RFC: Should we have all targets default to only creating an executable stack when explicitly requested ?
Sam James
sam@gentoo.org
Mon Apr 25 13:46:37 GMT 2022
More information about the Binutils mailing list
Mon Apr 25 13:46:37 GMT 2022
- Previous message (by thread): RFC: Should we have all targets default to only creating an executable stack when explicitly requested ?
- Next message (by thread): [PATCH, v2] [AArch64] Support AArch64 MTE memory tag dumps in core files
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> On 21 Apr 2022, at 12:28, Nick Clifton via Binutils <binutils@sourceware.org> wrote: > > Hi Guys, > > PR 29072 has brought up the issue of executable stacks. > > https://sourceware.org/bugzilla/show_bug.cgi?id=29075 > > Currently the bfd linker will create an executable stack if explicitly > requested to do so, either via the '-z execstack' option, or via the > presence of a .note-GNU-stack section which has the SHF_EXECINSTR flag > set. > > In addition, for targets like the x86_64 and s390x the linker will also > create an executable stack if any linked object file does not have a > .note.GNU-stack section. (Such an occurrence is especially common for > hand crafted assembler source files). This can result in programs > gaining an executable stack even when the user is not expecting it. If you're looking for a softer approach, I'd consider a configure argument to make this default so we can easily test it downstream and see how bad the damage is. But I'm supportive of the change either way, just might mean more work fixing software :) > > Other targets such as AArch64 and PowerPC do not this. Instead they > just ignore object files with missing .note.GNU-stack sections. > > A proposal has been made that all targets should ignore missing > .note.GNU-stack sections, and the linker should only ever create an > executable stack if explicitly requested by one of the two methods > described in the second paragraph. I am inclined to agree with this > proposal, but I would like to see if anyone has any objections or > comments first. > > It is possible that such a change will break applications that rely > upon the current behaviour. But, in my opinion, this would actually > be a good thing. Applications with an executable stack are a security > risk, and they ought to be reviewed. If an exectuable stack really > is needed then it can be explicitly requested via the '-z execstack' > command line option. Absolutely. > Best, sam > Thoughts ? > > Cheers > Nick > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 618 bytes Desc: Message signed with OpenPGP URL: <https://sourceware.org/pipermail/binutils/attachments/20220425/ce3f6ba5/attachment.sig>
- Previous message (by thread): RFC: Should we have all targets default to only creating an executable stack when explicitly requested ?
- Next message (by thread): [PATCH, v2] [AArch64] Support AArch64 MTE memory tag dumps in core files
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Binutils mailing list