Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 332011

Summary: app-admin/paxtest does not respect LDFLAGS
Product: Gentoo Linux Reporter: Diego Elio Pettenò (RETIRED) <flameeyes>
Component: New packagesAssignee: Anthony Basile <blueness>
Status: RESOLVED FIXED    
Severity: QA CC: hardened, pageexec, xarthisius
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 331933    
Attachments: Build log

Description Diego Elio Pettenò (RETIRED) gentoo-dev 2010-08-10 10:12:16 UTC 
See attached build log.

(Please do not complain about the need for looking at the build log until you can provide an easy way to open bugs with the correct data picked out of a tinderbox log. Thanks.)
Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-08-10 10:12:47 UTC 
Created attachment 242219 [details]
Build log
Comment 2 Anthony Basile gentoo-dev 2010-08-10 12:47:18 UTC 
The problem with paxtest is that it is built to fail so that problems at the userland level are caught by the PaX kernel which puts restrictions on how pages of memory allocated to a process may be used.  For example, you do not want -fstack-protector{-all} because you want the kernel to catch an executable stack, not glibc via __stack_chk_fail.  It is not clear to me at this time just how much of the user's CFLAGS and LDFLAGS can be respected while expecting paxtest to do its job.  In fact, I may have gone too far when I compare to previous versions.

I'm going to have to talk to upstream about this and look into adding QA suppressions like QA_EXECSTACK= ...
Comment 3 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2010-08-10 15:14:31 UTC 
+  10 Aug 2010; Kacper Kowalik <xarthisius@gentoo.org>
+  files/paxtest-0.9.9-Makefile.patch:
+  Respect LDFLAGS wrt bug 332011. Thanks to Diego for report.
+