Re: "PIE by default" transition is underway -- wiki needs updating
On Wed, Oct 26, 2016 at 05:37:06AM +0200, Adam Borowski wrote:
> On Wed, Oct 26, 2016 at 12:37:18AM +0200, Andreas Cadhalpun wrote:
> > The current policy says:
> > "As to the static libraries, the common case is not to have relocatable code"
> >
> > As of gcc-6 version 6.2.0-7 this is factually wrong, because the compiler
> > enables PIE by default, which means it produces relocatable code.
> > This should definitely be updated to reflect reality.
>
> It's not that simple. The compiler enables PIE by default only:
> * if you use "gcc" or "gcc-6". gcc-5, clang, even gcc-snapshot still
> default to non-PIE.
The intention is that gcc-6 will be the only gcc version in stretch.
> * on most first-class (release) architectures: amd64 arm64 armel armhf i386
> mips mipsel mips64el ppc64el s390x. This leaves out powerpc.
> * on none of second-class architectures: alpha hppa hurd-i386
> kfreebsd-{amd64,i386} m68k powerpcspe ppc64 sh4 sparc64 x32
> * on none of unofficial architectures
>
> Points 2-4 mean you need to bear with extra joy of supporting both variants
> on different archs.
As maintainer of an average package, it shouldn't make any difference
for you.
In these special cases where it does, you might often already pass
-fno-pie on all architectures now.
> So while indeed the current wording of the policy is wrong, the reality is
> currently... complicated.
>...
The "must not be compiled with the `-fPIC' flag" unless there is an
exceptional case is still true.
So only a slight update in the wording is required regarding PIE.
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
Reply to: