1eda14cbcSMatt Macy#!/bin/sh 2eda14cbcSMatt Macy 316038816SMartin Matuskaif ! command -v scanelf > /dev/null; then 4eda14cbcSMatt Macy echo "scanelf (from pax-utils) is required for these checks." >&2 5eda14cbcSMatt Macy exit 3 6eda14cbcSMatt Macyfi 7eda14cbcSMatt Macy 8eda14cbcSMatt MacyRET=0 9eda14cbcSMatt Macy 10eda14cbcSMatt Macy# check for exec stacks 11eda14cbcSMatt MacyOUT=$(scanelf -qyRAF '%e %p' "$1") 12eda14cbcSMatt Macy 13eda14cbcSMatt Macyif [ x"${OUT}" != x ]; then 14eda14cbcSMatt Macy RET=2 15eda14cbcSMatt Macy echo "The following files contain writable and executable sections" 16eda14cbcSMatt Macy echo " Files with such sections will not work properly (or at all!) on some" 17eda14cbcSMatt Macy echo " architectures/operating systems." 18eda14cbcSMatt Macy echo " For more information, see:" 19eda14cbcSMatt Macy echo " https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart" 20eda14cbcSMatt Macy echo 21eda14cbcSMatt Macy echo "${OUT}" 22eda14cbcSMatt Macy echo 23eda14cbcSMatt Macyfi 24eda14cbcSMatt Macy 25eda14cbcSMatt Macy 26eda14cbcSMatt Macy# check for TEXTRELS 27eda14cbcSMatt MacyOUT=$(scanelf -qyRAF '%T %p' "$1") 28eda14cbcSMatt Macy 29eda14cbcSMatt Macyif [ x"${OUT}" != x ]; then 30eda14cbcSMatt Macy RET=2 31eda14cbcSMatt Macy echo "The following files contain runtime text relocations" 32eda14cbcSMatt Macy echo " Text relocations force the dynamic linker to perform extra" 33eda14cbcSMatt Macy echo " work at startup, waste system resources, and may pose a security" 34eda14cbcSMatt Macy echo " risk. On some architectures, the code may not even function" 35eda14cbcSMatt Macy echo " properly, if at all." 36eda14cbcSMatt Macy echo " For more information, see:" 37eda14cbcSMatt Macy echo " https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels" 38eda14cbcSMatt Macy echo 39eda14cbcSMatt Macy echo "${OUT}" 40eda14cbcSMatt Macy echo 41eda14cbcSMatt Macyfi 42eda14cbcSMatt Macy 43*e92ffd9bSMartin Matuskaexit "$RET" 44