Comments (25)
Samt43
commented on July 23, 2024
Very interested by this too !
I tried to run lxc on android 6, and patching bionic and recompiling the whole aosp ROM was a pain !
from lxc-ci.
stgraber
commented on July 23, 2024
A patch against the lxc-ci branch to tweak the Android build to use PIE would be appreciated.
LXC is built with PIE enabled on most Linux distributions so there shouldn't be any change needed in the upstream code for it.
from lxc-ci.
shvelo
commented on July 23, 2024
Any updates on this?
from lxc-ci.
stgraber
commented on July 23, 2024
Nobody appears to be interested in providing a patch or a branch for this, so no.
from lxc-ci.
shvelo
commented on July 23, 2024
I want to do this but I have absolutely no idea how LXC build system works
On Jul 9, 2016 02:18, "Stéphane Graber" [email protected] wrote:
Nobody appears to be interested in providing a patch or a branch for this,
so no.—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#7 (comment), or mute
the thread
https://github.com/notifications/unsubscribe/ABB93jIW3WSD1TyWrRbHzONuAVJ0Gu3uks5qTsyrgaJpZM4IYn2B
.
from lxc-ci.
Samt43
commented on July 23, 2024
I worked on this, and i could have a arm 32 bit lxc with PIE support enabled.
I couldn't do it by just modifying LXC-CI, so i modified LXC build system to do so.
Here is my commit on lxc for this : Samt43/lxc@ca674ac.
I don't know if my change can be included directly in lxc (because maybe there is a better way to do so).
But it's working on android 6.0 with this change (compiling using a local LXC-CI) !.
You can find arm 32 binaries with PIE support on this thread (second post) :
http://forum.xda-developers.com/pixel-c/orig-development/linux-pixel-c-running-ubuntu-xenial-lxc-t3410655
Hope it will help everyone :)
from lxc-ci.
stgraber
commented on July 23, 2024
Does something like http://paste.ubuntu.com/18897690/ and passing --enable-hardening work?
from lxc-ci.
binkybear
commented on July 23, 2024
If you use an NDK with a later API (instead of 9 in build script) it comes with PIE support by default. I believe it's API's after 10.
from lxc-ci.
stgraber
commented on July 23, 2024
I'd be fine moving to kitkat and higher, so that'd be API level 19. Can you send a branch to change it?
from lxc-ci.
binkybear
commented on July 23, 2024
Hi @stgraber ,
I tried modifying build-android for use with NDK build script and I wasn't able to get it to play nice. I'm not sure if it was just me but the sysroot didn't work with NDK. I did end up building it manually using a toolchain and testing it on the Nexus 5 (binaries ran):
https://gist.github.com/binkybear/18dab6ef15bfb8052f15c12c6b7777f3
from lxc-ci.
stgraber
commented on July 23, 2024
I just bumped our builds to use API level 21 and we've fixed the one build issue in the way.
There's a build in progress right now on Jenkins which will hopefully succeed and give you binaries that hopefully have PIE enabled.
from lxc-ci.
bhush9
commented on July 23, 2024
Thanks @stgraber
from lxc-ci.
stgraber
commented on July 23, 2024
There we go: https://jenkins.linuxcontainers.org/view/All/job/lxc-build-android/lastSuccessfulBuild/
from lxc-ci.
stgraber
commented on July 23, 2024
I'm assuming that this bug has been resolved now. If this still doesn't work on recent Android we'll look into whatever bits are missing.
from lxc-ci.
binkybear
commented on July 23, 2024
Tried the latest build and it only contains /data. It's missing system libs and binaries.
from lxc-ci.
bhush9
commented on July 23, 2024
Officially lxc provides binary and all only in /data.. see /data/lxc/lxc/
from lxc-ci.
binkybear
commented on July 23, 2024
@bhush9 - Thanks for clearing that up. I assumed from the build script it copied over some of the files to system.
I just gave it a run on marshmallow:
root@hammerhead:/data/lxc/lxc/bin # ./lxc-info
error: only position independent executables (PIE) are supported.
1|root@hammerhead:/data/lxc/lxc/bin # ./lxc-start
error: only position independent executables (PIE) are supported.
1|root@hammerhead:/data/lxc/lxc/bin # md5sum lxc-info
154254d9b354d9f207c345547cc48db0 lxc-infofrom lxc-ci.
bhush9
commented on July 23, 2024
Hmm. right so.. build still have non PIE executable.. it seems?
from lxc-ci.
eMPee584
commented on July 23, 2024
still built without -fPIE ... WHY 😱
from lxc-ci.
droserasprout
commented on July 23, 2024
Getting the same error with LineageOS 14.1 (Android 7.1.1, kernel 3.18.31) on gemini.
from lxc-ci.
Samt43
commented on July 23, 2024
Yes, whatever the NDK used, the only solution is to fix the makefile (as i did in my previous comment)
With this, you will have an lxc version with PIE enabled :)
from lxc-ci.
droserasprout
commented on July 23, 2024
Oh, I see now. Wondering why It isn't default configuration, there's no much pre-lollipop devices on the market now.
from lxc-ci.
stgraber
commented on July 23, 2024
With the pkg-config change we merged a while back, it should be possible to convince the configure script to enable PIE without it breaking half the build.
from lxc-ci.
denysvitali
commented on July 23, 2024
Is there an update on this? The builds are still performed without PIE
from lxc-ci.
codekatana
commented on July 23, 2024
Hi, upstream android builds are not compiling with -fPIE, the issue is still present. I will try to fix it at configure.ac file as a "--enable-android-pie" and give a pull request. Stephane, that sounds good?
from lxc-ci.
Related Issues (20)
- debian/11/cloud doesn't run cloud-init in lxd HOT 3
- Continue creating Debian i386 images HOT 2
- default route not properly set on Centos 8 or 9 stream using routed nic HOT 10
- Missing Fedora Rawhide images HOT 2
- Add Devuan Daedalus
- VM centos/7/cloud: empty /etc/resolv.conf HOT 1
- NixOS images HOT 32
- Ubuntu 23.10 (mantic) containers fail to start HOT 16
- Cannot create custom gentoo images with latest gentoo.yaml file HOT 3
- Add alpine 3.19 HOT 1
- images/gentoo.yaml: line 23: locale-gen: command not found
- Building Ubuntu noble VM from `images/ubuntu.yaml` produces an image that doesn't immediately boot HOT 6
- Unable to shell to Almalinux Virtual-Machines HOT 5
- Fixing ubuntu noble build failure HOT 2
- Something is broken in the alpine mirror HOT 4
- Distrobuilder fails to build rockylinux-9 vm flavour HOT 7
- incus-agent fails to start in rockylinux-9 vm HOT 2
- debian bookworm systemd networking is lacking - setting up multiple routes on 2 interfaces with cloud-init HOT 3
- openSUSE images missing HOT 5
- almalinux/rockylinux 9 images don't bring up their eth0 interfaces HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lxc-ci.