Hi,
libgcrypt with asm marks the object and library as requiring
executable stack. On systems with enforced selinux policy this breaks
w/o special rules. Therefore some distributions (for instance Fedora
and Ubuntu) simply turn off asm at build time (--disable-asm).
The question is whether executable stack is needed, which it probably
doesn't. But only a code review of the asm code can tell for sure, or
the very authors of libgcrypt :)
If the asm code does not need executable stack it should contain
something like
.section .note.GNU-stack, "", @progbits
to mark the resulting object file as not needing it.
Thanks!
--
Axel.Thimm at ATrpms.net
libgcrypt with asm marks the object and library as requiring
executable stack. On systems with enforced selinux policy this breaks
w/o special rules. Therefore some distributions (for instance Fedora
and Ubuntu) simply turn off asm at build time (--disable-asm).
The question is whether executable stack is needed, which it probably
doesn't. But only a code review of the asm code can tell for sure, or
the very authors of libgcrypt :)
If the asm code does not need executable stack it should contain
something like
.section .note.GNU-stack, "", @progbits
to mark the resulting object file as not needing it.
Thanks!
--
Axel.Thimm at ATrpms.net