Google Git
Sign in
fuchsia / third_party / qemu / 40d6444e91c6ab17e5e8ab01d4eece90cbc4afed
commit40d6444e91c6ab17e5e8ab01d4eece90cbc4afed[log] [tgz]
authorAvi Kivity <avi@redhat.com>Tue Nov 15 20:12:17 2011 +0200
committerAnthony Liguori <aliguori@us.ibm.com>Mon Nov 21 15:05:59 2011 -0600
tree12bdf76893cd40f7c552a8a27348164bc788f4f9
parentff51a738cf487811a7890d5292c38bc30eb54e45 [diff]
configure: build position independent executables on x86-Linux hosts

Change the default on x86 Linux hosts to building PIE (position
independent executables); instead of restricting the option to
user-only targets, apply it to all targets.

In addition, set the relocation sections to read-only (relro) when
available; this reduces the attack surface by disallowing changes to
relocation tables at runtime.

While PIE reduces performance and relro increases load time, it
greatly improves security, with the potential to reduce a code
execution vulnerability to a self denial of service.

Non-x86 are not changed, as they require TCG changes; neither are
non-Linux, due to lack of test coverage.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
1 file changed
tree: 12bdf76893cd40f7c552a8a27348164bc788f4f9
  1. audio/
  2. block/
  3. bsd-user/
  4. darwin-user/
  5. default-configs/
  6. docs/
  7. fpu/
  8. fsdev/
  9. gdb-xml/
  10. hw/
  11. libcacard/
  12. linux-headers/
  13. linux-user/
  14. net/
  15. pc-bios/
  16. qapi/
  17. qga/
  18. QMP/
  19. roms/
  20. scripts/
  21. slirp/
  22. sysconfigs/
  23. target-alpha/
  24. target-arm/
  25. target-cris/
  26. target-i386/
  27. target-lm32/
  28. target-m68k/
  29. target-microblaze/
  30. target-mips/
  31. target-ppc/
  32. target-s390x/
  33. target-sh4/
  34. target-sparc/
  35. target-unicore32/
  36. target-xtensa/
  37. tcg/
  38. tests/
  39. trace/
  40. ui/
  41. .gitignore
  42. .gitmodules
  43. a.out.h
  44. acl.c
  45. acl.h
  46. aes.c
  47. aes.h
  48. aio.c
  49. alpha-dis.c
  50. alpha.ld
  51. arch_init.c
  52. arch_init.h
  53. arm-dis.c
  54. arm-semi.c
  55. arm.ld
  56. async.c
  57. balloon.c
  58. balloon.h
  59. bitmap.c
  60. bitmap.h
  61. bitops.c
  62. bitops.h
  63. block-migration.c
  64. block-migration.h
  65. block.c
  66. block.h
  67. block_int.h
  68. blockdev.c
  69. blockdev.h
  70. bswap.h
  71. bt-host.c
  72. bt-host.h
  73. bt-vhci.c
  74. buffered_file.c
  75. buffered_file.h
  76. cache-utils.c
  77. cache-utils.h
  78. Changelog
  79. check-qdict.c
  80. check-qfloat.c
  81. check-qint.c
  82. check-qjson.c
  83. check-qlist.c
  84. check-qstring.c
  85. cmd.c
  86. cmd.h
  87. CODING_STYLE
  88. compatfd.c
  89. compatfd.h
  90. compiler.h
  91. config.h
  92. configure
  93. console.c
  94. console.h
  95. COPYING
  96. COPYING.LIB
  97. coroutine-gthread.c
  98. coroutine-ucontext.c
  99. coroutine-win32.c
  100. cpu-all.h
  101. cpu-common.h
  102. cpu-defs.h
  103. cpu-exec.c
  104. cpus.c
  105. cpus.h
  106. cris-dis.c
  107. cursor.c
  108. cursor_hidden.xpm
  109. cursor_left_ptr.xpm
  110. cutils.c
  111. def-helper.h
  112. device_tree.c
  113. device_tree.h
  114. dis-asm.h
  115. disas.c
  116. disas.h
  117. dma-helpers.c
  118. dma.h
  119. dyngen-exec.h
  120. elf.h
  121. envlist.c
  122. envlist.h
  123. error.c
  124. error.h
  125. error_int.h
  126. event_notifier.c
  127. event_notifier.h
  128. exec-all.h
  129. exec-memory.h
  130. exec.c
  131. gdbstub.c
  132. gdbstub.h
  133. gen-icount.h
  134. HACKING
  135. hmp-commands.hx
  136. hmp.c
  137. hmp.h
  138. host-utils.c
  139. host-utils.h
  140. hppa-dis.c
  141. hppa.ld
  142. i386-dis.c
  143. i386.ld
  144. ia64-dis.c
  145. ia64.ld
  146. input.c
  147. int128.h
  148. iohandler.c
  149. ioport-user.c
  150. ioport.c
  151. ioport.h
  152. iorange.h
  153. iov.c
  154. iov.h
  155. json-lexer.c
  156. json-lexer.h
  157. json-parser.c
  158. json-parser.h
  159. json-streamer.c
  160. json-streamer.h
  161. kvm-all.c
  162. kvm-stub.c
  163. kvm.h
  164. libfdt_env.h
  165. LICENSE
  166. linux-aio.c
  167. m68k-dis.c
  168. m68k-semi.c
  169. m68k.ld
  170. main-loop.c
  171. main-loop.h
  172. MAINTAINERS
  173. Makefile
  174. Makefile.dis
  175. Makefile.hw
  176. Makefile.objs
  177. Makefile.target
  178. Makefile.user
  179. memory.c
  180. memory.h
  181. microblaze-dis.c
  182. migration-exec.c
  183. migration-fd.c
  184. migration-tcp.c
  185. migration-unix.c
  186. migration.c
  187. migration.h
  188. mips-dis.c
  189. mips.ld
  190. module.c
  191. module.h
  192. monitor.c
  193. monitor.h
  194. nbd.c
  195. nbd.h
  196. net.c
  197. net.h
  198. notify.c
  199. notify.h
  200. os-posix.c
  201. os-win32.c
  202. osdep.c
  203. osdep.h
  204. oslib-posix.c
  205. oslib-win32.c
  206. path.c
  207. pci-ids.txt
  208. pflib.c
  209. pflib.h
  210. poison.h
  211. posix-aio-compat.c
  212. ppc-dis.c
  213. ppc.ld
  214. ppc64.ld
  215. qapi-schema-guest.json
  216. qapi-schema-test.json
  217. qapi-schema.json
  218. qbool.c
  219. qbool.h
  220. qdict-test-data.txt
  221. qdict.c
  222. qdict.h
  223. qemu-aio.h
  224. qemu-barrier.h
  225. qemu-char.c
  226. qemu-char.h
  227. qemu-common.h
  228. qemu-config.c
  229. qemu-config.h
  230. qemu-coroutine-int.h
  231. qemu-coroutine-lock.c
  232. qemu-coroutine.c
  233. qemu-coroutine.h
  234. qemu-doc.texi
  235. qemu-error.c
  236. qemu-error.h
  237. qemu-ga.c
  238. qemu-img-cmds.hx
  239. qemu-img.c
  240. qemu-img.texi
  241. qemu-io.c
  242. qemu-lock.h
  243. qemu-log.h
  244. qemu-nbd.c
  245. qemu-nbd.texi
  246. qemu-objects.h
  247. qemu-option.c
  248. qemu-option.h
  249. qemu-options.h
  250. qemu-options.hx
  251. qemu-os-posix.h
  252. qemu-os-win32.h
  253. qemu-progress.c
  254. qemu-queue.h
  255. qemu-sockets.c
  256. qemu-tech.texi
  257. qemu-thread-posix.c
  258. qemu-thread-posix.h
  259. qemu-thread-win32.c
  260. qemu-thread-win32.h
  261. qemu-thread.h
  262. qemu-timer-common.c
  263. qemu-timer.c
  264. qemu-timer.h
  265. qemu-tls.h
  266. qemu-tool.c
  267. qemu-x509.h
  268. qemu-xattr.h
  269. qemu.sasl
  270. qemu_socket.h
  271. qerror.c
  272. qerror.h
  273. qfloat.c
  274. qfloat.h
  275. qint.c
  276. qint.h
  277. qjson.c
  278. qjson.h
  279. qlist.c
  280. qlist.h
  281. qmp-commands.hx
  282. qmp.c
  283. qobject.h
  284. qstring.c
  285. qstring.h
  286. range.h
  287. readline.c
  288. readline.h
  289. README
  290. rules.mak
  291. s390-dis.c
  292. s390.ld
  293. savevm.c
  294. sh4-dis.c
  295. softmmu-semi.h
  296. softmmu_defs.h
  297. softmmu_exec.h
  298. softmmu_header.h
  299. softmmu_template.h
  300. sparc-dis.c
  301. sparc.ld
  302. sparc64.ld
  303. spice-qemu-char.c
  304. sysemu.h
  305. targphys.h
  306. tcg-runtime.c
  307. tci-dis.c
  308. tci.c
  309. test-coroutine.c
  310. test-qmp-commands.c
  311. test-visitor.c
  312. thunk.c
  313. thunk.h
  314. TODO
  315. trace-events
  316. translate-all.c
  317. uboot_image.h
  318. usb-bsd.c
  319. usb-linux.c
  320. usb-redir.c
  321. usb-stub.c
  322. user-exec.c
  323. VERSION
  324. version.rc
  325. vgafont.h
  326. vl.c
  327. x86_64.ld
  328. xen-all.c
  329. xen-mapcache.c
  330. xen-mapcache.h
  331. xen-stub.c
  332. xtensa-semi.c