* Re: [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened)
@ 2009-09-02 22:31 Magnus Granberg
2009-09-03 14:17 ` Robert Millan
0 siblings, 1 reply; 6+ messages in thread
From: Magnus Granberg @ 2009-09-02 22:31 UTC (permalink / raw)
To: grub-devel
>Why not just check if the compiler accepts -fno-PIE and use it? No
>harm done if -fPIE wasn't default, right?
------
Didn't want to add -fno-PIE when it was not needed and to be on the
safe side . I can make it to check for -fno-PIE and use that.
Hardened-Development Overlay
Magnus Granberg (Zorry) <zorry@ume.nu>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened)
2009-09-02 22:31 [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened) Magnus Granberg
@ 2009-09-03 14:17 ` Robert Millan
0 siblings, 0 replies; 6+ messages in thread
From: Robert Millan @ 2009-09-03 14:17 UTC (permalink / raw)
To: The development of GRUB 2
On Thu, Sep 03, 2009 at 12:31:57AM +0200, Magnus Granberg wrote:
> >Why not just check if the compiler accepts -fno-PIE and use it? No
> >harm done if -fPIE wasn't default, right?
> ------
> Didn't want to add -fno-PIE when it was not needed and to be on the
> safe side . I can make it to check for -fno-PIE and use that.
First approach was fine IMHO. But please include a ChangeLog entry.
--
Robert Millan
The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove your data and not access it at all."
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened)
@ 2009-09-03 16:55 Magnus Granberg
0 siblings, 0 replies; 6+ messages in thread
From: Magnus Granberg @ 2009-09-03 16:55 UTC (permalink / raw)
To: grub-devel
>On Thu, Sep 03, 2009 at 12:31:57AM +0200, Magnus Granberg wrote:
>> >Why not just check if the compiler accepts -fno-PIE and use it? No
>> >harm done if -fPIE wasn't default, right?
>> ------
>> Didn't want to add -fno-PIE when it was not needed and to be on the
>> safe side . I can make it to check for -fno-PIE and use that.
>
>First approach was fine IMHO. But please include a ChangeLog entry.
>
>--
>Robert Millan
>
> The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
> how) you may access your data; but nobody's threatening your freedom: we
> still allow you to remove your data and not access it at all."
The ChangeLog
-----
2009-09-03 Magnus Granberg <zorry@ume.nu>
* aclocal.m4: Add grub_CHECK_PIE. It check if the compiler
include -fPIE in the default specs.
* configure.ac: Check if pie_possible is yes and add -fno-PIE
to TARGET_CFLAGS.
------
Hardened-Development
/Magnus Granberg (Zorry) <zorry@ume.nu>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened)
2009-09-01 21:46 Magnus Granberg
2009-09-01 21:48 ` richardvoigt
@ 2009-09-03 16:33 ` Robert Millan
1 sibling, 0 replies; 6+ messages in thread
From: Robert Millan @ 2009-09-03 16:33 UTC (permalink / raw)
To: The development of GRUB 2
On Tue, Sep 01, 2009 at 11:46:21PM +0200, Magnus Granberg wrote:
> Hi
>
> On Gentoo Hardened we compile with -fPIE in the default specs and
> grub fails to compile.
> This patch check if the compiler use -fPIE in the default specs and add
> -fno-PIE to TARGET_CFLAGS.
Committed. In the future, please include patches as text
attachments.
Thanks
--
Robert Millan
The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove your data and not access it at all."
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened)
2009-09-01 21:46 Magnus Granberg
@ 2009-09-01 21:48 ` richardvoigt
2009-09-03 16:33 ` Robert Millan
1 sibling, 0 replies; 6+ messages in thread
From: richardvoigt @ 2009-09-01 21:48 UTC (permalink / raw)
To: The development of GRUB 2
Why not just check if the compiler accepts -fno-PIE and use it? No
harm done if -fPIE wasn't default, right?
On Tue, Sep 1, 2009 at 4:46 PM, Magnus Granberg<zorry@ume.nu> wrote:
> Hi
>
> On Gentoo Hardened we compile with -fPIE in the default specs and
> grub fails to compile.
> This patch check if the compiler use -fPIE in the default specs and add
> -fno-PIE to TARGET_CFLAGS.
>
> --- aclocal.m4.zorry 2008-02-03 14:11:28.000000000 +0100
> +++ aclocal.m4 2009-08-22 01:05:56.000000000 +0200
> @@ -362,3 +362,31 @@
> AC_MSG_RESULT([no])
> [fi]
> ])
> +
> +dnl Check if the C compiler supports `-fPIE'.
> +AC_DEFUN(grub_CHECK_PIE,[
> +[# Position independent executable.
> +pie_possible=yes]
> +AC_MSG_CHECKING([whether `$CC' has `-fPIE' as default])
> +# Is this a reliable test case?
> +AC_LANG_CONFTEST([[
> +#ifdef __PIE__
> +int main() {
> + return 0;
> +}
> +#else
> +#error NO __PIE__ DEFINED
> +#endif
> +]])
> +
> +[# `$CC -c -o ...' might not be portable. But, oh, well... Is calling
> +# `ac_compile' like this correct, after all?
> +if eval "$ac_compile -S -o conftest.s" 2> /dev/null; then]
> + AC_MSG_RESULT([yes])
> + [# Should we clear up other files as well, having called `AC_LANG_CONFTEST'?
> + rm -f conftest.s
> +else
> + pie_possible=no]
> + AC_MSG_RESULT([no])
> +[fi]
> +])
> --- configure.ac.zorry 2008-02-03 14:41:51.000000000 +0100
> +++ configure.ac 2009-09-01 01:05:34.000000000 +0200
> @@ -251,6 +251,14 @@
> # Compiler features.
> #
>
> +# Position independent executable.
> +grub_CHECK_PIE
> +[# Need that, because some distributions ship compilers that include
> +# `-fPIE' in the default specs.
> +if [ x"$pie_possible" = xyes ]; then
> + TARGET_CFLAGS="$TARGET_CFLAGS -fno-PIE"
> +fi]
> +
> # Smashing stack protector.
> grub_CHECK_STACK_PROTECTOR
> [# Need that, because some distributions ship compilers that include
>
> ---
> Hardened-Development Overlay
> Magnus Granberg (Zorry) <zorry@ume.nu>
>
>
>
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> http://lists.gnu.org/mailman/listinfo/grub-devel
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened)
@ 2009-09-01 21:46 Magnus Granberg
2009-09-01 21:48 ` richardvoigt
2009-09-03 16:33 ` Robert Millan
0 siblings, 2 replies; 6+ messages in thread
From: Magnus Granberg @ 2009-09-01 21:46 UTC (permalink / raw)
To: grub-devel
Hi
On Gentoo Hardened we compile with -fPIE in the default specs and
grub fails to compile.
This patch check if the compiler use -fPIE in the default specs and add
-fno-PIE to TARGET_CFLAGS.
--- aclocal.m4.zorry 2008-02-03 14:11:28.000000000 +0100
+++ aclocal.m4 2009-08-22 01:05:56.000000000 +0200
@@ -362,3 +362,31 @@
AC_MSG_RESULT([no])
[fi]
])
+
+dnl Check if the C compiler supports `-fPIE'.
+AC_DEFUN(grub_CHECK_PIE,[
+[# Position independent executable.
+pie_possible=yes]
+AC_MSG_CHECKING([whether `$CC' has `-fPIE' as default])
+# Is this a reliable test case?
+AC_LANG_CONFTEST([[
+#ifdef __PIE__
+int main() {
+ return 0;
+}
+#else
+#error NO __PIE__ DEFINED
+#endif
+]])
+
+[# `$CC -c -o ...' might not be portable. But, oh, well... Is calling
+# `ac_compile' like this correct, after all?
+if eval "$ac_compile -S -o conftest.s" 2> /dev/null; then]
+ AC_MSG_RESULT([yes])
+ [# Should we clear up other files as well, having called `AC_LANG_CONFTEST'?
+ rm -f conftest.s
+else
+ pie_possible=no]
+ AC_MSG_RESULT([no])
+[fi]
+])
--- configure.ac.zorry 2008-02-03 14:41:51.000000000 +0100
+++ configure.ac 2009-09-01 01:05:34.000000000 +0200
@@ -251,6 +251,14 @@
# Compiler features.
#
+# Position independent executable.
+grub_CHECK_PIE
+[# Need that, because some distributions ship compilers that include
+# `-fPIE' in the default specs.
+if [ x"$pie_possible" = xyes ]; then
+ TARGET_CFLAGS="$TARGET_CFLAGS -fno-PIE"
+fi]
+
# Smashing stack protector.
grub_CHECK_STACK_PROTECTOR
[# Need that, because some distributions ship compilers that include
---
Hardened-Development Overlay
Magnus Granberg (Zorry) <zorry@ume.nu>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2009-09-03 16:33 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-09-02 22:31 [PATCH] Some distributions ship compilers that include -fPIE in the default specs (Gentoo Hardened) Magnus Granberg
2009-09-03 14:17 ` Robert Millan
-- strict thread matches above, loose matches on Subject: below --
2009-09-03 16:55 Magnus Granberg
2009-09-01 21:46 Magnus Granberg
2009-09-01 21:48 ` richardvoigt
2009-09-03 16:33 ` Robert Millan
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.