nrabulinski/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

On Linux, disable address space randomization

Browse source
This commit is contained in:
Eelco Dolstra 2014-09-17 17:21:13 +02:00
parent 5a05cf4063
commit d98bfcbf81
2 changed files with 9 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
configure.ac
View file

@ -121,11 +121,6 @@ AC_CHECK_HEADER([err.h], [], [bsddiff_compat_include="-Icompat-include"])
AC_SUBST([bsddiff_compat_include]) AC_SUBST([bsddiff_compat_include])
# Check whether we have the personality() syscall, which allows us to
# do i686-linux builds on x86_64-linux machines.
AC_CHECK_HEADERS([sys/personality.h])
# Check for <linux/fs.h> (for immutable file support). # Check for <linux/fs.h> (for immutable file support).
AC_CHECK_HEADERS([linux/fs.h]) AC_CHECK_HEADERS([linux/fs.h])

14
src/libstore/build.cc
View file

@ -57,9 +57,8 @@
#include <netinet/ip.h> #include <netinet/ip.h>
#endif #endif
#if HAVE_SYS_PERSONALITY_H #if __linux__
#include <sys/personality.h> #include <sys/personality.h>
#define CAN_DO_LINUX32_BUILDS
#endif #endif
#if HAVE_STATVFS #if HAVE_STATVFS
@ -1182,7 +1181,7 @@ static string get(const StringPairs & map, const string & key)
static bool canBuildLocally(const string & platform) static bool canBuildLocally(const string & platform)
{ {
return platform == settings.thisSystem return platform == settings.thisSystem
#ifdef CAN_DO_LINUX32_BUILDS #if __linux__
|| (platform == "i686-linux" && settings.thisSystem == "x86_64-linux") || (platform == "i686-linux" && settings.thisSystem == "x86_64-linux")
#endif #endif
; ;
@ -2077,7 +2076,7 @@ void DerivationGoal::initChild()
/* Close all other file descriptors. */ /* Close all other file descriptors. */
closeMostFDs(set<int>()); closeMostFDs(set<int>());
#ifdef CAN_DO_LINUX32_BUILDS #if __linux__
/* Change the personality to 32-bit if we're doing an /* Change the personality to 32-bit if we're doing an
i686-linux build on an x86_64-linux machine. */ i686-linux build on an x86_64-linux machine. */
struct utsname utsbuf; struct utsname utsbuf;
@ -2085,7 +2084,7 @@ void DerivationGoal::initChild()
if (drv.platform == "i686-linux" && if (drv.platform == "i686-linux" &&
(settings.thisSystem == "x86_64-linux" || (settings.thisSystem == "x86_64-linux" ||
(!strcmp(utsbuf.sysname, "Linux") && !strcmp(utsbuf.machine, "x86_64")))) { (!strcmp(utsbuf.sysname, "Linux") && !strcmp(utsbuf.machine, "x86_64")))) {
if (personality(0x0008 | 0x8000000 /* == PER_LINUX32_3GB */) == -1) if (personality(PER_LINUX32_3GB) == -1)
throw SysError("cannot set i686-linux personality"); throw SysError("cannot set i686-linux personality");
} }
@ -2095,6 +2094,11 @@ void DerivationGoal::initChild()
int cur = personality(0xffffffff); int cur = personality(0xffffffff);
if (cur != -1) personality(cur | 0x0020000 /* == UNAME26 */); if (cur != -1) personality(cur | 0x0020000 /* == UNAME26 */);
} }
/* Disable address space randomization for improved
determinism. */
int cur = personality(0xffffffff);
if (cur != -1) personality(cur | ADDR_NO_RANDOMIZE);
#endif #endif
/* Fill in the environment. */ /* Fill in the environment. */