This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: PING: [PATCH] Add --enable-static-pie to build static PIE
On Wed, 27 Sep 2017, H.J. Lu wrote:
> > would an architecture need or not need architecture-specific configure
> > changes, etc.), and have you tried a build-many-glibcs.py run with this
> > option passed to all the builds to see how other architectures do? Why
>
> build-many-glibcs.py has no regressions. But I didn't try --enable-static-pie
> with build-many-glibcs.py. I encourage target maintainers to give
> hjl/pie/static
> branch a try.
I think the most useful test for this purpose (of assessing architecture
support) is adding --enable-static-pie alongside --enable-profile in
build-many-glibcs.py and seeing how the build goes.
> No separate PIE copy of libc.a, is used for static PIE to minimize
> GCC driver change. To improve system security, glibc can be built with
The question should be what's best for the GNU system and the GNU
toolchain as a whole, rather than minimizing the GCC driver changes.
> > The patch is missing documentation in install.texi of the new configure
> > option and associated regeneration of INSTALL.
>
> Done. I also updated NEWS.
To me, both the install.texi and NEWS changes read as saying that programs
such as ldconfig are built as PIEs. That's a separate matter from
supporting user programs built as static PIEs. I'd have thought the main
point of this feature, which is the one that NEWS and install.texi should
emphasize, is the support for user programs built as static PIEs.
--
Joseph S. Myers
joseph@codesourcery.com