diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-09-17 17:21:13 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-09-17 17:21:13 +0200 |
commit | d98bfcbf812c3054cd9608f835bd3678385f9703 (patch) | |
tree | 8ded7b8edab2c8fc300f95f15f09ad37ff247dd9 | |
parent | 5a05cf4063fc6ea666f3e24c60bd2e9e5526ef4e (diff) |
On Linux, disable address space randomization
-rw-r--r-- | configure.ac | 5 | ||||
-rw-r--r-- | src/libstore/build.cc | 14 |
2 files changed, 9 insertions, 10 deletions
diff --git a/configure.ac b/configure.ac index 89fd6b96e..a449ac82f 100644 --- a/configure.ac +++ b/configure.ac @@ -121,11 +121,6 @@ AC_CHECK_HEADER([err.h], [], [bsddiff_compat_include="-Icompat-include"]) AC_SUBST([bsddiff_compat_include]) -# Check whether we have the personality() syscall, which allows us to -# do i686-linux builds on x86_64-linux machines. -AC_CHECK_HEADERS([sys/personality.h]) - - # Check for <linux/fs.h> (for immutable file support). AC_CHECK_HEADERS([linux/fs.h]) diff --git a/src/libstore/build.cc b/src/libstore/build.cc index 8e328bae3..3c9db5f7a 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -57,9 +57,8 @@ #include <netinet/ip.h> #endif -#if HAVE_SYS_PERSONALITY_H +#if __linux__ #include <sys/personality.h> -#define CAN_DO_LINUX32_BUILDS #endif #if HAVE_STATVFS @@ -1182,7 +1181,7 @@ static string get(const StringPairs & map, const string & key) static bool canBuildLocally(const string & platform) { return platform == settings.thisSystem -#ifdef CAN_DO_LINUX32_BUILDS +#if __linux__ || (platform == "i686-linux" && settings.thisSystem == "x86_64-linux") #endif ; @@ -2077,7 +2076,7 @@ void DerivationGoal::initChild() /* Close all other file descriptors. */ closeMostFDs(set<int>()); -#ifdef CAN_DO_LINUX32_BUILDS +#if __linux__ /* Change the personality to 32-bit if we're doing an i686-linux build on an x86_64-linux machine. */ struct utsname utsbuf; @@ -2085,7 +2084,7 @@ void DerivationGoal::initChild() if (drv.platform == "i686-linux" && (settings.thisSystem == "x86_64-linux" || (!strcmp(utsbuf.sysname, "Linux") && !strcmp(utsbuf.machine, "x86_64")))) { - if (personality(0x0008 | 0x8000000 /* == PER_LINUX32_3GB */) == -1) + if (personality(PER_LINUX32_3GB) == -1) throw SysError("cannot set i686-linux personality"); } @@ -2095,6 +2094,11 @@ void DerivationGoal::initChild() int cur = personality(0xffffffff); if (cur != -1) personality(cur | 0x0020000 /* == UNAME26 */); } + + /* Disable address space randomization for improved + determinism. */ + int cur = personality(0xffffffff); + if (cur != -1) personality(cur | ADDR_NO_RANDOMIZE); #endif /* Fill in the environment. */ |