Re: [Qemu-devel] [PATCH v8 1.0] configure: build position independent executables on x86-Linux hosts

[Anthony Liguori <anthony@codemonkey.ws>]

On 11/15/2011 12:12 PM, Avi Kivity wrote:
> Change the default on x86 Linux hosts to building PIE (position
> independent executables); instead of restricting the option to
> user-only targets, apply it to all targets.
>
> In addition, set the relocation sections to read-only (relro) when
> available; this reduces the attack surface by disallowing changes to
> relocation tables at runtime.
>
> While PIE reduces performance and relro increases load time, it
> greatly improves security, with the potential to reduce a code
> execution vulnerability to a self denial of service.
>
> Non-x86 are not changed, as they require TCG changes; neither are
> non-Linux, due to lack of test coverage.
>
> Signed-off-by: Avi Kivity<avi@redhat.com>

Applied.  Thanks.

Regards,

Anthony Liguori

> ---
>
> v8: restrict further to Linux hosts
>      use linker option '-pie' instead of '-Wl,-pie'; fixes link on x86_64
>
> v7: avoid 'test -a'
>      optimize relro/now linker flag test
>      fail if toolchain doesn't support pie while the user explicitly asked for it
>
> v6: fix subject line. sigh.
>
> v5: fix typos; only default enable for x86; mutually exclusive with -static
>
> v4: say it's v4 and for 1.0
>
> v3: detect toolchain support for PIE at configure time
>
> v2: improve description to include relro
>
>   configure |   65 ++++++++++++++++++++++++++++++++++++++++++++----------------
>   1 files changed, 47 insertions(+), 18 deletions(-)
>
> diff --git a/configure b/configure
> index 6c77fbb..75e1f10 100755
> --- a/configure
> +++ b/configure
> @@ -172,7 +172,7 @@ aix="no"
>   blobs="yes"
>   pkgversion=""
>   check_utests=""
> -user_pie="no"
> +pie=""
>   zero_malloc=""
>   trace_backend="nop"
>   trace_file="trace"
> @@ -701,9 +701,9 @@ for opt do
>     ;;
>     --disable-guest-base) guest_base="no"
>     ;;
> -  --enable-user-pie) user_pie="yes"
> +  --enable-pie) pie="yes"
>     ;;
> -  --disable-user-pie) user_pie="no"
> +  --disable-pie) pie="no"
>     ;;
>     --enable-uname-release=*) uname_release="$optarg"
>     ;;
> @@ -1031,8 +1031,8 @@ echo "  --disable-bsd-user       disable all BSD usermode emulation targets"
>   echo "  --enable-guest-base      enable GUEST_BASE support for usermode"
>   echo "                           emulation targets"
>   echo "  --disable-guest-base     disable GUEST_BASE support"
> -echo "  --enable-user-pie        build usermode emulation targets as PIE"
> -echo "  --disable-user-pie       do not build usermode emulation targets as PIE"
> +echo "  --enable-pie             build Position Independent Executables"
> +echo "  --disable-pie            do not build Position Independent Executables"
>   echo "  --fmod-lib               path to FMOD library"
>   echo "  --fmod-inc               path to FMOD includes"
>   echo "  --oss-lib                path to OSS library"
> @@ -1099,6 +1099,47 @@ for flag in $gcc_flags; do
>       fi
>   done
>
> +if test "$static" = "yes" ; then
> +  if test "$pie" = "yes" ; then
> +    echo "static and pie are mutually incompatible"
> +    exit 1
> +  else
> +    pie="no"
> +  fi
> +fi
> +
> +if test "$pie" = ""; then
> +  case "$cpu-$targetos" in
> +    i386-Linux|x86_64-Linux)
> +      ;;
> +    *)
> +      pie="no"
> +      ;;
> +  esac
> +fi
> +
> +if test "$pie" != "no" ; then
> +  cat>  $TMPC<<  EOF
> +int main(void) { return 0; }
> +EOF
> +  if compile_prog "-fPIE -DPIE" "-pie"; then
> +    QEMU_CFLAGS="-fPIE -DPIE $QEMU_CFLAGS"
> +    LDFLAGS="-pie $LDFLAGS"
> +    pie="yes"
> +    if compile_prog "" "-Wl,-z,relro -Wl,-z,now" ; then
> +      LDFLAGS="-Wl,-z,relro -Wl,-z,now $LDFLAGS"
> +    fi
> +  else
> +    if test "$pie" = "yes"; then
> +      echo "PIE not available due to missing toolchain support"
> +      exit 1
> +    else
> +      echo "Disabling PIE due to missing toolchain support"
> +      pie="no"
> +    fi
> +  fi
> +fi
> +
>   #
>   # Solaris specific configure tool chain decisions
>   #
> @@ -2765,7 +2806,7 @@ echo "Documentation     $docs"
>   echo "uname -r          $uname_release"
>   echo "NPTL support      $nptl"
>   echo "GUEST_BASE        $guest_base"
> -echo "PIE user targets  $user_pie"
> +echo "PIE               $pie"
>   echo "vde support       $vde"
>   echo "Linux AIO support $linux_aio"
>   echo "ATTR/XATTR support $attr"
> @@ -3225,9 +3266,6 @@ for d in libdis libdis-user; do
>       symlink $source_path/Makefile.dis $d/Makefile
>       echo>  $d/config.mak
>   done
> -if test "$static" = "no" -a "$user_pie" = "yes" ; then
> -  echo "QEMU_CFLAGS+=-fpie">  libdis-user/config.mak
> -fi
>
>   for target in $target_list; do
>   target_dir="$target"
> @@ -3646,12 +3684,6 @@ if test "$target_softmmu" = "yes" ; then
>     esac
>   fi
>
> -if test "$target_user_only" = "yes" -a "$static" = "no" -a \
> -	"$user_pie" = "yes" ; then
> -  cflags="-fpie $cflags"
> -  ldflags="-pie $ldflags"
> -fi
> -
>   if test "$target_softmmu" = "yes" -a \( \
>           "$TARGET_ARCH" = "microblaze" -o \
>           "$TARGET_ARCH" = "cris" \) ; then
> @@ -3775,9 +3807,6 @@ d=libuser
>   mkdir -p $d
>   mkdir -p $d/trace
>   symlink $source_path/Makefile.user $d/Makefile
> -if test "$static" = "no" -a "$user_pie" = "yes" ; then
> -  echo "QEMU_CFLAGS+=-fpie">  $d/config.mak
> -fi
>
>   if test "$docs" = "yes" ; then
>     mkdir -p QMP