[sheepdog-users] [PATCH stable-0.8 16/22] lib: Remove executable stack comming from sha1_ssse3.S
Hitoshi Mitake
mitake.hitoshi at lab.ntt.co.jp
Mon Feb 24 08:07:04 CET 2014
From: Marcin Mirosław <marcin at mejor.pl>
Executable stack can be security hole, EX stack prevents working of NX.
More information can be found here:
https://wiki.gentoo.org/wiki/Project:Hardened/GNU_stack_quickstart
https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities#Introduction
i686 architecture wasn't affected.
Signed-off-by: Marcin Mirosław <marcin at mejor.pl>
Signed-off-by: Liu Yuan <namei.unix at gmail.com>
---
lib/sha1_ssse3.S | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/sha1_ssse3.S b/lib/sha1_ssse3.S
index 22ce597..a9ce142 100644
--- a/lib/sha1_ssse3.S
+++ b/lib/sha1_ssse3.S
@@ -562,3 +562,7 @@ W_PRECALC_AVX
* unsigned int rounds);
*/
SHA1_VECTOR_ASM sha1_transform_avx
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
--
1.7.10.4
More information about the sheepdog-users
mailing list