From b3850835b90d3ac8a329080fd64f3a62e36e4624 Mon Sep 17 00:00:00 2001 From: Andrei Horodniceanu Date: Sat, 16 Aug 2025 12:58:51 +0300 Subject: [PATCH 1/3] fiber/switch_context_riscv.S: disable executable stack Like it is done for the other assembly files, add the GNU-stack note. Signed-off-by: Andrei Horodniceanu --- .../src/core/thread/fiber/switch_context_riscv.S | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S b/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S index 68e2a9bd3c2..5e030c4505f 100644 --- a/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S +++ b/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S @@ -6,6 +6,18 @@ * Authors: Denis Feklushkin */ +#if (__linux__ || __FreeBSD__ || __NetBSD__ || __OpenBSD__ || __DragonFly__) && __ELF__ +/* + * Mark the resulting object file as not requiring execution permissions on + * stack memory. The absence of this section would mark the whole resulting + * library as requiring an executable stack, making it impossible to + * dynamically load druntime on several Linux platforms where this is + * forbidden due to security policies. + */ +.section .note.GNU-stack,"",%progbits +#endif + + #if defined(__riscv) // For save/load a register in memory, regardless of the size of machine register bit size From 0c5275f81094f7f63c4b166933eb58ee0588be95 Mon Sep 17 00:00:00 2001 From: Andrei Horodniceanu Date: Sat, 16 Aug 2025 19:51:41 +0300 Subject: [PATCH 2/3] [druntime] fiber/switch_context: Update comments Signed-off-by: Andrei Horodniceanu --- runtime/druntime/src/core/thread/fiber/switch_context_asm.S | 4 ++-- runtime/druntime/src/core/thread/fiber/switch_context_riscv.S | 4 ++-- runtime/druntime/src/ldc/eh_asm.S | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/runtime/druntime/src/core/thread/fiber/switch_context_asm.S b/runtime/druntime/src/core/thread/fiber/switch_context_asm.S index 77d00674974..63f2eeee4d6 100644 --- a/runtime/druntime/src/core/thread/fiber/switch_context_asm.S +++ b/runtime/druntime/src/core/thread/fiber/switch_context_asm.S @@ -18,8 +18,8 @@ * Mark the resulting object file as not requiring execution permissions on * stack memory. The absence of this section would mark the whole resulting * library as requiring an executable stack, making it impossible to - * dynamically load druntime on several Linux platforms where this is - * forbidden due to security policies. + * dynamically load druntime on several platforms where this is forbidden + * due to security policies. */ .section .note.GNU-stack,"",%progbits #endif diff --git a/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S b/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S index 5e030c4505f..150f118ec9f 100644 --- a/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S +++ b/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S @@ -11,8 +11,8 @@ * Mark the resulting object file as not requiring execution permissions on * stack memory. The absence of this section would mark the whole resulting * library as requiring an executable stack, making it impossible to - * dynamically load druntime on several Linux platforms where this is - * forbidden due to security policies. + * dynamically load druntime on several platforms where this is forbidden + * due to security policies. */ .section .note.GNU-stack,"",%progbits #endif diff --git a/runtime/druntime/src/ldc/eh_asm.S b/runtime/druntime/src/ldc/eh_asm.S index f7b6b30dc67..c6a8d05a691 100644 --- a/runtime/druntime/src/ldc/eh_asm.S +++ b/runtime/druntime/src/ldc/eh_asm.S @@ -10,7 +10,7 @@ * Mark the resulting object file as not requiring execution * permissions on stack memory. The absence of this section would mark * the whole resulting library as requiring an executable stack, - * making it impossible to dynamically load druntime on several Linux + * making it impossible to dynamically load druntime on several * platforms where this is forbidden due to security policies. */ From 45ca78d75d0ecd9f10d7ca53b679abadc3f40528 Mon Sep 17 00:00:00 2001 From: Andrei Horodniceanu Date: Mon, 18 Aug 2025 12:59:37 +0300 Subject: [PATCH 3/3] [druntime]: Simplify .note.GNU-stack condition in assembly files Signed-off-by: Andrei Horodniceanu --- runtime/druntime/src/core/thread/fiber/switch_context_asm.S | 2 +- runtime/druntime/src/core/thread/fiber/switch_context_riscv.S | 2 +- runtime/druntime/src/ldc/eh_asm.S | 3 +-- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/runtime/druntime/src/core/thread/fiber/switch_context_asm.S b/runtime/druntime/src/core/thread/fiber/switch_context_asm.S index 63f2eeee4d6..659baf07789 100644 --- a/runtime/druntime/src/core/thread/fiber/switch_context_asm.S +++ b/runtime/druntime/src/core/thread/fiber/switch_context_asm.S @@ -13,7 +13,7 @@ * http://www.boost.org/LICENSE_1_0.txt) */ -#if (__linux__ || __FreeBSD__ || __NetBSD__ || __OpenBSD__ || __DragonFly__) && __ELF__ +#if __ELF__ /* * Mark the resulting object file as not requiring execution permissions on * stack memory. The absence of this section would mark the whole resulting diff --git a/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S b/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S index 150f118ec9f..d76a6bdbac4 100644 --- a/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S +++ b/runtime/druntime/src/core/thread/fiber/switch_context_riscv.S @@ -6,7 +6,7 @@ * Authors: Denis Feklushkin */ -#if (__linux__ || __FreeBSD__ || __NetBSD__ || __OpenBSD__ || __DragonFly__) && __ELF__ +#if __ELF__ /* * Mark the resulting object file as not requiring execution permissions on * stack memory. The absence of this section would mark the whole resulting diff --git a/runtime/druntime/src/ldc/eh_asm.S b/runtime/druntime/src/ldc/eh_asm.S index c6a8d05a691..e303a77f2b5 100644 --- a/runtime/druntime/src/ldc/eh_asm.S +++ b/runtime/druntime/src/ldc/eh_asm.S @@ -6,6 +6,7 @@ * License: Boost License 1.0. */ +#if __ELF__ /* * Mark the resulting object file as not requiring execution * permissions on stack memory. The absence of this section would mark @@ -13,8 +14,6 @@ * making it impossible to dynamically load druntime on several * platforms where this is forbidden due to security policies. */ - -#if (defined(__linux__) || defined(__FreeBSD__)) && defined(__ELF__) .section .note.GNU-stack,"",%progbits .previous #endif