From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/8436
Path: news.gmane.org!not-for-mail
From: Brian Gerst <brgerst@gmail.com>
Newsgroups: gmane.comp.lib.glibc.alpha,gmane.linux.kernel,gmane.linux.lib.musl.general,gmane.comp.gcc.devel,gmane.comp.gnu.binutils
Subject: Re: RFC: adding Linux vsyscall-disable and similar
 backwards-incompatibility flags to ELF headers?
Date: Tue, 1 Sep 2015 21:53:12 -0400
Message-ID: <CAMzpN2gQq7TbmjgHYut53gNTLCtVQ197akKZ69ZoM1BHHMo8cQ@mail.gmail.com>
References: <CALCETrUzU5UVe_2eWuMCOgHTs=5mnor5m0RO0STTi3K5FzdNvQ@mail.gmail.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Trace: ger.gmane.org 1441158804 9665 80.91.229.3 (2 Sep 2015 01:53:24 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 2 Sep 2015 01:53:24 +0000 (UTC)
Cc: Kees Cook <keescook@chromium.org>, 
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, libc-alpha <libc-alpha@sourceware.org>, 
	"musl@lists.openwall.com" <musl@lists.openwall.com>, gcc@gcc.gnu.org, 
	Binutils <binutils@sourceware.org>
To: Andy Lutomirski <luto@amacapital.net>
Original-X-From: libc-alpha-return-62877-glibc-alpha=m.gmane.org@sourceware.org Wed Sep 02 03:53:22 2015
Return-path: <libc-alpha-return-62877-glibc-alpha=m.gmane.org@sourceware.org>
Envelope-to: glibc-alpha@plane.gmane.org
Original-Received: from server1.sourceware.org ([209.132.180.131] helo=sourceware.org)
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <libc-alpha-return-62877-glibc-alpha=m.gmane.org@sourceware.org>)
	id 1ZWxEm-0005so-Om
	for glibc-alpha@plane.gmane.org; Wed, 02 Sep 2015 03:53:21 +0200
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type; q=dns; s=default; b=
	oOlMA3gwOCA8IjMCtg94vOwRb1egjI+YuTKGkdI9RhtLyKlAbjhmTV7x334GZPmP
	JYfjZnjHgiNj0g0tMRG94uOGdaqCCS/cWi8pfgtZAdFzBMLZdnuJiwkBFStzGKy9
	Ekj3954eH2pRz39wE6yq0WXqmz4QZ1r2gEdygPFMOIs=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type; s=default; bh=vvahZ
	NXA1E/pa3na5jAUE9b611w=; b=d2VmQmReEKdb6ZXsYHc+p3sK8A7SRKZK1dxD7
	sXG21v9FQRnHDc2EIBL+ZPOKt3Qpg/BMi6aAtJvwB9gJm9qDSeJyDUqIBe9O8Pap
	UXR32Sj41nB9zqkfTNUDm4v5mdEFF4AjSb+RMe+Y0+Met6ZL3YqFhfEdv9ydU+Hv
	e2NAeQ=
Original-Received: (qmail 122023 invoked by alias); 2 Sep 2015 01:53:16 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-glibc-alpha=m.gmane.org@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Original-Sender: libc-alpha-owner@sourceware.org
Original-Received: (qmail 121998 invoked by uid 89); 2 Sep 2015 01:53:15 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2
X-Spam-User: qpsmtpd, 2 recipients
X-HELO: mail-oi0-f50.google.com
X-Received: by 10.202.242.6 with SMTP id q6mr18095756oih.56.1441158792448;
 Tue, 01 Sep 2015 18:53:12 -0700 (PDT)
In-Reply-To: <CALCETrUzU5UVe_2eWuMCOgHTs=5mnor5m0RO0STTi3K5FzdNvQ@mail.gmail.com>
Xref: news.gmane.org gmane.comp.lib.glibc.alpha:55157 gmane.linux.kernel:2030605 gmane.linux.lib.musl.general:8436 gmane.comp.gcc.devel:141117 gmane.comp.gnu.binutils:70927
Archived-At: <http://permalink.gmane.org/gmane.comp.lib.glibc.alpha/55157>

On Tue, Sep 1, 2015 at 8:51 PM, Andy Lutomirski <luto@amacapital.net> wrote:
> Hi all-
>
> Linux has a handful of weird features that are only supported for
> backwards compatibility.  The big one is the x86_64 vsyscall page, but
> uselib probably belongs on the list, too, and we might end up with
> more at some point.
>
> I'd like to add a way that new programs can turn these features off.
> In particular, I want the vsyscall page to be completely gone from the
> perspective of any new enough program.  This is straightforward if we
> add a system call to ask for the vsyscall page to be disabled, but I'm
> wondering if we can come up with a non-syscall way to do it.
>
> I think that the ideal behavior would be that anything linked against
> a sufficiently new libc would be detected, but I don't see a good way
> to do that using existing toolchain features.
>
> Ideas?  We could add a new phdr for this, but then we'd need to play
> linker script games, and I'm not sure that could be done in a clean,
> extensible way.


The vsyscall page is mapped in the fixmap region, which is shared
between all processes.  You can't turn it off for an individual
process.

--
Brian Gerst