Hi Werner, We do not have exec shield, but we might have other methods. They are however not just enabled on AARCH64, you would see similar issues on all architectures. randomize_va_space we have, but it is effective for this issue only if you build with PIE support enabled. I think this specific issue is aarch64 architecture specific and not related to kernel security features. Ciao, Marcus On Fri, Nov 11, 2016 at 08:53:11AM +0100, Dr. Werner Fink wrote:
Hi,
just seen such build messages on aarch64 for GNU Emacs:
[ 1604s] ************************************************** [ 1604s] Warning: Your system has a gap between BSS and the [ 1604s] heap (418602288 bytes). This usually means that exec-shield[ 1519.794139] pgd = ffff8001f2320000 [ 1604s] [ 1604s] [ 1519.828659] [00949000] *pgd=0000000232181003, *pud=000000022ec05003or something similar is in effect. The dump may, *pmd=00000002330f4003, *pte=0000000000000000 [ 1604s] [ 1604s] fail because of this. See the section about [ 1604s] exec-shield in etc/PROBLEMS for more information.
and indeed on emacs-25.1/etc/PROBLEMS I read
| Another issue is that in Red Hat Linux kernels, Exec-shield is enabled by | default, and this creates a different memory layout. Emacs should | handle this at build time, but if this fails the following | instructions may be useful. Exec-shield is enabled on your system if | | cat /proc/sys/kernel/exec-shield | |prints a nonzero value. You can temporarily disable it as follows: | | echo 0 > /proc/sys/kernel/exec-shield
similar for randomize_va_space:
| To work around the ASLR problem in either an older or a newer kernel, | you can temporarily disable the feature while building Emacs. On | GNU/Linux you can do so using the following command (as root). | | echo 0 > /proc/sys/kernel/randomize_va_space | | You can re-enable the feature when you are done, by echoing the | original value back to the file. | | Alternatively, you can try using the 'setarch' command when building | temacs like this, where -R disables address space randomization: | | setarch $(uname -m) -R make
That is if we support exec-shield and/or randomize_va_space I'd like to be able to disable this in the build environment for GNU emacs as well as e.g. for clisp and maybe other packages.
Werner
-- "Having a smoking section in a restaurant is like having a peeing section in a swimming pool." -- Edward Burr
--
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real