RELRO
A binary with read-only relocation (RELRO) simply has a read-only GOT and PLT (well, you can have partial RELRO with a writeable PLT, but it’s a bit useless). On Linux, this require immediate bindings (resolution of the symbols at startup), but on OpenBSD, it’s possible to have lazy-bindings and RELRO.
RELRO is a pretty standard mitigation, created by Jakub Jelínek from Redhat in January 2004, preventing an attacker from trivially overwriting function pointers in the GOT.
Ubuntu used partial RELRO with all packages since Intrepid Ibex (8.1) in October 2008, had full RELRO for certain packages in Karmic Koala (9.10) in October 2009, and switched from an allow list to an exception list in Xenial Xerus (16.04) in 2015.
OpenBSD enabled full RELRO in its toolchain in October 2017, but had partial RELRO enabled by default since August 2017, a process that started in July 2016, all thanks to guenther.
As of 2019, a couple of architectures (hppa, sparc, alpha, …) don’t have the
PLT as read-only, according to git grep -E 'elf_backend_plt_readonly\s+0' openbsd/src
.