1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
This is PIEworld
================
Toolchain modified to build everything that isn't -fPIC, as -fPIE.
gcc:
----
1) Built with PIE-default, SSP-default, RELRO and BIND_NOW
2) Non-PIC crtstuff built -fno-PIE (crtbegin.o, crtend.o)
3) Specs permit -static && -fPIE (but not -pie)
glibc:
------
1) Built with PIE-default, SSP off, RELRO and BIND_NOW
2) Non-PIC crtstuff built -fno-PIE (crt1.o - note; crtn.o, crti.o, Scrt1.o all built -fPIC)
3) Make pic-default configure check ignore -fPIE.
4) Link all apps PIE, adjust TLS initialisation to avoid using the TLS before it's ready.
The results are:
crt*S.o, crtn.o, crti.o & Scrt1.o are -fPIC, all other crtfiles are -fno-PIE.
Code archives lib*.a are -fPIE
Note that since lib*.a are not available -fno-PIE, building static binaries actually creates
binaries containing PIE code, although the executable has a fixed location.
Upgrade path
------------
From hardened gcc-3/glibc-2.3:
1) Switch to vanilla compiler
2) USE="-hardened" emerge --oneshot =sys-libs/glibc-2.5
3) USE="-hardened" emerge --oneshot =sys-devel/gcc-4.1.1-r3
4) switch to hardened compiler
5) emerge --oneshot =sys-libs/glibc-2.5
6) emerge --oneshot =sys-devel/gcc-4.1.1-r3
TODO
----
1) Check all archive lib*.a that don't have a .so - should they be -fPIC rather than -fPIE?
Done:
All those that don't have a .so are best off -fPIC, which is ok for being linked into
shared libraries, and is also ok-enough for use in executables (whereas -fPIE isn't
good for shared libraries).
lib*.a from gcc-4.1.1 are:
libgcc.a built -fPIC
libgcc_eh.a built -fPIC
libffi.a .so equivalent exists
libgcj.a .so equivalent exists
libgcjwt.a .so equivalent exists
libgcov.a built -fPIC
libgfortran.a .so equivalent exists
libgfortranbegin.a Contains fmain.o - looks like only used for executables, so should be ok -fPIE
libgij.a .so equivalent exists
libstdc++.a .so equivalent exists
lib*.a from glibc-2.5 are:
libieee.a shared library (just named '.a')
libmcheck.a shared library (just named '.a')
libc_stubs.a shared library (just named '.a')
libBrokenLocale.a .so equivalent exists
libutil.a .so equivalent exists
librpcsvc.a Built -fPIC (http://sourceware.org/ml/glibc-bugs/2005-07/msg00157.html)
libdl.a .so equivalent exists
librt.a .so equivalent exists
libbsd-compat.a contains only an empty object 'dummy.o' - doesn't matter how it's built
libpthread.a .so equivalent exists
libc.a .so equivalent exists
libg.a contains only an empty object 'dummy.o' - doesn't matter how it's built
libm.a .so equivalent exists
libcrypt.a .so equivalent exists
libanl.a .so equivalent exists
libresolv.a .so equivalent exists
libnsl.a .so equivalent exists
So looks like it's all ok, both in gcc and glibc.
|