[LLVMbugs] [Bug 22102] New: add support for building positions independent executables by default

Mon Jan 5 19:58:06 PST 2015

http://llvm.org/bugs/show_bug.cgi?id=22102

            Bug ID: 22102
           Summary: add support for building positions independent
                    executables by default
           Product: clang
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Driver
          Assignee: unassignedclangbugs at nondot.org
          Reporter: danielmicay at gmail.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

It's currently not possible to enable PIE (full ASLR) across the board without
either patching the compiler or wrapping it behind a script. Other hardening
flags can simply be set via CFLAGS/LDFLAGS as most build systems respect them.

The -fPIE switch needs to be passed when -f{no}-{pic,pie,PIC} is not and -pie
needs to be passed for linking executables but not libraries along with some
other exceptions. The list in the pending GCC patch is likely enough for Clang
too:

https://gcc.gnu.org/ml/gcc-patches/2014-07/msg02231.html

Recent improvements to gcc/binutils (PIE copy relocs) means that PIE has ~0%
overhead in most cases on x86_64 rather than ~1-5%, although this may not be
implemented in LLVM yet. The main blocker to distributions taking advantage of
it is simply making it easy to turn on.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20150106/40d69608/attachment.html>