From patchwork Mon Jun 11 16:29:11 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 138261 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp4258497lji; Mon, 11 Jun 2018 09:29:17 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIKXgkyJH4r0qAPgcJZLdtTxVq9vim0XZM4HCsYFSaGl3JVv7ibg1/Vfflbjzx13psAGVpA X-Received: by 2002:a62:c9ce:: with SMTP id l75-v6mr18182070pfk.179.1528734557671; Mon, 11 Jun 2018 09:29:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528734557; cv=none; d=google.com; s=arc-20160816; b=GxNGS3s2DtrM/+5aDM5Evl0hmDGiZz3RI4ZWJD9+MpUrUw8OUhsH5njZrX5DXdkkCz R+S/3Ti3Vw/6FESBER9zuIi1MC7aNon9jtLrD3xBS1SqgP4PhDjQxdu38rlpY9e4LrFb W4EsVbKEGx023zEp4zHe65bx43/28cKG95tYzXmxxo+gnryxsgN7ndFLj6W4/xe1lnwm gB+Gv/Dk61agM1w/tEwa7hPzrOLStSUkELWKxztleB5CbzxARYlreu6ZcruL0r3NP+Ju O+LiR6TEs1RQ9dZNzPqyFwesIffvxYFkNQbLzvRmZEq9Dd4xIy+BDhEVtwzNLminKjaP Q6IQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:message-id:date:to:from:dkim-signature :delivered-to:arc-authentication-results; bh=THN63yOrvKmyhU57C5+oSsXC6qTNU/KRPt+1XxCM+Ag=; b=P3tQddv1YCGj8T7wfL0Nyb1DaINht0D5EOjn2ag4sLBRTA9Mc+mS1vtKs+t0r/AIV6 K8EMpH5jI50UEA7gL/KtbCpoBEAQjP5TRSCRr+4hvA3jNwOK+WXMg/okVITLQ9X+8s5o VtoubVoI2PfmcLRHxvGe8zux0ASDJzCCDZbQsrjN7MCbbRE8wNneDqxaIiDkr7SIB57n uEzFedE7fbQG/RAY9Sf727DMi+JouwnUXEt14RxMbsxpNGNFgb6duMaXDkySABtByqtJ pb9+H3MOtPGeWHu2oL3KritjhNHNT9c4XgGbk3zKdQO2db42RiLsfomyA/g1m4Q4vNU4 qw5w== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hRwoG+h6; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id g190-v6si12948005pfc.115.2018.06.11.09.29.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 11 Jun 2018 09:29:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hRwoG+h6; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 2A6F62118A5A3; Mon, 11 Jun 2018 09:29:17 -0700 (PDT) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:400c:c09::242; helo=mail-wm0-x242.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-wm0-x242.google.com (mail-wm0-x242.google.com [IPv6:2a00:1450:400c:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 75677211832AE for ; Mon, 11 Jun 2018 09:29:16 -0700 (PDT) Received: by mail-wm0-x242.google.com with SMTP id z6-v6so16362540wma.0 for ; Mon, 11 Jun 2018 09:29:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=7+GB51i5gElYXVFetRRuTync8QsEHFK+IXAQwRe5+ro=; b=hRwoG+h6/CZPQ9C33Sacpx5JwbhzgETQX6pjAeu7y66Set2MXRSDnfmNJBfPkFiYxU lXvrZqB3s4rX968dR9oaAf/FweFBwUuNttLkus2bjlGu0nvdrFC+mJ6+PTRtKrRg/jaf kOB5yj+PPgu/w8m8m30dL6HubwdqOF7zqyZhs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=7+GB51i5gElYXVFetRRuTync8QsEHFK+IXAQwRe5+ro=; b=T67yY9BNnAiMVENn4Uyl9Do14+vVYUrZYjL5wfWj7nHMXjTavqIUs+5KjBV+8UbMIL XXIbCvpBXYolMWvy249KlXEsqmJLScwPWCEIgqvHAw01b8UeaI8yTJxHBtGiDsmxojRZ jRIp9/v2gePGz74FYlyqJvDpw287XrTOD7SB6StUxLyQmAFcI5exNao9GzDcXHGZ+e2F hmbT/Z0fpIOPXaah7C16WfbJclhl4+jxH9PNWWBo+0EeoEEf0pOSHIe6FW4gjQwrTt5G Dnh7Njy/0JFt/z2noL2PBbgw3PtuXf3CwcoCLCcJEItORBXZ8uITLFiSB/3W4irepw2j IajQ== X-Gm-Message-State: APt69E0aqPOODiuwb4INbFyv/HalEGw85NMCqzKpK/AT1bNId60T5z1u bAdAKz6ZOP3YfsHzdw+qZpB4h+x84TA= X-Received: by 2002:a1c:4adb:: with SMTP id n88-v6mr9116661wmi.121.1528734554418; Mon, 11 Jun 2018 09:29:14 -0700 (PDT) Received: from dogfood.home ([2a01:cb1d:112:6f00:742b:25d4:11d6:3257]) by smtp.gmail.com with ESMTPSA id u7-v6sm46718336wrp.44.2018.06.11.09.29.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 11 Jun 2018 09:29:13 -0700 (PDT) From: Ard Biesheuvel To: edk2-devel@lists.01.org Date: Mon, 11 Jun 2018 18:29:11 +0200 Message-Id: <20180611162911.3386-1-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 Subject: [edk2] [PATCH v2] BaseTools/tools_def IA32: disable PIE code generation explicitly X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: lersek@redhat.com, liming.gao@intel.com, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" As a security measure, some distros now build their GCC toolchains with PIE code generation enabled by default, because it is a prerequisite for ASLR to be enabled when running the executable. This typically results in slightly larger code, but it also generates ELF relocations that our tooling cannot deal with, so let's disable it explicitly when using GCC49 or later for IA32. (Note that this does not apply to X64: it uses PIE code deliberately in some cases, and our tooling does deal with the resuling relocations) Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ard Biesheuvel Acked-by: Laszlo Ersek --- BaseTools/Conf/tools_def.template | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) -- 2.17.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Reviewed-by: Liming Gao diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template index 7e9c915755ed..733c6ec71709 100755 --- a/BaseTools/Conf/tools_def.template +++ b/BaseTools/Conf/tools_def.template @@ -4648,7 +4648,7 @@ DEFINE GCC48_AARCH64_DLINK2_FLAGS = DEF(GCC47_AARCH64_DLINK2_FLAGS) DEFINE GCC48_ARM_ASLDLINK_FLAGS = DEF(GCC47_ARM_ASLDLINK_FLAGS) DEFINE GCC48_AARCH64_ASLDLINK_FLAGS = DEF(GCC47_AARCH64_ASLDLINK_FLAGS) -DEFINE GCC49_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS) +DEFINE GCC49_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS) -fno-pic -fno-pie DEFINE GCC49_X64_CC_FLAGS = DEF(GCC48_X64_CC_FLAGS) DEFINE GCC49_IA32_X64_DLINK_COMMON = -nostdlib -Wl,-n,-q,--gc-sections -z common-page-size=0x40 DEFINE GCC49_IA32_X64_ASLDLINK_FLAGS = DEF(GCC49_IA32_X64_DLINK_COMMON) -Wl,--entry,ReferenceAcpiTable -u ReferenceAcpiTable @@ -5357,10 +5357,10 @@ RELEASE_GCC48_AARCH64_CC_FLAGS = DEF(GCC48_AARCH64_CC_FLAGS) -Wno-unused-but-s *_GCC49_IA32_RC_PATH = DEF(GCC49_IA32_PREFIX)objcopy *_GCC49_IA32_ASLCC_FLAGS = DEF(GCC_ASLCC_FLAGS) -m32 -*_GCC49_IA32_ASLDLINK_FLAGS = DEF(GCC49_IA32_X64_ASLDLINK_FLAGS) -Wl,-m,elf_i386 +*_GCC49_IA32_ASLDLINK_FLAGS = DEF(GCC49_IA32_X64_ASLDLINK_FLAGS) -Wl,-m,elf_i386 -no-pie *_GCC49_IA32_ASM_FLAGS = DEF(GCC49_ASM_FLAGS) -m32 -march=i386 *_GCC49_IA32_DLINK_FLAGS = DEF(GCC49_IA32_X64_DLINK_FLAGS) -Wl,-m,elf_i386,--oformat=elf32-i386 -*_GCC49_IA32_DLINK2_FLAGS = DEF(GCC49_IA32_DLINK2_FLAGS) +*_GCC49_IA32_DLINK2_FLAGS = DEF(GCC49_IA32_DLINK2_FLAGS) -no-pie *_GCC49_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS) *_GCC49_IA32_OBJCOPY_FLAGS = *_GCC49_IA32_NASM_FLAGS = -f elf32 @@ -5502,9 +5502,9 @@ RELEASE_GCC49_AARCH64_DLINK_FLAGS = DEF(GCC49_AARCH64_DLINK_FLAGS) *_GCC5_IA32_RC_PATH = DEF(GCC5_IA32_PREFIX)objcopy *_GCC5_IA32_ASLCC_FLAGS = DEF(GCC_ASLCC_FLAGS) -m32 -fno-lto -*_GCC5_IA32_ASLDLINK_FLAGS = DEF(GCC5_IA32_X64_ASLDLINK_FLAGS) -Wl,-m,elf_i386 +*_GCC5_IA32_ASLDLINK_FLAGS = DEF(GCC5_IA32_X64_ASLDLINK_FLAGS) -Wl,-m,elf_i386 -no-pie *_GCC5_IA32_ASM_FLAGS = DEF(GCC5_ASM_FLAGS) -m32 -march=i386 -*_GCC5_IA32_DLINK2_FLAGS = DEF(GCC5_IA32_DLINK2_FLAGS) +*_GCC5_IA32_DLINK2_FLAGS = DEF(GCC5_IA32_DLINK2_FLAGS) -no-pie *_GCC5_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS) *_GCC5_IA32_OBJCOPY_FLAGS = *_GCC5_IA32_NASM_FLAGS = -f elf32