execstack(8) — Linux manual page
execstack(8) System Manager's Manual execstack(8)
NAME
execstack - tool to set, clear, or query executable stack flag of
ELF binaries and shared libraries
SYNOPSIS
execstack [OPTION...] [FILES]
DESCRIPTION
execstack is a program which sets, clears, or queries executable
stack flag of ELF binaries and shared libraries. Linux has in
the past allowed execution of instructions on the stack and there
are lots of binaries and shared libraries assuming this
behaviour. Furthermore, GCC trampoline code for e.g. nested
functions requires executable stack on many architectures. To
avoid breaking binaries and shared libraries which need
executable stack, ELF binaries and shared libraries now can be
marked as requiring executable stack or not requiring it. This
marking is done through the p_flags field in the PT_GNU_STACK
program header entry. If the marking is missing, kernel or
dynamic linker need to assume it might need executable stack.
The marking is done automatically by recent GCC versions (objects
using trampolines on the stack are marked as requiring executable
stack, all other newly built objects are marked as not requiring
it) and linker collects these markings into marking of the whole
binary or shared library. The user can override this at assembly
time (through --execstack or --noexecstack assembler options), at
link time (through -z execstack or -z noexecstack linker options)
and using the execstack tool also on an already linker binary or
shared library. This tool is especially useful for third party
shared libraries where it is known that they don't need
executable stack or testing proves it.
OPTIONS
-s --set-execstack
Mark binary or shared library as requiring executable
stack.
-c --clear-execstack
Mark binary or shared library as not requiring executable
stack.
-q --query
Query executable stack marking of binaries and shared
libraries. For each file it prints either - when
executable stack is not required, X when executable stack
is required or ? when it is unknown whether the object
requires or doesn't require executable stack (the marking
is missing).
-V Print execstack version and exit.
-? --help
Print help message.
--usage
Print a short usage message.
ARGUMENTS
Command line arguments should be names of ELF binaries and shared
libraries which should be modified or queried.
EXAMPLES
# execstack -s ~/lib/libfoo.so.1
will mark ~/lib/libfoo.so.1 as requiring executable stack.
# execstack -c ~/bin/bar
will mark ~/bin/bar as not requiring executable stack.
# execstack -q ~/lib/libfoo.so.1 ~/bin/bar
will query executable stack marking of the given files.
SEE ALSO
ld.so(8).
BUGS
execstack doesn't support yet marking of executables if they do
not have PT_GNU_STACK program header entry nor they have room for
program segment header table growth.
AUTHORS
Jakub Jelinek <jakub@redhat.com>.
COLOPHON
This page is part of the prelink (prelink ELF shared libraries
and binaries) project. Information about the project can be
found at ⟨http://people.redhat.com/jakub/prelink/⟩. It is not
known how to report bugs for this man page; if you know, please
send a mail to man-pages@man7.org. This page was obtained from
the tarball prelink-20130503.tar.bz2 fetched from
⟨http://people.redhat.com/jakub/prelink/⟩ on 2024-06-14. If you
discover any rendering problems in this HTML version of the page,
or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the
information in this COLOPHON (which is not part of the original
manual page), send a mail to man-pages@man7.org