From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/8434 Path: news.gmane.org!not-for-mail From: Andy Lutomirski Newsgroups: gmane.linux.kernel,gmane.comp.lib.glibc.alpha,gmane.linux.lib.musl.general,gmane.comp.gcc.devel,gmane.comp.gnu.binutils Subject: RFC: adding Linux vsyscall-disable and similar backwards-incompatibility flags to ELF headers? Date: Tue, 1 Sep 2015 17:51:44 -0700 Message-ID: NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Trace: ger.gmane.org 1441155140 22112 80.91.229.3 (2 Sep 2015 00:52:20 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 2 Sep 2015 00:52:20 +0000 (UTC) To: Kees Cook , "linux-kernel@vger.kernel.org" , libc-alpha , "musl@lists.openwall.com" , gcc@gcc.gnu.org, Binutils Original-X-From: linux-kernel-owner@vger.kernel.org Wed Sep 02 02:52:19 2015 Return-path: Envelope-to: glk-linux-kernel-3@plane.gmane.org Original-Received: from vger.kernel.org ([209.132.180.67]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1ZWwHi-0001mS-J2 for glk-linux-kernel-3@plane.gmane.org; Wed, 02 Sep 2015 02:52:19 +0200 Original-Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751901AbbIBAwG (ORCPT ); Tue, 1 Sep 2015 20:52:06 -0400 Original-Received: from mail-ob0-f179.google.com ([209.85.214.179]:36707 "EHLO mail-ob0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750856AbbIBAwF (ORCPT ); Tue, 1 Sep 2015 20:52:05 -0400 Original-Received: by obqa2 with SMTP id a2so14180153obq.3 for ; Tue, 01 Sep 2015 17:52:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=OgPr5Ad5bygGFlSKensjMF5Vdhwkj3UwrLPgm2EgJxw=; b=Ek4gJMJ8n27ZwrPDzvze1D5j6plguUsGROWa9dBXyyJE915wtxVrPX9xeYBwrPPRZ8 V/6E1RNuut8vH0CjyexPlrd2c9wRwiC7mko8MuVEqRvoHCuI6Mf034deqo9HhIEAPUAM x1iiy1hjnMv0UXGtbdPWC+COb8qwgLpk+Qmw45IJJdAMpUkkNh/Gb8ZQyjesikuZjvP0 fgbpOzjHROnsjQAOFuW/gjiQf1e0eoGF0/8uias77WYw29C97PCPekdQEy2sgfWga9Sd LDKOSCL45gNcpp2xtwdK1AgOhPNSCfOingjkszHB8E+vuHbtjyeLsi4V0xagXYeXEygg hU+w== X-Gm-Message-State: ALoCoQmoP68x2kR6royG73WMfVlLorKQUThItXzwKLOGoqXhbD21cy4fbQray6Ulc6ZZ1f4loRfS X-Received: by 10.60.96.194 with SMTP id du2mr20379922oeb.2.1441155123914; Tue, 01 Sep 2015 17:52:03 -0700 (PDT) Original-Received: by 10.202.57.214 with HTTP; Tue, 1 Sep 2015 17:51:44 -0700 (PDT) Original-Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Xref: news.gmane.org gmane.linux.kernel:2030521 gmane.comp.lib.glibc.alpha:55152 gmane.linux.lib.musl.general:8434 gmane.comp.gcc.devel:141112 gmane.comp.gnu.binutils:70924 Archived-At: Hi all- Linux has a handful of weird features that are only supported for backwards compatibility. The big one is the x86_64 vsyscall page, but uselib probably belongs on the list, too, and we might end up with more at some point. I'd like to add a way that new programs can turn these features off. In particular, I want the vsyscall page to be completely gone from the perspective of any new enough program. This is straightforward if we add a system call to ask for the vsyscall page to be disabled, but I'm wondering if we can come up with a non-syscall way to do it. I think that the ideal behavior would be that anything linked against a sufficiently new libc would be detected, but I don't see a good way to do that using existing toolchain features. Ideas? We could add a new phdr for this, but then we'd need to play linker script games, and I'm not sure that could be done in a clean, extensible way. --Andy