[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Sam James changed: What|Removed |Added See Also||https://sourceware.org/bugz ||illa/show_bug.cgi?id=20025 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Sam James changed: What|Removed |Added CC||sam at gentoo dot org -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #22 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0ab7005043ee404dabfd690952efc25c35ae commit 0ab7005043ee404dabfd690952efc25c35ae Author: Nick Clifton Date: Wed Jun 21 11:47:19 2023 +0100 For test for PR 29072 when the linker is configured with --enable-default-execstack=no. PR 29072 * testsuite/ld-elf/elf.exp (target_defaults_to_execstack): Always return false for linkers configured with the --enable-default-execstack=no option. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #21 from H.J. Lu --- FYI, the linker change caused many regressions in GCC: https://gcc.gnu.org/pipermail/gcc-regression/2022-April/076526.html -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #20 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=16538271c82db0ba5679344c4107564b70a756a1 commit 16538271c82db0ba5679344c4107564b70a756a1 Author: Alan Modra Date: Wed Apr 27 09:09:41 2022 +0930 Revert pr29072 lto test changes Revert commit 65daf5bed6 testsuite changes in ld-plugin/. -z isn't supported for non-ELF targets, and isn't needed since we now prune the exec stack warning (commit 333cd559ba). PR 29072 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #18 from Nick Clifton --- (In reply to H.J. Lu from comment #17) > What should we do about failing nested function tests in GCC testsuite? Well I believe that Jeff Law is looking into this situation. But in general I would say that the gcc folks need to decide if the warning is useful to them. If not then it could be pruned in the same way that we do with the linker tests, or the -Wl,--no-warn-execstack option could be added as an extra option to the linker command line, or the -Wl,-z,execstack could be added to indicate that executable stack is indeed intended. On the other hand if nested function tests are failing in situations where are executable stack is unexpected, then this would indicate that the test, or maybe even the compiler, needs to be fixed. I think however that it is unlikely that a situation like this actually exists. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #19 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by H.J. Lu : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f93c6e0a2ed1ad4f0a9bb8f38e859f3312c25282 commit f93c6e0a2ed1ad4f0a9bb8f38e859f3312c25282 Author: H.J. Lu Date: Tue Apr 26 09:26:36 2022 -0700 i386: Pass -z noexecstack to linker tests PR ld/29072 * testsuite/ld-i386/i386.exp: Pass -z noexecstack to gotpc1 and property-6. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #17 from H.J. Lu --- (In reply to Nick Clifton from comment #16) > (In reply to H.J. Lu from comment #15) > > Is the goal to remove nested functions? > > No - the goal is to improve the security of programs by letting their > builders know that they have a vulnerability. They *may* chose to address > the vulnerability by removing nested functions from their code - if that was > the cause - but they may also decide that the vulnerability is acceptable > and instead add --no-warn-execstack to the linker command line. Or just > ignore the warning. What should we do about failing nested function tests in GCC testsuite? -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Nick Clifton changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #16 from Nick Clifton --- (In reply to H.J. Lu from comment #15) > Is the goal to remove nested functions? No - the goal is to improve the security of programs by letting their builders know that they have a vulnerability. They *may* chose to address the vulnerability by removing nested functions from their code - if that was the cause - but they may also decide that the vulnerability is acceptable and instead add --no-warn-execstack to the linker command line. Or just ignore the warning. The point of the warning is that it gives program builders a prompt to decide what is best for them. By informing them of the potential security vulnerability - something that they may not have realised was happening to their program - they then have a reason to perform a security review of their code, and can decide what to do. As for builders who are unaware of the risks of executable stacks and the dangers of nested functions - and hence will be confused by this new warning - I intend to write a blog about the problem and its possible solutions. It is my hope that a web search will turn up this blog, and so they will be able to find some advice on what to do. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #15 from H.J. Lu --- Is the goal to remove nested functions? -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #14 from Nick Clifton --- (In reply to H.J. Lu from comment #12) > I don't think we should issue a warning in this case: Why not ? The original point of this PR was that an application can gain an executable stack without the programmer being aware of it, simply because an object file in the link requests one. Providing a warning, along with the name of the object file to blame, will allow the builder to decide if they are OK with this, possibly unexpected, behaviour. > Shouldn't compiler issue the warning instead? Maybe - that is up to the compiler designers. But the purpose of this warning is to let application builders know that their app now has a major security risk, and it may be because of an object file in a library and nothing at all to do with files that they themselves maintain. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 H.J. Lu changed: What|Removed |Added Status|REOPENED|NEW --- Comment #13 from H.J. Lu --- (In reply to H.J. Lu from comment #12) > I don't think we should issue a warning in this case: > > [hjl@gnu-cfl-1 ld]$ cat /tmp/x.s > .text > .globl main > main: > .nops 1 > .section.note.GNU-stack,"x",@progbits > [hjl@gnu-cfl-1 ld]$ gcc -c /tmp/x.s > [hjl@gnu-cfl-1 ld]$ ./ld-new -e main x.o > ./ld-new: warning: x.o: requires executable stack (because the > .note.GNU-stack section is executable) > [hjl@gnu-cfl-1 ld]$ Shouldn't compiler issue the warning instead? -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 H.J. Lu changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED |--- --- Comment #12 from H.J. Lu --- I don't think we should issue a warning in this case: [hjl@gnu-cfl-1 ld]$ cat /tmp/x.s .text .globl main main: .nops 1 .section.note.GNU-stack,"x",@progbits [hjl@gnu-cfl-1 ld]$ gcc -c /tmp/x.s [hjl@gnu-cfl-1 ld]$ ./ld-new -e main x.o ./ld-new: warning: x.o: requires executable stack (because the .note.GNU-stack section is executable) [hjl@gnu-cfl-1 ld]$ -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #11 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0d38576a34ec64a1b4500c9277a8e9d0f07e6774 commit 0d38576a34ec64a1b4500c9277a8e9d0f07e6774 Author: Nick Clifton Date: Mon Apr 25 12:51:31 2022 +0100 Emit a note warning the user that creating an executable stack because of a missing .note.GNU-stack section is deprecated. PR 29072 bfd * elflink.c (bfd_elf_size_dynamic_sections): Display a note to the user that the current ehaviour of creating an executable stack because of a missing .note.GNU-stack section is deprecated and will be changed in a future release. binutils* testsuite/lib/binutils-common.exp (prune_warnings_extra): Filter out notes about the executable stacjk behaviour beign deprecated. ld * testsuite/ld-elf/pr29072.b.warn: Update to include the note about the linker's behaviour being depreccated. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #10 from Nick Clifton --- (In reply to Fangrui Song from comment #9) > > These days we could probably change the default: we could probably say that > > if an object file does not have a .note.GNU-stack section, then it does not > > require an executable stack. I agree with the idea. I have posted a RFC to the binutils list to see if anyone objects to the proposed change: https://sourceware.org/pipermail/binutils/2022-April/120476.html -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Fangrui Song changed: What|Removed |Added CC||i at maskray dot me --- Comment #9 from Fangrui Song --- I think in 2022 we should consider this https://www.airs.com/blog/archives/518 > These days we could probably change the default: we could probably say that > if an object file does not have a .note.GNU-stack section, then it does not > require an executable stack. Only give an executable stack if -z execstack is specified. This is ld.lld's choice and (until one day ago mold's choice). Taking the address of a nested function is so rare that I am unsure having an on-demand state is useful. FWIW Clang doesn't supported GCC nested functions. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Nick Clifton changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED|RESOLVED --- Comment #8 from Nick Clifton --- Hi Guys, Right - I have applied a patch (also uploaded to this PR) which adds 3 new warnings to the linker: warning: : requires executable stack (because the .note.GNU-stack section is executable) warning: : missing .note.GNU-stack section implies executable stack warning: enabling an executable stack because of -z execstack command line option The first two are enabled by default, but the third one is only generated if the new --warn-execstack command line option is used. The first two can also be suppressed by using the --no-warn-execstack option. The wording and option names were chosen to be similar to the ones used/ generated by the GOLD linker. (Although GOLD does not generate the third type of warning message). Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #7 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=65daf5bed68f3e792e80f7c9a12871fd71da32a2 commit 65daf5bed68f3e792e80f7c9a12871fd71da32a2 Author: Nick Clifton Date: Wed Apr 20 13:37:51 2022 +0100 Add linker warning for when it creates an executable stack. PR 29072 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #6 from Nick Clifton --- Created attachment 14072 --> https://sourceware.org/bugzilla/attachment.cgi?id=14072&action=edit Proposed Patch -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Ian Lance Taylor changed: What|Removed |Added CC||ian at airs dot com --- Comment #5 from Ian Lance Taylor --- I want to mention that the gold linker supports a --warn-execstack (and --no-warn-execstack) option. It would be helpful if GNU ld used the same spelling. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #4 from Nick Clifton --- Working on a fix. It adds two new warnings to the linker: warning: enabling an executable stack because of an executable .note.GNU-stack section in and: warning: enabling an executable stack because does not have a .note.GNU-stack section Testing is taking longer than expected because that second warning is triggered by a lot of tests in the linker testsuite -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #3 from Rui Ueyama --- Right. Unless you know the default behavior of GNU ld, it is very hard to foresee that adding a benign assembler file to your project could make it significantly vulnerable to the traditional stack overflow attack. It can be used for the supply chain attack. If you can sneak in an assembly file, the last thing to create a remote vulnerability is to find a buffer overflow bug. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #2 from Andreas Schwab --- More often, it's the lack of the stack note in an assembler source that inadvertently makes the stack executable, on platforms where it is the default. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Assignee|unassigned at sourceware dot org |nickc at redhat dot com CC||nickc at redhat dot com Ever confirmed|0 |1 Last reconfirmed||2022-04-19 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #1 from Andreas Schwab --- Nested functions by itself don't require executable stacks, only when the address of such a function is passed outside its scope. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Martin Liska changed: What|Removed |Added CC||mliska at suse dot cz -- You are receiving this mail because: You are on the CC list for the bug.