On Thu, Apr 17, 2025 at 09:59:08PM +0000, Warner Losh wrote: > The branch main has been updated by imp: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=58c99df2196c5564a6922dcfe4d03387cebdd10c > > commit 58c99df2196c5564a6922dcfe4d03387cebdd10c > Author: Warner Losh <[email protected]> > AuthorDate: 2025-04-17 04:03:26 +0000 > Commit: Warner Losh <[email protected]> > CommitDate: 2025-04-17 21:56:45 +0000 > > kboot: .note.GNU-stack is needed > > Add '.section .note.GNU-stack,"",%progbits' to all assembler. Newer > versions of clang complain when this isn't present because executable > stacks are going away in the future. We don't need an executable stack > anyway.
Just a little data point: HardenedBSD has lived without the ability to mark the stack as executable for nearly a decade now. I'm pretty sure it should be safe for FreeBSD to remove support for it as well, at least for amd64, arm64, and likely also riscv. The only outlier might be i386, but that no longer enjoys Tier 1 status on FreeBSD. Thanks, -- Shawn Webb Cofounder / Security Engineer HardenedBSD Signal Username: shawn_webb.74 Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
signature.asc
Description: PGP signature
