On Wed, Dec 12, 2018 at 10:04:11PM +0000, Wilco Dijkstra wrote: > Hi Martin, > > > Does a non-executable stack actually improve security? > > Absolutely, it's like closing your front door rather than just leave it open > for anyone.
On many Linux systems, if you use trampolines anywhere then the whole stack will be mapped executable during the whole lifetime of the process. *That* is not so good, of course. But there is nothing wrong with having some executable code on the stack, in principle. > > For the alternative implementation using (custom) function > > descriptors (-fno-trampolines) the static chain becomes > > part of the ABI or not? > > I've not seen such an alternative implementation (-fno-trampolines is > ignored on all targets I tried), but it wouldn't affect the ABI since you can > only take the address of a nested function when you're the parent function. Also if you are in a (later) sibling: === void *p; void f(void) { void g(void) { } void h(void) { p = g; } h(); } === Segher