* [Qemu-devel] [PATCH v7 1.0] configure: build position independent executables on x86 hosts
@ 2011-11-15 9:34 Avi Kivity
2011-11-15 11:25 ` Peter Maydell
0 siblings, 1 reply; 4+ messages in thread
From: Avi Kivity @ 2011-11-15 9:34 UTC (permalink / raw)
To: Anthony Liguori, qemu-devel, Blue Swirl; +Cc: Paul Moore, Peter Maydell
Change the default on x86 hosts to building PIE (position independent
executables); instead of restricting the option to user-only targets,
apply it to all targets.
In addition, set the relocation sections to read-only (relro) when available;
this reduces the attack surface by disallowing changes to relocation tables
at runtime.
While PIE reduces performance and relro increases load time, it greatly
improves security, with the potential to reduce a code execution vulnerability
to a self denial of service.
Non-x86 are not changed, as they require TCG changes.
Signed-off-by: Avi Kivity <avi@redhat.com>
---
v7: avoid 'test -a'
optimize relro/now linker flag test
fail if toolchain doesn't support pie while the user explicitly asked for it
v6: fix subject line. sigh.
v5: fix typos; only default enable for x86; mutually exclusive with -static
v4: say it's v4 and for 1.0
v3: detect toolchain support for PIE at configure time
v2: improve description to include relro
configure | 65 ++++++++++++++++++++++++++++++++++++++++++++----------------
1 files changed, 47 insertions(+), 18 deletions(-)
diff --git a/configure b/configure
index 6c77fbb..ba7143a 100755
--- a/configure
+++ b/configure
@@ -172,7 +172,7 @@ aix="no"
blobs="yes"
pkgversion=""
check_utests=""
-user_pie="no"
+pie=""
zero_malloc=""
trace_backend="nop"
trace_file="trace"
@@ -701,9 +701,9 @@ for opt do
;;
--disable-guest-base) guest_base="no"
;;
- --enable-user-pie) user_pie="yes"
+ --enable-pie) pie="yes"
;;
- --disable-user-pie) user_pie="no"
+ --disable-pie) pie="no"
;;
--enable-uname-release=*) uname_release="$optarg"
;;
@@ -1031,8 +1031,8 @@ echo " --disable-bsd-user disable all BSD usermode emulation targets"
echo " --enable-guest-base enable GUEST_BASE support for usermode"
echo " emulation targets"
echo " --disable-guest-base disable GUEST_BASE support"
-echo " --enable-user-pie build usermode emulation targets as PIE"
-echo " --disable-user-pie do not build usermode emulation targets as PIE"
+echo " --enable-pie build Position Independent Executables"
+echo " --disable-pie do not build Position Independent Executables"
echo " --fmod-lib path to FMOD library"
echo " --fmod-inc path to FMOD includes"
echo " --oss-lib path to OSS library"
@@ -1099,6 +1099,47 @@ for flag in $gcc_flags; do
fi
done
+if test "$static" = "yes" ; then
+ if test "$pie" = "yes" ; then
+ echo "static and pie are mutually incompatible"
+ exit 1
+ else
+ pie="no"
+ fi
+fi
+
+if test "$pie" = ""; then
+ case "$cpu" in
+ i386|x86_64)
+ ;;
+ *)
+ pie="no"
+ ;;
+ esac
+fi
+
+if test "$pie" != "no" ; then
+ cat > $TMPC << EOF
+int main(void) { return 0; }
+EOF
+ if compile_prog "-fPIE -DPIE" "-Wl,-pie"; then
+ QEMU_CFLAGS="-fPIE -DPIE $QEMU_CFLAGS"
+ LDFLAGS="-Wl,-pie $LDFLAGS"
+ pie="yes"
+ if compile_prog "" "-Wl,-z,relro -Wl,-z,now" ; then
+ LDFLAGS="-Wl,-z,relro -Wl,-z,now $LDFLAGS"
+ fi
+ else
+ if test "$pie" = "yes"; then
+ echo "PIE not available due to missing toolchain support"
+ exit 1
+ else
+ echo "Disabling PIE due to missing toolchain support"
+ pie="no"
+ fi
+ fi
+fi
+
#
# Solaris specific configure tool chain decisions
#
@@ -2765,7 +2806,7 @@ echo "Documentation $docs"
echo "uname -r $uname_release"
echo "NPTL support $nptl"
echo "GUEST_BASE $guest_base"
-echo "PIE user targets $user_pie"
+echo "PIE $pie"
echo "vde support $vde"
echo "Linux AIO support $linux_aio"
echo "ATTR/XATTR support $attr"
@@ -3225,9 +3266,6 @@ for d in libdis libdis-user; do
symlink $source_path/Makefile.dis $d/Makefile
echo > $d/config.mak
done
-if test "$static" = "no" -a "$user_pie" = "yes" ; then
- echo "QEMU_CFLAGS+=-fpie" > libdis-user/config.mak
-fi
for target in $target_list; do
target_dir="$target"
@@ -3646,12 +3684,6 @@ if test "$target_softmmu" = "yes" ; then
esac
fi
-if test "$target_user_only" = "yes" -a "$static" = "no" -a \
- "$user_pie" = "yes" ; then
- cflags="-fpie $cflags"
- ldflags="-pie $ldflags"
-fi
-
if test "$target_softmmu" = "yes" -a \( \
"$TARGET_ARCH" = "microblaze" -o \
"$TARGET_ARCH" = "cris" \) ; then
@@ -3775,9 +3807,6 @@ d=libuser
mkdir -p $d
mkdir -p $d/trace
symlink $source_path/Makefile.user $d/Makefile
-if test "$static" = "no" -a "$user_pie" = "yes" ; then
- echo "QEMU_CFLAGS+=-fpie" > $d/config.mak
-fi
if test "$docs" = "yes" ; then
mkdir -p QMP
--
1.7.7.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH v7 1.0] configure: build position independent executables on x86 hosts
2011-11-15 9:34 [Qemu-devel] [PATCH v7 1.0] configure: build position independent executables on x86 hosts Avi Kivity
@ 2011-11-15 11:25 ` Peter Maydell
2011-11-15 14:57 ` Anthony Liguori
0 siblings, 1 reply; 4+ messages in thread
From: Peter Maydell @ 2011-11-15 11:25 UTC (permalink / raw)
To: Avi Kivity; +Cc: Blue Swirl, Paul Moore, qemu-devel
On 15 November 2011 09:34, Avi Kivity <avi@redhat.com> wrote:
> Change the default on x86 hosts to building PIE (position independent
> executables); instead of restricting the option to user-only targets,
> apply it to all targets.
>
> In addition, set the relocation sections to read-only (relro) when available;
> this reduces the attack surface by disallowing changes to relocation tables
> at runtime.
>
> While PIE reduces performance and relro increases load time, it greatly
> improves security, with the potential to reduce a code execution vulnerability
> to a self denial of service.
>
> Non-x86 are not changed, as they require TCG changes.
>
> Signed-off-by: Avi Kivity <avi@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
...as far as the technical content of the patch is concerned.
I'm still rather dubious about the merits of putting this patch
in this late in the release cycle.
-- PMM
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH v7 1.0] configure: build position independent executables on x86 hosts
2011-11-15 11:25 ` Peter Maydell
@ 2011-11-15 14:57 ` Anthony Liguori
2011-11-15 17:50 ` Avi Kivity
0 siblings, 1 reply; 4+ messages in thread
From: Anthony Liguori @ 2011-11-15 14:57 UTC (permalink / raw)
To: Peter Maydell; +Cc: Blue Swirl, Paul Moore, Avi Kivity, qemu-devel
On 11/15/2011 05:25 AM, Peter Maydell wrote:
> On 15 November 2011 09:34, Avi Kivity<avi@redhat.com> wrote:
>> Change the default on x86 hosts to building PIE (position independent
>> executables); instead of restricting the option to user-only targets,
>> apply it to all targets.
>>
>> In addition, set the relocation sections to read-only (relro) when available;
>> this reduces the attack surface by disallowing changes to relocation tables
>> at runtime.
>>
>> While PIE reduces performance and relro increases load time, it greatly
>> improves security, with the potential to reduce a code execution vulnerability
>> to a self denial of service.
>>
>> Non-x86 are not changed, as they require TCG changes.
>>
>> Signed-off-by: Avi Kivity<avi@redhat.com>
>
> Reviewed-by: Peter Maydell<peter.maydell@linaro.org>
>
> ...as far as the technical content of the patch is concerned.
> I'm still rather dubious about the merits of putting this patch
> in this late in the release cycle.
How about we limit this to be enabled by default on x86 Linux hosts?
That would make me a lot more comfortable for 1.0 since I expect we can test
that exhaustively.
Regards,
Anthony Liguori
>
> -- PMM
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH v7 1.0] configure: build position independent executables on x86 hosts
2011-11-15 14:57 ` Anthony Liguori
@ 2011-11-15 17:50 ` Avi Kivity
0 siblings, 0 replies; 4+ messages in thread
From: Avi Kivity @ 2011-11-15 17:50 UTC (permalink / raw)
To: Anthony Liguori; +Cc: Blue Swirl, Peter Maydell, Paul Moore, qemu-devel
On 11/15/2011 04:57 PM, Anthony Liguori wrote:
> On 11/15/2011 05:25 AM, Peter Maydell wrote:
>> On 15 November 2011 09:34, Avi Kivity<avi@redhat.com> wrote:
>>> Change the default on x86 hosts to building PIE (position independent
>>> executables); instead of restricting the option to user-only targets,
>>> apply it to all targets.
>>>
>>> In addition, set the relocation sections to read-only (relro) when
>>> available;
>>> this reduces the attack surface by disallowing changes to relocation
>>> tables
>>> at runtime.
>>>
>>> While PIE reduces performance and relro increases load time, it greatly
>>> improves security, with the potential to reduce a code execution
>>> vulnerability
>>> to a self denial of service.
>>>
>>> Non-x86 are not changed, as they require TCG changes.
>>>
>>> Signed-off-by: Avi Kivity<avi@redhat.com>
>>
>> Reviewed-by: Peter Maydell<peter.maydell@linaro.org>
>>
>> ...as far as the technical content of the patch is concerned.
>> I'm still rather dubious about the merits of putting this patch
>> in this late in the release cycle.
>
> How about we limit this to be enabled by default on x86 Linux hosts?
>
> That would make me a lot more comfortable for 1.0 since I expect we
> can test that exhaustively.
It certainly suits me. v8 coming up.
--
error compiling committee.c: too many arguments to function
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2011-11-15 17:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-11-15 9:34 [Qemu-devel] [PATCH v7 1.0] configure: build position independent executables on x86 hosts Avi Kivity
2011-11-15 11:25 ` Peter Maydell
2011-11-15 14:57 ` Anthony Liguori
2011-11-15 17:50 ` Avi Kivity
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).