Closed Bug 857628 Opened 12 years ago Closed 10 years ago

add support for building Firefox as PIE

Categories

(Firefox Build System :: General, defect)

Product:
Firefox Build System
Component:
General
Version:
19 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
mozilla35

People

(Reporter: dhiru.kholia, Assigned: glandium)

References

Details

Attachments

(1 file, 2 obsolete files)

Add a --enable-pie configure option to build target programs as position independent executables when supported by gcc/clang
(deleted), patch
mshal
: review+
Details | Diff | Splinter Review
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:19.0) Gecko/20100101 Firefox/19.0 Build ID: 20130311191316 Steps to reproduce: I tried to build Firefox as PIE on a Fedora 18 64-bit system. Actual results: According to Mike Hommey (glandium), to enable PIE in Firefox, build system needs to be hacked a bit *unless* there is special compiler / linker support. So, this bug is a feature request for such a change to be implemented. Expected results: Well, it should have been easy to enable hardening flags :-). Also see https://bugzilla.mozilla.org/show_bug.cgi?id=620058 and https://bugs.launchpad.net/ubuntu/+source/xulrunner-1.9.1/+bug/507744
Component: Untriaged → Build Config
This does the job but it breaks root analysis builds for some reason, as well as Linux32 mochitest-1 and mochitest-3 (apparently anything that involves plugin-container) The weird thing is that these mochitests turn ok if I set LD_DEBUG=all before running plugin-container. See https://tbpl.mozilla.org/?tree=Try&rev=3e83dd0511d7
Assignee: nobody → mh+mozilla
Status: UNCONFIRMED → NEW
Ever confirmed: true
Assignee: mh+mozilla → nobody
Turns out this doesn't break anymore, for whatever reason. Yay ASLR for executables. https://tbpl.mozilla.org/?tree=Try&rev=c69fafed7e02
Attachment #8495136 - Flags: review?(mshal)
Attachment #736156 - Attachment is obsolete: true
Assignee: nobody → mh+mozilla
Status: NEW → ASSIGNED
Attachment #8495136 - Flags: review?(mshal) → review+
https://hg.mozilla.org/mozilla-central/rev/e2fee324047d
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 35
Depends on: 1076892
Reverted at glandium's request for causing bug 1076892: remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/e36bdb0150b9
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Can't have nice things. Nautilus (the file manager) can't open PIE executables, which makes distributing PIE executable essentially impossible.
Keywords: clownshoes
Merge of backout: https://hg.mozilla.org/mozilla-central/rev/e36bdb0150b9
Target Milestone: Firefox 35 → ---
Let's go with a first step adding the necessary build goop. We'll figure what to do to enable it by default in a followup.
Attachment #8501420 - Flags: review?(mshal)
Attachment #8495136 - Attachment is obsolete: true
Attachment #8501420 - Flags: review?(mshal) → review+
Blocks: 1079662
https://hg.mozilla.org/mozilla-central/rev/d38de091ced0
Status: REOPENED → RESOLVED
Closed: 10 years ago10 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 35
Depends on: 1367267
Component: Build Config → General
Product: Firefox → Firefox Build System
Keywords: clownshoes
Target Milestone: Firefox 35 → mozilla35
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: