33a9dab77f
Building binaries as PIE allows the executable itself to be loaded at a random address when ASLR is enabled (not just its shared libraries). With this change PIE objects have a .pieo extension and INTERNALLIB libraries libXXX_pie.a. MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as they explicitly reference .a libraries in their Makefiles. These can be addressed on an individual basis later. MK_PIE is also disabled for rtld-elf because it is already position-independent using bespoke Makefile rules. Currently only dynamically linked binaries will be built as PIE. Discussed with: dim Reviewed by: kib MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D18423
12 lines
193 B
Makefile
12 lines
193 B
Makefile
# $FreeBSD$
|
|
|
|
.include <bsd.compiler.mk>
|
|
|
|
MK_PIE:= no # Explicit libXXX.a references
|
|
|
|
.if ${COMPILER_TYPE} == "clang"
|
|
DEBUG_FILES_CFLAGS= -gline-tables-only
|
|
.else
|
|
DEBUG_FILES_CFLAGS= -g1
|
|
.endif
|