[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 5/7] configure: Unnest detection of -z,relro and -z,now
From: |
Richard Henderson |
Subject: |
Re: [PATCH 5/7] configure: Unnest detection of -z,relro and -z,now |
Date: |
Wed, 18 Dec 2019 06:58:45 -1000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 |
On 12/17/19 10:11 PM, Thomas Huth wrote:
>> +# Detect support for DT_BIND_NOW.
>> +if compile_prog "" "-Wl,-z,now" ; then
>> + LDFLAGS="-Wl,-z,now $LDFLAGS"
>> +fi
>> +
>> +# Detect support for PT_GNU_RELRO.
>> +if compile_prog "" "-Wl,-z,relro" ; then
>> + LDFLAGS="-Wl,-z,relro $LDFLAGS"
>> +fi
>
> Looking at
> https://mudongliang.github.io/2016/07/11/relro-a-not-so-well-known-memory-corruption-mitigation-technique.html
> the idea of specifying these two options together was likely to get
> "Full RELRO" instead of only "Partial RELRO".
Sure.
> Thus, does it make sense to have "-Wl,-z,now" without "-Wl,-z,relro" in
> QEMU? Or should this rather check whether both are possible, then use
> both, otherwise just try to use "relro" alone?
Honestly, I expect them both to be supported in any binutils.
I split the two tests just because they didn't seem to be logically connected.
But I had forgotten about, or perhaps never heard, the terms "full" and
"partial" relro.
I can put them back together with an appropriate comment it you like. One less
thing to run during configure...
r~
- [PATCH 2/7] tcg: Remove softmmu code_gen_buffer fixed address, (continued)
- [PATCH 2/7] tcg: Remove softmmu code_gen_buffer fixed address, Richard Henderson, 2019/12/17
- [PATCH 3/7] configure: Do not force pie=no for non-x86, Richard Henderson, 2019/12/17
- [PATCH 4/7] configure: Always detect -no-pie toolchain support, Richard Henderson, 2019/12/17
- [PATCH 5/7] configure: Unnest detection of -z,relro and -z,now, Richard Henderson, 2019/12/17
- [PATCH 7/7] configure: Support -static-pie if requested, Richard Henderson, 2019/12/17
- [PATCH 6/7] configure: Override the os default with --disable-pie, Richard Henderson, 2019/12/17
- Re: [PATCH 0/7] configure: Improve PIE and other linkage, Fangrui Song, 2019/12/18