| 1 |
On 2021-04-22 21:23, Sam James wrote: |
| 2 |
> Such pkg_setups are best avoided if possible because they can be |
| 3 |
> confusing and we have other tools to handle it, so I’m glad you asked! |
| 4 |
> I’d provide a USE flag for this tool and mask it on non-multilib amd64 |
| 5 |
> profiles (or mask everywhere and unmask on the multilib amd64 |
| 6 |
> profiles). |
| 7 |
Fasm itself can be built and run in pure amd64 environment, so we need |
| 8 |
to mask only USEs for building additional tools and building fasm itself |
| 9 |
against libc in non-multilib amd64 (native x86 is correct platform too) |
| 10 |
it this approach. |
| 11 |
|
| 12 |
> 1) The TEXTREL QA warning primarily exists because of the security |
| 13 |
> issues associated with them - they prevent PIC. |
| 14 |
> |
| 15 |
> The following links may be useful: |
| 16 |
> - |
| 17 |
> https://flameeyes.blog/2016/01/16/textrels-text-relocations-and-their-impact-on-hardening-techniques/ |
| 18 |
> - https://wiki.gentoo.org/wiki/Hardened/Textrels_Guide |
| 19 |
> |
| 20 |
> However, I think it’s not really likely to be a real world issue if |
| 21 |
> the program in question is an assembler. You’re just going to hit |
| 22 |
> possible portability issues |
| 23 |
> but I’m not sure what the details are there. |
| 24 |
Seems like gcc when used as linker frontend expects PIE-aware code in |
| 25 |
object file and pass '-pie' to linker, but fasm doesn't know anything |
| 26 |
about PIE, so ld fallbacks to TEXTRELs, AFAIK. Suggest two approaches: |
| 27 |
disable passing PIE in gcc in some way or ignore textrel issues. Manual |
| 28 |
linking seems to be error-prone in any non-standard configuration, such |
| 29 |
as ${ROOT}/${SYSROOT} cross-environments, binary hosts, etc... maybe I |
| 30 |
too scared because not so familiar with linking, however. |
| 31 |
|
| 32 |
> 2) Passing -fno-PIE and friends should work if you use append-* from |
| 33 |
> flag-o-matic.eclass? |
| 34 |
Passing -fno-pie to gcc has no effect, `strace --string-limit -vfe |
| 35 |
execve` shows that '--pie' is passed to ld anyway. |
| 36 |
|
| 37 |
> Can’t see it here. |
| 38 |
Looks like it accidentaly not posted by my stupid webmail client, posted |
| 39 |
in plaintext in reply to original post. |
Archives