1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-28 11:21:44 +03:00
Commit Graph

4 Commits

Author SHA1 Message Date
Martin Kletzander
d498a89950 Fix '-pie' build with clang
Commit 97e70a5935 added the option -pie to
CFLAGS and LDFLAGS, however '-pie' is just a linker option.  That
wouldn't be a problem.  However, clang is checking for that and outputs
an error or unused argument:

error: argument unused during compilation: '-pie'

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-02-09 13:29:53 +01:00
Roman Bogorodskiy
97e70a5935 maint: extend PIE support check
GCC installed from FreeBSD ports doesn't support building PIE executables
and fails with:

/usr/local/bin/ld: /usr/lib/crt1.o: relocation R_X86_64_32 against
`_DYNAMIC' can not be used when making a shared object; recompile with
-fPIC
/usr/lib/crt1.o: error adding symbols: Bad value
collect2: error: ld returned 1 exit status

However, the configure check for '-fPIC -DPIC' doesn't catch that. In
order to catch this case, add '-pie' to CFLAGS in m4/virt-compile-pie.m4
so it could detect lack of PIE support on configure time and don't fail
the build.
2015-05-11 20:08:47 +03:00
Daniel P. Berrange
c03eff7717 Don't enable -fPIE on Win32 platforms
On win32, all code is position independent and adding -fPIE
to the compiler flags results in warnings being printed

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-04-15 17:35:30 +01:00
Daniel P. Berrange
1150999ca4 Build all binaries with PIE
PIE (position independent executable) adds security to executables
by composing them entirely of position-independent code (PIC. The
.so libraries already build with -fPIC. This adds -fPIE which is
the equivalent to -fPIC, but for executables. This for allows Exec
Shield to use address space layout randomization to prevent attackers
from knowing where existing executable code is during a security
attack using exploits that rely on knowing the offset of the
executable code in the binary, such as return-to-libc attacks.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-04-03 16:19:35 +01:00