Harden_all_packages_with_position-independent_code + guile modules
Petr Pisar
ppisar at redhat.com
Thu Mar 12 13:45:09 UTC 2015
On 2015-03-12, Nikos Mavrogiannopoulos <nmav at redhat.com> wrote:
> In rawhide building the gnutls guile bindings fails, and that's related
> to the new hardening flags being enabled with [0]. The failure is quite
> peculiar since the loading of a dynamic module fails [1] which already
> is position independent.
[...]
>
> [1]. https://bugzilla.redhat.com/show_bug.cgi?id=1196556
>
The test-suite.log reads "file not found" which is far from "loading DSO
failed".
However I can add my recent story: After hardening perl, loading a DSO
by perl failed. I believe the reason was the DSO had an undefined symbol
which was not defined in any SO_NEEDed libraries. But because the symbol
was never used at run-time, before hardening the executable, run-time
linking passed. But after hardening, the -znow feature caused resolving
all symbols at link time, including the missing symbol, so dlopen(3)
failed.
-- Petr
More information about the devel
mailing list