* [LTP] [PATCH] kvm: Fix stack access mode in KVM test ELF headers
@ 2022-06-01 14:16 Martin Doucha
2022-06-01 14:27 ` Petr Vorel
2022-06-02 8:35 ` Cyril Hrubis
0 siblings, 2 replies; 3+ messages in thread
From: Martin Doucha @ 2022-06-01 14:16 UTC (permalink / raw)
To: ltp; +Cc: Fabian Vogt
When the linker converts guest payload binary into a linkable resource
object file, it somehow defaults to requesting executable stack section
for the final test binary. This trips some build-time security checks
on newer systems. Add explicit linker option to make the stack
non-executable.
Suggested-by: Fabian Vogt <fvogt@suse.com>
Signed-off-by: Martin Doucha <mdoucha@suse.cz>
---
Build tests in GitHub Actions:
https://github.com/mdoucha/ltp/actions/runs/2422115463
testcases/kernel/kvm/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/testcases/kernel/kvm/Makefile b/testcases/kernel/kvm/Makefile
index 69a9946fe..adab56952 100644
--- a/testcases/kernel/kvm/Makefile
+++ b/testcases/kernel/kvm/Makefile
@@ -50,11 +50,11 @@ include $(top_srcdir)/include/mk/generic_leaf_target.mk
ifdef VERBOSE
$(CC) $(GUEST_CPPFLAGS) $(GUEST_CFLAGS) $(GUEST_LDFLAGS) -o $*-payload.elf $^ $(GUEST_LDLIBS)
objcopy -O binary -j .init.boot -j .text -j .data -j .init -j .preinit_array -j .init_array --gap-fill=0 $*-payload.elf $*-payload.bin
- ld -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin
+ ld -z noexecstack -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin
else
@$(CC) $(GUEST_CPPFLAGS) $(GUEST_CFLAGS) $(GUEST_LDFLAGS) -o $*-payload.elf $^ $(GUEST_LDLIBS)
@objcopy -O binary -j .init.boot -j .text -j .data -j .init -j .preinit_array -j .init_array --gap-fill=0 $*-payload.elf $*-payload.bin
- @ld -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin
+ @ld -z noexecstack -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin
@echo KVM_CC $(target_rel_dir)$@
endif
@rm $*-payload.elf $*-payload.bin
--
2.36.1
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [LTP] [PATCH] kvm: Fix stack access mode in KVM test ELF headers
2022-06-01 14:16 [LTP] [PATCH] kvm: Fix stack access mode in KVM test ELF headers Martin Doucha
@ 2022-06-01 14:27 ` Petr Vorel
2022-06-02 8:35 ` Cyril Hrubis
1 sibling, 0 replies; 3+ messages in thread
From: Petr Vorel @ 2022-06-01 14:27 UTC (permalink / raw)
To: Martin Doucha; +Cc: Fabian Vogt, ltp
Hi Martin, Fabian,
> When the linker converts guest payload binary into a linkable resource
> object file, it somehow defaults to requesting executable stack section
> for the final test binary. This trips some build-time security checks
> on newer systems. Add explicit linker option to make the stack
> non-executable.
LGTM, thanks!
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Kind regards,
Petr
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LTP] [PATCH] kvm: Fix stack access mode in KVM test ELF headers
2022-06-01 14:16 [LTP] [PATCH] kvm: Fix stack access mode in KVM test ELF headers Martin Doucha
2022-06-01 14:27 ` Petr Vorel
@ 2022-06-02 8:35 ` Cyril Hrubis
1 sibling, 0 replies; 3+ messages in thread
From: Cyril Hrubis @ 2022-06-02 8:35 UTC (permalink / raw)
To: Martin Doucha; +Cc: Fabian Vogt, ltp
Hi!
Pushed, thanks.
--
Cyril Hrubis
chrubis@suse.cz
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-06-02 8:33 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-06-01 14:16 [LTP] [PATCH] kvm: Fix stack access mode in KVM test ELF headers Martin Doucha
2022-06-01 14:27 ` Petr Vorel
2022-06-02 8:35 ` Cyril Hrubis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox