From 3f004042927aedaa3596e7b5b186682ea4e405fc Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Tue, 1 Feb 2011 19:09:31 +0000 Subject: [PATCH 1/2] Allow PIE to be disabled, to work around broken toolchains Bug: https://bugs.freedesktop.org/show_bug.cgi?id=16621 --- configure.in | 34 +++++++++++++++++++++------------- 1 files changed, 21 insertions(+), 13 deletions(-) diff --git a/configure.in b/configure.in index 08bd962..17d2a06 100644 --- a/configure.in +++ b/configure.in @@ -1208,19 +1208,6 @@ if test "x$GCC" = "xyes"; then ;; esac - case " $CFLAGS " in - *[\ \ ]-fPIE[\ \ ]*) ;; - *) if test x$dbus_win = xno && cc_supports_flag -fPIE; then - PIE_CFLAGS="-fPIE" - if ld_supports_flag -z,relro; then - PIE_LDFLAGS="-pie -Wl,-z,relro" - else - PIE_LDFLAGS="-pie" - fi - fi - ;; - esac - ### Disabled warnings, and compiler flag overrides # Let's just ignore unused for now @@ -1296,6 +1283,27 @@ fi AC_SUBST(PIC_CFLAGS) AC_SUBST(PIC_LDFLAGS) + +# Disabling position-independent executables means we can't take advantage +# of address space layout randomization, but some toolchains have known-broken +# support for PIE. See https://bugs.freedesktop.org/show_bug.cgi?id=16621 +AC_ARG_ENABLE([pie], + [AS_HELP_STRING([--disable-pie], + [disable PIE to work around broken toolchains: this breaks ASLR, which is a security feature])], + [enable_pie=$enableval], + [enable_pie=yes]) +PIE_CFLAGS= +PIE_LDFLAGS= +if test "x$GCC,$enable_pie,$dbus_win" = xyes,yes,no; then + if cc_supports_flag -fPIE; then + PIE_CFLAGS="-fPIE" + if ld_supports_flag -z,relro; then + PIE_LDFLAGS="-pie -Wl,-z,relro" + else + PIE_LDFLAGS="-pie" + fi + fi +fi AC_SUBST(PIE_CFLAGS) AC_SUBST(PIE_LDFLAGS) -- 1.7.2.3