1. Patchew
  2. linux
  3. [PATCH v3 0/9] x86/entry/vdso: clean up the vdso build, vdso updates
  4. View patch

[PATCH v3 6/9] x86/entry/vdso: include GNU_PROPERTY and GNU_STACK PHDRs

H. Peter Anvin posted 9 patches 2 months, 4 weeks ago
There is a newer version of this series
[PATCH v3 6/9] x86/entry/vdso: include GNU_PROPERTY and GNU_STACK PHDRs
Posted by H. Peter Anvin 2 months, 4 weeks ago 
Currently the vdso doesn't include .note.gnu.property or a GNU noexec
stack annotation (the -z noexecstack in the linker script is
ineffective because we specify PHDRs explicitly.)

The motivation is that the dynamic linker currently do not check
these.

However, this is a weak excuse: the vdso*.so are also supposed to be
usable at link libraries, and there is no reason why the dynamic
linker might not want or need to check these in the future, so add
them back in -- it is trivial enough.

Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com>
---
 arch/x86/entry/vdso/common/vdso-layout.lds.S | 51 +++++++++++---------
 1 file changed, 28 insertions(+), 23 deletions(-)

diff --git a/arch/x86/entry/vdso/common/vdso-layout.lds.S b/arch/x86/entry/vdso/common/vdso-layout.lds.S
index ec1ac191a057..696bacb99ed8 100644
--- a/arch/x86/entry/vdso/common/vdso-layout.lds.S
+++ b/arch/x86/entry/vdso/common/vdso-layout.lds.S
@@ -26,7 +26,7 @@ SECTIONS
 
 	. = SIZEOF_HEADERS;
 
-	.hash		: { *(.hash) }			:text
+	.hash		: { *(.hash) }		:text
 	.gnu.hash	: { *(.gnu.hash) }
 	.dynsym		: { *(.dynsym) }
 	.dynstr		: { *(.dynstr) }
@@ -34,7 +34,7 @@ SECTIONS
 	.gnu.version_d	: { *(.gnu.version_d) }
 	.gnu.version_r	: { *(.gnu.version_r) }
 
-	.dynamic	: { *(.dynamic) }		:text	:dynamic
+	.dynamic	: { *(.dynamic) }	:text :dynamic
 
 	.rodata		: {
 		*(.rodata*)
@@ -45,31 +45,28 @@ SECTIONS
 		*(.bss*)
 		*(.dynbss*)
 		*(.gnu.linkonce.b.*)
-	}						:text
+	}					:text
 
-	/*
-	 * Discard .note.gnu.property sections which are unused and have
-	 * different alignment requirement from vDSO note sections.
-	 */
-	/DISCARD/ : {
+	.note.gnu.property : {
 		*(.note.gnu.property)
-	}
-	.note		: { *(.note.*) }		:text	:note
-
-	.eh_frame_hdr	: { *(.eh_frame_hdr) }		:text	:eh_frame_hdr
-	.eh_frame	: { KEEP (*(.eh_frame)) }	:text
+	}					:text :note :gnu_property
+	.note		: {
+		*(.note*)
+	}					:text :note
 
+	.eh_frame_hdr	: { *(.eh_frame_hdr) }	:text :eh_frame_hdr
+	.eh_frame	: {
+		KEEP (*(.eh_frame))
+		*(.eh_frame.*)
+	}					:text
 
 	/*
 	 * Text is well-separated from actual data: there's plenty of
 	 * stuff that isn't used at runtime in between.
-	 */
-
+	*/
 	.text		: {
 		*(.text*)
-	}						:text	=0x90909090,
-
-
+	}					:text	=0x90909090
 
 	.altinstructions	: { *(.altinstructions) }	:text
 	.altinstr_replacement	: { *(.altinstr_replacement) }	:text
@@ -87,15 +84,23 @@ SECTIONS
  * Very old versions of ld do not recognize this name token; use the constant.
  */
 #define PT_GNU_EH_FRAME	0x6474e550
+#define PT_GNU_STACK	0x6474e551
+#define PT_GNU_PROPERTY	0x6474e553
 
 /*
  * We must supply the ELF program headers explicitly to get just one
  * PT_LOAD segment, and set the flags explicitly to make segments read-only.
- */
+*/
+#define PF_R	FLAGS(4)
+#define PF_RW	FLAGS(6)
+#define PF_RX	FLAGS(5)
+
 PHDRS
 {
-	text		PT_LOAD		FLAGS(5) FILEHDR PHDRS; /* PF_R|PF_X */
-	dynamic		PT_DYNAMIC	FLAGS(4);		/* PF_R */
-	note		PT_NOTE		FLAGS(4);		/* PF_R */
-	eh_frame_hdr	PT_GNU_EH_FRAME;
+	text		PT_LOAD		PF_RX FILEHDR PHDRS;
+	dynamic		PT_DYNAMIC	PF_R;
+	note		PT_NOTE		PF_R;
+	eh_frame_hdr	PT_GNU_EH_FRAME PF_R;
+	gnu_stack	PT_GNU_STACK	PF_RW;
+	gnu_property	PT_GNU_PROPERTY	PF_R;
 }
-- 
2.51.1
Re: [PATCH v3 6/9] x86/entry/vdso: include GNU_PROPERTY and GNU_STACK PHDRs
Posted by Andrew Cooper 2 months, 3 weeks ago 
On 12/11/2025 8:22 pm, H. Peter Anvin wrote:
>  arch/x86/entry/vdso/common/vdso-layout.lds.S | 51 +++++++++++---------
>  1 file changed, 28 insertions(+), 23 deletions(-)
>
> diff --git a/arch/x86/entry/vdso/common/vdso-layout.lds.S b/arch/x86/entry/vdso/common/vdso-layout.lds.S
> index ec1ac191a057..696bacb99ed8 100644
> --- a/arch/x86/entry/vdso/common/vdso-layout.lds.S
> +++ b/arch/x86/entry/vdso/common/vdso-layout.lds.S
> @@ -26,7 +26,7 @@ SECTIONS
>  
>  	. = SIZEOF_HEADERS;
>  
> -	.hash		: { *(.hash) }			:text
> +	.hash		: { *(.hash) }		:text
>  	.gnu.hash	: { *(.gnu.hash) }
>  	.dynsym		: { *(.dynsym) }
>  	.dynstr		: { *(.dynstr) }
> @@ -34,7 +34,7 @@ SECTIONS
>  	.gnu.version_d	: { *(.gnu.version_d) }
>  	.gnu.version_r	: { *(.gnu.version_r) }
>  
> -	.dynamic	: { *(.dynamic) }		:text	:dynamic
> +	.dynamic	: { *(.dynamic) }	:text :dynamic
>  
>  	.rodata		: {
>  		*(.rodata*)
> @@ -45,31 +45,28 @@ SECTIONS
>  		*(.bss*)
>  		*(.dynbss*)
>  		*(.gnu.linkonce.b.*)
> -	}						:text
> +	}					:text
>  
> -	/*
> -	 * Discard .note.gnu.property sections which are unused and have
> -	 * different alignment requirement from vDSO note sections.
> -	 */
> -	/DISCARD/ : {
> +	.note.gnu.property : {
>  		*(.note.gnu.property)
> -	}
> -	.note		: { *(.note.*) }		:text	:note
> -
> -	.eh_frame_hdr	: { *(.eh_frame_hdr) }		:text	:eh_frame_hdr
> -	.eh_frame	: { KEEP (*(.eh_frame)) }	:text
> +	}					:text :note :gnu_property
> +	.note		: {
> +		*(.note*)
> +	}					:text :note
>  
> +	.eh_frame_hdr	: { *(.eh_frame_hdr) }	:text :eh_frame_hdr
> +	.eh_frame	: {
> +		KEEP (*(.eh_frame))
> +		*(.eh_frame.*)
> +	}					:text
>  
>  	/*
>  	 * Text is well-separated from actual data: there's plenty of
>  	 * stuff that isn't used at runtime in between.
> -	 */
> -
> +	*/
>  	.text		: {
>  		*(.text*)
> -	}						:text	=0x90909090,
> -
> -
> +	}					:text	=0x90909090
>  

Almost all of these hunks look to be whitespace changes only.  Was that
intentional?  It certainly makes it harder to read.

>  	.altinstructions	: { *(.altinstructions) }	:text
>  	.altinstr_replacement	: { *(.altinstr_replacement) }	:text
> @@ -87,15 +84,23 @@ SECTIONS
>   * Very old versions of ld do not recognize this name token; use the constant.
>   */
>  #define PT_GNU_EH_FRAME	0x6474e550
> +#define PT_GNU_STACK	0x6474e551
> +#define PT_GNU_PROPERTY	0x6474e553
>  
>  /*
>   * We must supply the ELF program headers explicitly to get just one
>   * PT_LOAD segment, and set the flags explicitly to make segments read-only.
> - */
> +*/

This looks like it wants undoing too.

That said, I do strongly agree with the reasoning behind this patch.

~Andrew
Re: [PATCH v3 6/9] x86/entry/vdso: include GNU_PROPERTY and GNU_STACK PHDRs
Posted by H. Peter Anvin 2 months, 3 weeks ago 
On 2025-11-13 11:09, Andrew Cooper wrote:
> 
> Almost all of these hunks look to be whitespace changes only.  Was that
> intentional?  It certainly makes it harder to read.
> 

It is intentional; although it adds to the patch it tidies up the file itself.

>>  	.altinstructions	: { *(.altinstructions) }	:text
>>  	.altinstr_replacement	: { *(.altinstr_replacement) }	:text
>> @@ -87,15 +84,23 @@ SECTIONS
>>   * Very old versions of ld do not recognize this name token; use the constant.
>>   */
>>  #define PT_GNU_EH_FRAME	0x6474e550
>> +#define PT_GNU_STACK	0x6474e551
>> +#define PT_GNU_PROPERTY	0x6474e553
>>  
>>  /*
>>   * We must supply the ELF program headers explicitly to get just one
>>   * PT_LOAD segment, and set the flags explicitly to make segments read-only.
>> - */
>> +*/
> 
> This looks like it wants undoing too.

OK, fair.

> That said, I do strongly agree with the reasoning behind this patch.

Thanks.

	-hpa

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.