executable stack in libgcrypt

Axel Thimm Axel.Thimm at ATrpms.net
Sun Jul 2 00:41:17 CEST 2006


libgcrypt with asm marks the object and library as requiring
executable stack. On systems with enforced selinux policy this breaks
w/o special rules. Therefore some distributions (for instance Fedora
and Ubuntu) simply turn off asm at build time (--disable-asm).

The question is whether executable stack is needed, which it probably
doesn't. But only a code review of the asm code can tell for sure, or
the very authors of libgcrypt :)

If the asm code does not need executable stack it should contain
something like

.section .note.GNU-stack, "", @progbits

to mark the resulting object file as not needing it.

Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20060702/b61c8168/attachment.pgp

More information about the Gcrypt-devel mailing list