This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH] Document that --enable-static-pie implies PIE
- From: "H.J. Lu" <hongjiu dot lu at intel dot com>
- To: GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 19 Dec 2017 10:51:56 -0800
- Subject: [PATCH] Document that --enable-static-pie implies PIE
- Authentication-results: sourceware.org; auth=none
- Reply-to: "H.J. Lu" <hjl dot tools at gmail dot com>
To build static PIE, all .o files are compiled with -fPIE. Since
--enable-static-pie is designed to provide additional security hardening
benefits, it also implies that dynamic PIE is created by default for
better security hardening.
OK for master?
H.J.
---
* manual/install.texi: Document that --enable-static-pie
implies PIE.
* INSTALL: Regenerated.
---
INSTALL | 3 ++-
manual/install.texi | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/INSTALL b/INSTALL
index 9a1404bd3c..cae574e5e3 100644
--- a/INSTALL
+++ b/INSTALL
@@ -93,7 +93,8 @@ will be used, and CFLAGS sets optimization options for the compiler.
programs as well as static tests are built as static PIE, except
for those marked with no-pie. The resulting glibc can be used with
the GCC option, -static-pie, which is available with GCC 8 or
- above, to create static PIE.
+ above, to create static PIE. This option also implies that dynamic
+ position independent executable (PIE) is created by default.
'--disable-profile'
Don't build libraries with profiling information. You may want to
diff --git a/manual/install.texi b/manual/install.texi
index fb956b5d6a..95eea19459 100644
--- a/manual/install.texi
+++ b/manual/install.texi
@@ -123,7 +123,8 @@ address without help from a dynamic linker. All static programs as
well as static tests are built as static PIE, except for those marked
with no-pie. The resulting glibc can be used with the GCC option,
-static-pie, which is available with GCC 8 or above, to create static
-PIE.
+PIE. This option also implies that dynamic position independent
+executable (PIE) is created by default.
@item --disable-profile
Don't build libraries with profiling information. You may want to use
--
2.14.3