p96705831
/
platform_build
forked from openkylin/platform_build
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Enable NX protections 

Add -Wa,--noexecstack and -Wl,-z,noexecstack as default
flags when compiling host-side applications.  This enables
NX protections, which prevent code from executing on the
stack or heap.  NX protections make exploiting memory
corruption issues more challenging and is an important
security feature.

Change-Id: Iae580abe887e01f9029ec2a4e0fc0aae496724a4
This commit is contained in:
Joshua J. Drake 2013-12-12 00:41:38 -06:00 committed by Nick Kralevich
parent d270230fa4
commit afb45637b2
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
core/combo/HOST_linux-x86.mk
View File

@ -39,12 +39,12 @@ ifneq ($(strip $(BUILD_HOST_64bit)),)
# more consistency between the host tools and the target.
# BUILD_HOST_64bit=1 overrides it for tool like emulator
# which can benefit from 64-bit host arch.
HOST_GLOBAL_CFLAGS += -m64
HOST_GLOBAL_LDFLAGS += -m64
HOST_GLOBAL_CFLAGS += -m64 -Wa,--noexecstack
HOST_GLOBAL_LDFLAGS += -m64 -Wl,-z,noexecstack
else
# We expect SSE3 floating point math.
HOST_GLOBAL_CFLAGS += -mstackrealign -msse3 -mfpmath=sse -m32
HOST_GLOBAL_LDFLAGS += -m32
HOST_GLOBAL_CFLAGS += -mstackrealign -msse3 -mfpmath=sse -m32 -Wa,--noexecstack
HOST_GLOBAL_LDFLAGS += -m32 -Wl,-z,noexecstack
endif # BUILD_HOST_64bit
ifneq ($(strip $(BUILD_HOST_static)),)