This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch hjl/pie/static created. glibc-2.26-44-ge103942
- From: hjl at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 4 Aug 2017 21:23:50 -0000
- Subject: GNU C Library master sources branch hjl/pie/static created. glibc-2.26-44-ge103942
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, hjl/pie/static has been created
at e103942bb67d71f021a2ee257434d3e5adc52da0 (commit)
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=e103942bb67d71f021a2ee257434d3e5adc52da0
commit e103942bb67d71f021a2ee257434d3e5adc52da0
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Tue Jul 18 10:42:48 2017 -0700
Use hidden visibility for libc.a with PIC
Size comparison of static PIE elf/ldconfig:
On x86-64:
text data bss dec hex
Before: 866113 22952 6336 895401 da9a9
After : 865921 22952 6336 895209 da8e9
On i686:
text data bss dec hex
Before: 782692 12296 3748 798736 c3010
After : 781153 12280 3748 797181 c29fd
diff --git a/include/libc-symbols.h b/include/libc-symbols.h
index 3310e3a..77de193 100644
--- a/include/libc-symbols.h
+++ b/include/libc-symbols.h
@@ -355,7 +355,8 @@ for linking")
strong_alias(real, name)
#endif
-#if defined SHARED || defined LIBC_NONSHARED
+#if defined SHARED || defined LIBC_NONSHARED \
+ || (defined PIC && IS_IN (libc))
# define attribute_hidden __attribute__ ((visibility ("hidden")))
#else
# define attribute_hidden
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=be8bc2b26876c4e0e6a8af107e43af2d87dfe818
commit be8bc2b26876c4e0e6a8af107e43af2d87dfe818
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Wed Jul 19 14:32:42 2017 -0700
Add _startup_sbrk and _startup_fatal
diff --git a/csu/libc-tls.c b/csu/libc-tls.c
index 0467450..4ae44d0 100644
--- a/csu/libc-tls.c
+++ b/csu/libc-tls.c
@@ -16,11 +16,12 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
+#include <unistd.h>
+#include <stdio.h>
+#include <startup.h>
#include <errno.h>
#include <ldsodefs.h>
#include <tls.h>
-#include <unistd.h>
-#include <stdio.h>
#include <sys/param.h>
@@ -144,11 +145,11 @@ __libc_setup_tls (void)
_dl_allocate_tls_storage (in elf/dl-tls.c) does using __libc_memalign
and dl_tls_static_align. */
tcb_offset = roundup (memsz + GL(dl_tls_static_size), max_align);
- tlsblock = __sbrk (tcb_offset + TLS_INIT_TCB_SIZE + max_align);
+ tlsblock = _startup_sbrk (tcb_offset + TLS_INIT_TCB_SIZE + max_align);
#elif TLS_DTV_AT_TP
tcb_offset = roundup (TLS_INIT_TCB_SIZE, align ?: 1);
- tlsblock = __sbrk (tcb_offset + memsz + max_align
- + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
+ tlsblock = _startup_sbrk (tcb_offset + memsz + max_align
+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
tlsblock += TLS_PRE_TCB_SIZE;
#else
/* In case a model with a different layout for the TCB and DTV
@@ -193,7 +194,7 @@ __libc_setup_tls (void)
# error "Either TLS_TCB_AT_TP or TLS_DTV_AT_TP must be defined"
#endif
if (__builtin_expect (lossage != NULL, 0))
- __libc_fatal (lossage);
+ _startup_fatal (lossage);
/* Update the executable's link map with enough information to make
the TLS routines happy. */
diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
index 231fb8c..23c89b2 100644
--- a/elf/dl-tunables.c
+++ b/elf/dl-tunables.c
@@ -18,9 +18,11 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
+#include <unistd.h>
+#include <stdio.h>
+#include <startup.h>
#include <stdint.h>
#include <stdbool.h>
-#include <unistd.h>
#include <stdlib.h>
#include <sysdep.h>
#include <fcntl.h>
@@ -42,7 +44,9 @@ tunables_strdup (const char *in)
size_t i = 0;
while (in[i++] != '\0');
- char *out = __sbrk (i);
+
+ /* Can't use __sbrk before __libc_setup_tls is called. */
+ char *out = _startup_sbrk (i);
/* FIXME: In reality if the allocation fails, __sbrk will crash attempting to
set the thread-local errno since the TCB has not yet been set up. This
diff --git a/sysdeps/generic/startup.h b/sysdeps/generic/startup.h
new file mode 100644
index 0000000..aa63b31
--- /dev/null
+++ b/sysdeps/generic/startup.h
@@ -0,0 +1,30 @@
+/* Generic definitions of functions used by static libc main startup.
+ Copyright (C) 2017 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+static inline void *
+_startup_sbrk (intptr_t __delta)
+{
+ return __sbrk (__delta);
+}
+
+__attribute__ ((__noreturn__))
+static inline void
+_startup_fatal (const char *__message)
+{
+ __libc_fatal (__message);
+}
diff --git a/sysdeps/unix/sysv/linux/i386/Makefile b/sysdeps/unix/sysv/linux/i386/Makefile
index 4080b8c..0ec6c21 100644
--- a/sysdeps/unix/sysv/linux/i386/Makefile
+++ b/sysdeps/unix/sysv/linux/i386/Makefile
@@ -31,6 +31,9 @@ sysdep_routines += divdi3
shared-only-routines += divdi3
CPPFLAGS-divdi3.c = -Din_divdi3_c
endif
+ifeq (yes,$(enable-static-pie))
+sysdep_routines += startup_sbrk
+endif
endif
ifeq ($(subdir),nptl)
diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h
new file mode 100644
index 0000000..d5af723
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/i386/startup.h
@@ -0,0 +1,38 @@
+/* Linux/i386 definitions of functions used by static libc main startup.
+ Copyright (C) 2017 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#if ENABLE_STATIC_PIE && !defined SHARED
+# include <abort-instr.h>
+
+/* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE. */
+# define I386_USE_SYSENTER 0
+
+extern void * _startup_sbrk (intptr_t) attribute_hidden;
+
+__attribute__ ((__noreturn__))
+static inline void
+_startup_fatal (const char *__message __attribute__ ((unused)))
+{
+ /* This is only called very early during startup in static PIE.
+ FIXME: How can it be improved? */
+ ABORT_INSTRUCTION;
+ __builtin_unreachable ();
+}
+#else
+# include_next <startup.h>
+#endif
diff --git a/sysdeps/unix/sysv/linux/i386/startup_sbrk.c b/sysdeps/unix/sysv/linux/i386/startup_sbrk.c
new file mode 100644
index 0000000..9a2d317
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/i386/startup_sbrk.c
@@ -0,0 +1,70 @@
+/* Linux/i386 definitions of _startup_sbrk.
+ Copyright (C) 2017 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef SHARED
+
+# include <unistd.h>
+# include <startup.h>
+# include <errno.h>
+# include <sysdep.h>
+
+/* Defined in brk.c. */
+extern void *__curbrk attribute_hidden;
+
+static int
+startup_brk (void *addr)
+{
+ INTERNAL_SYSCALL_DECL (err);
+ void *newbrk = (void *) INTERNAL_SYSCALL_CALL (brk, err, addr);
+ __curbrk = newbrk;
+ if (newbrk < addr)
+ _startup_fatal (NULL);
+ return 0;
+}
+
+/* Extend the process's data space by INCREMENT. If INCREMENT is negative,
+ shrink data space by - INCREMENT. Return start of new space allocated,
+ or call _startup_fatal for errors. */
+
+void *
+_startup_sbrk (intptr_t increment)
+{
+ void *oldbrk;
+
+ /* Update __curbrk from the kernel's brk value. That way two separate
+ instances of __brk and __sbrk can share the heap, returning
+ interleaved pieces of it. */
+ if (__curbrk == NULL)
+ if (startup_brk (0) < 0) /* Initialize the break. */
+ _startup_fatal (NULL);
+
+ if (increment == 0)
+ return __curbrk;
+
+ oldbrk = __curbrk;
+ if (increment > 0
+ ? ((uintptr_t) oldbrk + (uintptr_t) increment < (uintptr_t) oldbrk)
+ : ((uintptr_t) oldbrk < (uintptr_t) -increment))
+ _startup_fatal (NULL);
+
+ if (startup_brk (oldbrk + increment) < 0)
+ _startup_fatal (NULL);
+
+ return oldbrk;
+}
+#endif
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=0d71e7e9d9ca6672c3c7eb2348fc3df4445e101f
commit 0d71e7e9d9ca6672c3c7eb2348fc3df4445e101f
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Jul 17 13:53:52 2017 -0700
Add _dl_relocate_static_pie
diff --git a/csu/libc-start.c b/csu/libc-start.c
index 6720617..f2874b8 100644
--- a/csu/libc-start.c
+++ b/csu/libc-start.c
@@ -143,6 +143,8 @@ LIBC_START_MAIN (int (*main) (int, char **, char ** MAIN_AUXVEC_DECL),
__libc_multiple_libcs = &_dl_starting_up && !_dl_starting_up;
#ifndef SHARED
+ _dl_relocate_static_pie ();
+
char **ev = &argv[argc + 1];
__environ = ev;
diff --git a/csu/libc-tls.c b/csu/libc-tls.c
index 3c897bf..0467450 100644
--- a/csu/libc-tls.c
+++ b/csu/libc-tls.c
@@ -113,6 +113,8 @@ __libc_setup_tls (void)
size_t tcb_offset;
const ElfW(Phdr) *phdr;
+ struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
+
/* Look through the TLS segment if there is any. */
if (_dl_phdr != NULL)
for (phdr = _dl_phdr; phdr < &_dl_phdr[_dl_phnum]; ++phdr)
@@ -121,7 +123,7 @@ __libc_setup_tls (void)
/* Remember the values we need. */
memsz = phdr->p_memsz;
filesz = phdr->p_filesz;
- initimage = (void *) phdr->p_vaddr;
+ initimage = (void *) phdr->p_vaddr + main_map->l_addr;
align = phdr->p_align;
if (phdr->p_align > max_align)
max_align = phdr->p_align;
@@ -162,8 +164,6 @@ __libc_setup_tls (void)
_dl_static_dtv[0].counter = (sizeof (_dl_static_dtv) / sizeof (_dl_static_dtv[0])) - 2;
// _dl_static_dtv[1].counter = 0; would be needed if not already done
- struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
-
/* Initialize the TLS block. */
#if TLS_TCB_AT_TP
_dl_static_dtv[2].pointer.val = ((char *) tlsblock + tcb_offset
diff --git a/elf/dl-support.c b/elf/dl-support.c
index c22be85..29dd6eb 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -26,7 +26,11 @@
#include <sys/param.h>
#include <stdint.h>
#include <ldsodefs.h>
-#include <dl-machine.h>
+#if ENABLE_STATIC_PIE
+# include "dynamic-link.h"
+#else
+# include <dl-machine.h>
+#endif
#include <libc-lock.h>
#include <dl-cache.h>
#include <dl-librecon.h>
@@ -200,7 +204,9 @@ const ElfW(Ehdr) *_dl_sysinfo_dso;
struct link_map *_dl_sysinfo_map;
-# include "get-dynamic-info.h"
+# if !ENABLE_STATIC_PIE
+# include "get-dynamic-info.h"
+# endif
#endif
#include "setup-vdso.h"
@@ -304,6 +310,35 @@ _dl_aux_init (ElfW(auxv_t) *av)
}
#endif
+#if ENABLE_STATIC_PIE
+/* Relocate static executable with PIE. */
+
+void
+_dl_relocate_static_pie (void)
+{
+# define STATIC_PIE_BOOTSTRAP
+# define RESOLVE_MAP(sym, version, flags) (&_dl_main_map)
+# include "dynamic-link.h"
+
+ /* Figure out the run-time load addres of static PIE. */
+ _dl_main_map.l_addr = elf_machine_load_address ();
+
+ /* Read our own dynamic section and fill in the info array. */
+ _dl_main_map.l_ld = ((void *) _dl_main_map.l_addr
+ + elf_machine_dynamic ());
+ elf_get_dynamic_info (&_dl_main_map, NULL);
+
+# ifdef ELF_MACHINE_BEFORE_RTLD_RELOC
+ ELF_MACHINE_BEFORE_RTLD_RELOC (_dl_main_map.l_info);
+# endif
+
+ /* Relocate ourselves so we can do normal function calls and
+ data access using the global offset table. */
+ ELF_DYNAMIC_RELOCATE (&_dl_main_map, 0, 0, 0);
+ _dl_main_map.l_relocated = 1;
+}
+#endif
+
void
internal_function
diff --git a/elf/dynamic-link.h b/elf/dynamic-link.h
index 60f2d91..d3935f7 100644
--- a/elf/dynamic-link.h
+++ b/elf/dynamic-link.h
@@ -95,7 +95,7 @@ elf_machine_lazy_rel (struct link_map *map,
#ifdef RESOLVE_MAP
-# ifdef RTLD_BOOTSTRAP
+# if defined RTLD_BOOTSTRAP || defined STATIC_PIE_BOOTSTRAP
# define ELF_DURING_STARTUP (1)
# else
# define ELF_DURING_STARTUP (0)
diff --git a/elf/get-dynamic-info.h b/elf/get-dynamic-info.h
index 7525c3a..eb26d23 100644
--- a/elf/get-dynamic-info.h
+++ b/elf/get-dynamic-info.h
@@ -38,7 +38,7 @@ elf_get_dynamic_info (struct link_map *l, ElfW(Dyn) *temp)
typedef Elf64_Xword d_tag_utype;
#endif
-#ifndef RTLD_BOOTSTRAP
+#if !defined RTLD_BOOTSTRAP && !defined STATIC_PIE_BOOTSTRAP
if (dyn == NULL)
return;
#endif
@@ -139,9 +139,11 @@ elf_get_dynamic_info (struct link_map *l, ElfW(Dyn) *temp)
/* Only the bind now flags are allowed. */
assert (info[VERSYMIDX (DT_FLAGS_1)] == NULL
|| (info[VERSYMIDX (DT_FLAGS_1)]->d_un.d_val & ~DF_1_NOW) == 0);
+ /* Flags must not be set for ld.so. */
assert (info[DT_FLAGS] == NULL
|| (info[DT_FLAGS]->d_un.d_val & ~DF_BIND_NOW) == 0);
- /* Flags must not be set for ld.so. */
+#endif
+#if defined RTLD_BOOTSTRAP || defined STATIC_PIE_BOOTSTRAP
assert (info[DT_RUNPATH] == NULL);
assert (info[DT_RPATH] == NULL);
#else
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index 4508365..17f760b 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -1006,6 +1006,13 @@ extern void _dl_determine_tlsoffset (void) internal_function attribute_hidden;
stack protector, among other things). */
void __libc_setup_tls (void);
+# if ENABLE_STATIC_PIE
+/* Relocate static executable with PIE. */
+void _dl_relocate_static_pie (void) attribute_hidden;
+# else
+# define _dl_relocate_static_pie()
+# endif
+
/* Initialization of libpthread for statically linked applications.
If libpthread is not linked in, this is an empty function. */
void __pthread_initialize_minimal (void) weak_function;
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=7280f1c8b143bb8f29e888806346cfb51ea4a441
commit 7280f1c8b143bb8f29e888806346cfb51ea4a441
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Jul 17 08:54:40 2017 -0700
Define pie-default/default-pie-ldflag for --enable-static-pie
1. Add $(pie-default) to CFLAGS-.o and CFLAGS-.op.
2. Add $(default-pie-ldflag) to +link-static-before-libc.
3. Define +prectorT/+postctorT to $(+prectorS)/$(+postctorS).
diff --git a/Makeconfig b/Makeconfig
index 80aed2a..3af2abc 100644
--- a/Makeconfig
+++ b/Makeconfig
@@ -386,6 +386,16 @@ LDFLAGS.so += $(hashstyle-LDFLAGS)
LDFLAGS-rtld += $(hashstyle-LDFLAGS)
endif
+ifeq (yes,$(enable-static-pie))
+pic-default = -DPIC
+pie-default = -fPIE
+ifeq (yes,$(have-static-pie))
+default-pie-ldflag = -static-pie
+else
+default-pie-ldflag = -pie -Wl,--no-dynamic-linker,--eh-frame-hdr,-z,text
+endif
+endif
+
# If lazy relocations are disabled, add the -z now flag. Use
# LDFLAGS-lib.so instead of LDFLAGS.so, to avoid adding the flag to
# test modules.
@@ -435,6 +445,7 @@ endif
# Command for statically linking programs with the C library.
ifndef +link-static
+link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \
+ $(default-pie-ldflag) \
$(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \
$(addprefix $(csu-objpfx),$(static-start-installed-name)) \
$(+preinit) $(+prectorT) \
@@ -651,8 +662,13 @@ endif
+prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o`
+postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o`
# Variants of the two previous definitions for statically linking programs.
+ifeq (yes,$(enable-static-pie))
++prectorT = $(+prectorS)
++postctorT = $(+postctorS)
+else
+prectorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginT.o`
+postctorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o`
+endif
csu-objpfx = $(common-objpfx)csu/
elf-objpfx = $(common-objpfx)elf/
@@ -973,7 +989,7 @@ libtypes = $(foreach o,$(object-suffixes-for-libc),$(libtype$o))
all-object-suffixes := .o .os .oS
object-suffixes :=
CPPFLAGS-.o = $(pic-default)
-CFLAGS-.o = $(filter %frame-pointer,$(+cflags))
+CFLAGS-.o = $(filter %frame-pointer,$(+cflags)) $(pie-default)
libtype.o := lib%.a
object-suffixes += .o
ifeq (yes,$(build-shared))
@@ -998,7 +1014,7 @@ ifeq (yes,$(build-profile))
all-object-suffixes += .op
object-suffixes += .op
CPPFLAGS-.op = -DPROF $(pic-default)
-CFLAGS-.op = -pg
+CFLAGS-.op = -pg $(pie-default)
libtype.op = lib%_p.a
endif
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=5cbb18c80fe131678f21c7ff472e858427dcaee9
commit 5cbb18c80fe131678f21c7ff472e858427dcaee9
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Tue Jul 18 05:58:21 2017 -0700
x86-64: Check if linker supports static PIE
Need the linker with fix for:
https://sourceware.org/bugzilla/show_bug.cgi?id=21782
Binutils 2.29 is OK.
diff --git a/sysdeps/x86_64/configure b/sysdeps/x86_64/configure
index efef46b..7983c96 100644
--- a/sysdeps/x86_64/configure
+++ b/sysdeps/x86_64/configure
@@ -85,6 +85,43 @@ if test x"$build_mathvec" = xnotset; then
build_mathvec=yes
fi
+if test "$static_pie" = yes; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for linker static PIE support" >&5
+$as_echo_n "checking for linker static PIE support... " >&6; }
+if ${libc_cv_ld_static_pie+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat > conftest.s <<\EOF
+ .text
+ .global _start
+ .weak foo
+_start:
+ leaq foo(%rip), %rax
+EOF
+ if test "$libc_cv_static_pie" = yes; then
+ libc_cv_static_pie_option="-static-pie"
+ else
+ libc_cv_static_pie_option="-static -pie"
+ fi
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -nostartfiles -nostdlib $no_ssp $libc_cv_static_pie_option conftest.s 1>&5'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then
+ libc_cv_ld_static_pie=yes
+ else
+ libc_cv_ld_static_pie=no
+ fi
+rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_cv_ld_static_pie" >&5
+$as_echo "$libc_cv_ld_static_pie" >&6; }
+ if test "$libc_cv_ld_static_pie" != yes; then
+ as_fn_error $? "linker support for static PIE needed" "$LINENO" 5
+ fi
+fi
+
$as_echo "#define PI_STATIC_AND_HIDDEN 1" >>confdefs.h
diff --git a/sysdeps/x86_64/configure.ac b/sysdeps/x86_64/configure.ac
index fa86e95..4de1983 100644
--- a/sysdeps/x86_64/configure.ac
+++ b/sysdeps/x86_64/configure.ac
@@ -44,6 +44,32 @@ if test x"$build_mathvec" = xnotset; then
build_mathvec=yes
fi
+dnl Check if linker supports static PIE.
+if test "$static_pie" = yes; then
+ AC_CACHE_CHECK(for linker static PIE support, libc_cv_ld_static_pie, [dnl
+cat > conftest.s <<\EOF
+ .text
+ .global _start
+ .weak foo
+_start:
+ leaq foo(%rip), %rax
+EOF
+ if test "$libc_cv_static_pie" = yes; then
+ libc_cv_static_pie_option="-static-pie"
+ else
+ libc_cv_static_pie_option="-static -pie"
+ fi
+ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -nostartfiles -nostdlib $no_ssp $libc_cv_static_pie_option conftest.s 1>&AS_MESSAGE_LOG_FD); then
+ libc_cv_ld_static_pie=yes
+ else
+ libc_cv_ld_static_pie=no
+ fi
+rm -f conftest*])
+ if test "$libc_cv_ld_static_pie" != yes; then
+ AC_MSG_ERROR([linker support for static PIE needed])
+ fi
+fi
+
dnl It is always possible to access static and hidden symbols in an
dnl position independent way.
AC_DEFINE(PI_STATIC_AND_HIDDEN)
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=28a9e5354ce4371b89ff8dad92d0186d46e0d3ca
commit 28a9e5354ce4371b89ff8dad92d0186d46e0d3ca
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Jul 17 08:36:45 2017 -0700
Add --enable-static-pie
diff --git a/config.h.in b/config.h.in
index 2241857..983405a 100644
--- a/config.h.in
+++ b/config.h.in
@@ -246,6 +246,9 @@
/* Build glibc with tunables support. */
#define HAVE_TUNABLES 0
+/* Define if static PIE is enabled. */
+#define ENABLE_STATIC_PIE 0
+
/* Some compiler options may now allow to use ebp in __asm__ (used mainly
in i386 6 argument syscall issue). */
#define CAN_USE_REGISTER_ASM_EBP 0
diff --git a/configure b/configure
index 9ad25ca..e303cd5 100755
--- a/configure
+++ b/configure
@@ -766,6 +766,7 @@ with_default_link
enable_sanity_checks
enable_shared
enable_profile
+enable_static_pie
enable_timezone_tools
enable_hardcoded_path_in_tests
enable_stackguard_randomization
@@ -1423,6 +1424,7 @@ Optional Features:
in special situations) [default=yes]
--enable-shared build shared library [default=yes if GNU ld]
--enable-profile build profiled library [default=no]
+ --enable-static-pie build static executables as PIE [default=no]
--disable-timezone-tools
do not install timezone tools [default=install]
--enable-hardcoded-path-in-tests
@@ -3371,6 +3373,13 @@ else
profile=no
fi
+# Check whether --enable-static-pie was given.
+if test "${enable_static_pie+set}" = set; then :
+ enableval=$enable_static_pie; static_pie=$enableval
+else
+ static_pie=no
+fi
+
# Check whether --enable-timezone-tools was given.
if test "${enable_timezone_tools+set}" = set; then :
enableval=$enable_timezone_tools; enable_timezone_tools=$enableval
@@ -6967,6 +6976,22 @@ fi
$as_echo "$libc_cv_pie_default" >&6; }
+if test "$static_pie" = yes; then
+ # The linker must support --no-dynamic-linker.
+ if test "$libc_cv_no_dynamic_linker" != yes; then
+ as_fn_error $? "linker support for --no-dynamic-linker needed" "$LINENO" 5
+ fi
+ # The compiler must support -static-pie or -static -pie.
+ if test "$libc_cv_static_pie" != yes &&
+ test "$libc_cv_static_and_pie" != yes; then
+ as_fn_error $? "compiler support for -static-pie or -static -pie needed" "$LINENO" 5
+ fi
+ $as_echo "#define ENABLE_STATIC_PIE 1" >>confdefs.h
+
+fi
+config_vars="$config_vars
+enable-static-pie = $static_pie"
+
diff --git a/configure.ac b/configure.ac
index 1ef0aaf..d31d5b9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -176,6 +176,11 @@ AC_ARG_ENABLE([profile],
[build profiled library @<:@default=no@:>@]),
[profile=$enableval],
[profile=no])
+AC_ARG_ENABLE([static-pie],
+ AC_HELP_STRING([--enable-static-pie],
+ [build static executables as PIE @<:@default=no@:>@]),
+ [static_pie=$enableval],
+ [static_pie=no])
AC_ARG_ENABLE([timezone-tools],
AC_HELP_STRING([--disable-timezone-tools],
[do not install timezone tools @<:@default=install@:>@]),
@@ -1989,6 +1994,20 @@ fi
rm -f conftest.*])
AC_SUBST(libc_cv_pie_default)
+if test "$static_pie" = yes; then
+ # The linker must support --no-dynamic-linker.
+ if test "$libc_cv_no_dynamic_linker" != yes; then
+ AC_MSG_ERROR([linker support for --no-dynamic-linker needed])
+ fi
+ # The compiler must support -static-pie or -static -pie.
+ if test "$libc_cv_static_pie" != yes &&
+ test "$libc_cv_static_and_pie" != yes; then
+ AC_MSG_ERROR([compiler support for -static-pie or -static -pie needed])
+ fi
+ AC_DEFINE(ENABLE_STATIC_PIE)
+fi
+LIBC_CONFIG_VAR([enable-static-pie], [$static_pie])
+
AC_SUBST(profile)
AC_SUBST(static_nss)
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=1220f56419d233126da904a46807d91a3808eb0e
commit 1220f56419d233126da904a46807d91a3808eb0e
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Sun Jul 23 05:26:26 2017 -0700
Check if -static and -pie work together
diff --git a/configure b/configure
index 3c0516e..9ad25ca 100755
--- a/configure
+++ b/configure
@@ -6047,6 +6047,32 @@ $as_echo "$libc_cv_static_pie" >&6; }
config_vars="$config_vars
have-static-pie = $libc_cv_static_pie"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -static -pie" >&5
+$as_echo_n "checking for -static -pie... " >&6; }
+if ${libc_cv_static_and_pie+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat > conftest.c <<EOF
+void
+_start (void)
+{
+}
+EOF
+if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -static -pie -nostartfiles -nostdlib $no_ssp -o conftest conftest.c -v 2>&1 | grep " -static -pie " > /dev/null'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then
+ libc_cv_static_and_pie=yes
+ else
+ libc_cv_static_and_pie=no
+ fi
+rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_cv_static_and_pie" >&5
+$as_echo "$libc_cv_static_and_pie" >&6; }
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -fpie" >&5
$as_echo_n "checking for -fpie... " >&6; }
if ${libc_cv_fpie+:} false; then :
diff --git a/configure.ac b/configure.ac
index 8c13907..1ef0aaf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1473,6 +1473,20 @@ LIBC_TRY_CC_OPTION([-static-pie],
])
LIBC_CONFIG_VAR([have-static-pie], [$libc_cv_static_pie])
+AC_CACHE_CHECK(for -static -pie, libc_cv_static_and_pie, [dnl
+cat > conftest.c <<EOF
+void
+_start (void)
+{
+}
+EOF
+if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -static -pie -nostartfiles -nostdlib $no_ssp -o conftest conftest.c -v 2>&1 | grep " -static -pie " > /dev/null); then
+ libc_cv_static_and_pie=yes
+ else
+ libc_cv_static_and_pie=no
+ fi
+rm -f conftest*])
+
AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl
LIBC_TRY_CC_OPTION([-fpie], [libc_cv_fpie=yes], [libc_cv_fpie=no])
])
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=30cef343f34008c9d045a1c1c9b6c52ea2e065c4
commit 30cef343f34008c9d045a1c1c9b6c52ea2e065c4
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Fri Jul 21 05:07:19 2017 -0700
Check if -static-pie works
diff --git a/configure b/configure
index 4af416c..3c0516e 100755
--- a/configure
+++ b/configure
@@ -6025,6 +6025,28 @@ $as_echo "$libc_linker_feature" >&6; }
config_vars="$config_vars
have-no-dynamic-linker = $libc_cv_no_dynamic_linker"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -static-pie" >&5
+$as_echo_n "checking for -static-pie... " >&6; }
+if ${libc_cv_static_pie+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if { ac_try='${CC-cc} -static-pie -xc /dev/null -S -o /dev/null'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then :
+ libc_cv_static_pie=yes
+else
+ libc_cv_static_pie=no
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_cv_static_pie" >&5
+$as_echo "$libc_cv_static_pie" >&6; }
+config_vars="$config_vars
+have-static-pie = $libc_cv_static_pie"
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -fpie" >&5
$as_echo_n "checking for -fpie... " >&6; }
if ${libc_cv_fpie+:} false; then :
diff --git a/configure.ac b/configure.ac
index efaf3ec..8c13907 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1466,6 +1466,13 @@ LIBC_LINKER_FEATURE([--no-dynamic-linker],
[libc_cv_no_dynamic_linker=no])
LIBC_CONFIG_VAR([have-no-dynamic-linker], [$libc_cv_no_dynamic_linker])
+AC_CACHE_CHECK(for -static-pie, libc_cv_static_pie, [dnl
+LIBC_TRY_CC_OPTION([-static-pie],
+ [libc_cv_static_pie=yes],
+ [libc_cv_static_pie=no])
+])
+LIBC_CONFIG_VAR([have-static-pie], [$libc_cv_static_pie])
+
AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl
LIBC_TRY_CC_OPTION([-fpie], [libc_cv_fpie=yes], [libc_cv_fpie=no])
])
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=34291304c119cd31a6c2001e3ffbaeafe0ee458c
commit 34291304c119cd31a6c2001e3ffbaeafe0ee458c
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Jul 17 08:17:32 2017 -0700
Check if linker supports --no-dynamic-linker
diff --git a/configure b/configure
index e6a54d7..4af416c 100755
--- a/configure
+++ b/configure
@@ -5991,6 +5991,40 @@ fi
$as_echo "$libc_linker_feature" >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for linker that supports --no-dynamic-linker" >&5
+$as_echo_n "checking for linker that supports --no-dynamic-linker... " >&6; }
+libc_linker_feature=no
+if test x"$gnu_ld" = x"yes"; then
+ libc_linker_check=`$LD -v --help 2>/dev/null | grep "\--no-dynamic-linker"`
+ if test -n "$libc_linker_check"; then
+ cat > conftest.c <<EOF
+int _start (void) { return 42; }
+EOF
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS $no_ssp
+ -Wl,--no-dynamic-linker -nostdlib -nostartfiles
+ -fPIC -shared -o conftest.so conftest.c
+ 1>&5'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }
+ then
+ libc_linker_feature=yes
+ fi
+ rm -f conftest*
+ fi
+fi
+if test $libc_linker_feature = yes; then
+ libc_cv_no_dynamic_linker=yes
+else
+ libc_cv_no_dynamic_linker=no
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_linker_feature" >&5
+$as_echo "$libc_linker_feature" >&6; }
+config_vars="$config_vars
+have-no-dynamic-linker = $libc_cv_no_dynamic_linker"
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -fpie" >&5
$as_echo_n "checking for -fpie... " >&6; }
if ${libc_cv_fpie+:} false; then :
diff --git a/configure.ac b/configure.ac
index 2c63088..efaf3ec 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1460,6 +1460,12 @@ LIBC_LINKER_FEATURE([-z execstack], [-Wl,-z,execstack],
[libc_cv_z_execstack=yes], [libc_cv_z_execstack=no])
AC_SUBST(libc_cv_z_execstack)
+LIBC_LINKER_FEATURE([--no-dynamic-linker],
+ [-Wl,--no-dynamic-linker],
+ [libc_cv_no_dynamic_linker=yes],
+ [libc_cv_no_dynamic_linker=no])
+LIBC_CONFIG_VAR([have-no-dynamic-linker], [$libc_cv_no_dynamic_linker])
+
AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl
LIBC_TRY_CC_OPTION([-fpie], [libc_cv_fpie=yes], [libc_cv_fpie=no])
])
-----------------------------------------------------------------------
hooks/post-receive
--
GNU C Library master sources