Changeset 6c952e3 for chapter08/gcc.xml
- Timestamp:
- 09/19/2022 06:38:55 AM (2 years ago)
- Branches:
- xry111/clfs-ng
- Children:
- 1f6dfd4
- Parents:
- 1203312 (diff), 3d65730e (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
chapter08/gcc.xml
r1203312 r6c952e3 74 74 LD=ld \ 75 75 --enable-languages=c,c++ \ 76 --enable-default-pie \ 77 --enable-default-ssp \ 76 78 --disable-multilib \ 77 79 --disable-bootstrap \ … … 104 106 </variablelist> 105 107 108 <note> 109 <anchor id="pie-ssp-info" xreflabel="note on PIE and SSP"/> 110 <para> 111 PIE (position-independent executable) is a technique to produce 112 binary programs that can be loaded anywhere in memory. Without PIE, 113 the security feature named ASLR (Address Space Layout Randomization) 114 can be applied for the shared libraries, but not the exectutable 115 itself. Enabling PIE allows ASLR for the executables in addition to 116 the shared libraries, and mitigates some attacks based on fixed 117 addresses of sensitive code or data in the executables. 118 </para> 119 <para> 120 SSP (Stack Smashing Protection) is a technique to ensure 121 that the parameter stack is not corrupted. Stack corruption can 122 for example alter the return address of a subroutine, 123 which would allow transferring control to some dangerous code 124 (existing in the program or shared libraries, or injected by the 125 attacker somehow) instead of the original one. 126 </para> 127 </note> 128 106 129 <para>Compile the package:</para> 107 130 … … 110 133 <important> 111 134 <para>In this section, the test suite for GCC is considered 112 important, but it takes a long time. First time builders are 135 important, but it takes a long time. First time builders are 113 136 encouraged to not skip it. The time to run the tests can be 114 137 reduced significantly by adding -jx to the make command below … … 136 159 url="&test-results;"/> and 137 160 <ulink url="https://gcc.gnu.org/ml/gcc-testresults/"/>.</para> 161 162 <para>In gcc, eleven tests, in the i386 test suite are known to FAIL. 163 It's because the test files do not account for the 164 <parameter>--enable-default-pie</parameter> option.</para> 138 165 139 166 <para>In g++, four tests related to PR100400 are known to be reported … … 200 227 <para>Now make sure that we're setup to use the correct start files:</para> 201 228 202 <screen><userinput>grep - o '/usr/lib.*/crt[1in].*succeeded' dummy.log</userinput></screen>229 <screen><userinput>grep -E -o '/usr/lib.*/S?crt[1in].*succeeded' dummy.log</userinput></screen> 203 230 204 231 <para>The output of the last command should be:</para> 205 232 206 <screen><computeroutput>/usr/lib/gcc/x86_64-pc-linux-gnu/&gcc-version;/../../../../lib/ crt1.o succeeded233 <screen><computeroutput>/usr/lib/gcc/x86_64-pc-linux-gnu/&gcc-version;/../../../../lib/Scrt1.o succeeded 207 234 /usr/lib/gcc/x86_64-pc-linux-gnu/&gcc-version;/../../../../lib/crti.o succeeded 208 235 /usr/lib/gcc/x86_64-pc-linux-gnu/&gcc-version;/../../../../lib/crtn.o succeeded</computeroutput></screen> … … 562 589 <listitem> 563 590 <para>Contains routines supporting GCC's stack-smashing protection 564 functionality</para> 591 functionality. Normally it's unused because glibc also provides 592 those routines</para> 565 593 <indexterm zone="ch-system-gcc libssp"> 566 594 <primary sortas="c-libssp">libssp</primary>
Note:
See TracChangeset
for help on using the changeset viewer.