Add WITH_PIE knob to build Position Independent Executables

Building binaries as PIE allows the executable itself to be loaded at a random address when ASLR is enabled (not just its shared libraries). With this change PIE objects have a .pieo extension and INTERNALLIB libraries libXXX_pie.a. MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as they explicitly reference .a libraries in their Makefiles. These can be addressed on an individual basis later. MK_PIE is also disabled for rtld-elf because it is already position-independent using bespoke Makefile rules. Currently only dynamically linked binaries will be built as PIE. Discussed with: dim Reviewed by: kib MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D18423
2019-02-15 22:22:38 +00:00 · 2019-02-15 22:22:38 +00:00 · bcf99d2d99
commit bcf99d2d99
parent ca62461bc6
13 changed files with 87 additions and 24 deletions
--- a/kerberos5/tools/asn1_compile/Makefile
+++ b/kerberos5/tools/asn1_compile/Makefile
@ -6,6 +6,7 @@ LIBROKEN_A=	${.OBJDIR:H:H}/lib/libroken/libroken.a
 LIBADD=	vers
 LDADD=	${LIBROKEN_A}
 DPADD=	${LIBROKEN_A}
+MK_PIE:=	no

 SRCS=	\
 	asn1parse.y \
--- a/kerberos5/tools/slc/Makefile
+++ b/kerberos5/tools/slc/Makefile
@ -6,6 +6,7 @@ LIBADD=	vers
 LDADD=  ${LIBROKEN_A}
 DPADD=  ${LIBROKEN_A}
 MAN=
+MK_PIE:=	no

 SRCS=	roken.h \
 	slc-gram.y \
--- a/lib/clang/Makefile.inc
+++ b/lib/clang/Makefile.inc
@ -2,6 +2,8 @@

 .include <bsd.compiler.mk>

+MK_PIE:=	no	# Explicit libXXX.a references
+
 .if ${COMPILER_TYPE} == "clang"
 DEBUG_FILES_CFLAGS= -gline-tables-only
 .else
--- a/libexec/rtld-elf/Makefile
+++ b/libexec/rtld-elf/Makefile
@ -7,6 +7,7 @@
 .include <src.opts.mk>
 PACKAGE=	clibs
 MK_BIND_NOW=	no
+MK_PIE=		no # Always position independent using local rules
 MK_SSP=		no

 CONFS=		libmap.conf
--- a/share/mk/bsd.lib.mk
+++ b/share/mk/bsd.lib.mk
@ -91,13 +91,16 @@ CTFFLAGS+= -g
 # prefer .s to a .c, add .po, remove stuff not used in the BSD libraries
 # .pico used for PIC object files
 # .nossppico used for NOSSP PIC object files
-.SUFFIXES: .out .o .bc .ll .po .pico .nossppico .S .asm .s .c .cc .cpp .cxx .C .f .y .l .ln
+# .pieo used for PIE object files
+.SUFFIXES: .out .o .bc .ll .po .pico .nossppico .pieo .S .asm .s .c .cc .cpp .cxx .C .f .y .l .ln

 .if !defined(PICFLAG)
 .if ${MACHINE_CPUARCH} == "sparc64"
 PICFLAG=-fPIC
+PIEFLAG=-fPIE
 .else
 PICFLAG=-fpic
+PIEFLAG=-fpie
 .endif
 .endif

@ -115,6 +118,10 @@ PO_FLAG=-pg
 	${CC} ${PICFLAG} -DPIC ${SHARED_CFLAGS:C/^-fstack-protector.*$//} ${CFLAGS:C/^-fstack-protector.*$//} -c ${.IMPSRC} -o ${.TARGET}
 	${CTFCONVERT_CMD}

+.c.pieo:
+	${CC} ${PIEFLAG} -DPIC ${SHARED_CFLAGS} ${CFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+	${CTFCONVERT_CMD}
+
 .cc.po .C.po .cpp.po .cxx.po:
 	${CXX} ${PO_FLAG} ${STATIC_CXXFLAGS} ${PO_CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}

@ -124,6 +131,9 @@ PO_FLAG=-pg
 .cc.nossppico .C.nossppico .cpp.nossppico .cxx.nossppico:
 	${CXX} ${PICFLAG} -DPIC ${SHARED_CXXFLAGS:C/^-fstack-protector.*$//} ${CXXFLAGS:C/^-fstack-protector.*$//} -c ${.IMPSRC} -o ${.TARGET}

+.cc.pieo .C.pieo .cpp.pieo .cxx.pieo:
+	${CXX} ${PIEFLAG} ${SHARED_CXXFLAGS} ${CXXFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+
 .f.po:
 	${FC} -pg ${FFLAGS} -o ${.TARGET} -c ${.IMPSRC}
 	${CTFCONVERT_CMD}
@ -136,7 +146,7 @@ PO_FLAG=-pg
 	${FC} ${PICFLAG} -DPIC ${FFLAGS:C/^-fstack-protector.*$//} -o ${.TARGET} -c ${.IMPSRC}
 	${CTFCONVERT_CMD}

-.s.po .s.pico .s.nossppico:
+.s.po .s.pico .s.nossppico .s.pieo:
 	${AS} ${AFLAGS} -o ${.TARGET} ${.IMPSRC}
 	${CTFCONVERT_CMD}

@ -155,6 +165,11 @@ PO_FLAG=-pg
 	    ${CFLAGS:C/^-fstack-protector.*$//} ${ACFLAGS} -c ${.IMPSRC} -o ${.TARGET}
 	${CTFCONVERT_CMD}

+.asm.pieo:
+	${CC:N${CCACHE_BIN}} -x assembler-with-cpp ${PIEFLAG} -DPIC \
+	    ${CFLAGS} ${ACFLAGS} -c ${.IMPSRC} -o ${.TARGET}
+	${CTFCONVERT_CMD}
+
 .S.po:
 	${CC:N${CCACHE_BIN}} -DPROF ${PO_CFLAGS} ${ACFLAGS} -c ${.IMPSRC} \
 	    -o ${.TARGET}
@ -170,6 +185,11 @@ PO_FLAG=-pg
 	    -c ${.IMPSRC} -o ${.TARGET}
 	${CTFCONVERT_CMD}

+.S.pieo:
+	${CC:N${CCACHE_BIN}} ${PIEFLAG} -DPIC ${CFLAGS} ${ACFLAGS} \
+	    -c ${.IMPSRC} -o ${.TARGET}
+	${CTFCONVERT_CMD}
+
 _LIBDIR:=${LIBDIR}
 _SHLIBDIR:=${SHLIBDIR}

@ -334,6 +354,20 @@ lib${LIB_PRIVATE}${LIB}_nossp_pic.a: ${NOSSPSOBJS}

 .endif # !defined(INTERNALLIB)

+.if defined(INTERNALLIB) && ${MK_PIE} != "no"
+PIEOBJS+=	${OBJS:.o=.pieo}
+DEPENDOBJS+=	${PIEOBJS}
+CLEANFILES+=	${PIEOBJS}
+
+_LIBS+=		lib${LIB_PRIVATE}${LIB}_pie.a
+
+lib${LIB_PRIVATE}${LIB}_pie.a: ${PIEOBJS}
+	@${ECHO} building pie ${LIB} library
+	@rm -f ${.TARGET}
+	${AR} ${ARFLAGS} ${.TARGET} ${PIEOBJS} ${ARADD}
+	${RANLIB} ${RANLIBFLAGS} ${.TARGET}
+.endif
+
 .if defined(_SKIP_BUILD)
 all:
 .else
--- a/share/mk/bsd.opts.mk
+++ b/share/mk/bsd.opts.mk
@ -73,6 +73,7 @@ __DEFAULT_NO_OPTIONS = \
    CCACHE_BUILD \
    CTF \
    INSTALL_AS_USER \
+    PIE \
    RETPOLINE \
    STALE_STAGED

--- a/share/mk/bsd.prog.mk
+++ b/share/mk/bsd.prog.mk
@ -38,6 +38,12 @@ MK_DEBUG_FILES=	no
 .if ${MK_BIND_NOW} != "no"
 LDFLAGS+= -Wl,-znow
 .endif
+.if ${MK_PIE} != "no" && \
+    !defined(NO_SHARED) || ${NO_SHARED} == "no" || ${NO_SHARED} == "NO"
+CFLAGS+= -fPIE
+CXXFLAGS+= -fPIE
+LDFLAGS+= -pie
+.endif
 .if ${MK_RETPOLINE} != "no"
 CFLAGS+= -mretpoline
 CXXFLAGS+= -mretpoline
--- a/share/mk/src.libnames.mk
+++ b/share/mk/src.libnames.mk
@ -368,6 +368,10 @@ LDADD_atf_cxx=	-lprivateatf-c++
 LIB${_l:tu}?=	${LIBDESTDIR}${LIBDIR_BASE}/libprivate${_l}.a
 .endfor

+.if ${MK_PIE} != "no"
+PIE_SUFFIX=	_pie
+.endif
+
 .for _l in ${_LIBRARIES}
 .if ${_INTERNALLIBS:M${_l}} || !defined(SYSROOT)
 LDADD_${_l}_L+=		-L${LIB${_l:tu}DIR}
@ -375,6 +379,8 @@ LDADD_${_l}_L+=		-L${LIB${_l:tu}DIR}
 DPADD_${_l}?=	${LIB${_l:tu}}
 .if ${_PRIVATELIBS:M${_l}}
 LDADD_${_l}?=	-lprivate${_l}
+.elif ${_INTERNALLIBS:M${_l}}
+LDADD_${_l}?=	${LDADD_${_l}_L} -l${_l:S/${PIE_SUFFIX}//}${PIE_SUFFIX}
 .else
 LDADD_${_l}?=	${LDADD_${_l}_L} -l${_l}
 .endif
@ -418,69 +424,69 @@ LDADD+=		${LDADD_${_l}}

 # INTERNALLIB definitions.
 LIBELFTCDIR=	${OBJTOP}/lib/libelftc
-LIBELFTC?=	${LIBELFTCDIR}/libelftc.a
+LIBELFTC?=	${LIBELFTCDIR}/libelftc${PIE_SUFFIX}.a

 LIBPEDIR=	${OBJTOP}/lib/libpe
-LIBPE?=		${LIBPEDIR}/libpe.a
+LIBPE?=		${LIBPEDIR}/libpe${PIE_SUFFIX}.a

 LIBOPENBSDDIR=	${OBJTOP}/lib/libopenbsd
-LIBOPENBSD?=	${LIBOPENBSDDIR}/libopenbsd.a
+LIBOPENBSD?=	${LIBOPENBSDDIR}/libopenbsd${PIE_SUFFIX}.a

 LIBSMDIR=	${OBJTOP}/lib/libsm
-LIBSM?=		${LIBSMDIR}/libsm.a
+LIBSM?=		${LIBSMDIR}/libsm${PIE_SUFFIX}.a

 LIBSMDBDIR=	${OBJTOP}/lib/libsmdb
-LIBSMDB?=	${LIBSMDBDIR}/libsmdb.a
+LIBSMDB?=	${LIBSMDBDIR}/libsmdb${PIE_SUFFIX}.a

 LIBSMUTILDIR=	${OBJTOP}/lib/libsmutil
-LIBSMUTIL?=	${LIBSMUTILDIR}/libsmutil.a
+LIBSMUTIL?=	${LIBSMUTILDIR}/libsmutil${PIE_SUFFIX}.a

 LIBNETBSDDIR?=	${OBJTOP}/lib/libnetbsd
-LIBNETBSD?=	${LIBNETBSDDIR}/libnetbsd.a
+LIBNETBSD?=	${LIBNETBSDDIR}/libnetbsd${PIE_SUFFIX}.a

 LIBVERSDIR?=	${OBJTOP}/kerberos5/lib/libvers
-LIBVERS?=	${LIBVERSDIR}/libvers.a
+LIBVERS?=	${LIBVERSDIR}/libvers${PIE_SUFFIX}.a

 LIBSLDIR=	${OBJTOP}/kerberos5/lib/libsl
-LIBSL?=		${LIBSLDIR}/libsl.a
+LIBSL?=		${LIBSLDIR}/libsl${PIE_SUFFIX}.a

 LIBIPFDIR=	${OBJTOP}/sbin/ipf/libipf
-LIBIPF?=	${LIBIPFDIR}/libipf.a
+LIBIPF?=	${LIBIPFDIR}/libipf${PIE_SUFFIX}.a

 LIBTELNETDIR=	${OBJTOP}/lib/libtelnet
-LIBTELNET?=	${LIBTELNETDIR}/libtelnet.a
+LIBTELNET?=	${LIBTELNETDIR}/libtelnet${PIE_SUFFIX}.a

 LIBCRONDIR=	${OBJTOP}/usr.sbin/cron/lib
-LIBCRON?=	${LIBCRONDIR}/libcron.a
+LIBCRON?=	${LIBCRONDIR}/libcron${PIE_SUFFIX}.a

 LIBNTPDIR=	${OBJTOP}/usr.sbin/ntp/libntp
-LIBNTP?=	${LIBNTPDIR}/libntp.a
+LIBNTP?=	${LIBNTPDIR}/libntp${PIE_SUFFIX}.a

 LIBNTPEVENTDIR=	${OBJTOP}/usr.sbin/ntp/libntpevent
-LIBNTPEVENT?=	${LIBNTPEVENTDIR}/libntpevent.a
+LIBNTPEVENT?=	${LIBNTPEVENTDIR}/libntpevent${PIE_SUFFIX}.a

 LIBOPTSDIR=	${OBJTOP}/usr.sbin/ntp/libopts
-LIBOPTS?=	${LIBOPTSDIR}/libopts.a
+LIBOPTS?=	${LIBOPTSDIR}/libopts${PIE_SUFFIX}.a

 LIBPARSEDIR=	${OBJTOP}/usr.sbin/ntp/libparse
-LIBPARSE?=	${LIBPARSEDIR}/libparse.a
+LIBPARSE?=	${LIBPARSEDIR}/libparse${PIE_SUFFIX}.a

 LIBLPRDIR=	${OBJTOP}/usr.sbin/lpr/common_source
-LIBLPR?=	${LIBLPRDIR}/liblpr.a
+LIBLPR?=	${LIBLPRDIR}/liblpr${PIE_SUFFIX}.a

 LIBFIFOLOGDIR=	${OBJTOP}/usr.sbin/fifolog/lib
-LIBFIFOLOG?=	${LIBFIFOLOGDIR}/libfifolog.a
+LIBFIFOLOG?=	${LIBFIFOLOGDIR}/libfifolog${PIE_SUFFIX}.a

 LIBBSNMPTOOLSDIR=	${OBJTOP}/usr.sbin/bsnmpd/tools/libbsnmptools
-LIBBSNMPTOOLS?=	${LIBBSNMPTOOLSDIR}/libbsnmptools.a
+LIBBSNMPTOOLS?=	${LIBBSNMPTOOLSDIR}/libbsnmptools${PIE_SUFFIX}.a

 LIBAMUDIR=	${OBJTOP}/usr.sbin/amd/libamu
-LIBAMU?=	${LIBAMUDIR}/libamu.a
+LIBAMU?=	${LIBAMUDIR}/libamu${PIE_SUFFIX}.a

-LIBBE?=		${LIBBEDIR}/libbe.a
+LIBBE?=		${LIBBEDIR}/libbe${PIE_SUFFIX}.a

 LIBPMCSTATDIR=	${OBJTOP}/lib/libpmcstat
-LIBPMCSTAT?=	${LIBPMCSTATDIR}/libpmcstat.a
+LIBPMCSTAT?=	${LIBPMCSTATDIR}/libpmcstat${PIE_SUFFIX}.a

 LIBC_NOSSP_PICDIR=	${OBJTOP}/lib/libc
 LIBC_NOSSP_PIC?=	${LIBC_NOSSP_PICDIR}/libc_nossp_pic.a
--- a/stand/i386/Makefile.inc
+++ b/stand/i386/Makefile.inc
@ -7,6 +7,7 @@
 LOADER_ADDRESS?=0x200000
 LDFLAGS+=	-nostdlib
 LDFLAGS.lld+=	-Wl,--no-rosegment
+MK_PIE:=	no

 # BTX components
 BTXDIR=		${BOOTOBJ}/i386/btx
--- a/tools/build/options/WITHOUT_PIE
+++ b/tools/build/options/WITHOUT_PIE
@ -0,0 +1,3 @@
+.\" $FreeBSD$
+Do not build dynamically linked binaries as
+Position-Independent Executable (PIE).
--- a/tools/build/options/WITH_PIE
+++ b/tools/build/options/WITH_PIE
@ -0,0 +1,3 @@
+.\" $FreeBSD$
+Build dynamically linked binaries as
+Position-Independent Executable (PIE).
--- a/usr.bin/clang/Makefile.inc
+++ b/usr.bin/clang/Makefile.inc
@ -4,6 +4,8 @@ WARNS?=		0

 .include <bsd.compiler.mk>

+MK_PIE:=	no	# Explicit libXXX.a references
+
 .if ${COMPILER_TYPE} == "clang"
 DEBUG_FILES_CFLAGS= -gline-tables-only
 .else
--- a/usr.bin/svn/Makefile.inc
+++ b/usr.bin/svn/Makefile.inc
@ -2,6 +2,8 @@

 .include <src.opts.mk>

+MK_PIE:=	no	# Explicit libXXX.a references
+
 .if ${MK_SVN} == "yes"
 SVNLITE?=
 .else