Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
Control: severity -1 important On Sat, 23 Jul 2022 18:04:43 +0200 Jan Kiszka wrote: Upstream patch proposal sent: https://sourceforge.net/p/gnu-efi/mailman/message/37684742/ Thanks for that, Jan. Seems your patch was rejected unfortunately. I couldn't quite follow the reasoning of the rejection, but it's definitely possible that I'm missing the finer details. That said, since systemd now works around that build failure, I'm downgrading this issue to non-RC. Michael OpenPGP_signature Description: OpenPGP digital signature
Processed: Re: Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
Processing control commands: > severity -1 important Bug #1013341 [gnu-efi] /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack Severity set to 'important' from 'serious' -- 1013341: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013341 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
Upstream patch proposal sent: https://sourceforge.net/p/gnu-efi/mailman/message/37684742/
Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
Note that there is also the upstream ticket https://sourceforge.net/p/gnu-efi/bugs/28/. I'm not sure why EFI stacks would need to be executable. The better solution should be resolving that upstream and meanwhile carrying a gnu-efi patch. This does not only affect systemd-boot.
Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
On Wed, Jun 22, 2022 at 12:47:34PM +0200, Michael Biebl wrote: > >Am 22.06.22 um 11:49 schrieb Julien Cristau: >> On Wed, Jun 22, 2022 at 10:50:48AM +0200, Michael Biebl wrote: > >> > Marking as RC, as it causes a FTBFS >> > >> Not using -Wl,--fatal-warnings might be a workaround for systemd until >> gnu-efi fixes this? > >Yeah, I'll probably add a workaround like > > >diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build >index 52e2a71a7c..18311ede25 100644 >--- a/src/boot/efi/meson.build >+++ b/src/boot/efi/meson.build >@@ -251,6 +251,8 @@ efi_ldflags = [ > '-L', efi_libdir, > '-nostdlib', > '-T', efi_lds, >+'-Wl,--no-warn-execstack', >+'-Wl,--no-warn-rwx-segments', > '-Wl,--build-id=sha1', > '-Wl,--fatal-warnings', > '-Wl,--no-undefined', > >to systemd for the time being. ACK, that's probably your best bet for now. The EFI toolchain has quite special needs here yet... -- Steve McIntyre, Cambridge, UK.st...@einval.com "You can't barbecue lettuce!" -- Ellie Crane
Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
Am 22.06.22 um 11:49 schrieb Julien Cristau: On Wed, Jun 22, 2022 at 10:50:48AM +0200, Michael Biebl wrote: Marking as RC, as it causes a FTBFS Not using -Wl,--fatal-warnings might be a workaround for systemd until gnu-efi fixes this? Yeah, I'll probably add a workaround like diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build index 52e2a71a7c..18311ede25 100644 --- a/src/boot/efi/meson.build +++ b/src/boot/efi/meson.build @@ -251,6 +251,8 @@ efi_ldflags = [ '-L', efi_libdir, '-nostdlib', '-T', efi_lds, +'-Wl,--no-warn-execstack', +'-Wl,--no-warn-rwx-segments', '-Wl,--build-id=sha1', '-Wl,--fatal-warnings', '-Wl,--no-undefined', to systemd for the time being. OpenPGP_signature Description: OpenPGP digital signature
Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
On Wed, Jun 22, 2022 at 10:50:48AM +0200, Michael Biebl wrote: > Package: gnu-efi > Version: 3.0.13+git20210716.269ef9d-2 > Severity: serious > Forwarded: https://sourceforge.net/p/gnu-efi/bugs/28/ > > Hi, > > since the latest update of binutils to 2.38.50.20220615, > the systemd source package fails to build: > > ``` > $ ninja -C build/ > ninja: Entering directory `build/' > [72/2108] Generating src/boot/efi/linuxx64.elf.stub with a custom command > FAILED: src/boot/efi/linuxx64.elf.stub > /usr/bin/cc -o src/boot/efi/linuxx64.elf.stub -DGNU_EFI_USE_MS_ABI -DSD_BOOT > -ffreestanding -fshort-wchar -fvisibility=hidden -I > /home/michael/git/systemd/src/fundamental -I > /home/michael/git/systemd/src/boot/efi -include src/boot/efi/efi_config.h > -include version.h -isystem /usr/include/efi/x86_64 -isystem /usr/include/efi > -std=gnu11 -Wall -Wextra -Wno-format-signedness > -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time > -Wendif-labels -Werror=format=2 -Werror=implicit-function-declaration > -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow > -Werror=override-init -Werror=return-type -Werror=shift-count-overflow > -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 > -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn > -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls > -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn > -Wunused-function -Wwrite-strings -Wno-unused-result -fno-stack-protector > -fno-strict-aliasing -fpic -fwide-exec-charset=UCS2 -mno-red-zone -mno-sse > -mno-mmx -ggdb -DEFI_DEBUG -fuse-ld=bfd -L /usr/lib -nostdlib -T > /usr/lib/elf_x86_64_efi.lds -Wl,--build-id=sha1 -Wl,--fatal-warnings > -Wl,--no-undefined -Wl,--warn-common -Wl,-Bsymbolic -z nocombreloc > /usr/lib/crt0-efi-x86_64.o -pie -Wl,--no-dynamic-linker > src/boot/efi/bootspec-fundamental.c.o src/boot/efi/efivars-fundamental.c.o > src/boot/efi/sha256.c.o src/boot/efi/string-util-fundamental.c.o > src/boot/efi/assert.c.o src/boot/efi/devicetree.c.o src/boot/efi/disk.c.o > src/boot/efi/efi-string.c.o src/boot/efi/graphics.c.o src/boot/efi/initrd.c.o > src/boot/efi/measure.c.o src/boot/efi/pe.c.o src/boot/efi/secure-boot.c.o > src/boot/efi/ticks.c.o src/boot/efi/util.c.o src/boot/efi/cpio.c.o > src/boot/efi/splash.c.o src/boot/efi/stub.c.o src/boot/efi/linux_x86.c.o > -lefi -lgnuefi -lgcc > /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack > section implies executable stack > /usr/bin/ld.bfd: NOTE: This behaviour is deprecated and will be removed in a > future version of the linker > collect2: error: ld returned 1 exit status > [77/2108] Generating catalog/systemd.ru.catalog with a custom command > (wrapped by meson to capture output) > ninja: build stopped: subcommand failed. > ``` > > I originally raised this at systemd upstream [1], but it was mentioned > there, that this might actually be a gnu-efi issue. > [1] also contains links to the relevant changes in binutils which now > trigger this warning. > > Marking as RC, as it causes a FTBFS > Not using -Wl,--fatal-warnings might be a workaround for systemd until gnu-efi fixes this? Cheers, Julien
Bug#1013341: /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
Package: gnu-efi Version: 3.0.13+git20210716.269ef9d-2 Severity: serious Forwarded: https://sourceforge.net/p/gnu-efi/bugs/28/ Hi, since the latest update of binutils to 2.38.50.20220615, the systemd source package fails to build: ``` $ ninja -C build/ ninja: Entering directory `build/' [72/2108] Generating src/boot/efi/linuxx64.elf.stub with a custom command FAILED: src/boot/efi/linuxx64.elf.stub /usr/bin/cc -o src/boot/efi/linuxx64.elf.stub -DGNU_EFI_USE_MS_ABI -DSD_BOOT -ffreestanding -fshort-wchar -fvisibility=hidden -I /home/michael/git/systemd/src/fundamental -I /home/michael/git/systemd/src/boot/efi -include src/boot/efi/efi_config.h -include version.h -isystem /usr/include/efi/x86_64 -isystem /usr/include/efi -std=gnu11 -Wall -Wextra -Wno-format-signedness -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time -Wendif-labels -Werror=format=2 -Werror=implicit-function-declaration -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow -Werror=override-init -Werror=return-type -Werror=shift-count-overflow -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn -Wunused-function -Wwrite-strings -Wno-unused-result -fno-stack-protector -fno-strict-aliasing -fpic -fwide-exec-charset=UCS2 -mno-red-zone -mno-sse -mno-mmx -ggdb -DEFI_DEBUG -fuse-ld=bfd -L /usr/lib -nostdlib -T /usr/lib/elf_x86_64_efi.lds -Wl,--build-id=sha1 -Wl,--fatal-warnings -Wl,--no-undefined -Wl,--warn-common -Wl,-Bsymbolic -z nocombreloc /usr/lib/crt0-efi-x86_64.o -pie -Wl,--no-dynamic-linker src/boot/efi/bootspec-fundamental.c.o src/boot/efi/efivars-fundamental.c.o src/boot/efi/sha256.c.o src/boot/efi/string-util-fundamental.c.o src/boot/efi/assert.c.o src/boot/efi/devicetree.c.o src/boot/efi/disk.c.o src/boot/efi/efi-string.c.o src/boot/efi/graphics.c.o src/boot/efi/initrd.c.o src/boot/efi/measure.c.o src/boot/efi/pe.c.o src/boot/efi/secure-boot.c.o src/boot/efi/ticks.c.o src/boot/efi/util.c.o src/boot/efi/cpio.c.o src/boot/efi/splash.c.o src/boot/efi/stub.c.o src/boot/efi/linux_x86.c.o -lefi -lgnuefi -lgcc /usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack /usr/bin/ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker collect2: error: ld returned 1 exit status [77/2108] Generating catalog/systemd.ru.catalog with a custom command (wrapped by meson to capture output) ninja: build stopped: subcommand failed. ``` I originally raised this at systemd upstream [1], but it was mentioned there, that this might actually be a gnu-efi issue. [1] also contains links to the relevant changes in binutils which now trigger this warning. Marking as RC, as it causes a FTBFS Regards, Michael [1] https://github.com/systemd/systemd/issues/23789 -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (200, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.18.0-2-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -- no debconf information