From 6ee9321bd8c1b1faeac45086508b8357ec60dcf1 Mon Sep 17 00:00:00 2001 From: wenshelx Date: Thu, 6 Sep 2018 10:14:48 +0800 Subject: [PATCH] security: Enable '-fpie -pie' options To be sure acrn debug tools are position independent and executable. Tracked-On: #1122 Signed-off-by: wenshelx Acked-by: CHEN Gang Acked-by: Geoffroy Van Cutsem --- tools/acrn-crashlog/Makefile | 3 +++ tools/acrn-crashlog/usercrash/Makefile | 6 +++--- tools/acrnlog/Makefile | 4 +++- tools/acrntrace/Makefile | 4 +++- 4 files changed, 12 insertions(+), 5 deletions(-) diff --git a/tools/acrn-crashlog/Makefile b/tools/acrn-crashlog/Makefile index 83e7bc454..5c9a96370 100644 --- a/tools/acrn-crashlog/Makefile +++ b/tools/acrn-crashlog/Makefile @@ -14,6 +14,8 @@ CFLAGS += -m64 -D_GNU_SOURCE ifeq ($(RELEASE),0) CFLAGS += -DDEBUG_ACRN_CRASHLOG endif +CFLAGS += -fpie +LDFLAGS += -pie INCLUDE := -I $(BASEDIR)/common/include export INCLUDE export BUILDDIR @@ -43,6 +45,7 @@ ifeq ($(strip $(LIB_EXIST)),ltelemetry) EXTRA_LIBS += -ltelemetry endif export CFLAGS +export LDFLAGS export EXTRA_LIBS .PHONY:all diff --git a/tools/acrn-crashlog/usercrash/Makefile b/tools/acrn-crashlog/usercrash/Makefile index 340aff9ee..836c21176 100644 --- a/tools/acrn-crashlog/usercrash/Makefile +++ b/tools/acrn-crashlog/usercrash/Makefile @@ -15,7 +15,7 @@ LIBS = -levent -lpthread $(EXTRA_LIBS) usercrash_s: $(BUILDDIR)/usercrash/obj/protocol.o \ $(BUILDDIR)/usercrash/obj/server.o \ $(BUILDDIR)/common/obj/log_sys.o - $(CC) -g $(CFLAGS) $(INCLUDE) $^ -o $(BUILDDIR)/usercrash/bin/$@ $(LIBS) + $(CC) -g $(CFLAGS) $(INCLUDE) $^ -o $(BUILDDIR)/usercrash/bin/$@ $(LIBS) $(LDFLAGS) usercrash_c: $(BUILDDIR)/usercrash/obj/protocol.o \ $(BUILDDIR)/usercrash/obj/client.o \ @@ -24,7 +24,7 @@ usercrash_c: $(BUILDDIR)/usercrash/obj/protocol.o \ $(BUILDDIR)/common/obj/cmdutils.o \ $(BUILDDIR)/common/obj/fsutils.o \ $(BUILDDIR)/common/obj/strutils.o - $(CC) -g $(CFLAGS) $(INCLUDE) $^ -o $(BUILDDIR)/usercrash/bin/$@ $(LIBS) + $(CC) -g $(CFLAGS) $(INCLUDE) $^ -o $(BUILDDIR)/usercrash/bin/$@ $(LIBS) $(LDFLAGS) debugger: $(BUILDDIR)/usercrash/obj/debugger.o \ $(BUILDDIR)/usercrash/obj/crash_dump.o \ @@ -32,7 +32,7 @@ debugger: $(BUILDDIR)/usercrash/obj/debugger.o \ $(BUILDDIR)/common/obj/cmdutils.o \ $(BUILDDIR)/common/obj/fsutils.o \ $(BUILDDIR)/common/obj/strutils.o - $(CC) -g $(CFLAGS) $(INCLUDE) $^ -o $(BUILDDIR)/usercrash/bin/$@ $(LIBS) + $(CC) -g $(CFLAGS) $(INCLUDE) $^ -o $(BUILDDIR)/usercrash/bin/$@ $(LIBS) $(LDFLAGS) $(BUILDDIR)/usercrash/obj/%.o:%.c $(CC) $(CFLAGS) $(INCLUDE) -o $@ -c $< diff --git a/tools/acrnlog/Makefile b/tools/acrnlog/Makefile index ee47cc189..2a1abe06a 100644 --- a/tools/acrnlog/Makefile +++ b/tools/acrnlog/Makefile @@ -1,8 +1,10 @@ OUT_DIR ?= . +CFLAGS += -fpie +LDFLAGS += -pie all: - $(CC) -g acrnlog.c -o $(OUT_DIR)/acrnlog -lpthread + $(CC) -g acrnlog.c -o $(OUT_DIR)/acrnlog -lpthread $(CFLAGS) $(LDFLAGS) cp acrnlog.service $(OUT_DIR)/acrnlog.service clean: diff --git a/tools/acrntrace/Makefile b/tools/acrntrace/Makefile index a1e61617e..d3fe142a2 100644 --- a/tools/acrntrace/Makefile +++ b/tools/acrntrace/Makefile @@ -1,8 +1,10 @@ OUT_DIR ?= . +CFLAGS += -fpie +LDFLAGS += -pie all: - $(CC) -o $(OUT_DIR)/acrntrace acrntrace.c sbuf.c -I. -lpthread -lrt + $(CC) -o $(OUT_DIR)/acrntrace acrntrace.c sbuf.c -I. -lpthread -lrt $(CFLAGS) $(LDFLAGS) clean: rm -f $(OUT_DIR)/acrntrace