Wasmtime GitHub notifications bot (Oct 12 2020 at 18:40): Wasmtime GitHub notifications bot (Oct 12 2020 at 18:40):bjorn3 opened Issue #2288:
<!-- Please try to describe precisely what you would like to do in
Cranelift/Wasmtime and/or expect from it. You can answer the questions below if
they're relevant and delete this text before submitting. Thanks for opening an
issue! -->Feature
RELRO is a security feature that makes as much sections as possible readonly after performing dynamic relocations.
<!-- What is the feature or code improvement you would like to do in
Cranelift/Wasmtime? -->Benefit
Improved security.
<!-- What is the value of adding this in Cranelift/Wasmtime? -->Implementation
Cranelift will need to get a PIC mode that doesn't use a PLT, but only a GOT. Then cranelift-object will need to be changed to use
.data.rel.roinstead of.datafor relocatable readonly data objects. There may be other steps necessary. This should all be optional.<!-- Do you have an implementation plan, and/or ideas for data structures or
algorithms to use? -->Alternatives
Not implementing this and thus having a bit less security.
<!-- Have you considered alternative implementations? If so, how are they
better or worse than your proposal? -->
Last updated: Nov 22 2024 at 16:03 UTC