From: SungHun Hwang <sh0924.hwang@samsung.com>
Date: Tue, 14 Jun 2016 01:13:50 +0000 (+0900)
Subject: packaging: add noexecstack option in LDFLAGS for Data Execution Prevention
X-Git-Tag: submit/tizen_base/20160614.022329^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fheads%2Ftizen_5.5_base;p=platform%2Fupstream%2Flibffi.git

packaging: add noexecstack option in LDFLAGS for Data Execution Prevention

req. from   : security part
req. reason : https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks

[before]
$ readelf -l libffi.so.6 | grep STACK
  GNU_STACK      0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x10

[after]
$ readelf -l libffi.so.6 | grep STACK
  GNU_STACK      0x000000 0x00000000 0x00000000 0x00000 0x00000 RW  0x10

Change-Id: If29268f7905298185ab639b3bb7a7b3c4080b3b7
Signed-off-by: SungHun Hwang <sh0924.hwang@samsung.com>
---

diff --git a/packaging/libffi.spec b/packaging/libffi.spec
index 89efc2c..6c3c92e 100644
--- a/packaging/libffi.spec
+++ b/packaging/libffi.spec
@@ -52,6 +52,7 @@ developing applications that use %{name}.
 
 
 %build
+export LDFLAGS+="-Wl,-z,noexecstack"
 %reconfigure --disable-static
 make %{?_smp_mflags}