This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] Unable to compile Xen-2.0

To: Xen-devel@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-devel] Unable to compile Xen-2.0
From: Jerome Brown <guruswami@xxxxxxxxxxxx>
Date: Wed, 27 Oct 2004 14:41:05 +1300
Delivery-date: Wed, 27 Oct 2004 03:16:20 +0100
Envelope-to: steven.hand@xxxxxxxxxxxx
In-reply-to: <E1CMcZK-00064d-00@xxxxxxxxxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References: <E1CMcZK-00064d-00@xxxxxxxxxxxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.8 (Windows/20040913)
I am running Gentoo Linux with GCC 3.4.2 and glibc compiled with NPTL only (no LinuxThreads) and both a 2.6.9 and a kernel. Any thoughts or suggestions are greatly appreciated. I will try with GCC 3.3.3 to see if that helps.

It's probably a gcc version issue. We try to get stuff working
with most gcc versions, but no-one round here uses 3.4 by default
-- it's way too bleeding edge.

Compiled the xenU fine with gcc 3.3.3 - must be a gcc issue. I'm testing on a box at the moment, so have installed all the new toys to play with :) Might try with SSP and PIE again ...

The GCC has ssp-3.4.1 and pie- compiled in, but they are disabled for the compilation as Xen will not compile with them enabled (Are there plans to allow this?).

What are ssp and pie?

SSP is Stack Smashing Protection - formerly ProPolice (see http://www.trl.ibm.com/projects/security/ssp/ for more info) and PIE is Position Independent Executable i.e. PIC for binaries. SSP modifies the C compiler to insert initialization code into functions that create a buffer in memory. At run time, when a buffer is created, SSP adds a secret random value, the canary, to the end of the buffer. When the function returns, SSP makes sure that the canary is still intact. If an attacker were to perform a buffer overflow, he would overwrite this value and trigger that stack smashing handler. Currently this kills the target process. (Descriptions borrowed from Gentoo Hardened Project http://www.gentoo.org/proj/en/hardened/) They provide an extra layer of security from attack on a server open to the world.

This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
Xen-devel mailing list