From: Alan Modra <amodra@gmail.com>
To: "Clément Chigot" <chigot@adacore.com>
Cc: binutils@sourceware.org
Subject: Re: [PATCH] ld: harmonize the value of --enable-warn-execstack=no option
Date: Fri, 20 May 2022 15:24:22 +0930 [thread overview]
Message-ID: <YoctDsABompR8A32@squeak.grove.modra.org> (raw)
In-Reply-To: <CAJ307EhxpcK5cqsnBV9Ud+WeP2gdbB4tKmLOHfR-nFmyZa=4AA@mail.gmail.com>
On Tue, May 17, 2022 at 02:51:40PM +0200, Clément Chigot via Binutils wrote:
> This patch sets the configure value of warn-execstack to 2 when
> disabled as expected by bfd.
>
> ld/ChangeLog:
>
> * configure.ac: Update ac_default_ld_warn_execstack value when
> --enable-warn-execstack=no is given.
> * configure: Regenerate
> * testsuite/ld-elf/elf.exp: Add --warn-execstack to ensure
> the warning is always shown.
Thanks for the patch, but I'm suspicious of the testsuite change and I
think we need a little more here. I agree a change is needed to make
ld/bfd values consistent but I'm going to jump the other way, changing
link_info.warn_execstack. Making it consistent that way is nicer in
that the flag becomes an "extended" boolean, ie. 0 => don't warn,
1 => always warn, 2 or 3 => conditional warning depending on
link_info.execstack.
Testing still in progress, I'll commit this shortly if I don't
discover the need for a testsuite change.
bfd/
* elflink.c (bfd_elf_size_dynamic_sections): Adjust
warn_execstack test.
include/
* bfdlink.h (warn_execstack): Swap 0 and 2 meaning.
ld/
* configure.ac (DEFAULT_LD_WARN_EXECSTACK): Use values of 0,
1, 2 consistent with link_info.warn_execstack.
* ld.texi: Typo fixes.
* lexsup.c (parse_args): Adjust setting of link_info.warn_execstack.
(elf_static_list_options): Adjust help message conditions.
* configure: Regenerate.
diff --git a/bfd/elflink.c b/bfd/elflink.c
index 4d6fe663f68..96eb36aa5bf 100644
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -7179,7 +7179,7 @@ warning: enabling an executable stack because of -z execstack command line optio
{
if (exec)
{
- if (info->warn_execstack != 2)
+ if (info->warn_execstack != 0)
{
/* PR 29072: Because an executable stack is a serious
security risk, make sure that the user knows that it is
diff --git a/include/bfdlink.h b/include/bfdlink.h
index 27a8e11cc22..09a3ec01685 100644
--- a/include/bfdlink.h
+++ b/include/bfdlink.h
@@ -493,12 +493,9 @@ struct bfd_link_info
unsigned int noexecstack: 1;
/* Tri-state variable:
- 0 => warn if the linker is creating an executable stack, but
- execstack (above) is 0.
- 1 => warn if the linker is creating an executable stack; ignores
- the value of execstack.
- 2 => do not warn.
- 3 => not used. */
+ 0 => do not warn when creating an executable stack.
+ 1 => always warn when creating an executable stack.
+ >1 => warn when creating an executable stack if execstack is 0. */
unsigned int warn_execstack: 2;
/* TRUE if warnings should not be generated for TLS segments with eXecute
diff --git a/ld/configure b/ld/configure
index b4b0ce14ed9..16db825d5ab 100755
--- a/ld/configure
+++ b/ld/configure
@@ -15438,12 +15438,14 @@ fi
-ac_default_ld_warn_execstack=unset
+# By default warn when an executable stack is created due to object files
+# requesting such, not when the user specifies -z execstack.
+ac_default_ld_warn_execstack=2
# Check whether --enable-warn-execstack was given.
if test "${enable_warn_execstack+set}" = set; then :
enableval=$enable_warn_execstack; case "${enableval}" in
yes) ac_default_ld_warn_execstack=1 ;;
- no) ac_default_ld_warn_execstack=-1 ;;
+ no) ac_default_ld_warn_execstack=0 ;;
esac
fi
@@ -16997,9 +16999,6 @@ _ACEOF
-if test "${ac_default_ld_warn_execstack}" = unset; then
- ac_default_ld_warn_execstack=0
-fi
cat >>confdefs.h <<_ACEOF
#define DEFAULT_LD_WARN_EXECSTACK $ac_default_ld_warn_execstack
diff --git a/ld/configure.ac b/ld/configure.ac
index 0b29e810dde..01121480c6d 100644
--- a/ld/configure.ac
+++ b/ld/configure.ac
@@ -204,13 +204,15 @@ AC_ARG_ENABLE(separate-code,
esac])
-ac_default_ld_warn_execstack=unset
+# By default warn when an executable stack is created due to object files
+# requesting such, not when the user specifies -z execstack.
+ac_default_ld_warn_execstack=2
AC_ARG_ENABLE(warn-execstack,
AS_HELP_STRING([--enable-warn-execstack],
[enable warnings when creating an executable stack]),
[case "${enableval}" in
yes) ac_default_ld_warn_execstack=1 ;;
- no) ac_default_ld_warn_execstack=-1 ;;
+ no) ac_default_ld_warn_execstack=0 ;;
esac])
ac_default_ld_warn_rwx_segments=unset
@@ -531,9 +533,6 @@ AC_DEFINE_UNQUOTED(DEFAULT_LD_Z_SEPARATE_CODE,
[Define to 1 if you want to enable -z separate-code in ELF linker by default.])
-if test "${ac_default_ld_warn_execstack}" = unset; then
- ac_default_ld_warn_execstack=0
-fi
AC_DEFINE_UNQUOTED(DEFAULT_LD_WARN_EXECSTACK,
$ac_default_ld_warn_execstack,
[Define to 1 if you want to enable --warn-execstack in ELF linker by default.])
diff --git a/ld/ld.texi b/ld/ld.texi
index 8cad8478140..a2b162ce5b5 100644
--- a/ld/ld.texi
+++ b/ld/ld.texi
@@ -2654,7 +2654,7 @@ object file formats. For formats like COFF or ELF, the linker can not
detect the use of global constructors.
@kindex --warn-execstack
-@cindex warnings, on exectuable stack
+@cindex warnings, on executable stack
@cindex executable stack, warnings on
@item --warn-execstack
@itemx --no-warn-execstack
@@ -2667,7 +2667,7 @@ line option has been used, but this behaviour can be overridden by the
On the other hand the linker will normally warn if the stack is made
executable because one or more of the input files need an execuable
stack and neither of the @command{-z execstack} or @command{-z
-noexecstack} comman line options have been specified. This warning
+noexecstack} command line options have been specified. This warning
can be disabled via the @command{--no-warn-execstack} option.
Note: ELF format input files specify that they need an executable
diff --git a/ld/lexsup.c b/ld/lexsup.c
index 78190472907..82c459adb51 100644
--- a/ld/lexsup.c
+++ b/ld/lexsup.c
@@ -927,7 +927,7 @@ parse_args (unsigned argc, char **argv)
link_info.warn_execstack = 1;
break;
case OPTION_NO_WARN_EXECSTACK:
- link_info.warn_execstack = 2;
+ link_info.warn_execstack = 0;
break;
case OPTION_WARN_RWX_SEGMENTS:
link_info.no_warn_rwx_segments = 0;
@@ -2169,14 +2169,14 @@ elf_static_list_options (FILE *file)
-z execstack Mark executable as requiring executable stack\n"));
fprintf (file, _("\
-z noexecstack Mark executable as not requiring executable stack\n"));
-#if DEFAULT_LD_WARN_EXECSTACK > 0
+#if DEFAULT_LD_WARN_EXECSTACK == 1
fprintf (file, _("\
--warn-execstack Generate a warning if the stack is executable (default)\n"));
#else
fprintf (file, _("\
--warn-execstack Generate a warning if the stack is executable\n"));
#endif
-#if DEFAULT_LD_WARN_EXECSTACK < 0
+#if DEFAULT_LD_WARN_EXECSTACK == 0
fprintf (file, _("\
--no-warn-execstack Do not generate a warning if the stack is executable (default)\n"));
#else
--
Alan Modra
Australia Development Lab, IBM
next prev parent reply other threads:[~2022-05-20 5:54 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-17 12:51 Clément Chigot
2022-05-20 5:54 ` Alan Modra [this message]
2022-05-20 6:45 ` Alan Modra
2022-05-20 7:07 ` Clément Chigot
2022-05-20 10:16 ` Alan Modra
2022-05-26 11:06 ` bit-rot in target before_parse function option Alan Modra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YoctDsABompR8A32@squeak.grove.modra.org \
--to=amodra@gmail.com \
--cc=binutils@sourceware.org \
--cc=chigot@adacore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).