Open palainp opened 6 months ago
As we use a tender for running the unikernels, the permissions are set in the tender and the warning is probably not alarming, but I think it's best to remove if possible and easy :)
This change was introduced by #402 (/cc @Kensan) but I think it's unrelated to muen
if I understand correctly and it's just a porcelain change to not pollute the final executable with what gcc
can put. Let's try to resolve that before the next release.
It looks unrelated to muen
. Am I understanding it right, that the linker warning is there because the .note.GNU-stack
section is discarded and the linker then assumes that the stack must be executable? In that case, the easiest solution to me seems to be to not discard the .note.GNU-stack section
in the linker scripts.
.
I did some reading [1] on this because I noticed we have this warning as well when linking certain components in the Muen project. Since the warning is emitted by the linker, I don't think not discarding the section helps. Does #570 fix the issue?
My understanding is that one would rather have to add a .note.GNU-stack
section to the assembler files. I hacked something together, which is compiled-tested only(!). With this change, the linker warnings go away. Not sure if this is also needed on Aarch64, thus I did not change cpu_vectors_aarch64.S
.
[1] - https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart
Hi devs, I recently noticed that GNU ld complains about executable stack with the following warning:
As there is a
/DISCARD/
section in the linker scripts https://github.com/Solo5/solo5/blob/8d8517b12dbfdbe1e2e61e9a2fa07a2038a6b8b7/bindings/solo5_hvt.lds#L155, maybe it possible/needed to also add.note.GNU-stack
? I don't currently have access to my laptop, but it may be possible to find where's needed executable stack following https://www.redhat.com/en/blog/linkers-warnings-about-executable-stacks-and-segments?