On Wed, 2022-01-26 at 14:39 +1300, Paul Eggleton wrote:
I've been looking into a couple of compiler flags for hardening that I think we
might want to consider enabling by default in security-flags.inc:
This option was introduced to gcc 8.x and provides protection against the
stack clash vulnerability:
It has been enabled in some Linux distributions already (e.g. Ubuntu, Fedora).
2) -z noexecstack (or alternative mitigations)
gcc will enable an executable stack under a few different circumstances - see
here for details
I've written a check that we could add to insane.bbclass that warns/errors on
binaries with an executable stack. Does this seem reasonable to have?
The other possibility is we add -Wl,-z,noexecstack to LDFLAGS and then see
what breaks, but unfortunately issues are likely only going to show up when
the program crashes at runtime, and also it will stop the aforementioned check
These seem like reasonable things to do, are there any downsides to them?
I'd be happy to test some patches, see if they do cause issues...