I figure I haven't explained what I'm doing at this point. I'm currently compiling GCC with a patch to have both it be PIC/PIE, and generate PIE binaries, a rather fun task requiring multiple compiler bootstraps, but should allow me to properly test the ability to compile the system PIE enabled. I suspect I can convince kees to see if all this bootstrapping isn't necessary and can generate comparable results to my test builds.
Roughly speaking, the sequence of events that I'm following goes something like this.
1. Build a compiler that generates PIC code by default from a non-PIC system (embyro compiler)
2. Use the PIC compiler to compile glibc, gcc/binutils depends (zlib, gmp, mpfr)
3. Build a compiler with the previous compiler to build a compiler that can generate PIE binaries. This will be used to build the equivelent of a Gentoo stage1 system. <- We are here
4. Build a temporary base system.
5. Using the PIE compiler, rebuild the base system with the proper paths (butterfly compiler).
6. Build Ubuntu specific tools (dpkg, apt, etc.)
7. Build Ubuntu base system with GCC patchs, generating debs
8. Using those debs, rebuild the base system again
No comments:
Post a Comment