CMP0083 not working?
I tried swapping our custom -pie link switch adding code with [CMAKE_]POSITION_INDEPENDENT_CODE and CMP0083, but it does not add the switch nor create a PIE executable. This happens when using both clang and gcc, but it looks like gcc's default on Debian is pie (?) so a PIE is created anyway, but clang's default isn't.
cmake_minimum_required(VERSION 3.14)
project(stuff)
cmake_policy(SET CMP0083 NEW)
set(CMAKE_POSITION_INDEPENDENT_CODE TRUE)
file(WRITE ${CMAKE_BINARY_DIR}/main.c "int main() { return 0; }")
add_executable(stuffexe ${CMAKE_BINARY_DIR}/main.c)
get_target_property(stuffexe_pic stuffexe POSITION_INDEPENDENT_CODE)
message(STATUS "stuffexe_pic=${stuffexe_pic}")
Run:
mkdir build; cd build; ~/cmake-3.22.0-rc1-linux-x86_64/bin/cmake -DCMAKE_C_COMPILER=clang-12 -DCMAKE_CXX_COMPILER=clang++-12 ..; make; file stuffexe; hardening-check stuffexe
Example output:
itay@RLYEH ~/tmp/cmake0083> mkdir build; cd build; ~/Projects/cmakebin/cmake-3.22.0-rc1-linux-x86_64/bin/cmake -DCMAKE_C_COMPILER=clang-12 -DCMAKE_CXX_COMPILER=clang++-12 ..; make; file stuffexe; hardening-check stuffexe
-- The C compiler identification is Clang 12.0.1
-- The CXX compiler identification is Clang 12.0.1
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/clang-12 - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/clang++-12 - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- stuffexe_pic=TRUE
-- Configuring done
-- Generating done
-- Build files have been written to: /home/itay/tmp/cmake0083/build
[ 50%] Building C object CMakeFiles/stuffexe.dir/main.c.o
[100%] Linking C executable stuffexe
[100%] Built target stuffexe
stuffexe: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=ea213ed35a75eaf934e6360ea9f19146bd5d9395, for GNU/Linux 3.2.0, not stripped
stuffexe:
Position Independent Executable: no, normal executable!
Stack protected: no, not found!
Fortify Source functions: unknown, no protectable libc functions used
Read-only relocations: yes
Immediate binding: no, not found!
Stack clash protection: unknown, no -fstack-clash-protection instructions found
Control flow integrity: yes