Question - intention of UCLIBC_BUILD_NOEXECSTACK?

[Anthony G. Basile]

On 08/25/14 01:04, Khem Raj wrote:
> On 14-08-25 15:41:17, bugs at andrewmcdonnell.net wrote:
>> On 2014-08-25 15:17, Khem Raj wrote:
>>> On 14-08-25 12:06:16, bugs at andrewmcdonnell.net wrote:
>>
>> <snipped>
>>
>>>>
>>>> I guess the gap in my knowledge is how uClibc, by only applying to
>>>> assembler
>>>> files, meets "marking all libraries and executables" when the GNU_STACK
>>>> flag
>>>> is missing from the ELF images? Note it has been a very long time since
>>>> I
>>>
>>> it wont. Can you patch UCLIBC_BUILD_NOEXECSTACK code to pass the linker
>>> option as well ?
>>
>> Yes, I did, that was how I confirmed the UCLIBC_BUILD_NOEXECSTACK option
>> seems to be ambiguously named.
>>
>> I have two alternative patches: either
>> (a) a patch that adds a new option UCLIBC_BUILD_NOEXECSTACK_ALL, to retain
>> meaning and backward compatibility of the existing config option,
>> (b) a patch that updates UCLIBC_BUILD_NOEXECSTACK to apply at the linker
>> stage
>
> (b) is what we need.
>
>>
>> I guess I was trying to find out if there was a reason things are the way
>> they are, prior to submitting one of my patches.
>>
>> --Andrew
>>
>> ---
>>
>> http://blog.oldcomputerjunk.net
> _______________________________________________
> uClibc mailing list
> uClibc at uclibc.org
> http://lists.busybox.net/mailman/listinfo/uclibc
>


I build hardened gentoo uclibc stages for amd64, i686, mips (mips32r2, 
and mipsel3), and arm (armv7a).  These have noexecstack and other 
hardened goodies.  Here are some links.

http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3-amd64-uclibc-hardened/

http://distfiles.gentoo.org/releases/x86/autobuilds/current-stage3-i686-uclibc-hardened/

http://distfiles.gentoo.org/experimental/mips/uclibc/

http://distfiles.gentoo.org/experimental/arm/uclibc/

https://wiki.gentoo.org/wiki/Project:Hardened_uClibc


-- 
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197