This is the mail archive of the
mailing list for the binutils project.
Re: [PATCH, GOLD, AArch64] default stack not executable
- From: Cary Coutant <ccoutant at gmail dot com>
- To: Jim Wilson <jim dot wilson at linaro dot org>, Han Shen <shenhan at google dot com>, Alan Modra <amodra at gmail dot com>
- Cc: Binutils <binutils at sourceware dot org>
- Date: Thu, 21 Sep 2017 17:26:26 -0700
- Subject: Re: [PATCH, GOLD, AArch64] default stack not executable
- Authentication-results: sourceware.org; auth=none
- References: <firstname.lastname@example.org>
> For aarch64, ld.bfd makes the stack not executable when a GNU-stack note is
> missing. Note that elf_backend_default_execstack is 0 in bfd/elfnn-aarch64.c.
> However, ld.gold makes the stack executable when a GNU-stack note is missing.
> Note that is_default_stack_executable is true in gold/aarch64.cc.
> This appears to be a bug in gold. It also looks like 64-bit ppc gets this
> wrong also, though I have not tested that.
> The following patch fixes this for aarch64 by changing gold aarch64 to make
> is_default_stack_executable false. This was tested with a make check, and
> there were no regressions. It was also verified against a testcase using a
> .s file with a missing GNU-stack note.
> * aarch64.cc (Target_aarch64::aarch64_info): Set
> is_default_stack_executable to false.
This is currently set to true in *all* targets that gold supports,
because objects without a stack note must be assumed to be old objects
that may require an executable stack. All recent objects (where
"recent" is quite generous now) should have stack notes in them. The
only case that I know of where a fairly recent object would be missing
the stack note is an assembler-generated object that was assembled
without the --noexecstack option.
I don't see why aarch64 should be treated differently from other
targets here, unless you can claim that there is no such thing as an
old object that requires an executable stack but does not contain a
stack note to that effect. If that's the case for aarch64 (and Han
agrees), I'll support this patch.
Since you raise the possibility that ppc should also default to false,
I'll ask Alan the same question: are there old objects that must be
assumed to require an executable stack?
Regardless, I would support changing the --warn-execstack option to be
on by default, so that users are properly warned about the presence of
objects that lack the stack note. I think it's in everyone's interest
to have this warning turned on.
I'd also argue that it's time for the assembler to turn on
--noexecstack by default.