kexec: ppc exec stack fix
Dave Young
dyoung at redhat.com
Sun Dec 9 22:07:32 EST 2012
execstack shows ppc kexec has an executable stack,
this leaves it vulnerable to buffer overflows.
Fix it by adding ASFLAGS --noexecstack
Tested on PowerMac G4 Macmini:
Without the patch:
dave at darkstar:~/kexec-tools$ execstack build/sbin/kexec
X build/sbin/kexec
With the patch:
dave at darkstar:~/kexec-tools$ execstack build/sbin/kexec
- build/sbin/kexec
Signed-off-by: Dave Young <dyoung at redhat.com>
---
kexec/arch/ppc/Makefile | 2 ++
1 file changed, 2 insertions(+)
--- kexec-tools.orig/kexec/arch/ppc/Makefile 2011-11-08 20:52:43.000000000 +0800
+++ kexec-tools/kexec/arch/ppc/Makefile 2012-12-10 10:52:56.000000000 +0800
@@ -23,6 +23,8 @@ CPPFLAGS+=-I$(srcdir)/kexec/arch/$(ARCH)
ppc_KEXEC_SRCS += $(libfdt_SRCS)
+ASFLAGS += -Wa,--noexecstack
+
dist += kexec/arch/ppc/Makefile $(ppc_KEXEC_SRCS) \
kexec/arch/ppc/crashdump-powerpc.h kexec/arch/ppc/fixup_dtb.h \
kexec/arch/ppc/kexec-ppc.h kexec/arch/ppc/ops.h \
More information about the kexec
mailing list