From 0499a353a6e196f468e7ec554cb13c82011f0e36 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Mon, 2 Mar 2020 14:24:27 +0100
Subject: elf: Add elf/check-wx-segment, a test for the presence of WX segments

Writable, executable segments defeat security hardening.  The
existing check for DT_TEXTREL does not catch this.

hppa and SPARC currently keep the PLT in an RWX load segment.
---
 sysdeps/sparc/Makefile | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'sysdeps/sparc/Makefile')

diff --git a/sysdeps/sparc/Makefile b/sysdeps/sparc/Makefile
index 38b33af..c123b52 100644
--- a/sysdeps/sparc/Makefile
+++ b/sysdeps/sparc/Makefile
@@ -16,6 +16,15 @@ CPPFLAGS-crti.S += -fPIC
 CPPFLAGS-crtn.S += -fPIC
 endif
 
+ifeq ($(subdir),elf)
+
+# Lazy binding on SPARC rewrites the PLT sequence.  See the Solaris
+# Linker and Libraries Guide, section SPARC: Procedure Linkage Table.
+# <https://docs.oracle.com/cd/E19455-01/816-0559/chapter6-1236/index.html>
+test-xfail-check-wx-segment = *
+
+endif # $(subdir) == elf
+
 # nscd uses atomic_spin_nop which in turn requires cpu_relax
 ifeq ($(subdir),nscd)
 routines += cpu_relax
-- 
cgit v1.1