
The Problem with RELRO/ASLR in Statically-Linked Executables or Lack Thereof - alyptik
https://www.leviathansecurity.com/blog/aslr-protection-for-statically-linked-executables
======
wahern
AFAICT OpenBSD already does RELRO (inc. GOT RELO) and ASLR for static PIE, and
has for several years. (Maybe since 2015?)

I think it was around that time that OpenBSD added the kbind(2) system call,
which _atomically_ copies data into otherwise non-writeable pages. This
permits lazy binding without marking executable pages temporarily writable
(W^X can't normally be disabled by programs). And kbind has special
mitigations to prevent its use from ROP gadgets.

Also, it appears Rich Felker (of musl libc) did some static PIE work for Linux
(presumably Linux/musl?).

    
    
      https://www.openwall.com/lists/musl/2015/06/01/12
    

I wonder if that work went anywhere.

