diff options
| author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2024-06-02 20:31:27 -0300 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2024-07-31 17:02:05 -0300 |
| commit | 6a785f1dcf4e63e169f0214dc3bbda962066fde9 (patch) | |
| tree | b33c01784d7342b9432fca32d8e450d640e75689 /elf/tst-array4.c | |
| parent | 39ed316b6b64e081ea81f47b0f3ae7831c0d6688 (diff) | |
| download | glibc-6a785f1dcf4e63e169f0214dc3bbda962066fde9.zip glibc-6a785f1dcf4e63e169f0214dc3bbda962066fde9.tar.gz glibc-6a785f1dcf4e63e169f0214dc3bbda962066fde9.tar.bz2 | |
elf: Add support to memory sealing
The new Linux mseal syscall allows seal memory mappings to avoid
further changes such as memory protection or remap. The sealing
is done in multiple places where the memory is supposed to
be immutable over program execution:
* All shared library dependencies from the binary, including the
read-only segments after PT_GNU_RELRO setup.
* The binary itself, including dynamic and static links. In both
It is up either to binary or the loader to set up the sealing.
* Any preload libraries.
* Any library loaded with dlopen with RTLD_NODELETE flag (including
libgcc.so loaded to enable unwind and/or thread cancellation).
* Audit modules.
* The loader bump allocator.
For binary dependencies, the RTLD_NODELETE signals the
link_map should be sealed. It also makes dlopen objects with the
flag sealed as well.
The sealing is controlled by a new tunable, glibc.rtld.seal, with
three different states:
0. Disabled, where no memory sealing is done.
1. Enabled, where the loader will issue the mseal syscall on the
memory mappings but any failure will be ignored. This is
the default.
2. Enforce, similar to Enabled but any failure from the mseal
will terminate the process.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Diffstat (limited to 'elf/tst-array4.c')
0 files changed, 0 insertions, 0 deletions