[lld] r295938 - Update a comment about .note.GNU-stack.
Rui Ueyama via llvm-commits
llvm-commits at lists.llvm.org
Wed Feb 22 23:06:44 PST 2017
Author: ruiu
Date: Thu Feb 23 01:06:43 2017
New Revision: 295938
URL: http://llvm.org/viewvc/llvm-project?rev=295938&view=rev
Log:
Update a comment about .note.GNU-stack.
Modified:
lld/trunk/ELF/InputFiles.cpp
Modified: lld/trunk/ELF/InputFiles.cpp
URL: http://llvm.org/viewvc/llvm-project/lld/trunk/ELF/InputFiles.cpp?rev=295938&r1=295937&r2=295938&view=diff
==============================================================================
--- lld/trunk/ELF/InputFiles.cpp (original)
+++ lld/trunk/ELF/InputFiles.cpp Thu Feb 23 01:06:43 2017
@@ -414,10 +414,18 @@ elf::ObjectFile<ELFT>::createInputSectio
}
}
- // .note.GNU-stack is a marker section to control the presence of
- // PT_GNU_STACK segment in outputs. Since the presence of the segment
- // is controlled only by the command line option (-z execstack) in LLD,
- // .note.GNU-stack is ignored.
+ // The GNU linker uses .note.GNU-stack section as a marker indicating
+ // that the code in the object file does not expect that the stack is
+ // executable (in terms of NX bit). If all input files have the marker,
+ // the GNU linker adds a PT_GNU_STACK segment to tells the loader to
+ // make the stack non-executable.
+ //
+ // But making the stack non-executable is a norm today for security
+ // reasons (as of 2017). Failure to do so may result in a serious
+ // security issue. Therefore, LLD always adds PT_GNU_STACK unless it is
+ // explicitly told to do otherwise (by -z execstack). Because the stack
+ // executable-ness is controlled solely by command line options,
+ // .note.GNU-stack sections are simply ignored.
if (Name == ".note.GNU-stack")
return &InputSection<ELFT>::Discarded;
More information about the llvm-commits
mailing list