I don't think Gentoo submitted it upstream yet, I can ask about it. PIC fixes are there because they create tons of TEXTRELs. Besides the performance issue they have certain implications with certain hardened systems; PaX will need to allow ELF Text Relocations, and SELinux won't be able to apply the execmod restriction.
You're quite right that for Ubuntu this is basically just performance (at this stage). To that end here's the issues I'm aware of: Performance: - TEXTRELs require memory to be mprotect()ed writable, then changed, then mprotect()ed executable again. This takes time. - TEXTRELs are in memory that is normally shared; when the relocations occur, they're often in isolated memory pages, and cause copy-on-write to occur. This takes a lot of time. - Program memory is typically shared, minus the GOT which is a couple pages long and gets relocated (it's data, and it's all in one place, so it's low overhead); when we start applying TEXTRELs, other pages of program text wind up being private, so we start using more memory. Security: - With a normal system, no security issues. - With SELinux, execmod can't be applied. - With PaX, you can configure the kernel to detect and allow TEXTRELs. An attacker breaking ASLR can return to mmap(); map in a library with a TEXTREL (triggering the detection); and then have permission to mprotect() that library's text writable, then back to executable, exactly ONCE. The sequence ret-to-mprotect(), ret-to-memcpy(), ret-to-mprotect(), ret-to-shellcode can be used then to inject code into the protected process. -- PIC fix for libdv https://launchpad.net/bugs/57314 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
