1 |
On Mon, 18 Dec 2006 11:55:31 +0100 (CET) |
2 |
"Peter S. Mazinger" <ps.m@×××.net> wrote: |
3 |
|
4 |
> On Tue, 12 Dec 2006, Alexander Gabert wrote: |
5 |
> |
6 |
> > Kevin: this is the build failures, i would have made them end up |
7 |
> > adding into bugzilla but one of us both wasn't awake. |
8 |
> > |
9 |
> > PSM: if you're reading up: i don't have a clue. |
10 |
> > |
11 |
> > In the meantime, working with bugs.g.o. it's getting a real hassle, |
12 |
> > so can someone please kick that pos in the shins so we can work on |
13 |
> > bugs again? TIA |
14 |
> > |
15 |
> > I think we should have a talk or two and maybe a test case for |
16 |
> > building that libiberty on all arches with either PIC or PIE code. |
17 |
> > I honestly don't care howe we build it, i just want it to work on |
18 |
> > all Gentoo supported arches for hardened. |
19 |
> > |
20 |
> > For those of you having issues with the file: here is the log for |
21 |
> > pitr and miranda: |
22 |
> > |
23 |
> > http://dev.gentoo.org/~pappy/tmp/amd64-pie-libiberty-failure.txt |
24 |
> |
25 |
> It seems some of you are mixing up PIC and PIE. For the record, there |
26 |
> are no PIE libraries and if you want to run a hardened box where each |
27 |
> file is text relocation free, then you have to compile all code that |
28 |
> goes to libraries (even into lib*.a) with -fPIC|-fpic. To quickly |
29 |
> check this statement, compile some object with -fPIE, put into libx.a |
30 |
> and compile a shared lib with -fPIC using code from libx.a. readelf |
31 |
> -d shared_lib | grep TEXTREL. |
32 |
|
33 |
Agreed - however lib*.a are not generally used to build shared |
34 |
libraries; they're mostly for building static binaries. Gcc deals |
35 |
with libiberty (normally) by building a pic version (libiberty_pic.a) |
36 |
for linking to shared libraries when it needs to. We do mess that up, |
37 |
I think - I'm still looking into that. |
38 |
|
39 |
> The pie patches compile everything with -fPIE unless -fPIC was used, |
40 |
> the app itself has to take care (and most apps using libtool do it by |
41 |
> using -fPIC -DPIC) that code that goes into libs is -fPIC compiled. |
42 |
> libtool fails only in cases where configure does not recognize |
43 |
> correctly the target (thats why gnuconfig_update/libtoolize are |
44 |
> needed). |
45 |
> |
46 |
> Some will argue, that it does not make sense to compile code in |
47 |
> lib*.a with -fPIC. Those shouldn't use hardened, because they end up |
48 |
> with text relocations and a hardened box should block text |
49 |
> relocations either in kernel (PaX feature) or libc (possible with |
50 |
> uClibc, but not glibc) |
51 |
|
52 |
I think it's more complicated than that. What should go into a lib*.a |
53 |
archive depends on how it's going to be used. If it's going to be used |
54 |
to build a shared library, then as you say the code needs to be PIC - |
55 |
however this is rare (examples are libc_*nonshared.a). If it's being |
56 |
used to build a non-PIE executable - which usually means building a |
57 |
static executable - then the code needs to be normal (non-PIC). If |
58 |
it's going to be used to build a (PIE) executable, the code needs to be |
59 |
PIE - in practice this is very rare, since linking to lib*.a instead |
60 |
of lib*.so means building static binaries, and that's not sensible |
61 |
when building PIEs as by definition they need the dynamic loader. |
62 |
|
63 |
Strictly speaking, on a hardened system, the -vanilla and -hardenednopie |
64 |
compiler cannot be guaranteed to generate working executables - indeed |
65 |
it creates garbage on sparc (x86 seems to be more forgiving; you can mix |
66 |
PIE objects into a non-PIE executable and they appear to work). |
67 |
|
68 |
I'm working on a sane solution to this problem using ABIs, but it's |
69 |
quite involved, and it's quite a departure from what we currently do. |
70 |
Once I have my thoughts clear, I'll post a proposal. |
71 |
|
72 |
For the moment, however, we can continue as we did before, but |
73 |
highlight that -vanilla and -hardenednopie may not generate working |
74 |
executables. Mostly this affects bootloaders, and things like |
75 |
static busybox. |
76 |
|
77 |
-- |
78 |
Kevin F. Quinn |