execstack shows ppc kexec has an executable stack, this leaves it vulnerable to buffer overflows. Fix it by adding ASFLAGS --noexecstack Tested on PowerMac G4 Macmini: Without the patch: dave at darkstar:~/kexec-tools$ execstack build/sbin/kexec X build/sbin/kexec With the patch: dave at darkstar:~/kexec-tools$ execstack build/sbin/kexec - build/sbin/kexec Signed-off-by: Dave Young <dyoung at redhat.com> --- kexec/arch/ppc/Makefile | 2 ++ 1 file changed, 2 insertions(+) --- kexec-tools.orig/kexec/arch/ppc/Makefile 2011-11-08 20:52:43.000000000 +0800 +++ kexec-tools/kexec/arch/ppc/Makefile 2012-12-10 10:52:56.000000000 +0800 @@ -23,6 +23,8 @@ CPPFLAGS+=-I$(srcdir)/kexec/arch/$(ARCH) ppc_KEXEC_SRCS += $(libfdt_SRCS) +ASFLAGS += -Wa,--noexecstack + dist += kexec/arch/ppc/Makefile $(ppc_KEXEC_SRCS) \ kexec/arch/ppc/crashdump-powerpc.h kexec/arch/ppc/fixup_dtb.h \ kexec/arch/ppc/kexec-ppc.h kexec/arch/ppc/ops.h \
