Add linker error/warning messages for executable stacks and RWX segments.

Resolves: RHEL-59801 Resolves: RHEL-59802
2024-10-07 15:07:13 +01:00 · 2024-10-07 15:07:13 +01:00 · a040dcc13a
commit a040dcc13a
parent ae2ae5459a
1 changed files with 38 additions and 1 deletions
--- a/binutils.spec
+++ b/binutils.spec
@ -2,7 +2,7 @@
 Summary: A GNU collection of binary utilities
 Name: binutils%{?_with_debug:-debug}
 Version: 2.35.2
-Release: 54%{?dist}
+Release: 55%{?dist}
 License: GPLv3+
 URL: https://sourceware.org/binutils

@ -34,6 +34,17 @@ URL: https://sourceware.org/binutils
 # Default is off because of BZ 1195883.
 %define enable_deterministic_archives 0

+# Generate a warning when linking creates an executable stack
+%define warn_for_executable_stacks 1
+
+# Generate a warning when linking creates a segment with read, write and execute permissions
+%define warn_for_rwx_segments 1
+
+# Turn the above warnings into errors.
+# Only effective if the warnings are enabled.
+%define error_for_executable_stacks 1
+%define error_for_rwx_segments 1
+
 # Enable support for GCC LTO compilation.
 # Disable if it is necessary to work around bugs in LTO.
 %define enable_lto 1
@ -465,6 +476,10 @@ Patch71: binutils-relro.patch
 # Lifetime: Fixed in 2.44
 Patch72: binutils-relro-padding.patch

+# Purpose:  Add linker warning/error messages for RWX segments and executable stacks.
+# Lifetime: Fixed in 2.41
+Patch73: binutils-rwx-seg-execstack-err-warn.patch
+
 #----------------------------------------------------------------------------

 Provides: bundled(libiberty)
@ -742,6 +757,25 @@ set_build_configuration()
    CARGS="$CARGS --enable-deterministic-archives=no"
 %endif

+%if %{warn_for_executable_stacks}
+    CARGS="$CARGS --enable-warn-execstack=yes"
+    CARGS="$CARGS --enable-default-execstack=no"
+%if %{error_for_executable_stacks}
+    CARGS="$CARGS --enable-error-execstack=yes"
+%endif
+%else
+    CARGS="$CARGS --enable-warn-execstack=no"
+%endif
+
+%if %{warn_for_rwx_segments}
+    CARGS="$CARGS --enable-warn-rwx-segments=yes"
+%if %{error_for_rwx_segments}
+    CARGS="$CARGS --enable-error-rwx-segments=yes"
+%endif
+%else
+    CARGS="$CARGS --enable-warn-rwx-segments=no"
+%endif
+
 %if %{enable_lto}
    CARGS="$CARGS --enable-lto"
 %endif
@ -1305,6 +1339,9 @@ exit 0

 #----------------------------------------------------------------------------
 %changelog
+* Tue Oct 01 2024 Nick Clifton  <nickc@redhat.com> - 2.35.2-55
+- Add linker error/warning messages for executable stacks and RWX segments.  (RHEL-59801, RHEL-59802)
+
 * Wed Aug 14 2024 Nick Clifton  <nickc@redhat.com> - 2.35.2-54
 - Re fix AArch64 EFI test after applying previous delta.  (RHEL-39953)