Re: [PATCH v2] selftests: exec: make binaries position independent

Linux-mm Archive mirror
 help / color / mirror / Atom feed

From: John Hubbard <jhubbard@nvidia.com>
To: Fangrui Song <maskray@google.com>, Kees Cook <keescook@chromium.org>
Cc: Muhammad Usama Anjum <usama.anjum@collabora.com>,
	Eric Biederman <ebiederm@xmission.com>,
	Shuah Khan <shuah@kernel.org>,
	Nathan Chancellor <nathan@kernel.org>,
	Nick Desaulniers <ndesaulniers@google.com>,
	"Bill Wendling" <morbo@google.com>,
	Justin Stitt <justinstitt@google.com>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	Yang Yingliang <yangyingliang@huawei.com>, <kernel@collabora.com>,
	<linux-mm@kvack.org>, <linux-kselftest@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>, <llvm@lists.linux.dev>
Subject: Re: [PATCH v2] selftests: exec: make binaries position independent
Date: Mon, 6 May 2024 17:23:59 -0700	[thread overview]
Message-ID: <963feb08-18c9-4891-b85e-e9e4667e40d8@nvidia.com> (raw)
In-Reply-To: <CAFP8O3Kx+bVCVQpQJVBrPkjrQO9d5rdcxGGP-Jn6t_Mpc995RA@mail.gmail.com>

On 5/6/24 5:14 PM, Fangrui Song wrote:
> On Mon, May 6, 2024 at 5:05 PM Kees Cook <keescook@chromium.org> wrote:
>>
>> On Mon, May 06, 2024 at 04:30:27PM -0700, Fangrui Song wrote:
>>> On Tue, Apr 16, 2024 at 10:28 AM Kees Cook <keescook@chromium.org> wrote:
>>>>
>>>> On Tue, Apr 16, 2024 at 08:28:29PM +0500, Muhammad Usama Anjum wrote:
>>>>> The -static overrides the -pie and binaries aren't position independent
>>>>> anymore. Use -static-pie instead which would produce a static and
>>>>> position independent binary. This has been caught by clang's warnings:
>>>>>
>>>>>    clang: warning: argument unused during compilation: '-pie'
>>>>>    [-Wunused-command-line-argument]
>>>>>
>>>>> Tested with both gcc and clang after this change.
>>>>>
>>>>> Fixes: 4d1cd3b2c5c1 ("tools/testing/selftests/exec: fix link error")
>>>>> Signed-off-by: Muhammad Usama Anjum <usama.anjum@collabora.com>
>>>>
>>>> Thanks for this!
>>>>
>>>> Reviewed-by: Kees Cook <keescook@chromium.org>
>>>>
>>>> --
>>>> Kees Cook
>>>
>>> GCC versions before 8.1 do not support -static-pie,
>>> while https://www.kernel.org/doc/html/next/process/changes.html says
>>> the minimal version is GCC 5.1.
>>> Is this a problem?
>>>
>>> If not, and CFLAGS is guaranteed to include -fpie/-fpic/-fPIE/-fPIC
>>> (PIC), using -static-pie looks good to me.
>>
>> Should we use this alternative, which may be more portable?
>> https://lore.kernel.org/all/20240504022301.35250-1-jhubbard@nvidia.com/
>>
>> -Kees
> 
> s/-fPIE -static/-static/ then it looks good to me:)

hmm, maybe that is better, considering that -static-pie is relatively
new (as you pointed out in the other thread), and would break the
minimum kernel gcc version requirements.

> 
> -static creates a position-dependent executable.
> It doesn't matter whether the compiler uses -fno-pic/-fpie/-fpic
> codegen, so -fPIE can be removed.
> 

This is something I'd have to take your word for. The whole PIE
story not completely clear to me, but if you're sure it is not
required here, then of course leaving it out entirely works nicely...


thanks,
-- 
John Hubbard
NVIDIA

     prev parent reply	other threads:[~2024-05-07  0:24 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-16 15:28 [PATCH v2] selftests: exec: make binaries position independent Muhammad Usama Anjum
2024-04-16 17:28 ` Kees Cook
2024-05-06 23:30   ` Fangrui Song
2024-05-07  0:05     ` Kees Cook
2024-05-07  0:14       ` Fangrui Song
2024-05-07  0:23         ` John Hubbard [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=963feb08-18c9-4891-b85e-e9e4667e40d8@nvidia.com \
    --to=jhubbard@nvidia.com \
    --cc=akpm@linux-foundation.org \
    --cc=ebiederm@xmission.com \
    --cc=justinstitt@google.com \
    --cc=keescook@chromium.org \
    --cc=kernel@collabora.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=llvm@lists.linux.dev \
    --cc=maskray@google.com \
    --cc=morbo@google.com \
    --cc=nathan@kernel.org \
    --cc=ndesaulniers@google.com \
    --cc=shuah@kernel.org \
    --cc=usama.anjum@collabora.com \
    --cc=yangyingliang@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).