Files · 40d6444e91c6ab17e5e8ab01d4eece90cbc4afed · Anton / libtcg

configure: build position independent executables on x86-Linux hosts

Avi Kivity authored 13 years ago

Change the default on x86 Linux hosts to building PIE (position
independent executables); instead of restricting the option to
user-only targets, apply it to all targets.

In addition, set the relocation sections to read-only (relro) when
available; this reduces the attack surface by disallowing changes to
relocation tables at runtime.

While PIE reduces performance and relro increases load time, it
greatly improves security, with the potential to reduce a code
execution vulnerability to a self denial of service.

Non-x86 are not changed, as they require TCG changes; neither are
non-Linux, due to lack of test coverage.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

40d6444e

History

40d6444e 13 years ago

History

Name	Last commit	Last update
QMP
audio
block
bsd-user
darwin-user
default-configs
docs
fpu
fsdev
gdb-xml
hw
libcacard
linux-headers
linux-user
net
pc-bios
qapi
qga
roms
scripts
slirp
sysconfigs/target
target-alpha
target-arm
target-cris
target-i386
target-lm32
target-m68k
target-microblaze
target-mips
target-ppc
target-s390x
target-sh4
target-sparc
target-unicore32
target-xtensa
tcg
tests
trace
ui
.gitignore
.gitmodules
CODING_STYLE
COPYING
COPYING.LIB
Changelog
HACKING
LICENSE
MAINTAINERS
Makefile
Makefile.dis
Makefile.hw
Makefile.objs
Makefile.target
Makefile.user
README
TODO
VERSION
a.out.h
acl.c
acl.h
aes.c
aes.h
aio.c
alpha-dis.c
alpha.ld
arch_init.c
arch_init.h
arm-dis.c
arm-semi.c
arm.ld
async.c
balloon.c
balloon.h
bitmap.c
bitmap.h
bitops.c
bitops.h
block-migration.c
block-migration.h
block.c
block.h
block_int.h
blockdev.c
blockdev.h
bswap.h
bt-host.c
bt-host.h
bt-vhci.c
buffered_file.c
buffered_file.h
cache-utils.c
cache-utils.h
check-qdict.c
check-qfloat.c
check-qint.c
check-qjson.c
check-qlist.c
check-qstring.c
cmd.c

README