x86: enable PIE for dynamically linked executables
Compile all x86 programs on Android with -fPIE and -pie. This enables
PIE (Position Independent Executables), which helps protect Android
applications from exploitation due to memory management bugs.
Note 1: PIE *static* executables are not supported at this time and
require additional linker changes.
Note 2: This change compliments 026a85b129,
which was the exact same change, except for ARM.
Testing: Rebuilt the tree completely from scratch, and verified
that the system boots and basic functionality works in the emulator.
Change-Id: I990064c37da3d857e663b27f31fee05f689a2824
This commit is contained in:
Nick Kralevich
@@ -73,7 +73,7 @@ TARGET_GLOBAL_CFLAGS += \
|
||||
-Wa,--noexecstack \
|
||||
-Werror=format-security \
|
||||
-Wstrict-aliasing=2 \
|
||||
-fPIC \
|
||||
-fPIC -fPIE \
|
||||
-ffunction-sections \
|
||||
-finline-functions \
|
||||
-finline-limit=300 \
|
||||
@@ -158,6 +158,7 @@ $(hide) $(PRIVATE_CXX) \
|
||||
-nostdlib -Bdynamic \
|
||||
-Wl,-dynamic-linker,/system/bin/linker \
|
||||
-Wl,-z,nocopyreloc \
|
||||
-fPIE -pie \
|
||||
-o $@ \
|
||||
$(TARGET_GLOBAL_LD_DIRS) \
|
||||
-Wl,-rpath-link=$(TARGET_OUT_INTERMEDIATE_LIBRARIES) \
|
||||
|
||||
Reference in New Issue
Block a user