Re: git: 58c99df2196c - main - kboot: .note.GNU-stack is needed

From: Warner Losh <imp_at_bsdimp.com>
Date: Fri, 18 Apr 2025 00:07:23 UTC
On Thu, Apr 17, 2025, 4:26 PM Shawn Webb <shawn.webb@hardenedbsd.org> wrote:

> On Thu, Apr 17, 2025 at 09:59:08PM +0000, Warner Losh wrote:
> > The branch main has been updated by imp:
> >
> > URL:
> https://cgit.FreeBSD.org/src/commit/?id=58c99df2196c5564a6922dcfe4d03387cebdd10c
> >
> > commit 58c99df2196c5564a6922dcfe4d03387cebdd10c
> > Author:     Warner Losh <imp@FreeBSD.org>
> > AuthorDate: 2025-04-17 04:03:26 +0000
> > Commit:     Warner Losh <imp@FreeBSD.org>
> > CommitDate: 2025-04-17 21:56:45 +0000
> >
> >     kboot: .note.GNU-stack is needed
> >
> >     Add '.section .note.GNU-stack,"",%progbits' to all assembler. Newer
> >     versions of clang complain when this isn't present because executable
> >     stacks are going away in the future. We don't need an executable
> stack
> >     anyway.
>
> Just a little data point: HardenedBSD has lived without the ability to
> mark the stack as executable for nearly a decade now. I'm pretty sure
> it should be safe for FreeBSD to remove support for it as well, at
> least for amd64, arm64, and likely also riscv. The only outlier might
> be i386, but that no longer enjoys Tier 1 status on FreeBSD.
>

This code is for a linux binary. And i just added these to avoid new
warnings.

Warner

Thanks,
>
> --
> Shawn Webb
> Cofounder / Security Engineer
> HardenedBSD
>
> Signal Username:  shawn_webb.74
> Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
>
> https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
>