Hello Igor,

On 20.02.24 09:00, Igor Zhbanov via TF-A wrote:

Hello,

I'm trying to understand the purpose of ENABLE_PIE build flag.

IIUC, it makes the BL* executables position-independent. But I could not find any ASLR or some other addresses randomization support. Therefore, could you please clarify, what is the point of building position-independent parts, if (most of the time?) they will be loaded at the fixed addresses?

One benefit is that it avoids the mess described in this commit message: https://github.com/barebox/barebox/commit/199aabdc7139ab5f988b85a5c1eed5cb8a...

Now with PIE enabled for the platform, you can deploy the same TF-A on all variants.

Cheers, Ahmad

Thank you.