From c9f7a7998021e1cbe22a8ec325d43e2bdc3eff5a Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 1 May 2014 09:42:11 +0100
Subject: [PATCH] bin2s: Mark stack as non-executable.

Every object file linked to supermin has to be marked as having a
non-executable stack.  The object generated by bin2s was not being
marked this way, thus the final supermin binary ended up as having an
executable stack (wrongly).

Before this change:

$ execstack -q src/supermin
X src/supermin

After applying this patch and rebuilding:

$ execstack -q src/supermin
- src/supermin

See also:

http://gcc.gnu.org/ml/gcc-patches/2007-07/msg01155.html
https://wiki.gentoo.org/wiki/Project:Hardened/GNU_stack_quickstart
http://caml.inria.fr/mantis/print_bug_page.php?bug_id=4564
---
 src/bin2s.pl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/bin2s.pl b/src/bin2s.pl
index 2c78b5e..1b1c253 100755
--- a/src/bin2s.pl
+++ b/src/bin2s.pl
@@ -18,6 +18,10 @@ open my $ofh, '>', $outfile or die "open $outfile: $!";
 print $ofh <<"EOF";
 /* This file has been automatically generated from $infile by $0 */
 
+/* Mark stack as non-executable for GNU tools. */
+\t.section .note.GNU-stack,"",%progbits
+\t.previous
+
 \t.globl\t_binary_${infile}_start
 \t.globl\t_binary_${infile}_end
 \t.globl\t_binary_${infile}_size
-- 
1.9.0