKdbqqqnTM5IaKtyqziQkJFXblDjDZkzBny7xN1VI86c6IS5XZ YJnZD8prye0EfXsoTHSdNIETekQK1x+O4DrjEp4e8qyLjhAbfimRgga2/diZ8zUt DlsaHmN+vdbPaH/AoGj/Ni810TgpbtKgeqpbZt3MYDUf2EvlhjUBrBhNNAe1S3Gu rOGCkI7R3RoaBIcyATK0H/78jrIFRNu0qEKKqWK2QwLGbfuC5ADmuRGikY+VeL2J MvGIJoQUDw+BBL9mE1SKkZn5mz/z32EweV5rOZ8BvIYOjXgdZY4I3qA1qt9m8MiN tJ22aBfXneqJgDNPxML7pJUW2iT2Gg== =6iZf -----END PGP SIGNATURE----- --r5Pyd7+fXNt84Ff3-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.7 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56ABAC47082 for ; Tue, 8 Jun 2021 11:52:12 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1F16D6128D for ; Tue, 8 Jun 2021 11:52:12 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1F16D6128D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: In-Reply-To:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date: Reply-To:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=v3fYMwuCJOQ9oFPcrIm//3Ivb6GmjtPFhFR8nkB+O4g=; b=JUFVHPY6mTcNovPieNfZIe5/Fi 5wpBvQlLnoCdhNJUEDgKutnWwtpPF1VDFH6GbMjDPEm0m5gRRDPHqWJ64nIe4JCKXRBkeoa5rpw5j ypP7ytmL3g3xooHhZtvZvl0K2p+CcoFIFNesfmcdrvvTgU5s369DDdThYsc/lrwM7H8jM6dZDSg8r Ji5o+aJQ0ca5Oxzwsmtr+Diz0/TKt3hOYcoyHp9sClI6ftL7GfW8lyJl3GJ6JpBNnbs6maQtPDi/A wiaq1Mz5vs+af3ahnouSLALrpGL+/vVQ6ZdK4zW634cPToMkKdmMbazdfAyR6HNM6/9RecJsnXs36 oTzW8mgA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lqaEm-0087Mu-21; Tue, 08 Jun 2021 11:49:41 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lqZzB-0083a5-Ij for linux-arm-kernel@lists.infradead.org; Tue, 08 Jun 2021 11:33:34 +0000 Received: by mail.kernel.org (Postfix) with ESMTPSA id 77BAA6128A; Tue, 8 Jun 2021 11:33:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1623152013; bh=QzbcLiB/1N7DzVrdDjK7OIq1u6I9+VzWWocOiQGnpk8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=gl9vC8a4foBMWq2vzc5Me8TxdKRjcfkiQzlTmLPHsJp459vNNrFZ5usv/qQn2R2/T RSypUzzCWPm0uMUsGAmGOXTdNCCxfELZKQo9z0Rx7Pwj/DZxtw5mC7S2spC20SxQHx Z0K8JY4xACpLYsHQ+gX4XsJB1/VnC5M7Z8iEFsZH+GoBTVAamFxEU3cu/XYK9hlZTD Q+CJXINa0mVtvY1hYZa5jqTKkiL3XxG5rvWOkRPFoDLjYSHdojyVOMaxaly57ysSN4 LGstvsRTsIs06sJrxyWIOGl2XFItMOTd8NjqeD5/EtLFDAyaEJVUTBnvUaH0LWygiK 0E+gTdavN+6vg== Date: Tue, 8 Jun 2021 12:33:18 +0100 From: Mark Brown To: Catalin Marinas Cc: Dave Martin , linux-arch@vger.kernel.org, libc-alpha@sourceware.org, Szabolcs Nagy , Jeremy Linton , Will Deacon , linux-arm-kernel@lists.infradead.org Subject: Re: [PATCH v1 2/2] arm64: Enable BTI for main executable as well as the interpreter Message-ID: <20210608113318.GA4200@sirena.org.uk> References: <20210521144621.9306-1-broonie@kernel.org> <20210521144621.9306-3-broonie@kernel.org> <20210603154034.GH4187@arm.com> <20210603165134.GF4257@sirena.org.uk> <20210603180429.GI20338@arm.com> <20210607112536.GI4187@arm.com> <20210607181212.GD17957@arm.com> MIME-Version: 1.0 In-Reply-To: <20210607181212.GD17957@arm.com> X-Cookie: Auction: User-Agent: Mutt/1.10.1 (2018-07-13) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210608_043333_680559_5BE85563 X-CRM114-Status: GOOD ( 14.18 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============5140193085596699034==" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org --===============5140193085596699034== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="r5Pyd7+fXNt84Ff3" Content-Disposition: inline --r5Pyd7+fXNt84Ff3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Jun 07, 2021 at 07:12:13PM +0100, Catalin Marinas wrote: > I don't think we can document all the filters that can be added on top > various syscalls, so I'd leave it undocumented (or part of the systemd > documentation). It was a user space program (systemd) breaking another > user space program (well, anything with a new enough glibc). The kernel > ABI was still valid when /sbin/init started ;). Indeed. I think from a kernel point of view the main thing is to look at why userspace feels the need to do things like this and see if there's anything we can improve or do better with in future APIs, part of the original discussion here was figuring out that there's not really any other reasonable options for userspace to implement this check at the minute. --r5Pyd7+fXNt84Ff3 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmC/VX0ACgkQJNaLcl1U h9DQdwf/TJzRu5jKdbqqqnTM5IaKtyqziQkJFXblDjDZkzBny7xN1VI86c6IS5XZ YJnZD8prye0EfXsoTHSdNIETekQK1x+O4DrjEp4e8qyLjhAbfimRgga2/diZ8zUt DlsaHmN+vdbPaH/AoGj/Ni810TgpbtKgeqpbZt3MYDUf2EvlhjUBrBhNNAe1S3Gu rOGCkI7R3RoaBIcyATK0H/78jrIFRNu0qEKKqWK2QwLGbfuC5ADmuRGikY+VeL2J MvGIJoQUDw+BBL9mE1SKkZn5mz/z32EweV5rOZ8BvIYOjXgdZY4I3qA1qt9m8MiN tJ22aBfXneqJgDNPxML7pJUW2iT2Gg== =6iZf -----END PGP SIGNATURE----- --r5Pyd7+fXNt84Ff3-- --===============5140193085596699034== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel --===============5140193085596699034==--