From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jerome Brown <guruswami@orcon.net.nz>
Subject: Re: Unable to compile Xen-2.0
Date: Wed, 27 Oct 2004 14:41:05 +1300
Sender: xen-devel-admin@lists.sourceforge.net
Message-ID: <417EFCB1.406@orcon.net.nz>
References: <E1CMcZK-00064d-00@mta1.cl.cam.ac.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-admin@lists.sourceforge.net>
In-Reply-To: <E1CMcZK-00064d-00@mta1.cl.cam.ac.uk>
Errors-To: xen-devel-admin@lists.sourceforge.net
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.sourceforge.net>
List-Help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
To: Xen-devel@lists.sourceforge.net
List-Id: xen-devel@lists.xenproject.org

>>I am running Gentoo Linux with GCC 3.4.2 and glibc 2.3.4.20040808 
>>compiled with NPTL only (no LinuxThreads) and both a 2.6.9 and a 2.6.8.1 
>>kernel. 
>>
>>Any thoughts or suggestions are greatly appreciated. I will try with GCC 
>>3.3.3 to see if that helps.
> 
> It's probably a gcc version issue. We try to get stuff working
> with most gcc versions, but no-one round here uses 3.4 by default
> -- it's way too bleeding edge.

Compiled the xenU fine with gcc 3.3.3 - must be a gcc issue. I'm testing 
on a box at the moment, so have installed all the new toys to play with 
:) Might try with SSP and PIE again ...

>>The GCC has ssp-3.4.1 and pie-8.7.6.5 compiled in, but they are 
>>disabled for the compilation as Xen will not compile with them enabled 
>>(Are there plans to allow this?). 
> 
> What are ssp and pie?

SSP is Stack Smashing Protection - formerly ProPolice (see 
http://www.trl.ibm.com/projects/security/ssp/ for more info) and PIE is 
Position Independent Executable i.e. PIC for binaries. SSP modifies the 
C compiler to insert initialization code into functions that create a 
buffer in memory. At run time, when a buffer is created, SSP adds a 
secret random value, the canary, to the end of the buffer. When the 
function returns, SSP makes sure that the canary is still intact. If an 
attacker were to perform a buffer overflow, he would overwrite this 
value and trigger that stack smashing handler. Currently this kills the 
target process. (Descriptions borrowed from Gentoo Hardened Project 
http://www.gentoo.org/proj/en/hardened/) They provide an extra layer of 
security from attack on a server open to the world.


-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click