diff options
| author | Ben Hutchings <ben@decadent.org.uk> | 2020-02-29 00:03:20 +0000 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2020-02-29 00:11:26 +0000 |
| commit | 9d8d648e604026b32cad00a84ed6c29cbd157641 (patch) | |
| tree | b482156792bfb9e99da60b336c312273d5165ac1 | |
| parent | 56dcdac0ffc1d86d196a1d04933288b0c0ef8417 (diff) | |
| download | klibc-9d8d648e604026b32cad00a84ed6c29cbd157641.tar.gz | |
[klibc] Kbuild: Tell gas we don't want executable stacks
The stack should be made non-executable, as a security hardening
measure. This is irrelevant for most of the klibc utilities, but
ipconfig deals with network input that might be untrusted. Since
Linux 5.6-rc1 the kernel now also warns (once) if a program has an
executable stack.
As this is necessarily a process-wide attribute at run-time, the
stack ends up being executable unless every object file linked into the
program is flagged as not needing it. gas doesn't set the flag by
default, so we need to explicitly tell it to do so.
ia64 will also need a change to its linker script to retain the
.note.GNU-stack section, but I have no way of testing ia64 so I'm going
to leave that to later.
Reported-by: Christophe Leroy <christophe.leroy@c-s.fr>
References: https://lists.zytor.com/archives/klibc/2020-February/004271.html
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
| -rw-r--r-- | scripts/Kbuild.klibc | 2 | ||||
| -rw-r--r-- | usr/klibc/Kbuild | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/scripts/Kbuild.klibc b/scripts/Kbuild.klibc index b7e99b567f6c52..afc9a546feca59 100644 --- a/scripts/Kbuild.klibc +++ b/scripts/Kbuild.klibc @@ -125,7 +125,7 @@ KLIBCDEFS += -D__KLIBC__=$(KLIBCMAJOR) \ KLIBCCPPFLAGS += $(KLIBCDEFS) KLIBCCFLAGS += $(KLIBCCPPFLAGS) $(KLIBCREQFLAGS) $(KLIBCARCHREQFLAGS) \ $(KLIBCOPTFLAGS) $(KLIBCWARNFLAGS) -KLIBCAFLAGS += -D__ASSEMBLY__ $(KLIBCCFLAGS) +KLIBCAFLAGS += -D__ASSEMBLY__ -Wa,--noexecstack $(KLIBCCFLAGS) KLIBCSTRIPFLAGS += --strip-all -R .comment -R .note KLIBCLIBGCC_DEF := $(shell $(KLIBCCC) $(KLIBCCFLAGS) --print-libgcc) diff --git a/usr/klibc/Kbuild b/usr/klibc/Kbuild index b462fbecdce153..19ccfbec3f5357 100644 --- a/usr/klibc/Kbuild +++ b/usr/klibc/Kbuild @@ -180,6 +180,7 @@ quiet_cmd_interp = BUILD $@ cmd_interp = $(KLIBCCC) $(klibccflags) -D__ASSEMBLY__ \ -DLIBDIR=\"$(SHLIBDIR)\" \ -DSOHASH=\"$(SOLIBHASH)\" \ + -Wa,--noexecstack \ -c -o $@ $< $(INTERP_O): $(obj)/interp.S $(SOLIB).hash |