From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) by sourceware.org (Postfix) with ESMTP id 493AC3858D28 for ; Mon, 25 Apr 2022 13:46:52 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 493AC3858D28 Content-Type: multipart/signed; boundary="Apple-Mail=_FB1AF8D0-EE3F-4A2D-ABC4-C5582272E887"; protocol="application/pgp-signature"; micalg=pgp-sha512 Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\)) Subject: Re: RFC: Should we have all targets default to only creating an executable stack when explicitly requested ? From: Sam James In-Reply-To: <51664b3e-9dbd-65e2-00b3-7f7842f76ed4@redhat.com> Date: Mon, 25 Apr 2022 14:46:37 +0100 Cc: Binutils , toolchain@gentoo.org Message-Id: <73BB2FC1-5443-4875-9567-DCBD09A58B1E@gentoo.org> References: <51664b3e-9dbd-65e2-00b3-7f7842f76ed4@redhat.com> To: Nick Clifton X-Mailer: Apple Mail (2.3696.80.82.1.1) X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Apr 2022 13:46:54 -0000 --Apple-Mail=_FB1AF8D0-EE3F-4A2D-ABC4-C5582272E887 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On 21 Apr 2022, at 12:28, Nick Clifton via Binutils = wrote: >=20 > Hi Guys, >=20 > PR 29072 has brought up the issue of executable stacks. >=20 > https://sourceware.org/bugzilla/show_bug.cgi?id=3D29075 >=20 > Currently the bfd linker will create an executable stack if = explicitly > requested to do so, either via the '-z execstack' option, or via the > presence of a .note-GNU-stack section which has the SHF_EXECINSTR = flag > set. >=20 > In addition, for targets like the x86_64 and s390x the linker will = also > create an executable stack if any linked object file does not have a > .note.GNU-stack section. (Such an occurrence is especially common = for > hand crafted assembler source files). This can result in programs > gaining an executable stack even when the user is not expecting it. If you're looking for a softer approach, I'd consider a configure = argument to make this default so we can easily test it downstream and see how bad the damage is. But I'm supportive of the change either way, just might mean more work fixing software :) >=20 > Other targets such as AArch64 and PowerPC do not this. Instead they > just ignore object files with missing .note.GNU-stack sections. >=20 > A proposal has been made that all targets should ignore missing > .note.GNU-stack sections, and the linker should only ever create an > executable stack if explicitly requested by one of the two methods > described in the second paragraph. I am inclined to agree with this > proposal, but I would like to see if anyone has any objections or > comments first. >=20 > It is possible that such a change will break applications that rely > upon the current behaviour. But, in my opinion, this would actually > be a good thing. Applications with an executable stack are a = security > risk, and they ought to be reviewed. If an exectuable stack really > is needed then it can be explicitly requested via the '-z execstack' > command line option. Absolutely. >=20 Best, sam > Thoughts ? >=20 > Cheers > Nick >=20 --Apple-Mail=_FB1AF8D0-EE3F-4A2D-ABC4-C5582272E887 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQGTBAEBCgB9FiEEYOpPv/uDUzOcqtTy9JIoEO6gSDsFAmJmpj1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYw RUE0RkJGRkI4MzUzMzM5Q0FBRDRGMkY0OTIyODEwRUVBMDQ4M0IACgkQ9JIoEO6g SDsOjQf/fv7scq/Bp1K4o040XnHgdTTLtt2ZntYP8fCowsvtjy5b7Kp3JBUeYB4E Ysv/S0otkHGnSQ0fz1hOer6fH/DJNOAMJj8pYfVHxEeFikNXCZL8OvhPfyfbMH6u 2C3QMvP7u/CvcpxEFUyOppHsnV5fwM4DuP8Rs4+1gStEaP6vnK9Uc73tZn8oF9jl sXeUn5GhCqOzjtw4/elmQ8wLf0MhGnFCirLda6D0/5YPWuKR8sRVG2N5ERAHDQx6 0arO2EKB/UPchzbgl5Tdjd4w+m3EQ6ho+Chd42jZuuVfS9dae12dqKpOS0VYlbPz LXOU0bvIvj1l1YtSHXA3JJ8UZXz/wg== =5p3s -----END PGP SIGNATURE----- --Apple-Mail=_FB1AF8D0-EE3F-4A2D-ABC4-C5582272E887--