Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 270421 - >=app-emulation/qemu-0.10 should not filter hardened
Summary: >=app-emulation/qemu-0.10 should not filter hardened
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Luca Barbato
URL:
Whiteboard:
Keywords:
: 271360 (view as bug list)
Depends on:
Blocks:
 
Reported: 2009-05-19 12:48 UTC by Xake
Modified: 2009-09-29 14:22 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Xake 2009-05-19 12:48:24 UTC 
After searching around on bugs.gentoo.org I can only find compilation-problems with regards to qemu and why we are filtering hardened flags.

Well, trying with hardened gcc-3.4 and hardened gcc-4 this filtering is not needed any more.

As I can read the thing that did not want to compile with hardened was dyngen, and it seems like when upstream dumped dyngen they also dumped all problems compiling qemu on hardened.

I have as pointed out built it with hardened gcc-3.4 and gcc-4.3.3 without filtering in a 32-bits and 64-bits userland.
Both completed fine and it seems to run fine also.

To be honest it did not even build on hardened 64-bit no matter version of gcc with filtering, so I think the filtering is a good thing to remove.
Comment 1 Longpoke 2009-06-18 04:09:23 UTC 
*** Bug 271360 has been marked as a duplicate of this bug. ***
Comment 2 Longpoke 2009-06-18 18:24:02 UTC 
Confirmed. I'm running amd64 hardened gentoo with no multilib and compiled qemu-0.10.5 by removing filter-flags from the ebuild.

However qemu-softmmu-0.9.1-r3 would not compile due to some issue with dyngen, like Xake said. It gets a little furthur with filter-flags off, but then fails at dyngen.

$ gcc --version
gcc (GCC) 3.4.6 (Gentoo Hardened 3.4.6-r2 p1.6, ssp-3.4.6-1.0, pie-8.7.10)

$ uname -a
Linux localhost 2.6.28-hardened-r9 #2 SMP Mon Jun 15 07:58:03 EDT 2009 x86_64 Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz GenuineIntel GNU/Linux
Comment 3 Longpoke 2009-06-27 02:53:56 UTC 
I can also compile by selecting x86_64-pc-linux-gnu-3.4.6-hardenednopie.

However, either way PAX will kill the process, setting the flags off with paxctl -pmerxs `which qemu` will stop it from being killed by PAX, but a segfault will occur.

This doesn't happen if you do run "qemu --help", it only happens while running the VM.
Comment 4 Longpoke 2009-06-29 16:35:33 UTC 
Hmm, you actually can compile and run (the stable) qemu-0.9.0 by selecting "x86_64-pc-linux-gnu-3.4.6-hardenednopie" or a similar gcc 3.x with gcc-config, then removing PAX protection "paxctl -pmerxs `which qemu`".

The same thing worked for the latest qemu-0.10.5, except it's segfault mania.
Comment 5 Xake 2009-09-29 14:22:32 UTC 
Ok, this was a totally bad idea.

There is bugs in softmmu that arise with 0.10.x at least if built with -fPIE, and the build-break if you filter -fPIE is totally unrelated and will be handled in a seperate bug.

The -fstack-protect filter is still wrong, but as the current ebuild even tho it looks like it actually do not filter -fstack-protector I do not care about it currently.