Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp19182rwb; Wed, 10 Aug 2022 18:20:37 -0700 (PDT) X-Google-Smtp-Source: AA6agR7kOnPc+irtoxMH2UrIk8CjcP/i/MLlScNuOyrkfevbemGCzMizKxcdDaqC4ICq5vUmw+KZ X-Received: by 2002:a17:906:93fa:b0:731:a80:2444 with SMTP id yl26-20020a17090693fa00b007310a802444mr18435631ejb.121.1660180837319; Wed, 10 Aug 2022 18:20:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660180837; cv=none; d=google.com; s=arc-20160816; b=rZKMGtPuH36VRT3iC+00u9I7/Hw8dH5lLg1U+qJSVd7PWI7pJ+Tlnngb4sflE4gSLa 1PVa3Hk4O2k4j/OMmt48n3R6MNfKJ6whjTE0mHXHc7//eNhaZgKkieSdm5lNZyoJYzIE BokTHzQr8weB6nNVhYT1+Etr0uViBeVySt778/lmc82ZQMUdhUDAZIZgt7bRIVFLSbuB q0t9jd6DzD51yO1C3JHZoILzsNjOw4v/nxYKrwG5Yy2KaRo0Y8N0t61edNq/w7ntwDXJ L6QgQDMJGHxck/NJEzrPg5MSrgLktncju5SxySUFB7uMz+hNNFcCflScqrDdmq4k5NJv y+rA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=qhmWZeCsJqnoVO/4I2HwU7vBh5Ud9ehabi2slZ+OMXA=; b=VYxhrLtv+OUhCt0cN6GL/j6B6ZcFZ5Tk/Judgyr0yW1gySZLQSdXlAUGHxzwquVWUY BgPiax37kYcgO8nByCk1Z11jnrpTDEUzqwGwEVsoyR5HU3ZkAXq68KkCaD0MV1HhpR4e lx8n7oMYhq4gFc5M1b34n/5kpR7seWXYGNSSjDWhLFoIez1I2HZZSpiiGrDjDTgX/0Ia rXNVn4IlS4Qm3PnYDXzwduR9qAzrBlKb1R1uq1vlJzcf3PH0qELMx+nDhubh8SoeMob6 eIsg3k8+i+YIq5kWoi8b4F/CeRC7VGCONDU5InYxaN8Nv1ry2WNIaj3/qT3+mXFKj1xL geYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel-dk.20210112.gappssmtp.com header.s=20210112 header.b="czd/vDTV"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z6-20020a056402274600b0043e1c8b6187si17050546edd.1.2022.08.10.18.20.09; Wed, 10 Aug 2022 18:20:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel-dk.20210112.gappssmtp.com header.s=20210112 header.b="czd/vDTV"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233340AbiHKBGF (ORCPT + 99 others); Wed, 10 Aug 2022 21:06:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44682 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229488AbiHKBGE (ORCPT ); Wed, 10 Aug 2022 21:06:04 -0400 Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5FA57647D6 for ; Wed, 10 Aug 2022 18:06:03 -0700 (PDT) Received: by mail-pg1-x531.google.com with SMTP id d7so15798506pgc.13 for ; Wed, 10 Aug 2022 18:06:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel-dk.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc; bh=qhmWZeCsJqnoVO/4I2HwU7vBh5Ud9ehabi2slZ+OMXA=; b=czd/vDTVvda6KZUe547hGPrqW6j/oPibFGcMv5Ju4naIyPN5+WftwBAOtO9knYBBvo I5jB4g+nnPGq1BrTyADevnOrvpxnlDOQwwBr0y0qd4UJ841eTsaMKn+U/YngqEf7dag7 2ysKxAxO39BeBxMmX2SDLCWW+W9IMI1xkYxmeVtVgB1G1lOfLhbfrieLeJ6UaEZtmiuE f+ncNwpfIdjC7eg8teK07EcvvYtCQRukL9N/pGJjV2Vrio4Cp8qTaaRVmpbqxwgHe4Qj 4SvG0SU8U1wbD+CA82/DHrJGSUqGyhKOJ+kMtCsAkh++lu6kG7RSjq50jiYw1ORm3ugE Vc0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc; bh=qhmWZeCsJqnoVO/4I2HwU7vBh5Ud9ehabi2slZ+OMXA=; b=iCWXGKPllfDb7xaLTfiTI6F4QISFcF5xaT2im5uo1/lnui2Ma6YNxltkz5BQ7j3y8U QPsvwLNKvaPPPXyZjVUatjkdvy5jguaVfKZGquN46Kn6j8xlCGIuI3BZunlwOhFbwaIw k7NSDBR4rnpRasKHQ5R+huGpWbw7FqtW9J/pqXORT4mI+qXdOlIR3c0BGzB9+LfHykV6 TudB2hkOWmkH3fU67aZyax13awQn8N31CSMwwg3ASBWZT9ZXR9/M7y/NZB0IyWmChkTI rpg/HUEWSglBQ06CVzuJAErCfU2BXBMIuImAoBEKlWizO/AEDDxmil65l9w3F7wY2C1H iWBQ== X-Gm-Message-State: ACgBeo3vQx0oYFyyhGwQHZA/96bPsaGFdD2pHfKYmrqn+nQEvP6bcfB6 DYrHB4T6N/tK5CcpDoyCQQGq7g== X-Received: by 2002:a63:6642:0:b0:41b:51af:63d with SMTP id a63-20020a636642000000b0041b51af063dmr25089583pgc.358.1660179962852; Wed, 10 Aug 2022 18:06:02 -0700 (PDT) Received: from [192.168.1.100] ([198.8.77.157]) by smtp.gmail.com with ESMTPSA id j4-20020a170903028400b0016ed20eacd2sm13484492plr.150.2022.08.10.18.06.01 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 10 Aug 2022 18:06:02 -0700 (PDT) Message-ID: Date: Wed, 10 Aug 2022 19:06:00 -0600 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux aarch64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0 Subject: Re: [PATCH v2 0/2] link with -z noexecstack --no-warn-rwx-segments Content-Language: en-US To: Nick Desaulniers , Masahiro Yamada , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen Cc: Fangrui Song , Linus Torvalds , Nick Clifton , brijesh.singh@amd.com, hpa@zytor.com, kirill.shutemov@linux.intel.com, linux-kernel@vger.kernel.org, llvm@lists.linux.dev, michael.roth@amd.com, n.schier@avm.de, nathan@kernel.org, sathyanarayanan.kuppuswamy@linux.intel.com, trix@redhat.com, x86@kernel.org References: <20220809013653.xtmeekefwkbo46vk@google.com> <20220810222442.2296651-1-ndesaulniers@google.com> <20220810222442.2296651-3-ndesaulniers@google.com> From: Jens Axboe In-Reply-To: <20220810222442.2296651-3-ndesaulniers@google.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 8/10/22 4:24 PM, Nick Desaulniers wrote: > Users of GNU ld (BFD) from binutils 2.39+ will observe multiple > instances of a new warning when linking kernels in the form: > > ld: warning: vmlinux: missing .note.GNU-stack > section implies executable stack > ld: NOTE: This behaviour is deprecated and will be removed in a future > version of the linker > ld: warning: vmlinux has a LOAD segment with RWX permissions > > Generally, we would like to avoid the stack being executable. Because > there could be a need for the stack to be executable, assembler sources > have to opt-in to this security feature via explicit creation of the > .note.GNU-stack feature (which compilers create by default) or command > line flag --noexecstack. Or we can simply tell the linker the production > of such sections is irrelevant and to link the stack as --noexecstack. > > LLVM's LLD linker defaults to -z noexecstack, so this flag isn't > strictly necessary when linking with LLD, only BFD, but it doesn't hurt > to be explicit here for all linkers IMO. --no-warn-rwx-segments is > currently BFD specific and only available in the current latest release, > so it's wrapped in an ld-option check. > > While the kernel makes extensive usage of ELF sections, it doesn't use > permissions from ELF segments. > > Broken up into 2 patches; one for the top level vmlinux, one x86 > specific since a few places in the x86 build reset KBUILD_LDFLAGS. For x86-64: Tested-by: Jens Axboe -- Jens Axboe