Re: [PATCH v2] selftests: exec: make binaries position independent
From: John Hubbard
Date: Mon May 06 2024 - 20:24:35 EST
On 5/6/24 5:14 PM, Fangrui Song wrote:
On Mon, May 6, 2024 at 5:05 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
On Mon, May 06, 2024 at 04:30:27PM -0700, Fangrui Song wrote:
On Tue, Apr 16, 2024 at 10:28 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
On Tue, Apr 16, 2024 at 08:28:29PM +0500, Muhammad Usama Anjum wrote:
The -static overrides the -pie and binaries aren't position independent
anymore. Use -static-pie instead which would produce a static and
position independent binary. This has been caught by clang's warnings:
clang: warning: argument unused during compilation: '-pie'
[-Wunused-command-line-argument]
Tested with both gcc and clang after this change.
Fixes: 4d1cd3b2c5c1 ("tools/testing/selftests/exec: fix link error")
Signed-off-by: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
Thanks for this!
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
--
Kees Cook
GCC versions before 8.1 do not support -static-pie,
while https://www.kernel.org/doc/html/next/process/changes.html says
the minimal version is GCC 5.1.
Is this a problem?
If not, and CFLAGS is guaranteed to include -fpie/-fpic/-fPIE/-fPIC
(PIC), using -static-pie looks good to me.
Should we use this alternative, which may be more portable?
https://lore.kernel.org/all/20240504022301.35250-1-jhubbard@xxxxxxxxxx/
-Kees
s/-fPIE -static/-static/ then it looks good to me:)
hmm, maybe that is better, considering that -static-pie is relatively
new (as you pointed out in the other thread), and would break the
minimum kernel gcc version requirements.
-static creates a position-dependent executable.
It doesn't matter whether the compiler uses -fno-pic/-fpie/-fpic
codegen, so -fPIE can be removed.
This is something I'd have to take your word for. The whole PIE
story not completely clear to me, but if you're sure it is not
required here, then of course leaving it out entirely works nicely...
thanks,
--
John Hubbard
NVIDIA