Linux + Clang + execstack
David Holmes
david.holmes at oracle.com
Mon Aug 20 23:18:05 UTC 2018
Hi Arthur,
cc'ing build-dev as this is currently a build issue.
On 21/08/2018 3:11 AM, Arthur Eubanks wrote:
> Hi,
>
> At Google we're trying to build hotspot on Linux with clang. One thing that
> happens is that the resulting libjvm.so is stack executable. When running
> hotspot we get warnings about the stack being executable.
>
> Compiling an assembly file into the final .so results in the stack being
> executable. In this case the file is linux_x86_64.s. This doesn't happen
> with gcc because "-Wl,-z,noexecstack" is passed as a hotspot linker flag
> with gcc in flags-ldflags.m4. When using clang that linker flag isn't
> passed.
>
> Doing something like the solution in
> https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks
> fixes the problem without the use of linker flags.
You mean the source code directives for the linker?
I think I prefer to see this handled explicitly in the build as is
currently done. Can we just adjust ./make/autoconf/flags-ldflags.m4 to
pass the linker flags for gcc and clang?
> The jtreg test test/hotspot/jtreg/runtime/execstack/TestCheckJDK.java
> checks for the stack being executable.
>
> Any thoughts? If there are no objections, I can propose a patch that works
> for both gcc and clang on Linux. Also, I'm not sure how/if macOS handles
> this problem given that it uses clang.
We don't seem to handle it at all on OS X. Does OS X prevent executable
stacks itself?
David
More information about the build-dev
mailing list