From patchwork Tue Nov 15 18:12:17 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Avi Kivity X-Patchwork-Id: 125853 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [140.186.70.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 116E0B6F85 for ; Wed, 16 Nov 2011 05:12:49 +1100 (EST) Received: from localhost ([::1]:53460 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RQNUt-0000Gl-03 for incoming@patchwork.ozlabs.org; Tue, 15 Nov 2011 13:12:39 -0500 Received: from eggs.gnu.org ([140.186.70.92]:49095) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RQNUn-0000Fq-FL for qemu-devel@nongnu.org; Tue, 15 Nov 2011 13:12:34 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RQNUl-0004dd-VL for qemu-devel@nongnu.org; Tue, 15 Nov 2011 13:12:33 -0500 Received: from mx1.redhat.com ([209.132.183.28]:59449) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RQNUl-0004dT-Jb for qemu-devel@nongnu.org; Tue, 15 Nov 2011 13:12:31 -0500 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id pAFICS6F005652 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 15 Nov 2011 13:12:28 -0500 Received: from cleopatra.tlv.redhat.com (cleopatra.tlv.redhat.com [10.35.255.11]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id pAFICRx4017445; Tue, 15 Nov 2011 13:12:27 -0500 Received: from s01.tlv.redhat.com (s01.tlv.redhat.com [10.35.255.8]) by cleopatra.tlv.redhat.com (Postfix) with ESMTP id 40FA0250B99; Tue, 15 Nov 2011 20:12:23 +0200 (IST) From: Avi Kivity To: Anthony Liguori , qemu-devel@nongnu.org, Blue Swirl Date: Tue, 15 Nov 2011 20:12:17 +0200 Message-Id: <1321380737-23007-1-git-send-email-avi@redhat.com> X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 209.132.183.28 Cc: Paul Moore , Peter Maydell Subject: [Qemu-devel] [PATCH v8 1.0] configure: build position independent executables on x86-Linux hosts X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Change the default on x86 Linux hosts to building PIE (position independent executables); instead of restricting the option to user-only targets, apply it to all targets. In addition, set the relocation sections to read-only (relro) when available; this reduces the attack surface by disallowing changes to relocation tables at runtime. While PIE reduces performance and relro increases load time, it greatly improves security, with the potential to reduce a code execution vulnerability to a self denial of service. Non-x86 are not changed, as they require TCG changes; neither are non-Linux, due to lack of test coverage. Signed-off-by: Avi Kivity --- v8: restrict further to Linux hosts use linker option '-pie' instead of '-Wl,-pie'; fixes link on x86_64 v7: avoid 'test -a' optimize relro/now linker flag test fail if toolchain doesn't support pie while the user explicitly asked for it v6: fix subject line. sigh. v5: fix typos; only default enable for x86; mutually exclusive with -static v4: say it's v4 and for 1.0 v3: detect toolchain support for PIE at configure time v2: improve description to include relro configure | 65 ++++++++++++++++++++++++++++++++++++++++++++---------------- 1 files changed, 47 insertions(+), 18 deletions(-) diff --git a/configure b/configure index 6c77fbb..75e1f10 100755 --- a/configure +++ b/configure @@ -172,7 +172,7 @@ aix="no" blobs="yes" pkgversion="" check_utests="" -user_pie="no" +pie="" zero_malloc="" trace_backend="nop" trace_file="trace" @@ -701,9 +701,9 @@ for opt do ;; --disable-guest-base) guest_base="no" ;; - --enable-user-pie) user_pie="yes" + --enable-pie) pie="yes" ;; - --disable-user-pie) user_pie="no" + --disable-pie) pie="no" ;; --enable-uname-release=*) uname_release="$optarg" ;; @@ -1031,8 +1031,8 @@ echo " --disable-bsd-user disable all BSD usermode emulation targets" echo " --enable-guest-base enable GUEST_BASE support for usermode" echo " emulation targets" echo " --disable-guest-base disable GUEST_BASE support" -echo " --enable-user-pie build usermode emulation targets as PIE" -echo " --disable-user-pie do not build usermode emulation targets as PIE" +echo " --enable-pie build Position Independent Executables" +echo " --disable-pie do not build Position Independent Executables" echo " --fmod-lib path to FMOD library" echo " --fmod-inc path to FMOD includes" echo " --oss-lib path to OSS library" @@ -1099,6 +1099,47 @@ for flag in $gcc_flags; do fi done +if test "$static" = "yes" ; then + if test "$pie" = "yes" ; then + echo "static and pie are mutually incompatible" + exit 1 + else + pie="no" + fi +fi + +if test "$pie" = ""; then + case "$cpu-$targetos" in + i386-Linux|x86_64-Linux) + ;; + *) + pie="no" + ;; + esac +fi + +if test "$pie" != "no" ; then + cat > $TMPC << EOF +int main(void) { return 0; } +EOF + if compile_prog "-fPIE -DPIE" "-pie"; then + QEMU_CFLAGS="-fPIE -DPIE $QEMU_CFLAGS" + LDFLAGS="-pie $LDFLAGS" + pie="yes" + if compile_prog "" "-Wl,-z,relro -Wl,-z,now" ; then + LDFLAGS="-Wl,-z,relro -Wl,-z,now $LDFLAGS" + fi + else + if test "$pie" = "yes"; then + echo "PIE not available due to missing toolchain support" + exit 1 + else + echo "Disabling PIE due to missing toolchain support" + pie="no" + fi + fi +fi + # # Solaris specific configure tool chain decisions # @@ -2765,7 +2806,7 @@ echo "Documentation $docs" echo "uname -r $uname_release" echo "NPTL support $nptl" echo "GUEST_BASE $guest_base" -echo "PIE user targets $user_pie" +echo "PIE $pie" echo "vde support $vde" echo "Linux AIO support $linux_aio" echo "ATTR/XATTR support $attr" @@ -3225,9 +3266,6 @@ for d in libdis libdis-user; do symlink $source_path/Makefile.dis $d/Makefile echo > $d/config.mak done -if test "$static" = "no" -a "$user_pie" = "yes" ; then - echo "QEMU_CFLAGS+=-fpie" > libdis-user/config.mak -fi for target in $target_list; do target_dir="$target" @@ -3646,12 +3684,6 @@ if test "$target_softmmu" = "yes" ; then esac fi -if test "$target_user_only" = "yes" -a "$static" = "no" -a \ - "$user_pie" = "yes" ; then - cflags="-fpie $cflags" - ldflags="-pie $ldflags" -fi - if test "$target_softmmu" = "yes" -a \( \ "$TARGET_ARCH" = "microblaze" -o \ "$TARGET_ARCH" = "cris" \) ; then @@ -3775,9 +3807,6 @@ d=libuser mkdir -p $d mkdir -p $d/trace symlink $source_path/Makefile.user $d/Makefile -if test "$static" = "no" -a "$user_pie" = "yes" ; then - echo "QEMU_CFLAGS+=-fpie" > $d/config.mak -fi if test "$docs" = "yes" ; then mkdir -p QMP