1execstack(8)                System Manager's Manual               execstack(8)
2
3
4

NAME

6       execstack  -  tool to set, clear, or query executable stack flag of ELF
7       binaries and shared libraries
8

SYNOPSIS

10       execstack [OPTION...] [FILES]
11

DESCRIPTION

13       execstack is a program which sets, clears, or queries executable  stack
14       flag  of  ELF  binaries  and  shared  libraries.  Linux has in the past
15       allowed execution of instructions on the stack and there  are  lots  of
16       binaries  and  shared  libraries assuming this behaviour.  Furthermore,
17       GCC trampoline code for e.g. nested functions requires executable stack
18       on many architectures.  To avoid breaking binaries and shared libraries
19       which need executable stack, ELF binaries and shared libraries now  can
20       be  marked  as  requiring  executable  stack or not requiring it.  This
21       marking is done through the p_flags field in the  PT_GNU_STACK  program
22       header entry.  If the marking is missing, kernel or dynamic linker need
23       to assume it might need executable stack.  The marking is done automat‐
24       ically  by  recent GCC versions (objects using trampolines on the stack
25       are marked as requiring executable stack, all other newly built objects
26       are marked as not requiring it) and linker collects these markings into
27       marking of the whole binary or shared library.  The user  can  override
28       this  at  assembly time (through --execstack or --noexecstack assembler
29       options), at link time (through -z execstack or -z  noexecstack  linker
30       options)  and using the execstack tool also on an already linker binary
31       or shared library.  This tool is  especially  useful  for  third  party
32       shared  libraries  where  it  is  known that they don't need executable
33       stack or testing proves it.
34

OPTIONS

36       -s --set-execstack
37              Mark binary or shared library as requiring executable stack.
38
39       -c --clear-execstack
40              Mark binary or shared library as not requiring executable stack.
41
42       -q --query
43              Query executable stack marking of binaries and shared libraries.
44              For  each  file  it prints either - when executable stack is not
45              required, X when executable stack is required or ?  when  it  is
46              unknown  whether  the  object  requires  or doesn't require exe‐
47              cutable stack (the marking is missing).
48
49       -V     Print execstack version and exit.
50
51       -? --help
52              Print help message.
53
54       --usage
55              Print a short usage message.
56

ARGUMENTS

58       Command line arguments should be  names  of  ELF  binaries  and  shared
59       libraries which should be modified or queried.
60

EXAMPLES

62              # execstack -s ~/lib/libfoo.so.1
63       will mark ~/lib/libfoo.so.1 as requiring executable stack.
64              # execstack -c ~/bin/bar
65       will mark ~/bin/bar as not requiring executable stack.
66              # execstack -q ~/lib/libfoo.so.1 ~/bin/bar
67       will query executable stack marking of the given files.
68

SEE ALSO

70       ld.so(8).
71

BUGS

73       execstack  doesn't  support  yet  marking of executables if they do not
74       have PT_GNU_STACK program header entry nor they have room  for  program
75       segment header table growth.
76

AUTHORS

78       Jakub Jelinek <jakub@redhat.com>.
79
80
81
82                                28 October 2003                   execstack(8)
Impressum