diff options
| author | Thiago Macieira <thiago.macieira@intel.com> | 2019-05-31 09:56:28 -0700 |
|---|---|---|
| committer | Thiago Macieira <thiago.macieira@intel.com> | 2019-05-31 13:08:10 -0700 |
| commit | 597359a16a798df3955404200f1fc6833a7425ab (patch) | |
| tree | c21136eb65046a4e0250a7372c6368174c4ddc58 | |
| parent | 54fa06ccecaceeffdfbafdd516503f8007569cf0 (diff) | |
Don't allow QtWebEngineCore to request executable stack
The Chromium sources contain assembly code that causes the library to
default to executable stack (the linker requires that *all* .o files
have a .note.GNU-stack section in order to default to
non-executable). So add the -z noexecstack linker flag to change the
setting.
The other libraries are not affected.
Change-Id: I0bf9ebeb5aa34d19be30fffd15a3d3063dea2005
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
| -rw-r--r-- | src/core/configure.json | 10 | ||||
| -rw-r--r-- | src/core/core_module.pro | 2 |
2 files changed, 12 insertions, 0 deletions
diff --git a/src/core/configure.json b/src/core/configure.json index fc23785df..6dccd1644 100644 --- a/src/core/configure.json +++ b/src/core/configure.json @@ -327,6 +327,11 @@ "webengine-arm-thumb" : { "label": "thumb instruction set", "type": "hasThumbFlag" + }, + "webengine-noexecstack" : { + "label": "linker supports -z noexecstack", + "type": "linkerSupportsFlag", + "flag": "-z,noexecstack" } }, @@ -658,6 +663,11 @@ "label": "Thumb instruction set", "condition": "config.linux && features.webengine-embedded-build && arch.arm && tests.webengine-arm-thumb", "output": [ "privateFeature" ] + }, + "webengine-noexecstack": { + "label": "linker supports -z noexecstack", + "condition": "config.unix && tests.webengine-noexecstack", + "output": [ "privateFeature" ] } }, diff --git a/src/core/core_module.pro b/src/core/core_module.pro index b5c8542f3..9bd56f9de 100644 --- a/src/core/core_module.pro +++ b/src/core/core_module.pro @@ -39,6 +39,8 @@ LIBS_PRIVATE += $$NINJA_LIB_DIRS $$NINJA_LIBS # GN's LFLAGS doesn't always work across all the Linux configurations we support. # The Windows and macOS ones from GN does provide a few useful flags however +unix:qtConfig(webengine-noexecstack): \ + QMAKE_LFLAGS += -Wl,-z,noexecstack linux { QMAKE_LFLAGS += -Wl,--gc-sections -Wl,-O1 -Wl,-z,now # Embedded address sanitizer symbols are undefined and are picked up by the dynamic link loader |