diff options
Diffstat (limited to 'krb5-1.12-enable-NX.patch')
| -rw-r--r-- | krb5-1.12-enable-NX.patch | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/krb5-1.12-enable-NX.patch b/krb5-1.12-enable-NX.patch deleted file mode 100644 index 2b8a508..0000000 --- a/krb5-1.12-enable-NX.patch +++ /dev/null @@ -1,57 +0,0 @@ -commit c64e39c69a9a7ee32c00b0cf7918f6274a565544 -Author: Greg Hudson <ghudson@mit.edu> -Date: Fri Jan 3 13:50:48 2014 -0500 - - Mark AESNI files as not needing executable stacks - - Some Linux systems now come with facilities to mark the stack as - non-executable, making it more difficult to exploit buffer overrun - bugs. For this to work, object files built from assembly need a - section added to note whether they require an executable stack. - - Patch from Dhiru Kholia with comments added. More information at: - https://bugzilla.redhat.com/show_bug.cgi?id=1045699 - https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart - - ticket: 7813 - target_version: 1.12.1 - tags: pullup - -diff --git a/src/lib/crypto/builtin/aes/iaesx64.s b/src/lib/crypto/builtin/aes/iaesx64.s -index 1c091c1..d03c859 100644 ---- a/src/lib/crypto/builtin/aes/iaesx64.s -+++ b/src/lib/crypto/builtin/aes/iaesx64.s -@@ -834,3 +834,14 @@ lp256encsingle_CBC: - movdqu [r9],xmm1 - add rsp,16*16+8 - ret -+ -+; Mark this file as not needing an executable stack. -+%ifidn __OUTPUT_FORMAT__,elf -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf32 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf64 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -diff --git a/src/lib/crypto/builtin/aes/iaesx86.s b/src/lib/crypto/builtin/aes/iaesx86.s -index b667acd..1aa12e6 100644 ---- a/src/lib/crypto/builtin/aes/iaesx86.s -+++ b/src/lib/crypto/builtin/aes/iaesx86.s -@@ -871,3 +871,14 @@ lp256encsingle_CBC: - movdqu [ecx],xmm1 ; store last iv for chaining - - ret -+ -+; Mark this file as not needing an executable stack. -+%ifidn __OUTPUT_FORMAT__,elf -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf32 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf64 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif |