Re: RFC: Audit external function called indirectly via GOT

[Carlos O'Donell <carlos@redhat.com>]

On 03/22/2018 11:01 AM, H.J. Lu wrote:
> On Thu, Mar 22, 2018 at 8:36 AM, Carlos O'Donell <carlos@redhat.com> wrote:
>>> Using ld.so-generated thunks for all GLOB_DAT function symbol
>>> relocations would happen in audit mode only and should work with
>>> existing binaries which were built with -Wl,-z,now.
>>
>> This is a very good reason to prefer one method over another, that we
>> could fix existing binaries. However, I still think the complexity of
>> such a fix outweighs what we are trying to fix. Do we have another use
>> for such stubs?
> 
> If you take a look at BFD linker, it generates different PLT layouts for
> MPX and CET.  It is totally transparent to ld.so.  Putting all PLT choices
> as well as adding new ones in ld.so is very complex.  I don't believe they
> belong to ld.so.

Belief is not a good reason to choose one technical solution over another.

I agree with your statements though, there would be a lot of additional
complexity added to ld.so without much apparent gain for that complexity
e.g. fixing existing -fno-plt binaries to work with LD_AUDIT. Which is why
I asked Florian if he had *other* uses for the stubs, since that might
change the balance. I admit it would have to be a very good reason to make
me consider the added complexity to balance the use case.

I think your solution as you have defined it is the best option, but we
should circle back and make sure we answer all of Cary and Alan's questions
to their satisfaction and gain consensus.

Cheers,
Carlos.