33a9dab77f
Building binaries as PIE allows the executable itself to be loaded at a random address when ASLR is enabled (not just its shared libraries). With this change PIE objects have a .pieo extension and INTERNALLIB libraries libXXX_pie.a. MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as they explicitly reference .a libraries in their Makefiles. These can be addressed on an individual basis later. MK_PIE is also disabled for rtld-elf because it is already position-independent using bespoke Makefile rules. Currently only dynamically linked binaries will be built as PIE. Discussed with: dim Reviewed by: kib MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D18423
43 lines
1016 B
Makefile
43 lines
1016 B
Makefile
# Common defines for all of stand/i386/
|
|
#
|
|
# $FreeBSD$
|
|
|
|
.include "bsd.linker.mk"
|
|
|
|
LOADER_ADDRESS?=0x200000
|
|
LDFLAGS+= -nostdlib
|
|
LDFLAGS.lld+= -Wl,--no-rosegment
|
|
MK_PIE:= no
|
|
|
|
# BTX components
|
|
BTXDIR= ${BOOTOBJ}/i386/btx
|
|
BTXLDR= ${BTXDIR}/btxldr/btxldr
|
|
BTXKERN= ${BTXDIR}/btx/btx
|
|
BTXCRT= ${BTXDIR}/lib/crt0.o
|
|
|
|
BTXSRC= ${BOOTSRC}/i386/btx
|
|
BTXLIB= ${BTXSRC}/lib
|
|
|
|
CFLAGS+= -I${BTXLIB}
|
|
|
|
# compact binary with no padding between text, data, bss
|
|
LDSCRIPT= ${BOOTSRC}/i386/boot.ldscript
|
|
# LDFLAGS_BIN=-e start -Ttext ${ORG} -Wl,-T,${LDSCRIPT},-S,--oformat,binary
|
|
# LD_FLAGS_BIN=-static -T ${LDSCRIPT} --gc-sections
|
|
LDFLAGS_BIN=-e start -Ttext ${ORG} -Wl,-N,-S,--oformat,binary
|
|
.if ${LINKER_FEATURES:Mbuild-id} != ""
|
|
LDFLAGS_BIN+=-Wl,--build-id=none
|
|
.endif
|
|
LD_FLAGS_BIN=-static -N --gc-sections
|
|
|
|
.if ${MACHINE_CPUARCH} == "amd64"
|
|
DO32=1
|
|
.endif
|
|
|
|
.if defined(LOADER_FIREWIRE_SUPPORT)
|
|
MK_LOADER_FIREWIRE=yes
|
|
.warning "LOADER_FIREWIRE_SUPPORT deprecated, please move to WITH_LOADER_FIREWIRE"
|
|
.endif
|
|
|
|
.include "../Makefile.inc"
|