From ba1fbb688edf7db0edf3ea9d24a95d5a5ef2260c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Tue, 13 Jun 2017 01:23:54 +0200 Subject: Linux: fix executable stack in resulting binary which was caused by crypto assembly files missing the GNU-stack note. --- src/Crypto/Aes_hw_cpu.asm | 11 +++++++++++ src/Crypto/Aes_x64.asm | 11 +++++++++++ src/Crypto/Aes_x86.asm | 11 +++++++++++ src/Crypto/Twofish_x64.S | 5 +++++ src/Crypto/Twofish_x86.S | 10 ++++++++++ 5 files changed, 48 insertions(+) (limited to 'src/Crypto') diff --git a/src/Crypto/Aes_hw_cpu.asm b/src/Crypto/Aes_hw_cpu.asm index edc20b29..4822e6a4 100644 --- a/src/Crypto/Aes_hw_cpu.asm +++ b/src/Crypto/Aes_hw_cpu.asm @@ -331,3 +331,14 @@ %endif ; __BITS__ != 16 + +%ifidn __OUTPUT_FORMAT__,elf +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf32 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf64 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif + diff --git a/src/Crypto/Aes_x64.asm b/src/Crypto/Aes_x64.asm index f74d0328..65965af1 100644 --- a/src/Crypto/Aes_x64.asm +++ b/src/Crypto/Aes_x64.asm @@ -905,3 +905,14 @@ end_prologue %endif %endif + +%ifidn __OUTPUT_FORMAT__,elf +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf32 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf64 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif + diff --git a/src/Crypto/Aes_x86.asm b/src/Crypto/Aes_x86.asm index 484e31a7..c45f790d 100644 --- a/src/Crypto/Aes_x86.asm +++ b/src/Crypto/Aes_x86.asm @@ -644,3 +644,14 @@ stk_spc equ 20 ; stack space do_exit %endif + +%ifidn __OUTPUT_FORMAT__,elf +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf32 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf64 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif + diff --git a/src/Crypto/Twofish_x64.S b/src/Crypto/Twofish_x64.S index 1e271691..c3483e33 100644 --- a/src/Crypto/Twofish_x64.S +++ b/src/Crypto/Twofish_x64.S @@ -312,3 +312,8 @@ movq %r8, %rdx; .endif ret; +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif + + diff --git a/src/Crypto/Twofish_x86.S b/src/Crypto/Twofish_x86.S index e69de29b..4f654871 100644 --- a/src/Crypto/Twofish_x86.S +++ b/src/Crypto/Twofish_x86.S @@ -0,0 +1,10 @@ +%ifidn __OUTPUT_FORMAT__,elf +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf32 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif +%ifidn __OUTPUT_FORMAT__,elf64 +section .note.GNU-stack noalloc noexec nowrite progbits +%endif + -- cgit v1.2.3