summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Rajnoha <prajnoha@redhat.com>2013-12-05 14:03:10 +0100
committerPeter Rajnoha <prajnoha@redhat.com>2013-12-05 14:03:10 +0100
commit481edce41f54a392b663991c4e29c9eed05f90b5 (patch)
treeda3a1cf0725b930941e8dcc69a1712cef38d784d
parentb494881e685da3ada4a42a17a33d4fe67f3ca784 (diff)
downloadlvm2-481edce41f54a392b663991c4e29c9eed05f90b5.tar.gz
compile/link: use RELRO/PIE compiler/linker options for executables
Diffstat
-rw-r--r--WHATS_NEW2
-rw-r--r--daemons/clvmd/Makefile.in4
-rw-r--r--daemons/cmirrord/Makefile.in4
-rw-r--r--daemons/dmeventd/Makefile.in4
-rw-r--r--daemons/lvmetad/Makefile.in4
-rw-r--r--make.tmpl.in4
-rw-r--r--scripts/Makefile.in4
-rw-r--r--tools/Makefile.in4
8 files changed, 16 insertions, 14 deletions
diff --git a/WHATS_NEW b/WHATS_NEW
index 2e1f59a2c..72a61e3da 100644
--- a/WHATS_NEW
+++ b/WHATS_NEW
@@ -8,7 +8,7 @@ Version 2.02.105 -
Extend lv_remove_single() to not print info about removed LV.
Replace open_count check with lv_check_not_in_use() for snapshot open test.
Add error messages with LV names for failing lv refresh.
- Compile/link daemons with RELRO and PIE options to harden daemon security.
+ Compile/link executables with new RELRO and PIE options (non-static builds).
Support per-object compilation cflags via CFLAGS_object.o.
Automatically detect support for compiler/linker options to use RELRO and PIE.
Add --splitsnapshot to lvconvert to separate out cow LV.
diff --git a/daemons/clvmd/Makefile.in b/daemons/clvmd/Makefile.in
index 4677048f1..0da95a7f2 100644
--- a/daemons/clvmd/Makefile.in
+++ b/daemons/clvmd/Makefile.in
@@ -88,8 +88,8 @@ LVMLIBS += -ldevmapper
LIBS += $(PTHREAD_LIBS)
DEFS += -D_REENTRANT
-CFLAGS += -fno-strict-aliasing $(DAEMON_CFLAGS)
-LDFLAGS += $(DAEMON_LDFLAGS)
+CFLAGS += -fno-strict-aliasing $(EXTRA_EXEC_CFLAGS)
+LDFLAGS += $(EXTRA_EXEC_LDFLAGS)
INSTALL_TARGETS = \
install_clvmd
diff --git a/daemons/cmirrord/Makefile.in b/daemons/cmirrord/Makefile.in
index df7c2a800..d3687935e 100644
--- a/daemons/cmirrord/Makefile.in
+++ b/daemons/cmirrord/Makefile.in
@@ -28,8 +28,8 @@ include $(top_builddir)/make.tmpl
LIBS += -ldevmapper
LMLIBS += $(CPG_LIBS) $(SACKPT_LIBS)
-CFLAGS += $(CPG_CFLAGS) $(SACKPT_CFLAGS) $(DAEMON_CFLAGS)
-LDFLAGS += $(DAEMON_LDFLAGS)
+CFLAGS += $(CPG_CFLAGS) $(SACKPT_CFLAGS) $(EXTRA_EXEC_CFLAGS)
+LDFLAGS += $(EXTRA_EXEC_LDFLAGS)
cmirrord: $(OBJECTS) $(top_builddir)/lib/liblvm-internal.a
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJECTS) \
diff --git a/daemons/dmeventd/Makefile.in b/daemons/dmeventd/Makefile.in
index fcc5c9ea8..47bfb67ea 100644
--- a/daemons/dmeventd/Makefile.in
+++ b/daemons/dmeventd/Makefile.in
@@ -59,10 +59,10 @@ device-mapper: $(TARGETS)
LIBS += -ldevmapper
LVMLIBS += -ldevmapper-event $(PTHREAD_LIBS)
-CFLAGS_dmeventd.o += $(DAEMON_CFLAGS)
+CFLAGS_dmeventd.o += $(EXTRA_EXEC_CFLAGS)
dmeventd: $(LIB_SHARED) dmeventd.o
- $(CC) $(CFLAGS) $(LDFLAGS) $(DAEMON_LDFLAGS) $(ELDFLAGS) -L. -o $@ dmeventd.o \
+ $(CC) $(CFLAGS) $(LDFLAGS) $(EXTRA_EXEC_LDFLAGS) $(ELDFLAGS) -L. -o $@ dmeventd.o \
$(DL_LIBS) $(LVMLIBS) $(LIBS) -rdynamic
dmeventd.static: $(LIB_STATIC) dmeventd.o $(interfacebuilddir)/libdevmapper.a
diff --git a/daemons/lvmetad/Makefile.in b/daemons/lvmetad/Makefile.in
index 67a557fc3..0a174bb04 100644
--- a/daemons/lvmetad/Makefile.in
+++ b/daemons/lvmetad/Makefile.in
@@ -33,9 +33,9 @@ LVMLIBS = -ldaemonserver $(LVMINTERNAL_LIBS) -ldevmapper
LIBS += $(PTHREAD_LIBS)
-LDFLAGS += -L$(top_builddir)/libdaemon/server $(DAEMON_LDFLAGS)
+LDFLAGS += -L$(top_builddir)/libdaemon/server $(EXTRA_EXEC_LDFLAGS)
CLDFLAGS += -L$(top_builddir)/libdaemon/server
-CFLAGS += $(DAEMON_CFLAGS)
+CFLAGS += $(EXTRA_EXEC_CFLAGS)
lvmetad: $(OBJECTS) $(top_builddir)/libdaemon/client/libdaemonclient.a \
$(top_builddir)/libdaemon/server/libdaemonserver.a
diff --git a/make.tmpl.in b/make.tmpl.in
index 5f72182b7..65b1da026 100644
--- a/make.tmpl.in
+++ b/make.tmpl.in
@@ -153,8 +153,8 @@ endif
ifneq ("@STATIC_LINK@", "yes")
ifeq ("@HAVE_PIE@", "yes")
ifeq ("@HAVE_FULL_RELRO@", "yes")
- DAEMON_CFLAGS += -fPIE -DPIE
- DAEMON_LDFLAGS += -Wl,-z,relro,-z,now -pie
+ EXTRA_EXEC_CFLAGS += -fPIE -DPIE
+ EXTRA_EXEC_LDFLAGS += -Wl,-z,relro,-z,now -pie
endif
endif
endif
diff --git a/scripts/Makefile.in b/scripts/Makefile.in
index 3616afa0d..ed587ca83 100644
--- a/scripts/Makefile.in
+++ b/scripts/Makefile.in
@@ -82,8 +82,10 @@ ifeq ("@BLKDEACTIVATE@", "yes")
$(INSTALL_SCRIPT) blk_availability_init_red_hat $(initdir)/blk-availability
endif
+CFLAGS_lvm2_activation_generator_systemd_red_hat.o += $(EXTRA_EXEC_CFLAGS)
+
lvm2_activation_generator_systemd_red_hat: $(OBJECTS) $(DEPLIBS)
- $(CC) -o $@ $(OBJECTS) $(LDFLAGS) $(LVMLIBS)
+ $(CC) -o $@ $(OBJECTS) $(LDFLAGS) $(EXTRA_EXEC_LDFLAGS) $(LVMLIBS)
install_systemd_generators:
$(INSTALL_DIR) $(systemd_generator_dir)
diff --git a/tools/Makefile.in b/tools/Makefile.in
index f8e49349d..34df48ba0 100644
--- a/tools/Makefile.in
+++ b/tools/Makefile.in
@@ -122,7 +122,7 @@ LIBS += $(UDEV_LIBS) $(BLKID_LIBS)
device-mapper: $(TARGETS_DM)
dmsetup: dmsetup.o $(top_builddir)/libdm/libdevmapper.$(LIB_SUFFIX)
- $(CC) $(CFLAGS) $(LDFLAGS) -L$(top_builddir)/libdm \
+ $(CC) $(CFLAGS) $(EXTRA_EXEC_CFLAGS) $(LDFLAGS) $(EXTRA_EXEC_LDFLAGS) -L$(top_builddir)/libdm \
-o $@ dmsetup.o -ldevmapper $(LIBS)
dmsetup.static: dmsetup.o $(interfacebuilddir)/libdevmapper.a
@@ -132,7 +132,7 @@ dmsetup.static: dmsetup.o $(interfacebuilddir)/libdevmapper.a
all: device-mapper
lvm: $(OBJECTS) lvm.o $(top_builddir)/lib/liblvm-internal.a
- $(CC) $(CFLAGS) $(LDFLAGS) $(ELDFLAGS) -o $@ $(OBJECTS) lvm.o \
+ $(CC) $(CFLAGS) $(EXTRA_EXEC_CFLAGS) $(LDFLAGS) $(EXTRA_EXEC_LDFLAGS) $(ELDFLAGS) -o $@ $(OBJECTS) lvm.o \
$(LVMLIBS) $(READLINE_LIBS) $(LIBS) -rdynamic
ifeq ("@BUILD_LVMETAD@", "yes")
View Lorry Controller Status