[Buildroot] [PATCH 4/4] toolchain: allow PIC/PIE without RELRO

yann.morin at orange.com yann.morin at orange.com
Tue Mar 12 06:22:09 UTC 2019 

Arnout, All,

On 2019-03-12 01:36 +0100, Arnout Vandecappelle spake thusly:
> On 11/03/2019 07:48, yann.morin at orange.com wrote:
> > From: "Yann E. MORIN" <yann.morin at orange.com>
> > 
> > Note: it is unknown if RELRO_FULL really needs PIC/PIE or not, so we
> > keep the current situation, where RELRO-FULL forces PIC/PIE compilation.
> 
>  I just checked on my host, and a simple test program compiled with -no-pie
> -Wl,-z,relro -Wl,-z,now does work, so indeed the two seem to be independent.

Still, I'd prefer tokeep the select to keep the current behaviour. We
can drop it later on if someone has a need for it.

>  I guess it's historical accident that the global full relro and PIE are
> typically introduced together. From what I understand, they are pretty much
> independent.

I talked with Matt on IRC about this the other day, and his reasoning
for doing so as it is was to mimick the way done on distros (Debian,
FC?), so it is not a complete accident either. ;-)

Regards,
Yann E. MORIN.

>  Regards,
>  Arnout
> 
> > 
> > Signed-off-by: "Yann E. MORIN" <yann.morin at orange.com>
> > Cc: Matt Weber <matthew.weber at rockwellcollins.com>
> > Cc: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
> > Cc: Thomas De Schampheleire <thomas.de_schampheleire at nokia.com>
> > ---
> >  Config.in                      | 8 ++++++++
> >  toolchain/toolchain-wrapper.c  | 2 +-
> >  toolchain/toolchain-wrapper.mk | 4 ++++
> >  3 files changed, 13 insertions(+), 1 deletion(-)
> > 
> > diff --git a/Config.in b/Config.in
> > index d5a0460f98..31fea3ab34 100644
> > --- a/Config.in
> > +++ b/Config.in
> > @@ -712,6 +712,13 @@ endmenu
> >  
> >  comment "Security Hardening Options"
> >  
> > +config BR2_PIC_PIE
> > +	bool "Build code with PIC/PIE"
> > +	depends on BR2_SHARED_LIBS
> > +	help
> > +	  Generate Position-Independent Code (PIC) and link
> > +	  Position-Independent Executables (PIE).
> > +
> >  choice
> >  	bool "Stack Smashing Protection"
> >  	default BR2_SSP_ALL if BR2_ENABLE_SSP # legacy
> > @@ -794,6 +801,7 @@ config BR2_RELRO_PARTIAL
> >  
> >  config BR2_RELRO_FULL
> >  	bool "Full"
> > +	select BR2_PIC_PIE
> >  	help
> >  	  This option includes the partial configuration, but also marks
> >  	  the GOT as read-only at the cost of initialization time during
> > diff --git a/toolchain/toolchain-wrapper.c b/toolchain/toolchain-wrapper.c
> > index d605a7d648..a38f827786 100644
> > --- a/toolchain/toolchain-wrapper.c
> > +++ b/toolchain/toolchain-wrapper.c
> > @@ -370,7 +370,7 @@ int main(int argc, char **argv)
> >  		*cur++ = "-Wno-builtin-macro-redefined";
> >  	}
> >  
> > -#ifdef BR2_RELRO_FULL
> > +#ifdef BR2_PIC_PIE
> >  	/* Patterned after Fedora/Gentoo hardening approaches.
> >  	 * https://fedoraproject.org/wiki/Changes/Harden_All_Packages
> >  	 * https://wiki.gentoo.org/wiki/Hardened/Toolchain#Position_Independent_Executables_.28PIEs.29
> > diff --git a/toolchain/toolchain-wrapper.mk b/toolchain/toolchain-wrapper.mk
> > index e48e765a8e..67cec5c1cf 100644
> > --- a/toolchain/toolchain-wrapper.mk
> > +++ b/toolchain/toolchain-wrapper.mk
> > @@ -45,6 +45,10 @@ ifeq ($(BR2_CCACHE_USE_BASEDIR),y)
> >  TOOLCHAIN_WRAPPER_ARGS += -DBR_CCACHE_BASEDIR='"$(BASE_DIR)"'
> >  endif
> >  
> > +ifeq ($(BR2_PIC_PIE),y)
> > +TOOLCHAIN_WRAPPER_ARGS += -DBR2_PIC_PIE
> > +endif
> > +
> >  ifeq ($(BR2_RELRO_PARTIAL),y)
> >  TOOLCHAIN_WRAPPER_ARGS += -DBR2_RELRO_PARTIAL
> >  else ifeq ($(BR2_RELRO_FULL),y)
> > 

-- 
                                        ____________
.-----------------.--------------------:       _    :------------------.
|  Yann E. MORIN  | Real-Time Embedded |    __/ )   | /"\ ASCII RIBBON |
| +33 534.541.179 | Software  Designer |  _/ - /'   | \ / CAMPAIGN     |
| +33 638.411.245 '--------------------: (_    `--, |  X  AGAINST      |
|      yann.morin (at) orange.com      |_="    ,--' | / \ HTML MAIL    |
'--------------------------------------:______/_____:------------------'


_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

More information about the buildroot mailing list