From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 553DFC25B10 for ; Tue, 7 May 2024 00:05:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6E5AF6B0087; Mon, 6 May 2024 20:05:24 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 6955B6B0089; Mon, 6 May 2024 20:05:24 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 535956B008A; Mon, 6 May 2024 20:05:24 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 2FF506B0087 for ; Mon, 6 May 2024 20:05:24 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 7F768A14B6 for ; Tue, 7 May 2024 00:05:23 +0000 (UTC) X-FDA: 82089655326.10.2A7C6F2 Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by imf12.hostedemail.com (Postfix) with ESMTP id 9613140005 for ; Tue, 7 May 2024 00:05:20 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=fgjE3gCA; spf=pass (imf12.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1715040320; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KlvDANCVrZHWMQYFIBtkDUG6BaCteNwh6wwcOjijmC0=; b=XbR3VVAiprhYTE/tYjJv8PsLvCtO/EmIfuG2/wc4wsDSzhXYXctLt4rNcIzhQtfaNlXYfu JG823uTfSlfaLg1P0FWo4KwXMJOjdZVgFtpuM4BVfW0N9I2hzIZXtjNdGWBDsj/pyRz2FK sDAmXYbg40y7BU/OJ/mN2Y8/mFNNPh0= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=fgjE3gCA; spf=pass (imf12.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1715040320; a=rsa-sha256; cv=none; b=ui49OHIv5UbrCpGr3DqgLtQ2WtREXsboXpr1Xwu0cq/xWAoVafaU4idD8q5LHLlNHqhLJ6 gzLsU3JIkbZpe0ucIjlg2OBp0VcwpNm2KrQ1a358cfO+Szm8Whrzbrp3awjAj5hTry/+Qn 5FLdiaKsKjoJqyzaZwWhsl+J9Pj2cPo= Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-1e65a1370b7so23074665ad.3 for ; Mon, 06 May 2024 17:05:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1715040319; x=1715645119; darn=kvack.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=KlvDANCVrZHWMQYFIBtkDUG6BaCteNwh6wwcOjijmC0=; b=fgjE3gCAdUd/ZJxArP0iAY7dh7lqI2s1KpII34qVlEYVTJ4vasNbbH5wEKCCkTHLly nZjLBeGh5jH8jAYLl3zx+QMqpiKvCFy3zg+ZL1KQFfN6J+wQB3mYM0n4CAXps3Cz28WZ Nujb8LVMneshCgHRlcqKuDQJKAdnoUuZ5mLIQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715040319; x=1715645119; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KlvDANCVrZHWMQYFIBtkDUG6BaCteNwh6wwcOjijmC0=; b=Z7Pvb1twvKl0Oe4BuQmflsKfdlFhgzmTJmcEacNsckxdgP5l3+h8kjZSEXyJujgTVA /OJDa9wKq8qScMrdT3meQTvueWNWkoxORS8FFta1yTyQ7kf54hHgcI7/dux/OZXUB8sB Za4hv2q3fuhONe2a7SYdlpUBPque3aN7oy1GPImT6pC24Z8OhO3IiWiFtLsY4ly9LMzu Pc92dH2oAV0FVtbzmWGQq5/yg/y78itqxzvi66c9CbR1pje5fw64iq62mgI+5LhJBmHc GfWHfLUfIYuR/8U2UvogJDEC+PN5Mt5dZWurWo/V6P5GK32VruKlHQ/Q9Nt+pUpEpscH Q+Fw== X-Forwarded-Encrypted: i=1; AJvYcCW/n1leuTzuwAWmQ3ZXbC06h7m2yQGDDsEMhv1yto7//ZNbBsG9OFduMuE1rY93/2S37Ld3KD4ypM8kTg31UmM7Eo0= X-Gm-Message-State: AOJu0YydzVk3qH7qgsX4x83bi1J3GIqwHQjukgu5RXMyG1eZfMASqz6O E8ZVstw/u8UPR9Bqq6Fw1GiqhGXIcalLg5XD5I1+WVll/GgKWd0zPNjHNVOSRA== X-Google-Smtp-Source: AGHT+IFhCMIL115zdj8pY5gtzUEO5BqoE/SHP70FTQHqPl7M/NDkraWKJXcYOem7iaZCavnsw+unMA== X-Received: by 2002:a17:902:eb86:b0:1e4:a667:5528 with SMTP id q6-20020a170902eb8600b001e4a6675528mr16349817plg.3.1715040319219; Mon, 06 May 2024 17:05:19 -0700 (PDT) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id jz7-20020a170903430700b001eb17af8493sm8832219plb.184.2024.05.06.17.05.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 17:05:18 -0700 (PDT) Date: Mon, 6 May 2024 17:05:18 -0700 From: Kees Cook To: Fangrui Song Cc: Muhammad Usama Anjum , John Hubbard , Eric Biederman , Shuah Khan , Nathan Chancellor , Nick Desaulniers , Bill Wendling , Justin Stitt , Andrew Morton , Yang Yingliang , kernel@collabora.com, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: Re: [PATCH v2] selftests: exec: make binaries position independent Message-ID: <202405061704.DD3AF674@keescook> References: <20240416152831.3199999-1-usama.anjum@collabora.com> <202404161027.63F4D4FDEB@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Stat-Signature: un6fqgc8e9dw7wuia5zgx7i5sn8w9y4b X-Rspam-User: X-Rspamd-Queue-Id: 9613140005 X-Rspamd-Server: rspam05 X-HE-Tag: 1715040320-710112 X-HE-Meta: U2FsdGVkX1/YbkBuexADqtYSLlXiD9gu5819+rq1poUMnQvr2DJcm2vEZ1WzfQGMCS9QSeySYi/94khce/X4b/7HtRZ0mvsxWhmMPLXaHarw1PD+3GTWi4onQg9vVxwt9w3IWBLCDfXZjPEGjdRJMeuDOkJOEqmr6gRAHN6VNSg9BNzYhkF+LxIftP3MngcnYFXevi58JNLRCXVBYuHi5yovo0KBsWGKnCemFKauW9wO5reVZvy09oGZ0aIAfCO3+fLpSx/x3qNX7CBl/n20aewGu8kmTg3n40QZsZ43jSqQOiAEb4OzxHQ7aQUzveZFddsPEvURYL0CwGJS4kM++uBsJLF9AG8w0lhjm3ABhuMzSJh8aVlHxz62R7N4hPFuW5cumiv9JbKXD8/hqSBfcprTl5YWRQCXA/P4zpCneTU8/bE9nAIgmM9JqoqyAt9cxV75TANjOLikN5xFDzivcSLGmSDkEnY8GDaIvUeb79R2XSF5vLhgcXhLyVAN7gzC6R4uHg/65OCzc0I918hNgdBxHvCbbootVayBJrxFBceriezuFTqsgaaxuWGORPKXOKUeepeMRgQ3qpj+I4xBrqbtccryeVPLIt0F7KUIqmAhJc9jX6j2nwvm6LPTIioJrlAJTL7bg/nHg8R4LfVg1a/uJfRzL2iz+uS9oX7oo54h8iESn4HTexV2hb/wYdDlu4zfH0xZJ6uTqW6LhvIfmnx42QWwBKTMcUENZcut85gvZSZLlweetmc6CrlqteN0kcrMbxc9wwdL7AIwAfbWNjDIeWNkn9rzGCZ2vG2nusUjvRe3rjf1VhkbbInNG7XdFFxR1VCpahez24sIBhTtw0WAbsIku5LI73jZCXW+arl91klReruedAgI3EQjCW95/CxGdsVJ+0/lbhj+GM7hgb5aXV2pVfBJa1zzKf+g8LjjI1LrtESBoWyf5MG8wQKZ8epg1Qn38CIFSqeU9Hs 2CifklRS DpNRHYOXDG85C8FTZFbisf++5ZBVxV4zZLtCYxaBW3qFfKtSt8YJ25MNLPK9yBZ2E53eKoEu0KhvuZGAlgduT6XFaYJsd9Ek1kt6fZErvkUR4T73Mmo4zOCw2E7fpCgeVDUWG66DEOWt6/YOGCGUl5R1zQhH+9H06KgcoGE00tPzDtvI+2Q5jZx7WrjT/g3UjKKySTg6X/EKliaOixLCBW4pQ7vO3GWXz2zce5u7JqbEOC/I/qwVNgQn+sXw7MCury4IF/sWYw9mfg3Pok621LI9xcRTp8AdQlEk/J2Agn+OitvhUhz3arH2owLjh+jrTYR0fOTPFRQfmgnGt5P09rr4SGS1eRL11X9v82OwRcn23q6oemJDrIZcpgulAqPmFT7tl3y+Y5rvKYCnJfGwBNoFir5hzlsb9XaPppSgVuliFlbiofgrxn21X0s2tfgt9+FbrYCqSe5WEH1I7XcHHGjSeffMvjv0K0T//PNu1CO0Kfh8kJKRnwAgDhoFuIqLxxaVVvZ/Fn3oiuc+CAuCdqbuUlmNLCQDoQW4l8UergoQr+zHUCtEeBy1R8hK/anq8J1QXEJHBsymiLRbEhVmdkjYjldxzuqLCSvHK X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, May 06, 2024 at 04:30:27PM -0700, Fangrui Song wrote: > On Tue, Apr 16, 2024 at 10:28 AM Kees Cook wrote: > > > > On Tue, Apr 16, 2024 at 08:28:29PM +0500, Muhammad Usama Anjum wrote: > > > The -static overrides the -pie and binaries aren't position independent > > > anymore. Use -static-pie instead which would produce a static and > > > position independent binary. This has been caught by clang's warnings: > > > > > > clang: warning: argument unused during compilation: '-pie' > > > [-Wunused-command-line-argument] > > > > > > Tested with both gcc and clang after this change. > > > > > > Fixes: 4d1cd3b2c5c1 ("tools/testing/selftests/exec: fix link error") > > > Signed-off-by: Muhammad Usama Anjum > > > > Thanks for this! > > > > Reviewed-by: Kees Cook > > > > -- > > Kees Cook > > GCC versions before 8.1 do not support -static-pie, > while https://www.kernel.org/doc/html/next/process/changes.html says > the minimal version is GCC 5.1. > Is this a problem? > > If not, and CFLAGS is guaranteed to include -fpie/-fpic/-fPIE/-fPIC > (PIC), using -static-pie looks good to me. Should we use this alternative, which may be more portable? https://lore.kernel.org/all/20240504022301.35250-1-jhubbard@nvidia.com/ -Kees -- Kees Cook