diff options
| author |   Florian Weimer <fweimer@redhat.com> | 2020-03-02 14:24:27 +0100 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2020-03-02 14:25:20 +0100 |
| commit | 0499a353a6e196f468e7ec554cb13c82011f0e36 (patch) | |
| tree | 581108932370bf01836d379db99bafc4330e3cf7 /sysdeps/unix | |
| parent | i386: Use comdat instead of .gnu.linkonce for i386 setup pic register (BZ #20... (diff) | |
| download | glibc-0499a353a6e196f468e7ec554cb13c82011f0e36.tar.gz glibc-0499a353a6e196f468e7ec554cb13c82011f0e36.tar.bz2 glibc-0499a353a6e196f468e7ec554cb13c82011f0e36.zip | |
elf: Add elf/check-wx-segment, a test for the presence of WX segments
Writable, executable segments defeat security hardening. The
existing check for DT_TEXTREL does not catch this.
hppa and SPARC currently keep the PLT in an RWX load segment.
Diffstat (limited to 'sysdeps/unix')
| -rw-r--r-- | sysdeps/unix/sysv/linux/hppa/Makefile | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/sysdeps/unix/sysv/linux/hppa/Makefile b/sysdeps/unix/sysv/linux/hppa/Makefile index e1637f54f5..c89ec83182 100644 --- a/sysdeps/unix/sysv/linux/hppa/Makefile +++ b/sysdeps/unix/sysv/linux/hppa/Makefile @@ -3,9 +3,14 @@ ifeq ($(subdir),stdlib) gen-as-const-headers += ucontext_i.sym endif +ifeq ($(subdir),elf) # Supporting non-executable stacks on HPPA requires changes to both # the Linux kernel and glibc. The kernel currently needs an executable # stack for syscall restarts and signal returns. -ifeq ($(subdir),elf) test-xfail-check-execstack = yes -endif + +# On hppa, the PLT is executable because it contains an executable +# trampoline used during lazy binding. +test-xfail-check-wx-segment = * + +endif # $(subdir) == elf |