http://llvm.org/bugs/show_bug.cgi?id=22102
Bug ID: 22102
Summary: add support for building positions independent
executables by default
Product: clang
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Driver
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Classification: Unclassified
It's currently not possible to enable PIE (full ASLR) across the board without
either patching the compiler or wrapping it behind a script. Other hardening
flags can simply be set via CFLAGS/LDFLAGS as most build systems respect them.
The -fPIE switch needs to be passed when -f{no}-{pic,pie,PIC} is not and -pie
needs to be passed for linking executables but not libraries along with some
other exceptions. The list in the pending GCC patch is likely enough for Clang
too:
https://gcc.gnu.org/ml/gcc-patches/2014-07/msg02231.html
Recent improvements to gcc/binutils (PIE copy relocs) means that PIE has ~0%
overhead in most cases on x86_64 rather than ~1-5%, although this may not be
implemented in LLVM yet. The main blocker to distributions taking advantage of
it is simply making it easy to turn on.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs
