Re: [PATCH 1/1] perf build: Fix Python extension build with GCC 16 hardening

[Arnaldo Carvalho de Melo <acme@kernel.org>]

On Wed, May 20, 2026 at 01:09:05PM +0000, sashiko-bot@kernel.org wrote:
> Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
> - [Medium] The patch explicitly allows text relocations in the Python extension shared object (`perf.so`) by adding `-Wl,-z,notext`, masking the root cause of missing `-fPIC` flags and breaking W^X (Write XOR Execute) security protections.
> --
> 
> commit f3832fb0ad0d1f9c2e69039b2a5110f77d220d5e
> Author: Jan Polensky <japo@linux.ibm.com>
> 
> perf build: Fix Python extension build with GCC 16 hardening
> 
> This commit addresses a build failure in the Python extension caused by GCC 16
> stricter security policies regarding dynamic relocations in read-only segments.
> It adds the -Wl,-z,notext flag to the linker to explicitly allow text
> relocations in the Python extension shared object.
> 
> > diff --git a/tools/perf/Makefile.perf b/tools/perf/Makefile.perf
> > index 76b35ac19acbf..eea170d6576db 100644
> > --- a/tools/perf/Makefile.perf
> > +++ b/tools/perf/Makefile.perf
> > @@ -749,7 +749,7 @@ all: shell_compatibility_test $(ALL_PROGRAMS) $(LANG_BINDINGS) $(OTHER_PROGRAMS)
> >  $(shell [ -d '$(OUTPUT)python' ] || mkdir -p '$(OUTPUT)python')
> >  
> >  $(OUTPUT)python/perf$(PYTHON_EXTENSION_SUFFIX): util/python.c util/setup.py $(PERFLIBS_PY)
> > -	$(QUIET_GEN)LDSHARED="$(CC) -pthread -shared" \
> > +	$(QUIET_GEN)LDSHARED="$(CC) -pthread -shared -Wl,-z,notext" \
> 
> [Severity: Medium]
> Does adding -Wl,-z,notext mask the root cause of the GCC 16 linker error?
> 
> The error regarding dynamic relocations in a read-only segment usually
> indicates that non-position-independent code from the static libraries
> is being linked into the shared library.
> 
> Using -Wl,-z,notext suppresses this error by allowing text relocations, which
> forces the dynamic linker to map the executable text segment as writable at
> load time. This breaks W^X security protections and weakens the security of
> any Python process loading the extension.
> 
> Should the required object files be compiled with -fPIC instead to properly
> resolve the linker error without compromising security?

So I asked Claude about this and he suggests doing like other parts of
perf and using -fPIC, can you try to do that?

---------------------------------------

● Sashiko is right. -Wl,-z,notext is a band-aid that weakens security —
  it makes the text segment writable at load time, defeating W^X.

  The root cause is that PERFLIBS_PY (the static libraries linked into
  the Python .so) are compiled without -fPIC. When you link non-PIC .a
  archives into a shared library, the linker needs text relocations. GCC
  16 correctly rejects this by default.

  The proper fix is to build the static libraries that go into the
  Python extension with -fPIC. The perf build system already has
  precedent for this — look for how libperf and libsubcmd handle PIC
  builds. The Python extension's dependencies need a parallel -fPIC
  build, or the existing objects need to be compiled with -fPIC when the
  Python binding is enabled.

  The -Wl,-z,notext approach would also cause issues on distros that
  enforce RELRO + BIND_NOW hardening, and some package builders would
  reject the resulting .so outright.

- Arnaldo