[uClibc] PIE support for inclusion into 0.9.24
Peter S. Mazinger
ps.m at gmx.net
Mon Jan 5 12:57:41 UTC 2004
On Mon, 5 Jan 2004, Erik Andersen wrote:
> On Mon Jan 05, 2004 at 11:12:21AM +0100, Peter S. Mazinger wrote:
> > On Fri, 2 Jan 2004, Erik Andersen wrote:
> >
> > > On Mon Dec 15, 2003 at 01:06:43AM +0100, Peter S. Mazinger wrote:
> > > > Hello Erik!
> > > >
> > > > I have made some cosmetical changes to the files, removed the added
> > > > SCRT=-fPIC option from building the crt0.S file (but it is a requirement
> > > > to build them with -fPIC), and changed some comments. I have left the
> > > > ldso.c patch with PIE_SUPPORT ifdefs, but consider applying it w/o them
> > > > (see some earlier comment from PaX Team on this issue, as it is considered
> > > > a bug). To have it work correctly, you'll also need removing
> > > > COMPLETELY_PIC.
> > > > One thing is missing: PIE_SUPPORT should be usable only for i386 (for
> > > > now).
> > > >
> > > > Also added the support for propolice protection (that works for me and
> > > > catches memcpy/strcpy attacks (but needs a special gcc version).
> > >
> > > Applied, finally.....
> > >
> > > -Erik
> >
> > Thanks, there is one issue left. What to do with COMPLETELY_PIC? It's used
> > in Config.sh but it is not defined elsewhere so it can be only forced but
> > not chosen. Do you really need this option, it only does not allow
> > FORCE_SHAREABLE_SEGMENTS to be chosen/forced?
>
> I think I'd prefer to simply drop the option. It causes problems
> on sh I was recently informed, for example, libncurses won't load
> with it enabled. So its time to kill that option off I think.
Well, I do not really understand why this option would influence ncurses.
It does changes only if FORCE_SHAREABLE_SEGMENTS is also defined.
I am working now in a fully PIC environment (ncurses-5.3+update200305) is
working for me (x86)
Peter
>
> > If you want it, then it has
> > to have a comment to have it as option, else remove it and change the
> > option in Config.sh to FORCE_SHAREABLE_SEGMENTS.
> >
> > Consider also the removal of the PIE_SUPPORT option from ldso.c (see
> > earlier pageexec at freemail.hu comments on it, that it is rather a bug,
> > then a feature).
> > It works on i386, can't test on other archs.
>
> I considered it prior to the release, but since several of my
> test machines are down, I was a bit relucatant to do so without
> extensive testing. Once I get my test boxes back to life and can
> be certain it won't break anything, I'll probably remove the
> PIE_SUPPORT option so it'll be the default.
Ok, thanks
Peter
--
Peter S. Mazinger <ps.m at gmx.net> ID: 0xA5F059F2 NIC: IXUYHSKQLI
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08 BB6E C389 975E A5F0 59F2
____________________________________________________________________
Miert fizetsz az internetert? Korlatlan, ingyenes internet hozzaferes a FreeStarttol.
Probald ki most! http://www.freestart.hu
More information about the uClibc
mailing list