[PATCH v8 0/4] arm64: Enable BTI for the executable as well as the interpreter (original) (raw)
Will Deacon will@kernel.org
Fri Feb 25 15:54:27 GMT 2022
- Previous message (by thread): [PATCH v8 0/4] arm64: Enable BTI for the executable as well as the interpreter
- Next message (by thread): New Serbian PO file for 'libc' (version 2.34.9000)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, Feb 25, 2022 at 03:11:43PM +0000, Mark Brown wrote:
On Fri, Feb 25, 2022 at 01:53:51PM +0000, Will Deacon wrote:
> I still think this new behaviour should be opt-in, so adding a sysctl for > that would be my preference if we proceed with this approach. I'm happy to have a sysctl but I'd rather it be opt out rather than opt in since it seems better to default to enabling the security feature when there is a strong expectation that it would seem better to enable it by default sine it's not expected to be disruptive and the sysctl is more of a "what if there's a problem" thing.
I think new behaviour has to be opt-in, so that if somebody takes a new kernel then we can guarantee it's not going to break them. Systemd can enable this unconditionally if it wants to.
Will
- Previous message (by thread): [PATCH v8 0/4] arm64: Enable BTI for the executable as well as the interpreter
- Next message (by thread): New Serbian PO file for 'libc' (version 2.34.9000)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]