[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PING] Re: Add check for -no-pie if the compiler default to -fPIE
From: |
Magnus Granberg |
Subject: |
Re: [PING] Re: Add check for -no-pie if the compiler default to -fPIE |
Date: |
Tue, 08 Nov 2016 23:01:38 +0100 |
User-agent: |
KMail/5.3.0 (Linux/4.6.4-gentoo; KDE/5.25.0; x86_64; ; ) |
söndag 6 november 2016 kl. 10:05:53 CET skrev du:
> 21.10.2016 00:26, Magnus Granberg пишет:
> > lördag 21 maj 2016 kl. 20:53:48 CEST skrev du:
> >> On Saturday 21 May 2016 19.26.18 you wrote:
> >>> 21.05.2016 19:02, Magnus Granberg пишет:
> >>>> On Saturday 21 May 2016 18.55.11 you wrote:
> >>>>> 21.05.2016 17:47, Magnus Granberg пишет:
> >>>>>> When Grub is compile with gcc 6.1 that have --enable-defult-pie set.
> >>>>>> It fail with.
> >>>>>> -ffreestanding -m32 -Wl,-melf_i386 -Wl,--build-id=none -nostdlib
> >>>>>> -Wl,-N
> >>>>>> -Wl,-r,-d - o trig.module trig_module-trigtables.o
> >>>>>> grep 'MARKER' gcry_whirlpool.marker.new > gcry_whirlpool.marker; rm
> >>>>>> -f
> >>>>>> gcry_whirlpool.marker.new
> >>>>>> /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/../../../../x86_64-pc-linux-gn
> >>>>>> u
> >>>>>> /b
> >>>>>> in
> >>>>>> /ld: -r and - shared may not be used together
> >>>>>> collect2: error: ld returned 1 exit status
> >>>>>> Makefile:26993: recipe for target 'trig.module' failed
> >>>>>>
> >>>>>>
> >>>>>> 2016-05-21 Magnus Granberg <address@hidden>
> >>>>>>
> >>>>>> acinclude.m4: Add check for -no-pie. configure.ac: Add
> >>>>>> -no-pie to
> >>>>>>
> >>>>>> TARGET_LDFLAGS if needed.
> >>>>>> ...
> >>>>>
> >>>>> Please test with current master:
> >>>>>
> >>>>> commit f4d35d49e32c29183b3492da18ea480d91716efe
> >>>>> Author: Andrei Borzenkov <address@hidden>
> >>>>> Date: Tue Mar 22 20:12:22 2016 +0300
> >>>>>
> >>>>> configure: set -fno-pie together with -fno-PIE
> >>>>
> >>>> Still fail the same way
> >>>
> >>> Please send full config.log and output of make.
> >>
> >> Gcc 6.1 pass -pie to the linker if is configure with --enable-default-pie
> >> When linking with -r it don't mix well with -pie/-shared
> >> Gentoo bug https://bugs.gentoo.org/show_bug.cgi?id=583042 with logs
> >> Patch updated
> >
> > Any progres on this?
>
> My apologies. Do we really need any explicit check for this? As far as I
> can tell, options -fpie, -fPIE, -pie appeared in the same GCC release
> (at least they first mentioned in 3.4 documentation together). Manual
> also says that -fpie/-fPIE and -pie must be used together.
>
https://gcc.gnu.org/gcc-6/changes.html (Other significant improvements)
gcc 6.x is the only compiler that can enable -fPIE -pie as default
without passing it on the command line. Debian/Ubuntu are testing to use this
as we do in Gentoo hardened. we allready disable -fPIE if needed but not -pie
> We do use $CC for linker - at least, by default. So it appears we should
> be able to simply set -no-pie, no?
>
Is only gcc 6.X and newer linker that support -no-pie.
> Does clang support -fpie/-fPIE/-(no-)pie options? I do not see them in
> help output, but it does not say much.
>
Clang support -fPIE/-fpie but i don't know if it support -no-pie
> Oh, BTW, you have typo in patch
>
> > +[AC_MSG_CHECKING([whether linker accepts -no-pie])
> > +AC_CACHE_VAL(grub_cv_cc_ld_nopie,
>
> ^^^^^
>
> > +[save_LDFLAGS="$LDFLAGS"
> > +LDFLAGS="$LDFLAGS -no-pie"
> > +AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
> > + [grub_cv_cc_ld_no_pie=yes],
> > + [grub_cv_cc_ld_no_pie=no])
>
> ^^^^^^
Fixed in the updated patch
2016-11-08 Magnus Granberg <address@hidden>
* acinclude.m4: Add check for -no-pie.
* configure.ac: Add -no-pie to TARGET_LDFLAGS if needed.
grub-ld_nopie.patch
Description: Text Data