x86: enable PIE for dynamically linked executables
Compile all x86 programs on Android with -fPIE and -pie. This enables
PIE (Position Independent Executables), which helps protect Android
applications from exploitation due to memory management bugs.
Note 1: PIE *static* executables are not supported at this time and
require additional linker changes.
Note 2: This change compliments 026a85b129,
which was the exact same change, except for ARM.
Testing: Rebuilt the tree completely from scratch, and verified
that the system boots and basic functionality works in the emulator.
Change-Id: I990064c37da3d857e663b27f31fee05f689a2824
This commit is contained in:
Nick Kralevich
@@ -73,7 +73,7 @@ TARGET_GLOBAL_CFLAGS += \
|
|||||||
-Wa,--noexecstack \
|
-Wa,--noexecstack \
|
||||||
-Werror=format-security \
|
-Werror=format-security \
|
||||||
-Wstrict-aliasing=2 \
|
-Wstrict-aliasing=2 \
|
||||||
-fPIC \
|
-fPIC -fPIE \
|
||||||
-ffunction-sections \
|
-ffunction-sections \
|
||||||
-finline-functions \
|
-finline-functions \
|
||||||
-finline-limit=300 \
|
-finline-limit=300 \
|
||||||
@@ -158,6 +158,7 @@ $(hide) $(PRIVATE_CXX) \
|
|||||||
-nostdlib -Bdynamic \
|
-nostdlib -Bdynamic \
|
||||||
-Wl,-dynamic-linker,/system/bin/linker \
|
-Wl,-dynamic-linker,/system/bin/linker \
|
||||||
-Wl,-z,nocopyreloc \
|
-Wl,-z,nocopyreloc \
|
||||||
|
-fPIE -pie \
|
||||||
-o $@ \
|
-o $@ \
|
||||||
$(TARGET_GLOBAL_LD_DIRS) \
|
$(TARGET_GLOBAL_LD_DIRS) \
|
||||||
-Wl,-rpath-link=$(TARGET_OUT_INTERMEDIATE_LIBRARIES) \
|
-Wl,-rpath-link=$(TARGET_OUT_INTERMEDIATE_LIBRARIES) \
|
||||||
|
|||||||
Reference in New Issue
Block a user