Date: Thu, 17 Apr 2025 18:07:23 -0600 From: Warner Losh <imp@bsdimp.com> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: Warner Losh <imp@freebsd.org>, src-committers <src-committers@freebsd.org>, "<dev-commits-src-all@freebsd.org>" <dev-commits-src-all@freebsd.org>, "<dev-commits-src-main@freebsd.org>" <dev-commits-src-main@freebsd.org> Subject: Re: git: 58c99df2196c - main - kboot: .note.GNU-stack is needed Message-ID: <CANCZdfrnsU9_yzL0ueQtV332UoqDjb_rNFLoKcb0%2Bm7-6BR8hg@mail.gmail.com> In-Reply-To: <3xjl6lsx2v6psvxfqeweu36wg5zdom5ew3xktvjj4a7tj7gjfe@hm2wxhn3ne4c> References: <202504172159.53HLx828002496@gitrepo.freebsd.org> <3xjl6lsx2v6psvxfqeweu36wg5zdom5ew3xktvjj4a7tj7gjfe@hm2wxhn3ne4c>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Thu, Apr 17, 2025, 4:26 PM Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > On Thu, Apr 17, 2025 at 09:59:08PM +0000, Warner Losh wrote: > > The branch main has been updated by imp: > > > > URL: > https://cgit.FreeBSD.org/src/commit/?id=58c99df2196c5564a6922dcfe4d03387cebdd10c > > > > commit 58c99df2196c5564a6922dcfe4d03387cebdd10c > > Author: Warner Losh <imp@FreeBSD.org> > > AuthorDate: 2025-04-17 04:03:26 +0000 > > Commit: Warner Losh <imp@FreeBSD.org> > > CommitDate: 2025-04-17 21:56:45 +0000 > > > > kboot: .note.GNU-stack is needed > > > > Add '.section .note.GNU-stack,"",%progbits' to all assembler. Newer > > versions of clang complain when this isn't present because executable > > stacks are going away in the future. We don't need an executable > stack > > anyway. > > Just a little data point: HardenedBSD has lived without the ability to > mark the stack as executable for nearly a decade now. I'm pretty sure > it should be safe for FreeBSD to remove support for it as well, at > least for amd64, arm64, and likely also riscv. The only outlier might > be i386, but that no longer enjoys Tier 1 status on FreeBSD. > This code is for a linux binary. And i just added these to avoid new warnings. Warner Thanks, > > -- > Shawn Webb > Cofounder / Security Engineer > HardenedBSD > > Signal Username: shawn_webb.74 > Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 > > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc > [-- Attachment #2 --] <div dir="auto"><div><br><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Thu, Apr 17, 2025, 4:26 PM Shawn Webb <<a href="mailto:shawn.webb@hardenedbsd.org">shawn.webb@hardenedbsd.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Thu, Apr 17, 2025 at 09:59:08PM +0000, Warner Losh wrote:<br> > The branch main has been updated by imp:<br> > <br> > URL: <a href="https://cgit.FreeBSD.org/src/commit/?id=58c99df2196c5564a6922dcfe4d03387cebdd10c" rel="noreferrer noreferrer" target="_blank">https://cgit.FreeBSD.org/src/commit/?id=58c99df2196c5564a6922dcfe4d03387cebdd10c</a><br>; > <br> > commit 58c99df2196c5564a6922dcfe4d03387cebdd10c<br> > Author: Warner Losh <imp@FreeBSD.org><br> > AuthorDate: 2025-04-17 04:03:26 +0000<br> > Commit: Warner Losh <imp@FreeBSD.org><br> > CommitDate: 2025-04-17 21:56:45 +0000<br> > <br> > kboot: .note.GNU-stack is needed<br> > <br> > Add '.section .note.GNU-stack,"",%progbits' to all assembler. Newer<br> > versions of clang complain when this isn't present because executable<br> > stacks are going away in the future. We don't need an executable stack<br> > anyway.<br> <br> Just a little data point: HardenedBSD has lived without the ability to<br> mark the stack as executable for nearly a decade now. I'm pretty sure<br> it should be safe for FreeBSD to remove support for it as well, at<br> least for amd64, arm64, and likely also riscv. The only outlier might<br> be i386, but that no longer enjoys Tier 1 status on FreeBSD.<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">This code is for a linux binary. And i just added these to avoid new warnings.</div><div dir="auto"><br></div><div dir="auto">Warner</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote gmail_quote_container"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Thanks,<br> <br> -- <br> Shawn Webb<br> Cofounder / Security Engineer<br> HardenedBSD<br> <br> Signal Username: shawn_webb.74<br> Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50<br> <a href="https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc" rel="noreferrer noreferrer" target="_blank">https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc</a><br>; </blockquote></div></div></div>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfrnsU9_yzL0ueQtV332UoqDjb_rNFLoKcb0%2Bm7-6BR8hg>