This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: -static-pie and -static -pie

On Fri, Feb 02, 2018 at 11:33:22AM +0000, Szabolcs Nagy wrote:
> On 31/01/18 15:44, Cory Fields wrote:
> >After looking at this for quite a while, I'm afraid I'm unsure how to proceed.
> >
> >As of now, static and static-pie are mutually exclusive. So given the
> >GNU_USER_TARGET_STARTFILE_SPEC you pasted
> >earlier, "static" matches before "static-pie", causing the wrong start files.
> >
> >It seems to me that the static-pie target complicates things more than
> >matching against static+pie individually.
> >
> >If I convert -static + -pie to -static-pie, then "static" won't be
> >matched in specs, where maybe it otherwise should. Same for -pie.
> >
> 
> you can change PIE_SPEC to pie|static-pie
> and occurrences of static to static|static-pie
> (and !static: to !static:%{!static-pie: etc.),
> except where it is used to mean "no-pie static",
> those should be changed to PIE_SPEC:;static:
> (and i think --no-dynamic-linker should always
> be passed to ld in LD_PIE_SPEC for static pie,
> not just on linux systems and selected targets.)
> 
> then there should be no difference between -static -pie
> and -static-pie. (and the new -static-pie flag would
> be redundant.)
> 
> this would e.g. break static linking with default pie
> toolchain on systems where the static libc is not pie
> or missing the rcrt startup file after upgrading to gcc-8.
> i'm not sure if this is a good enough reason to introduce
> the -static-pie mess, however if we don't want to break
> any previously working configuration then -static-pie has
> to be different from -static -pie.

Ideally, ld would have an "opportunistic pie" option to link as pie
whenever the input files are all pic, and fallback to non-pie if any
pic-incompatible (would-be-textrels) objects are present. However this
is architecturally complex to support because ld would have to know
about switching between versions of crt1.

In practice, I think users on musl-based systems like Alpine with
default-pie will want -static to continue to produce static pie by
default; this is what Alpine is doing now with their gcc package. I
think the idea is that, since the toolchain produces pie by default,
all static libraries will end up being pie anyway.

If you have an ecosystem of old and new static libraries from
different toolchains, though, that might not be a safe assumption.

Also note that libtool and various other software may interpret
-static and may not expect to be static linking when only -static-pie
but not -static appears in LDFLAGS.

I think reasonable course of action is:

1. -static-pie can always request linking as static pie. It should be
   compatible with having -static on the command line too so as not to
   break build systems that are aware of and look for -static (in
   which case the user building might need to add both options).

2. Behavior of -static with -pie (including default pie) should be
   configurable via something like --enable-default-static-pie. This
   way distros that have been using -static -pie to get static pie can
   keep doing so without patching their GCCs, and distros that need a
   more conservative behavior can have that.

Thoughts? Even if you don't want to do #2 as-is, I think an effort
should be made not to break things so that it's hard for distros to
preserve the ability of -static to work (successfully build static
pie) on default-pie toolchains.

Rich
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]