Hello,
I'm trying to understand the purpose of ENABLE_PIE build flag.
IIUC, it makes the BL* executables position-independent. But I could not find any ASLR or some other addresses randomization support. Therefore, could you please clarify, what is the point of building position-independent parts, if (most of the time?) they will be loaded at the fixed addresses?
Thank you.
Hello Igor,
On 20.02.24 09:00, Igor Zhbanov via TF-A wrote:
Hello,
I'm trying to understand the purpose of ENABLE_PIE build flag.
IIUC, it makes the BL* executables position-independent. But I could not find any ASLR or some other addresses randomization support. Therefore, could you please clarify, what is the point of building position-independent parts, if (most of the time?) they will be loaded at the fixed addresses?
One benefit is that it avoids the mess described in this commit message: https://github.com/barebox/barebox/commit/199aabdc7139ab5f988b85a5c1eed5cb8a...
Now with PIE enabled for the platform, you can deploy the same TF-A on all variants.
Cheers, Ahmad
Thank you.
tf-a@lists.trustedfirmware.org