Hi Markus, 2016-09-11 22:46 GMT+02:00 Markus Wanner <mar...@bluegap.ch>: > Control: tags -1 +moreinfo > > On 11.09.2016 20:11, Balint Reczey wrote: >> During a rebuild of all packages in sid, several packages >> failed to build on amd64 with patched GCC and dpkg. The root >> cause seems to be that libSimGearCore.a is shipped as a non-PIC library. > > I think that matches the current policy (10.2 Libraries: "therefore the > static version must not be compiled with the -fPIC flag"). I'm hesitant > to violate that policy, even if I generally welcome the move to PIE.
The policy is a bit more permissive :-): --- As to the static libraries, the common case is not to have relocatable code, since there is no benefit, unless in specific cases; therefore the static version must not be compiled with the -fPIC flag. Any exception to this rule should be discussed on the mailing list debian-de...@lists.debian.org, and the reasons for compiling with the -fPIC flag must be recorded in the file README.Debian. [86] --- I have filed a bug to change the Policy: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837478 Even if the policy is not changed simgear's situation is special in that regard since it does not provide shared libs, just static ones thus shipping something with PIC can be done only in the static lib. In case the policy can't be changed I'll raise all static - PIC issues on debian-devel in one shot for discussion thus enabling PIC static libs won't violate it. > > Also note that simgear well respects DEB_BUILD_MAINT_OPTIONS via > dpkg-buildflags. A simgear compiled with DEB_BUILD_MAINT_OPTIONS > including hardening=+pie will generate a PIE-enabled library. That in > turn allows compiling fgrun with the same options, leading to a > PIE-enabled executable. > >> The rebuild tested if packages are ready for a transition >> enabling PIE and bindnow for amd64. > > Are you sure this tested against a re-built simgear? You are absolutely right. I intentionally tested with not rebuilt build-dependencies to catch such issues. Rebuilding simgear with modified GCC would make the static library PIC and this is what is happening in Ubuntu. OTOH this does not help enabling PIE in fgrun on architectures where PIE won't be the default and would also violate the policy :-). Cheers, Balint
