From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.126; helo=mga18.intel.com; envelope-from=liming.gao@intel.com; receiver=edk2-devel@lists.01.org Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 470822116324A for ; Mon, 11 Jun 2018 01:38:22 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Jun 2018 01:38:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.49,501,1520924400"; d="scan'208";a="56343458" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by FMSMGA003.fm.intel.com with ESMTP; 11 Jun 2018 01:38:21 -0700 Received: from fmsmsx123.amr.corp.intel.com (10.18.125.38) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.319.2; Mon, 11 Jun 2018 01:38:21 -0700 Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by fmsmsx123.amr.corp.intel.com (10.18.125.38) with Microsoft SMTP Server (TLS) id 14.3.319.2; Mon, 11 Jun 2018 01:38:20 -0700 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.87]) by SHSMSX101.ccr.corp.intel.com ([169.254.1.82]) with mapi id 14.03.0319.002; Mon, 11 Jun 2018 16:38:18 +0800 From: "Gao, Liming" To: Ard Biesheuvel , "edk2-devel@lists.01.org" CC: "Zhu, Yonghong" , "lersek@redhat.com" , "Shi, Steven" , "zenith432@users.sourceforge.net" , "Gao, Liming" Thread-Topic: [PATCH] BaseTools/tools_def IA32: disable PIE code generation explicitly Thread-Index: AQHUAVfI754kR6w5r0idU+rLVOYwgKRau+9A Date: Mon, 11 Jun 2018 08:38:18 +0000 Message-ID: <4A89E2EF3DFEDB4C8BFDE51014F606A14E295663@SHSMSX104.ccr.corp.intel.com> References: <20180611074227.30625-1-ard.biesheuvel@linaro.org> In-Reply-To: <20180611074227.30625-1-ard.biesheuvel@linaro.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] BaseTools/tools_def IA32: disable PIE code generation explicitly X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jun 2018 08:38:22 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Ard: Do you mean the default GCC compiler disables PIC and PIE for IA32 arch? = But now, some distribution GCC compiler enables PIC and PIE by default. So,= we have to obviously disable PIC and PIE in tools_def.txt.=20 Thanks Liming >-----Original Message----- >From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org] >Sent: Monday, June 11, 2018 3:42 PM >To: edk2-devel@lists.01.org >Cc: Zhu, Yonghong ; Gao, Liming >; lersek@redhat.com; Shi, Steven >; zenith432@users.sourceforge.net; Ard Biesheuvel > >Subject: [PATCH] BaseTools/tools_def IA32: disable PIE code generation >explicitly > >As a security measure, some distros now build their GCC toolchains with >PIE code generation enabled by default, because it is a prerequisite >for ASLR to be enabled when running the executable. > >This typically results in slightly larger code, but it also generates >ELF relocations that our tooling cannot deal with, so let's disable it >explicitly when using GCC5 for IA32. (Note that this does not apply to >X64: it uses PIE code deliberately in some cases, and our tooling does >deal with the resuling relocations) > >Contributed-under: TianoCore Contribution Agreement 1.1 >Signed-off-by: Ard Biesheuvel >--- > BaseTools/Conf/tools_def.template | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > >diff --git a/BaseTools/Conf/tools_def.template >b/BaseTools/Conf/tools_def.template >index 7e9c915755ed..ab57f9c706e3 100755 >--- a/BaseTools/Conf/tools_def.template >+++ b/BaseTools/Conf/tools_def.template >@@ -4670,7 +4670,7 @@ DEFINE GCC49_AARCH64_DLINK2_FLAGS =3D >DEF(GCC48_AARCH64_DLINK2_FLAGS) > DEFINE GCC49_ARM_ASLDLINK_FLAGS =3D >DEF(GCC48_ARM_ASLDLINK_FLAGS) > DEFINE GCC49_AARCH64_ASLDLINK_FLAGS =3D >DEF(GCC48_AARCH64_ASLDLINK_FLAGS) > >-DEFINE GCC5_IA32_CC_FLAGS =3D DEF(GCC49_IA32_CC_FLAGS) >+DEFINE GCC5_IA32_CC_FLAGS =3D DEF(GCC49_IA32_CC_FLAGS) -fno-pi= c >-fno-pie > DEFINE GCC5_X64_CC_FLAGS =3D DEF(GCC49_X64_CC_FLAGS) > DEFINE GCC5_IA32_X64_DLINK_COMMON =3D >DEF(GCC49_IA32_X64_DLINK_COMMON) > DEFINE GCC5_IA32_X64_ASLDLINK_FLAGS =3D >DEF(GCC49_IA32_X64_ASLDLINK_FLAGS) >@@ -5502,9 +5502,9 @@ RELEASE_GCC49_AARCH64_DLINK_FLAGS =3D >DEF(GCC49_AARCH64_DLINK_FLAGS) > *_GCC5_IA32_RC_PATH =3D DEF(GCC5_IA32_PREFIX)objcopy > > *_GCC5_IA32_ASLCC_FLAGS =3D DEF(GCC_ASLCC_FLAGS) -m32 -fno-lto >-*_GCC5_IA32_ASLDLINK_FLAGS =3D DEF(GCC5_IA32_X64_ASLDLINK_FLAGS) >-Wl,-m,elf_i386 >+*_GCC5_IA32_ASLDLINK_FLAGS =3D >DEF(GCC5_IA32_X64_ASLDLINK_FLAGS) -Wl,-m,elf_i386 -no-pie > *_GCC5_IA32_ASM_FLAGS =3D DEF(GCC5_ASM_FLAGS) -m32 - >march=3Di386 >-*_GCC5_IA32_DLINK2_FLAGS =3D DEF(GCC5_IA32_DLINK2_FLAGS) >+*_GCC5_IA32_DLINK2_FLAGS =3D DEF(GCC5_IA32_DLINK2_FLAGS) -no- >pie > *_GCC5_IA32_RC_FLAGS =3D DEF(GCC_IA32_RC_FLAGS) > *_GCC5_IA32_OBJCOPY_FLAGS =3D > *_GCC5_IA32_NASM_FLAGS =3D -f elf32 >-- >2.17.1