|
Message-ID: <AM7PR83MB04183F89D57C602B2A42B2DDE54D9@AM7PR83MB0418.EURPRD83.prod.outlook.com> Date: Thu, 15 Apr 2021 20:14:09 +0000 From: Andy Caldwell <andy.caldwell@...rosoft.com> To: "musl@...ts.openwall.com" <musl@...ts.openwall.com> Subject: [PATCH] Add static-pie support to musl-gcc Hello all, I've been using musl as the libc backend for rustc for various and I also wanted to build some C executables against musl (using the `musl-gcc` wrapper since I'm compiling on Ubuntu/Centos). For various (security and other) reasons we want to build `-static-pie` executables but the existing `musl-gcc.specs` file doesn't handle that flag. I found https://www.openwall.com/lists/musl/2019/05/28/1 which seemed like a good start, but also seems to have stalled. Starting from that patch, I've applied the various suggestions in the following emails in the thread (adding `-z text` and handling `-eh-frame-hdr`). I've also make a few other changes: * Pass `-pie` to the linker when `-static-pie` is requested (this might be passed automatically if gcc was built `-default-pie` but it doesn't hurt to pass it in and it's certainly needed in some cases) * Don't pass `-dynamic-linker ...` when `-static` is requested (which mirror's gcc's standard behaviour) Using this specfile, I was able to build and run the OpenSSL command line tools (which seem to be a decent stress-test of a compiler/linker) both as `-static` and as `-static-pie`, as well as building the compiling the following example executable to check that PIE is being applied appropriately (compare the outputs with `-static` vs. `-static-pie` across multiple runs). ``` #include <stdio.h> static int static_int = 42; static int *static_ptr = &static_int; int main(int argc, char** argv) { printf("main: %p, stack: %p, statics: %p\n", main, &argc, static_ptr); return 0; } ``` Thanks, Andy Caldwell --- PATCH BELOW --- >From 2953e1dc837cd81cac059ea0fa7b4f7bb11c568a Mon Sep 17 00:00:00 2001 From: Andy Caldwell <andy.caldwell@...rosoft.com> Date: Thu, 15 Apr 2021 21:05:38 +0100 Subject: [PATCH] Add static-pie support to musl-gcc --- tools/musl-gcc.specs.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/musl-gcc.specs.sh b/tools/musl-gcc.specs.sh index 30492574..0e5a9035 100644 --- a/tools/musl-gcc.specs.sh +++ b/tools/musl-gcc.specs.sh @@ -17,13 +17,13 @@ cat <<EOF libgcc.a%s %:if-exists(libgcc_eh.a%s) *startfile: -%{!shared: $libdir/Scrt1.o} $libdir/crti.o crtbeginS.o%s +%{static-pie: $libdir/rcrt1.o; !shared: $libdir/Scrt1.o} $libdir/crti.o crtbeginS.o%s *endfile: crtendS.o%s $libdir/crtn.o *link: --dynamic-linker $ldso -nostdlib %{shared:-shared} %{static:-static} %{rdynamic:-export-dynamic} +%{static-pie: -no-dynamic-linker -pie; !static: -dynamic-linker $ldso} -nostdlib -z text %{shared} %{static-pie|static:-static} %{rdynamic:-export-dynamic} %{!static: -eh-frame-hdr} *esp_link: -- 2.31.1
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.