This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: PCH and exec-shield...
Jakub Jelinek <jakub@redhat.com> writes:
> > With the default kernel setting, cc1 will only use exec-shield if it
> > has a PT_GNU_STACK program segment. Unfortunately objcopy can't fix
> > that for you. Also unfortunately I don't think anybody has added a
>
> There is execstack(8) utility which allows to tweak this.
Hmmm. I don't seem to have it on my Fedora Core 1 system.
> > linker option to disable creating such a segment. Also unfortunately
> > the linker options which do exist are not documented. Grrrr.
>
> ld --help | grep stack
> -z execstack Mark executable as requiring executable stack
> -z noexecstack Mark executable as not requiring executable stack
> as --help | grep stack
> --execstack require executable stack for this object
> --noexecstack don't require executable stack for this object
OK, I should not have implied that they are not documented at all.
However, the linker and assembler have manuals. These options are not
documented there, and they should be. Also, all new options for these
tools should be mentioned in the NEWS file. Also, I think there
should be a way to say ``do not mark executable stack requirements;''
that might be the default in the assembler, but it is not in the
linker.
> Still, I really think PCH has problems with randomization, not
> non-executable stack, and randomization at least ought to be orthogonal
> to whether stack is executable or not.
Yes. However, at least in the Fedora Core 1 kernel sources, it
appears that, by default, randomization is tied to whether the program
is marked as requiring or not requiring an executable stack.
Ian