git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Daniel P. Berrange <berrange@redhat.com>
	Wed, 3 Apr 2013 10:32:15 +0000 (11:32 +0100)
committer	Eric Blake <eblake@redhat.com>
	Tue, 9 Apr 2013 19:55:18 +0000 (13:55 -0600)
commit	f015802380eab305b37116324e2be16d04a45860
tree	d0ca6100fb5923f5c78dadcf41d826fc85c28fc7	tree \| snapshot
parent	2a702717ceb9d0a97bfe82e826b33a767a9c1d22	commit \| diff

Build all binaries with PIE

PIE (position independent executable) adds security to executables
by composing them entirely of position-independent code (PIC. The
.so libraries already build with -fPIC. This adds -fPIE which is
the equivalent to -fPIC, but for executables. This for allows Exec
Shield to use address space layout randomization to prevent attackers
from knowing where existing executable code is during a security
attack using exploits that rely on knowing the offset of the
executable code in the binary, such as return-to-libc attacks.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 1150999ca444d8cb1d906a4948b808125fa209b7)

configure.ac		diff \| blob \| blame \| history
daemon/Makefile.am		diff \| blob \| blame \| history
m4/virt-compile-pie.m4	[new file with mode: 0644]	blob
src/Makefile.am		diff \| blob \| blame \| history
tools/Makefile.am		diff \| blob \| blame \| history