This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: RFC: Add --enable-static-pie to build static executables as PIE
- From: "H.J. Lu" <hjl dot tools at gmail dot com>
- To: Alan Modra <amodra at gmail dot com>
- Cc: Rich Felker <dalias at libc dot org>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 18 Jul 2017 07:45:40 -0700
- Subject: Re: RFC: Add --enable-static-pie to build static executables as PIE
- Authentication-results: sourceware.org; auth=none
- References: <CAMe9rOpAVyDYwe5o3S+0T96Ryeug=qHwgbQguGL4kaqJOrKViw@mail.gmail.com> <20170717222937.GQ1627@brightrain.aerifal.cx> <CAMe9rOozp6T25FzpP41S+PaWmANa955=K8hZcFagmFfoaQKgSA@mail.gmail.com> <20170718042500.GI14520@bubble.grove.modra.org> <CAMe9rOq3h1mvrLUn7CQ9vJ=NmERhr=Hb1KHu7-zkA6aKKT7WHA@mail.gmail.com> <20170718134800.GK14520@bubble.grove.modra.org>
On Tue, Jul 18, 2017 at 6:48 AM, Alan Modra <amodra@gmail.com> wrote:
> On Tue, Jul 18, 2017 at 05:30:48AM -0700, H.J. Lu wrote:
>> On Mon, Jul 17, 2017 at 9:25 PM, Alan Modra <amodra@gmail.com> wrote:
>> > On Mon, Jul 17, 2017 at 03:57:47PM -0700, H.J. Lu wrote:
>> >> On Mon, Jul 17, 2017 at 3:29 PM, Rich Felker <dalias@libc.org> wrote:
>> >> > On Mon, Jul 17, 2017 at 08:58:22AM -0700, H.J. Lu wrote:
>> >> >> Hi,
>> >> >>
>> >> >> Are there any interests for --enable-static-pie, which builds static
>> >> >> executables as PIE?
>> >> >
>> >> > Can you clarify what you're asking about? Is this asking if glibc is
>> >> > interested in providing the runtime support (crt variant) for gcc to
>> >> > be able to produce static PIE executables using glibc? I'm unclear on
>> >> > whose configure script would need --enable-static-pie.
>> >> >
>> >>
>> >> --enable-static-pie will be a configure option to glibc:
>> >>
>> >> 1. Build libc.a with -fPIE.
>> >> 2. Update pointers in static PIE.
>> >> 3. Apply IREL relocations for static PIE.
>> >> 4 ....
>> >
>> > Explain first exactly what you mean by a "static PIE".
>> >
>> > - Will it be ET_EXEC or ET_DYN?
>>
>> [hjl@gnu-tools-1 build-x86_64-linux]$ readelf -h elf/sln
>> ELF Header:
>> Magic: 7f 45 4c 46 02 01 01 03 00 00 00 00 00 00 00 00
>> Class: ELF64
>> Data: 2's complement, little endian
>> Version: 1 (current)
>> OS/ABI: UNIX - GNU
>> ABI Version: 0
>> Type: DYN (Shared object file)
>
> OK, good. I don't have any problem with this.
>
> Now, you can link PIEs using -fPIE static libraries just with "-pie
> -Wl,-Bstatic". This will give you a PIE with no dynamic library
> dependencies (except ld.so) and needs no toolchain or startup file
> changes. You only need to ensure that libc.a and other archives are
> built with -fPIE.
>
>> Linker needs to support --no-dynamic-linker.
>
> Is there really much to be gained from PIEs that don't use ld.so
> versus those that do?
>
You can copy static PIE to anywhere and run even if ld.so
doesn't work for whatever reason.
--
H.J.