using the mn10300-elf target, sim testsuite fails now due to linker warnings ever since this change: https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107 Author: Nick Clifton <nickc@redhat.com> Date: Tue May 3 11:42:24 2022 +0100 Add a linker warning when creating potentially dangerous executable segments. Add tests, options to disabke and configure switches to choose defaults. simple test: $ cat test.s .bss .space 64 _stack: .data pass: .string "pass\n" .text .global _start _start: .byte 0x00 $ ./gas/as-new test.s -o test.o $ ./ld/ld-new test.o -o test ./ld/ld-new: warning: test has a LOAD segment with RWX permissions
Created attachment 14546 [details] Proposed patch Hi Guys, Here is a possible patch to fix this problem. Since the issue affects several ports however, it might be better to find a more general solution that only needs to be applied once... Cheers Nick
is the RWX check useful for ELF (bare-metal) targets in general ?
(In reply to Mike Frysinger from comment #2) > is the RWX check useful for ELF (bare-metal) targets in general ? Eh - it is debatable. On the one hand, any RWX segment is a potential weak point that attackers might try to exploit, and programs running on bare metal may still need to be security aware. On the other hand, if you are building a bare metal based system then presumably you know what you are doing and what the potential vulnerabilities are likely to be. I do not think that the linker can make a judgement call on this. It is up to the programmers and toolchain creators to decide what is best. There are linker command line options to disable the warnings, and binutils configure options to change the default behaviour, so things can be customized. But correctly identifying "safe" bare metal configurations vs "vulnerable" bare metal configurations ? This is something that the linker cannot do. Overall I think that it is better that the linker defaults to generating these warnings, and having discussions like this one, than to have the linker default to ignoring the issue and someone not realizing that there is a potential problem.
A maintainer can make the call to add such targets to the clause at ld/configure.tgt line 48. Just don't forget to add the bare-metal specifier (e.g. *-elf) there, for targets where a variant also has with HW-protection-support, so not to match e.g. *-linux. To wit, don't follow the bad pattern of target-*-* there.