diff options
Diffstat (limited to 'poky/meta/recipes-extended/ltp/ltp/0001-kvm-Fix-stack-access-mode-in-KVM-test-ELF-headers.patch')
| -rw-r--r-- | poky/meta/recipes-extended/ltp/ltp/0001-kvm-Fix-stack-access-mode-in-KVM-test-ELF-headers.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/poky/meta/recipes-extended/ltp/ltp/0001-kvm-Fix-stack-access-mode-in-KVM-test-ELF-headers.patch b/poky/meta/recipes-extended/ltp/ltp/0001-kvm-Fix-stack-access-mode-in-KVM-test-ELF-headers.patch new file mode 100644 index 0000000000..764e9c0d9f --- /dev/null +++ b/poky/meta/recipes-extended/ltp/ltp/0001-kvm-Fix-stack-access-mode-in-KVM-test-ELF-headers.patch @@ -0,0 +1,40 @@ +From 608fc7bcda43e60536ae1f19842f7affba8f0aea Mon Sep 17 00:00:00 2001 +From: Martin Doucha <mdoucha@suse.cz> +Date: Wed, 1 Jun 2022 16:16:34 +0200 +Subject: [PATCH] kvm: Fix stack access mode in KVM test ELF headers + +When the linker converts guest payload binary into a linkable resource +object file, it somehow defaults to requesting executable stack section +for the final test binary. This trips some build-time security checks +on newer systems. Add explicit linker option to make the stack +non-executable. + +Suggested-by: Fabian Vogt <fvogt@suse.com> +Signed-off-by: Martin Doucha <mdoucha@suse.cz> +Reviewed-by: Petr Vorel <pvorel@suse.cz> +Reviewed-by: Cyril Hrubis <chrubis@suse.cz> + +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> +Upstream-Status: Backport [https://github.com/linux-test-project/ltp/commit/f9715d7c2e78713e26533c6e0846aaabf5c4095b] +--- + testcases/kernel/kvm/Makefile | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/testcases/kernel/kvm/Makefile b/testcases/kernel/kvm/Makefile +index 69a9946fe..adab56952 100644 +--- a/testcases/kernel/kvm/Makefile ++++ b/testcases/kernel/kvm/Makefile +@@ -50,11 +50,11 @@ include $(top_srcdir)/include/mk/generic_leaf_target.mk + ifdef VERBOSE + $(CC) $(GUEST_CPPFLAGS) $(GUEST_CFLAGS) $(GUEST_LDFLAGS) -o $*-payload.elf $^ $(GUEST_LDLIBS) + objcopy -O binary -j .init.boot -j .text -j .data -j .init -j .preinit_array -j .init_array --gap-fill=0 $*-payload.elf $*-payload.bin +- ld -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin ++ ld -z noexecstack -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin + else + @$(CC) $(GUEST_CPPFLAGS) $(GUEST_CFLAGS) $(GUEST_LDFLAGS) -o $*-payload.elf $^ $(GUEST_LDLIBS) + @objcopy -O binary -j .init.boot -j .text -j .data -j .init -j .preinit_array -j .init_array --gap-fill=0 $*-payload.elf $*-payload.bin +- @ld -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin ++ @ld -z noexecstack -r -T $(abs_srcdir)/linker/payload.lds --oformat=$(BIN_FORMAT) -o $@ $*-payload.bin + @echo KVM_CC $(target_rel_dir)$@ + endif + @rm $*-payload.elf $*-payload.bin |