[uClibc] PIE support for inclusion into 0.9.24

Peter S. Mazinger ps.m at gmx.net
Mon Jan 5 12:57:41 UTC 2004


On Mon, 5 Jan 2004, Erik Andersen wrote:

> On Mon Jan 05, 2004 at 11:12:21AM +0100, Peter S. Mazinger wrote:
> > On Fri, 2 Jan 2004, Erik Andersen wrote:
> > 
> > > On Mon Dec 15, 2003 at 01:06:43AM +0100, Peter S. Mazinger wrote:
> > > > Hello Erik!
> > > > 
> > > > I have made some cosmetical changes to the files, removed the added 
> > > > SCRT=-fPIC option from building the crt0.S file (but it is a requirement 
> > > > to build them with -fPIC), and changed some comments. I have left the 
> > > > ldso.c patch with PIE_SUPPORT ifdefs, but consider applying it w/o them 
> > > > (see some earlier comment from PaX Team on this issue, as it is considered 
> > > > a bug). To have it work correctly, you'll also need removing 
> > > > COMPLETELY_PIC.
> > > > One thing is missing: PIE_SUPPORT should be usable only for i386 (for 
> > > > now).
> > > > 
> > > > Also added the support for propolice protection (that works for me and 
> > > > catches memcpy/strcpy attacks (but needs a special gcc version).
> > > 
> > > Applied, finally.....
> > > 
> > >  -Erik
> > 
> > Thanks, there is one issue left. What to do with COMPLETELY_PIC? It's used 
> > in Config.sh but it is not defined elsewhere so it can be only forced but 
> > not chosen. Do you really need this option, it only does not allow 
> > FORCE_SHAREABLE_SEGMENTS to be chosen/forced?
> 
> I think I'd prefer to simply drop the option.  It causes problems
> on sh I was recently informed, for example, libncurses won't load
> with it enabled.  So its time to kill that option off I think.
Well, I do not really understand why this option would influence ncurses. 
It does changes only if FORCE_SHAREABLE_SEGMENTS is also defined.
I am working now in a fully PIC environment (ncurses-5.3+update200305) is 
working for me (x86)

Peter

> 
> > If you want it, then it has 
> > to have a comment to have it as option, else remove it and change the 
> > option in Config.sh to FORCE_SHAREABLE_SEGMENTS.
> > 
> > Consider also the removal of the PIE_SUPPORT option from ldso.c (see 
> > earlier pageexec at freemail.hu comments on it, that it is rather a bug, 
> > then a feature).
> > It works on i386, can't test on other archs.
> 
> I considered it prior to the release, but since several of my
> test machines are down, I was a bit relucatant to do so without
> extensive testing.  Once I get my test boxes back to life and can
> be certain it won't break anything, I'll probably remove the
> PIE_SUPPORT option so it'll be the default.

Ok, thanks

Peter

-- 
Peter S. Mazinger <ps.m at gmx.net>   ID: 0xA5F059F2    NIC: IXUYHSKQLI
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08  BB6E C389 975E A5F0 59F2


____________________________________________________________________
Miert fizetsz az internetert? Korlatlan, ingyenes internet hozzaferes a FreeStarttol.
Probald ki most! http://www.freestart.hu



More information about the uClibc mailing list