[FFmpeg-devel] PIC and YASM
Mon Nov 9 23:16:33 CET 2009
Reimar D?ffinger <Reimar.Doeffinger at gmx.de> writes:
> On Mon, Nov 09, 2009 at 08:26:05PM +0300, Michael Kostylev wrote:
>> On Mon Nov 9 18:02:54 2009
>> Reimar D?ffinger wrote:
>> >>> @@ -1919,7 +1917,6 @@
>> >>> ;;
>> >>> openbsd)
>> >>> enable malloc_aligned
>> >>> - enable pic
>> >> OpenBSD builds fail without that currently. Does your new __PIC__
>> >> check fix that?
>> > I expect
> Interesting. I do not know 100% what OpenBSD does, but FFmpeg builds
> just with with PIC disabled, the generated program just does not run.
I knew there was something fishy there.
> However, I'd like to suggest the change below.
> Thing is, when PIC is enabled we already take the performance hit
> anyway, so I suggest we at least try to also get the security benefit
> by linking the executable programs as PIE.
> What do you think about that? Any known issues with -pie linker flag?
> Index: configure
> --- configure (revision 20476)
> +++ configure (working copy)
> @@ -2103,6 +2103,7 @@
> add_cppflags -DPIC
> add_cflags -fPIC
> add_asflags -fPIC
> + add_ldflags -pie
> enabled pic && enable_pic
That is wrong. Let's read the gcc manual for a bit:
Generate position-independent code (PIC) suitable for use in a
shared library, if supported for the target machine. Such code
accesses all constant addresses through a global offset table
These options are similar to `-fpic' and `-fPIC', but generated
position independent code can be only linked into executables.
Usually these options are used when `-pie' GCC option will be used
Produce a position independent executable on targets which support
it. For predictable results, you must also specify the same set
of options that were used to generate code (`-fpie', `-fPIE', or
model suboptions) when you specify this option.
Can -pie be used with -fPIC-compiled code? After reading the above,
I'm not entirely certain.
mans at mansr.com
More information about the ffmpeg-devel