On 08/25/14 01:04, Khem Raj wrote:
On 14-08-25 15:41:17, [email protected] wrote:
On 2014-08-25 15:17, Khem Raj wrote:
On 14-08-25 12:06:16, [email protected] wrote:
<snipped>
I guess the gap in my knowledge is how uClibc, by only applying to
assembler
files, meets "marking all libraries and executables" when the GNU_STACK
flag
is missing from the ELF images? Note it has been a very long time since
I
it wont. Can you patch UCLIBC_BUILD_NOEXECSTACK code to pass the linker
option as well ?
Yes, I did, that was how I confirmed the UCLIBC_BUILD_NOEXECSTACK option
seems to be ambiguously named.
I have two alternative patches: either
(a) a patch that adds a new option UCLIBC_BUILD_NOEXECSTACK_ALL, to retain
meaning and backward compatibility of the existing config option,
(b) a patch that updates UCLIBC_BUILD_NOEXECSTACK to apply at the linker
stage
(b) is what we need.
I guess I was trying to find out if there was a reason things are the way
they are, prior to submitting one of my patches.
--Andrew
---
http://blog.oldcomputerjunk.net
_______________________________________________
uClibc mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/uclibc
I build hardened gentoo uclibc stages for amd64, i686, mips (mips32r2,
and mipsel3), and arm (armv7a). These have noexecstack and other
hardened goodies. Here are some links.
http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3-amd64-uclibc-hardened/
http://distfiles.gentoo.org/releases/x86/autobuilds/current-stage3-i686-uclibc-hardened/
http://distfiles.gentoo.org/experimental/mips/uclibc/
http://distfiles.gentoo.org/experimental/arm/uclibc/
https://wiki.gentoo.org/wiki/Project:Hardened_uClibc
--
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197
_______________________________________________
uClibc mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/uclibc
