# - creating executable pages from anonymous memory,
# - making read-only-after-relocations (RELRO) data pages writable again.
function(disable_pax_mprotect targetName)
- # Try to locate the paxctl tool. Failure to find it is not fatal,
- # but the generated executables won't work on a system where PAX is set
- # to prevent applications to create executable memory mappings.
- find_program(PAXCTL paxctl)
-
- if (NOT PAXCTL STREQUAL "PAXCTL-NOTFOUND")
- add_custom_command(
- TARGET ${targetName}
- POST_BUILD
- VERBATIM
- COMMAND ${PAXCTL} -c -m $<TARGET_FILE:${targetName}>
- )
- endif()
+ # Disabling PAX hardening only makes sense in systems that use Elf image formats. Particularly, looking
+ # for paxctl in macOS is problematic as it collides with popular software for that OS that performs completely
+ # unrelated functionality. Only look for it when we'll generate Elf images.
+ if (CLR_CMAKE_HOST_LINUX OR CLR_CMAKE_HOST_FREEBSD OR CLR_CMAKE_HOST_NETBSD OR CLR_CMAKE_HOST_SUNOS)
+ # Try to locate the paxctl tool. Failure to find it is not fatal,
+ # but the generated executables won't work on a system where PAX is set
+ # to prevent applications to create executable memory mappings.
+ find_program(PAXCTL paxctl)
+
+ if (NOT PAXCTL STREQUAL "PAXCTL-NOTFOUND")
+ add_custom_command(
+ TARGET ${targetName}
+ POST_BUILD
+ VERBATIM
+ COMMAND ${PAXCTL} -c -m $<TARGET_FILE:${targetName}>
+ )
+ endif()
+ endif(CLR_CMAKE_HOST_LINUX OR CLR_CMAKE_HOST_FREEBSD OR CLR_CMAKE_HOST_NETBSD OR CLR_CMAKE_HOST_SUNOS)
endfunction()
if (CMAKE_VERSION VERSION_LESS "3.12")