From Fedora Project Wiki
(Created page with "== PIE vs DSO == We have received requests to tell position-independent executables (PIEs) from dynamic shared objects (DSOs). Both are marked <code>ET_DYN</code> in the ELF...")
 
 
Line 4: Line 4:
  
 
There is some debate whether it is possible, with the current scheme, to tell PEI executables from DSOs.  This is important for compliance checking because policies for DSOs and binaries might differ (depending on the policy which want to enforce).
 
There is some debate whether it is possible, with the current scheme, to tell PEI executables from DSOs.  This is important for compliance checking because policies for DSOs and binaries might differ (depending on the policy which want to enforce).
 +
 +
This is already implemented as DF_1_PIE bit in DT_FLAGS_1 word in PT_DYNAMIC segment (.dynamic section).  For example:
 +
$ readelf --dynamic /bin/date  |  grep PIE  # on x86_64
 +
0x000000006ffffffb (FLAGS_1)            Flags: NOW PIE
 +
Also https://bugzilla.redhat.com/show_bug.cgi?id=1439328 /usr/include/elf.h is behind the times.
  
 
[[Category:Toolchain/Watermark/Provisional]]
 
[[Category:Toolchain/Watermark/Provisional]]

Latest revision as of 16:21, 27 September 2017

PIE vs DSO

We have received requests to tell position-independent executables (PIEs) from dynamic shared objects (DSOs). Both are marked ET_DYN in the ELF header, so it is not entirely obvious how to tell them apart.

There is some debate whether it is possible, with the current scheme, to tell PEI executables from DSOs. This is important for compliance checking because policies for DSOs and binaries might differ (depending on the policy which want to enforce).

This is already implemented as DF_1_PIE bit in DT_FLAGS_1 word in PT_DYNAMIC segment (.dynamic section). For example:

$ readelf --dynamic /bin/date  |  grep PIE  # on x86_64
0x000000006ffffffb (FLAGS_1)            Flags: NOW PIE

Also https://bugzilla.redhat.com/show_bug.cgi?id=1439328 /usr/include/elf.h is behind the times.