>1) I think I misunderstood how the kernel warning works. It may only
>apply to images that the kernel execve() itself directly rather than
>to any execve() syscall.
Looks like it. Otherwise, I would have seen zillions of warning
messages
in my kernel logs, with all the executable-stack binaries I have
apparently been running. XD
>2) Simply compiling a Hello World program with gcc without any option
>and linked with musl libc produces an executable with a non-executable
>stack by default.
> (...)
>
>So it seems there is something in one of the skalibs that tells the
>linker to mark the stack as executable. I wish I could tell you what,
>but that is beyond my expertise.
I double-checked all the objects in skalibs, and none of them require
an executable stack.
But when creating libskarnet.so without "-Wl,-z,noexecstack", the
resulting shared library is marked E stack. I suppose that if you link a
binary against that shared library, it will be marked E stack as well.
My toolchain also creates E stack binaries by default, no matter
whether they're static or dynamic. It may be that my build of musl is
bad.
I am not interested enough in the details of what happens at the ld
level to try and figure out if there's *something* that causes it to
mark E stack when it should not; it requires spending much more
quality time with binutils than I am comfortable with. All I know is
that none of the object files in my software needs E stack, and
bullying ld into doing the right thing works, so I'm content with that
solution.
--
Laurent
Received on Thu Apr 08 2021 - 19:57:01 UTC