New issue
Advanced search Search tips

Issue 900182 link

Starred by 2 users
Status: Fixed
Owner:
thomasanderson@chromium.org
Closed: Nov 1
Cc:
thestig@chromium.org
thomasanderson@chromium.org
scottmg@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Fuchsia
Pri: 3
Type: Bug



Sign in to add a comment

Pass -pie in ldflags by default on Linux (and Fuchsia)?

Project Member Reported by thakis@chromium.org, Oct 30 
On Windows, we build with /dynamicbase by default, which makes all executables ASLR'd. On Mac, all our executables are ASLR'd by default. All our android binaries are linked with -pie. On Linux, we compile everything with -fPIC, but we only pass -pie in ldflags for chrome and a few one-off binaries (see e.g. https://chromium-review.googlesource.com/c/chromium/src/+/1294289).

Should we use -pie by default for executables on linux (and fuchsia, i guess?), to make our build configs across platforms more consistent?

Comment 1 by thomasanderson@chromium.org, Oct 30

Owner: thomasanderson@chromium.org
Status: Assigned (was: Untriaged)
sgtm since we already do it for all of the below targets/types
* v8_executable
* chrome
* everything on mips and mips64
* nacl_helper
* v8_context_snapshot_generator
* sel_ldr
* shared libraries, implicitly

Comment 2 by thestig@chromium.org, Oct 30 

We can try and see what breaks.

Comment 3 by scottmg@chromium.org, Oct 31 

pie is always on on Fuchsia already, the toolchain stuffs this in afaik.
Project Member

Comment 5 by bugdroid1@chromium.org, Nov 1 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/849beaf2d3c89fc319c85a6add7d8a64cae14aae

commit 849beaf2d3c89fc319c85a6add7d8a64cae14aae
Author: Tom Anderson <thomasanderson@chromium.org>
Date: Thu Nov 01 00:27:37 2018

Build executables with -pie on Linux and Fuchsia

BUG= 900182 
R=thakis
TBR=dschuff

Change-Id: I73402d71c1deb98564ec19d07d0e19e340bb6473
Reviewed-on: https://chromium-review.googlesource.com/c/1308097
Reviewed-by: Thomas Anderson <thomasanderson@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#604462}
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/build/config/BUILD.gn
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/build/config/android/BUILD.gn
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/build/config/compiler/BUILD.gn
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/build/config/compiler/compiler.gni
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/build/config/fuchsia/BUILD.gn
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/build/config/gcc/BUILD.gn
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/chrome/BUILD.gn
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/components/nacl/loader/BUILD.gn
[modify] https://crrev.com/849beaf2d3c89fc319c85a6add7d8a64cae14aae/tools/v8_context_snapshot/BUILD.gn

Comment 6 by thomasanderson@chromium.org, Nov 1

Status: Fixed (was: Assigned)

Sign in to add a comment