Static PIE binaries are basically what they say on the tin, a position independant executible that is also statically linked. These binaries are noteworthy because they can be loaded by the ELF fdpic binfmt loader from the Linux Kernel on No-MMU systems, but are truly standalone because they do not require a dynamic linker to function. (They also load just fine via the regular ELF binfmt on MMU Linux too, so they are maximally portable).
It would be nice if simply passing both `-static` and `-pie` to gcc at the same time worked to create such a binary, but as it stands whichever is passed later is the one which actually takes affect and instead the dedicated option `-static-pie` is needed. This unfortunate complexity is reflected in the conditions needed in Makefile.flags, but to the user the two options are now just presented orthogonally and can be selected independantly removing the previous `depends on !STATIC` for `config PIE`. Signed-off-by: Charles Mirabile <[email protected]> --- Config.in | 1 - Makefile.flags | 10 +++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/Config.in b/Config.in index 6b925b517..8955ed37a 100644 --- a/Config.in +++ b/Config.in @@ -390,7 +390,6 @@ config STATIC config PIE bool "Build position independent executable" default n - depends on !STATIC help Hardened code option. PIE binaries are loaded at a different address at each invocation. This has some overhead, diff --git a/Makefile.flags b/Makefile.flags index 97cb4dca2..64b2b2bcf 100644 --- a/Makefile.flags +++ b/Makefile.flags @@ -108,6 +108,7 @@ endif ARCH_FPIC ?= -fpic ARCH_FPIE ?= -fpie ARCH_PIE ?= -pie +ARCH_SPIE ?= -static-pie # Usage: $(eval $(call pkg_check_modules,VARIABLE-PREFIX,MODULES)) define pkg_check_modules @@ -125,13 +126,20 @@ CFLAGS += $(call cc-option,-fvisibility=hidden) endif ifeq ($(CONFIG_STATIC),y) -CFLAGS_busybox += -static PKG_CONFIG_FLAGS += --static endif ifeq ($(CONFIG_PIE),y) +ifeq ($(CONFIG_STATIC),y) +CFLAGS_busybox += $(ARCH_SPIE) +else CFLAGS_busybox += $(ARCH_PIE) +endif CFLAGS += $(ARCH_FPIE) +else +ifeq ($(CONFIG_STATIC),y) +CFLAGS_busybox += -static +endif endif ifneq ($(CONFIG_EXTRA_CFLAGS),) -- 2.53.0 _______________________________________________ busybox mailing list [email protected] https://lists.busybox.net/mailman/listinfo/busybox
