[PATCH] purgatory: force PIC/PIE/SSP off
Laurent Dufour
ldufour at linux.vnet.ibm.com
Thu Apr 16 00:30:15 PDT 2015
On 16/04/2015 07:15, Mike Frysinger wrote:
> From: Mike Frysinger <vapier at chromium.org>
>
> If the toolchain has these things turned on automatically, then the
> purgatory code might be miscompiled leading to runtime errors like:
> Unhandled rela relocation: R_X86_64_GOTPC64
>
> It might look like the problem is with the kernel when in reality,
> kexec is complaining about the purgatory module. Force off harden
> features that don't make sense in kernel space.
>
> Signed-off-by: Mike Frysinger <vapier at chromium.org>
> ---
> purgatory/Makefile | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/purgatory/Makefile b/purgatory/Makefile
> index 2d6b2c0..2b5c061 100644
> --- a/purgatory/Makefile
> +++ b/purgatory/Makefile
> @@ -49,7 +49,8 @@ $(PURGATORY): CC=$(TARGET_CC)
> $(PURGATORY): CFLAGS+=$(PURGATORY_EXTRA_CFLAGS) \
> $($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
> -Os -fno-builtin -ffreestanding \
> - -fno-zero-initialized-in-bss
> + -fno-zero-initialized-in-bss \
> + -fno-PIC -fno-PIE -fno-stack-protector
Some architectures (ppc64 and s390) are already setting
-fno-stack-protector in purgatory/arch/x/Makefile through
x_PURGATORY_EXTRA_CFLAGS.
It would be cleaner to remove those per architecture settings if you set
it globally.
Cheers,
Laurent.
More information about the kexec
mailing list