Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Ned Ludd <solar@g.o>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] kernel upgrade problems: bad page state
Date: Sun, 04 Nov 2007 05:03:23
Message-Id: 1194152488.9205.46.camel@localhost
In Reply to: Re: [gentoo-hardened] kernel upgrade problems: bad page state by Brian Kroth
1 On Sat, 2007-11-03 at 23:00 -0500, Brian Kroth wrote:
2 > >> based on the maps files, both cactid and nagios are PIEs. two questions:
3 > >> are they the only PIEs on this system (that regularly run, that is) and
4 > >> do you have PIEs on the other systems that don't show the symptomps?
5 > >
6 > > I'm using the hardened/x86/2.6 profile which enables the pic use flag.
7 > > Here's where my understanding gets hazy. PIC != PIE, but the two are
8 > > related in that PIC creates position independent code, but not for
9 > > executables? Anyways, how would I check?
10
11 file, scanelf, readelf..
12
13 >
14 > Reading some wikipedia on this now to try and understand it a little
15 > better, but it didn't give me any insight as to how to read the maps
16 > file to determine whether or not it was a pie.
17 >
18 > I re-emerged cacti-cactid and did not see pic or pie in the output at
19 > all. Is that just enabled by default by the compiler? It looks like it.
20
21 The profile auto enables USE=hardened on gcc which would result in a
22 compiler that will generate position independent executable with ssp
23 enabled by default. The 'pic' flag is only used in the tree to enable
24 alternative position independent versions of hand written assembly in a
25 few packages or work around other non pic code that we would prefer to
26 be pic otherwise in pkgs.
27
28 gcc-config gives you the option of switching to various combinations of
29 these flags enabled by the hardened compiler using spec files.
30
31 For userland debugging it's usually best to switch to the gcc specs to
32 the ones labeled 'vanilla and recompile the programs in question with a
33 command like
34 bash# gcc-config i686-pc-linux-gnu-3.4.6-vanilla
35 bash# . /etc/profile ; . ~/.bash_profile
36
37 See also
38 http://www.gentoo.org/proj/en/qa/backtraces.xml
39 http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml
40
41 --
42 gentoo-hardened@g.o mailing list

Replies

Subject Author
Re: [gentoo-hardened] kernel upgrade problems: bad page state Brian Kroth <bpkroth@××××.edu>
Report Message
Find on MARC Find on Google Groups