mitigations.7: explain RELRO
ClosedPublic
Actions

Authored by emaste on Oct 6 2023, 2:39 PM.

Details

Reviewers

olce
kib
bcr

Commits

rGa2b289608d6b: mitigations.7: briefly explain RELRO

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

emaste requested review of this revision.Oct 6 2023, 2:39 PM

emaste created this revision.

emaste added a subscriber: secteam.

bcr added a subscriber: bcr.Oct 6 2023, 3:03 PM

bcr added inline comments.

share/man/man7/mitigations.7
208	superfluous 'is"

emaste marked an inline comment as done.Oct 6 2023, 3:06 PM

emaste added inline comments.

share/man/man7/mitigations.7
208	fixed locally

OK from manpages.

This revision is now accepted and ready to land.Oct 6 2023, 3:42 PM

kib added inline comments.Oct 6 2023, 5:00 PM

share/man/man7/mitigations.7
197
203
205	I think it is better to remove this line

some feedback from @kib

This revision now requires review to proceed.Oct 6 2023, 5:40 PM

kib accepted this revision.Oct 6 2023, 8:04 PM

This revision is now accepted and ready to land.Oct 6 2023, 8:04 PM

I'm not too competent on the matter.

Is describing the ELF metadata "protected" by RELRO and what is non-standard with WITH_BIND_NOW too much work or out-of-scope? Personally, I would learn something if they were.

share/man/man7/mitigations.7
205	Typo.

Is describing the ELF metadata "protected" by RELRO and what is non-standard with WITH_BIND_NOW too much work or out-of-scope? Personally, I would learn something if they were.

I think it's probably too much detail to include here, we probably have to describe too much of ELF, rtld, and dynamic linking. It's at least more than I'm up for writing right now :)

@fbsd-phab_maskray.me has some good blog posts, maybe we could just add a reference to those: