From: "H.J. Lu" <hjl.tools@gmail.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: binutils@sourceware.org
Subject: Re: [PATCH v2] ld: Turn on --error-execstack/--error-rwx-segments
Date: Mon, 29 Jan 2024 06:10:37 -0800 [thread overview]
Message-ID: <CAMe9rOpHK3s8cyv+=ebJrkJ1by0zNJRR3QLTjP_8Hd5o3iWxtw@mail.gmail.com> (raw)
In-Reply-To: <ed0027e0-db88-418d-a0b5-9420c2330e49@suse.com>
On Mon, Jan 29, 2024 at 6:03 AM Jan Beulich <jbeulich@suse.com> wrote:
>
> On 29.01.2024 14:03, H.J. Lu wrote:
> > On Sun, Jan 28, 2024 at 11:30 PM Jan Beulich <jbeulich@suse.com> wrote:
> >>
> >> On 26.01.2024 22:45, H.J. Lu wrote:
> >>> --- a/ld/lexsup.c
> >>> +++ b/ld/lexsup.c
> >>> @@ -1947,6 +1947,17 @@ parse_args (unsigned argc, char **argv)
> >>> && command_line.check_section_addresses < 0)
> >>> command_line.check_section_addresses = 0;
> >>>
> >>> + /* Override --no-error-execstack and --no-warn-execstack and turn on
> >>> + --error-execstack for --warn-execstack and --error-rwx-segments for
> >>> + --warn-rwx-segments if --fatal-warnings is used. */
> >>> + if (config.fatal_warnings)
> >>> + {
> >>> + if (link_info.warn_execstack)
> >>> + link_info.error_execstack = 1;
> >>> + if (!link_info.no_warn_rwx_segments)
> >>> + link_info.warn_is_error_for_rwx_segments = 1;
> >>> + }
> >>> +
> >>> if (export_list)
> >>> {
> >>> struct bfd_elf_version_expr *head = export_list->head.list;
> >>
> >> If I'm not mistaken and if the comment is properly describing things,
> >> this placement of the addition means --no-* last on the command line
> >> wouldn't be honored anymore, when later arguments ought to override
> >> earlier ones.
> >>
> >
> > Before my change, we got
> >
> > [hjl@gnu-cfl-3 ld]$ touch x.s
> > [hjl@gnu-cfl-3 ld]$ gcc -c x.s
> > [hjl@gnu-cfl-3 ld]$ ld -shared -z stack-size=0x123400 --fatal-warnings
> > --warn-execstack --no-error-execstack x.o
> > ld: warning: x.o: missing .note.GNU-stack section implies executable stack
> > ld: NOTE: This behaviour is deprecated and will be removed in a future
> > version of the linker
> > [hjl@gnu-cfl-3 ld]$ echo $?
> > 1
> >
> > The warning is misleading since --fatal-warnings IS position independent
> > and is always fatal for ANY warning. My patch changes it to
> >
> > [hjl@gnu-cfl-3 ld]$ ./ld-new -shared -z stack-size=0x123400
> > --fatal-warnings --warn-execstack --no-error-execstack x.o
> > ./ld-new: error: x.o: is triggering the generation of an executable
> > stack because it does not have a .note.GNU-stack section
> > ./ld-new: failed to set dynamic section sizes: file format not recognized
> > [hjl@gnu-cfl-3 ld]$
> >
> > Any other comments to my patch?
>
> Well. To me, it is ambiguous what "--fatal-warnings --warn-execstack
> --no-error-execstack" actually is intended to mean (and that's regardless
> of --fatal-warnings position on the command line). One way of
> interpreting is your way. The other is to say that --no-error-execstack
> means "no error for anything related to executable stacks", i.e.
> --fatal-warnings not affecting the overall result (when there are no
> other warnings).
My interpretation is what --fatal-warnings implements.
--
H.J.
prev parent reply other threads:[~2024-01-29 14:11 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-26 21:45 H.J. Lu
2024-01-28 15:04 ` H.J. Lu
2024-01-29 7:33 ` Jan Beulich
2024-01-29 12:59 ` H.J. Lu
2024-01-29 7:30 ` Jan Beulich
2024-01-29 13:03 ` H.J. Lu
2024-01-29 14:03 ` Jan Beulich
2024-01-29 14:10 ` H.J. Lu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMe9rOpHK3s8cyv+=ebJrkJ1by0zNJRR3QLTjP_8Hd5o3iWxtw@mail.gmail.com' \
--to=hjl.tools@gmail.com \
--cc=binutils@sourceware.org \
--cc=jbeulich@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).