[Bug c/103863] New: We need a warning for loss of no-exec stacks

[Bug c/103863] New: We need a warning for loss of no-exec stacks

[noloader at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103863

            Bug ID: 103863
           Summary: We need a warning for loss of no-exec stacks
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: noloader at gmail dot com
  Target Milestone: ---

Hello,

This is a feature request.

For targets that support no-exec stacks, we need a warning when GCC generates
code or drives the linker with loss of no-exec stacks.

The warning would be beneficial for most builds nowadays since no-exec stacks
are part of most distro hardening. For example, Debian and Fedora both
incorporate it into their build system; and special steps must be taken to
avoid no-exec stacks out of the box.

The warning would also be beneficial in cases like
https://bugzilla.redhat.com/show_bug.cgi?id=2035802. In the 2035802 bug, an ARM
machine failed to boot because libz contained executable stacks even though
they were not needed.

A specific warning for no-exec stacks is slightly different than -Wtrampolines.
While trampolines resulted in executable stacks in the past, that may not hold
in the future as lambdas are added to the language. And trampolines are not a
necessary precondition to get in an insecure state like the 2035802 bug shows.

It is most unfortunate that ASM files need special handling because the object
files are marked with executable stacks by default. Maybe that should be
another bug report to change default behavior since the strategy nowadays is:
no-exec stacks by default, do something special for executable stacks.

Thanks in advance.

[Bug driver/103863] We need a warning for loss of no-exec stacks

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103863

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |diagnostic
          Component|c                           |driver

--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
I think the warning needs to be implemented in the linker rather than in GCC
because the linker is what decides if there are executable stacks are needed or
not.

[Bug driver/103863] We need a warning for loss of no-exec stacks

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103863

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|normal                      |enhancement

[Bug driver/103863] We need a warning for loss of no-exec stacks

[noloader at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103863

--- Comment #2 from Jeffrey Walton <noloader at gmail dot com> ---
(In reply to Andrew Pinski from comment #1)
> I think the warning needs to be implemented in the linker rather than in GCC
> because the linker is what decides if there are executable stacks are needed
> or not.

Thanks Andrew.

I thought about a linker warning, too. Do they have to be mutually exclusive
(warning in compiler vs warning in linker)?

I also asked the Binutil folks for some feedback:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103863.