diff options
author | Andreas K. Hüttel <dilfridge@gentoo.org> | 2021-07-20 21:52:55 +0200 |
---|---|---|
committer | Andreas K. Hüttel <dilfridge@gentoo.org> | 2021-07-20 21:52:55 +0200 |
commit | c32b45b7537a82b63613ea95e00f8468d31a25d9 (patch) | |
tree | 15fd79d67035d48389020e50e7b8da31ca63e610 /9999/0001-Gentoo-gold-ld-add-support-for-poisoned-system-direc.patch | |
parent | 9999: Refresh patches at 2.37 release (diff) | |
download | binutils-patches-c32b45b7537a82b63613ea95e00f8468d31a25d9.tar.gz binutils-patches-c32b45b7537a82b63613ea95e00f8468d31a25d9.tar.bz2 binutils-patches-c32b45b7537a82b63613ea95e00f8468d31a25d9.zip |
Renumber patches
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
Diffstat (limited to '9999/0001-Gentoo-gold-ld-add-support-for-poisoned-system-direc.patch')
-rw-r--r-- | 9999/0001-Gentoo-gold-ld-add-support-for-poisoned-system-direc.patch | 336 |
1 files changed, 336 insertions, 0 deletions
diff --git a/9999/0001-Gentoo-gold-ld-add-support-for-poisoned-system-direc.patch b/9999/0001-Gentoo-gold-ld-add-support-for-poisoned-system-direc.patch new file mode 100644 index 0000000..f7443bf --- /dev/null +++ b/9999/0001-Gentoo-gold-ld-add-support-for-poisoned-system-direc.patch @@ -0,0 +1,336 @@ +From 8a82f64de912f26e840b20eec9d8a463fd0e242b Mon Sep 17 00:00:00 2001 +From: Mike Frysinger <vapier@gentoo.org> +Date: Tue, 20 Jul 2021 21:08:31 +0200 +Subject: [PATCH 1/6] Gentoo: gold/ld: add support for poisoned system + directories +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is based on the old CodeSourcery patch written by Joseph Myers to add +support to the link for detecting & rejecting bad -L paths when using a +cross-compiler. The differences here: +* The command line flags are always available. +* We can turn on & off the warning via the command line. +* The configure option controls the default warning behavior. +* Add support for gold. + +It is not currently upstream, nor has it been submitted at all. There are +no plans to do so currently either. + +BUG=chromium:488360 +TEST=`cbuildbot chromiumos-sdk` passes # tests arm/amd64/mipsel/x86 +TEST=`cbuildbot panther_moblab-full whirlwind-release` pass +TEST=`cbuildbot {x32,arm64}-generic-full` has no new failures +TEST=x86_64-cros-linux-gnu-ld throws warnings when using -L/lib (gold & bfd) + +Reviewed-on: https://chromium-review.googlesource.com/272083 +(cherry picked from commit f92dbf35c00ab13cee36f6be8ae5ca46454d9000) + +Ported to binutils 2.37 Andreas K. Hütte <dilfridge@gentoo.org> +--- + gold/options.cc | 33 +++++++++++++++++++++++++++++++++ + gold/options.h | 7 +++++++ + ld/config.in | 3 +++ + ld/configure | 14 ++++++++++++++ + ld/configure.ac | 10 ++++++++++ + ld/ld.h | 7 +++++++ + ld/ld.texi | 18 ++++++++++++++++++ + ld/ldfile.c | 20 ++++++++++++++++++++ + ld/ldlex.h | 3 +++ + ld/ldmain.c | 7 +++++++ + ld/lexsup.c | 24 ++++++++++++++++++++++++ + 11 files changed, 146 insertions(+) + +diff --git a/gold/options.cc b/gold/options.cc +index 5a55bd8ba6d..f7940c75f5a 100644 +--- a/gold/options.cc ++++ b/gold/options.cc +@@ -1355,6 +1355,39 @@ General_options::finalize() + // in the path, as appropriate. + this->add_sysroot(); + ++ // Now check if library_path is poisoned. ++ if (this->warn_poison_system_directories()) ++ { ++ std::vector<std::string> bad_paths; ++ ++ bad_paths.push_back("/lib"); ++ // TODO: This check is disabled for now due to a bunch of packages that ++ // use libtool and relink with -L/usr/lib paths (albeit after the right ++ // sysroot path). Once those are fixed we can enable. ++ // We also need to adjust it so it only rejects one or two levels deep. ++ // Gcc's internal paths also live below /usr/lib. ++ // http://crbug.com/488360 ++ // bad_paths.push_back("/usr/lib"); ++ bad_paths.push_back("/usr/local/lib"); ++ bad_paths.push_back("/usr/X11R6/lib"); ++ ++ for (std::vector<std::string>::const_iterator b = bad_paths.begin(); ++ b != bad_paths.end(); ++ ++b) ++ for (Dir_list::iterator p = this->library_path_.value.begin(); ++ p != this->library_path_.value.end(); ++ ++p) ++ if (!p->name().compare(0, b->size(), *b)) ++ { ++ if (this->error_poison_system_directories()) ++ gold_fatal(_("library search path \"%s\" is unsafe for " ++ "cross-compilation"), p->name().c_str()); ++ else ++ gold_warning(_("library search path \"%s\" is unsafe for " ++ "cross-compilation"), p->name().c_str()); ++ } ++ } ++ + // Now that we've normalized the options, check for contradictory ones. + if (this->shared() && this->is_static()) + gold_fatal(_("-shared and -static are incompatible")); +diff --git a/gold/options.h b/gold/options.h +index 757ebf18fec..490b4cbd7d4 100644 +--- a/gold/options.h ++++ b/gold/options.h +@@ -1394,6 +1394,13 @@ class General_options + DEFINE_bool(warn_multiple_gp, options::TWO_DASHES, '\0', false, + N_("Ignored"), NULL); + ++ DEFINE_bool(warn_poison_system_directories, options::TWO_DASHES, '\0', false, ++ N_("Warn for -L options using system directories"), ++ N_("Do not warn for -L options using system directories")); ++ DEFINE_bool(error_poison_system_directories, options::TWO_DASHES, '\0', false, ++ N_("Give an error for -L options using system directories"), ++ NULL); ++ + DEFINE_bool(warn_search_mismatch, options::TWO_DASHES, '\0', true, + N_("Warn when skipping an incompatible library"), + N_("Don't warn when skipping an incompatible library")); +diff --git a/ld/config.in b/ld/config.in +index 26d55a00d47..ffad464783c 100644 +--- a/ld/config.in ++++ b/ld/config.in +@@ -43,6 +43,9 @@ + language is requested. */ + #undef ENABLE_NLS + ++/* Define to warn for use of native system library directories */ ++#undef ENABLE_POISON_SYSTEM_DIRECTORIES ++ + /* Additional extension a shared object might have. */ + #undef EXTRA_SHLIB_EXTENSION + +diff --git a/ld/configure b/ld/configure +index c197aaef3cb..882263aa43f 100755 +--- a/ld/configure ++++ b/ld/configure +@@ -829,6 +829,7 @@ with_lib_path + enable_targets + enable_64_bit_bfd + with_sysroot ++enable_poison_system_directories + enable_gold + enable_got + enable_compressed_debug_sections +@@ -1498,6 +1499,8 @@ Optional Features: + --enable-checking enable run-time checks + --enable-targets alternative target configurations + --enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes) ++ --enable-poison-system-directories ++ warn for use of native system library directories + --enable-gold[=ARG] build gold [ARG={default,yes,no}] + --enable-got=<type> GOT handling scheme (target, single, negative, + multigot) +@@ -15236,7 +15239,18 @@ else + fi + + ++# Check whether --enable-poison-system-directories was given. ++if test "${enable_poison_system_directories+set}" = set; then : ++ enableval=$enable_poison_system_directories; ++else ++ enable_poison_system_directories=no ++fi ++ ++if test "x${enable_poison_system_directories}" = "xyes"; then + ++$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h ++ ++fi + + # Check whether --enable-got was given. + if test "${enable_got+set}" = set; then : +diff --git a/ld/configure.ac b/ld/configure.ac +index 8ea97c43cd4..0f246db67d8 100644 +--- a/ld/configure.ac ++++ b/ld/configure.ac +@@ -106,6 +106,16 @@ AC_SUBST(use_sysroot) + AC_SUBST(TARGET_SYSTEM_ROOT) + AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE) + ++AC_ARG_ENABLE([poison-system-directories], ++ AS_HELP_STRING([--enable-poison-system-directories], ++ [warn for use of native system library directories]),, ++ [enable_poison_system_directories=no]) ++if test "x${enable_poison_system_directories}" = "xyes"; then ++ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES], ++ [1], ++ [Define to warn for use of native system library directories]) ++fi ++ + dnl Use --enable-gold to decide if this linker should be the default. + dnl "install_as_default" is set to false if gold is the default linker. + dnl "installed_linker" is the installed BFD linker name. +diff --git a/ld/ld.h b/ld/ld.h +index 35fafebfaed..4152278b8f4 100644 +--- a/ld/ld.h ++++ b/ld/ld.h +@@ -162,6 +162,13 @@ typedef struct + in the linker script. */ + bool force_group_allocation; + ++ /* If true warn for uses of system directories when cross linking. */ ++ bool warn_poison_system_directories; ++ ++ /* If true (default false) give an error for uses of system ++ directories when cross linking instead of a warning. */ ++ bool error_poison_system_directories; ++ + /* Big or little endian as set on command line. */ + enum endian_enum endian; + +diff --git a/ld/ld.texi b/ld/ld.texi +index dd8f571d4e4..0aee4a4e9f1 100644 +--- a/ld/ld.texi ++++ b/ld/ld.texi +@@ -2863,6 +2863,24 @@ string identifying the original linked file does not change. + + Passing @code{none} for @var{style} disables the setting from any + @code{--build-id} options earlier on the command line. ++ ++@kindex --warn-poison-system-directories ++@item --warn-poison-system-directories ++Warn for @option{-L} options using system directories such as ++@file{/usr/lib} when cross linking. This option is intended for use ++in environments that want to detect and reject incorrect link settings. ++ ++@kindex --no-warn-poison-system-directories ++@item --no-warn-poison-system-directories ++Do not warn for @option{-L} options using system directories such as ++@file{/usr/lib} when cross linking. This option is intended for use ++in chroot environments when such directories contain the correct ++libraries for the target system rather than the host. ++ ++@kindex --error-poison-system-directories ++@item --error-poison-system-directories ++Give an error instead of a warning for @option{-L} options using ++system directories when cross linking. + @end table + + @c man end +diff --git a/ld/ldfile.c b/ld/ldfile.c +index 9d0af06f1f6..f4a83acca93 100644 +--- a/ld/ldfile.c ++++ b/ld/ldfile.c +@@ -117,6 +117,26 @@ ldfile_add_library_path (const char *name, bool cmdline) + new_dirs->name = concat (ld_sysroot, name + strlen ("$SYSROOT"), (const char *) NULL); + else + new_dirs->name = xstrdup (name); ++ ++ if (command_line.warn_poison_system_directories ++ && (!strncmp (name, "/lib", 4) ++ /* TODO: This check is disabled for now due to a bunch of packages that ++ * use libtool and relink with -L/usr/lib paths (albeit after the right ++ * sysroot path). Once those are fixed we can enable. ++ * We also need to adjust it so it only rejects one or two levels deep. ++ * Gcc's internal paths also live below /usr/lib. ++ * http://crbug.com/488360 */ ++ /* || !strncmp (name, "/usr/lib", 8) */ ++ || !strncmp (name, "/usr/local/lib", 14) ++ || !strncmp (name, "/usr/X11R6/lib", 14))) ++ { ++ if (command_line.error_poison_system_directories) ++ einfo (_("%X%P: error: library search path \"%s\" is unsafe for " ++ "cross-compilation\n"), name); ++ else ++ einfo (_("%P: warning: library search path \"%s\" is unsafe for " ++ "cross-compilation\n"), name); ++ } + } + + /* Try to open a BFD for a lang_input_statement. */ +diff --git a/ld/ldlex.h b/ld/ldlex.h +index 9e8bf5fb835..3baed822a22 100644 +--- a/ld/ldlex.h ++++ b/ld/ldlex.h +@@ -148,6 +148,9 @@ enum option_values + OPTION_PRINT_OUTPUT_FORMAT, + OPTION_PRINT_SYSROOT, + OPTION_IGNORE_UNRESOLVED_SYMBOL, ++ OPTION_WARN_POISON_SYSTEM_DIRECTORIES, ++ OPTION_NO_WARN_POISON_SYSTEM_DIRECTORIES, ++ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES, + OPTION_PUSH_STATE, + OPTION_POP_STATE, + OPTION_DISABLE_MULTIPLE_DEFS_ABS, +diff --git a/ld/ldmain.c b/ld/ldmain.c +index 42660eb9a3c..c78009b760c 100644 +--- a/ld/ldmain.c ++++ b/ld/ldmain.c +@@ -321,6 +321,13 @@ main (int argc, char **argv) + command_line.warn_mismatch = true; + command_line.warn_search_mismatch = true; + command_line.check_section_addresses = -1; ++ command_line.warn_poison_system_directories = ++#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES ++ true; ++#else ++ false; ++#endif ++ command_line.error_poison_system_directories = false; + + /* We initialize DEMANGLING based on the environment variable + COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the +diff --git a/ld/lexsup.c b/ld/lexsup.c +index 00274c500d0..a19cce9967c 100644 +--- a/ld/lexsup.c ++++ b/ld/lexsup.c +@@ -566,6 +566,18 @@ static const struct ld_option ld_options[] = + OPTION_IGNORE_UNRESOLVED_SYMBOL}, + '\0', N_("SYMBOL"), + N_("Unresolved SYMBOL will not cause an error or warning"), TWO_DASHES }, ++ { {"warn-poison-system-directories", no_argument, NULL, ++ OPTION_WARN_POISON_SYSTEM_DIRECTORIES}, ++ '\0', NULL, N_("Warn for -L options using system directories"), ++ TWO_DASHES }, ++ { {"no-warn-poison-system-directories", no_argument, NULL, ++ OPTION_NO_WARN_POISON_SYSTEM_DIRECTORIES}, ++ '\0', NULL, N_("Do not warn for -L options using system directories"), ++ TWO_DASHES }, ++ { {"error-poison-system-directories", no_argument, NULL, ++ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES}, ++ '\0', NULL, N_("Give an error for -L options using system directories"), ++ TWO_DASHES }, + { {"push-state", no_argument, NULL, OPTION_PUSH_STATE}, + '\0', NULL, N_("Push state of flags governing input file handling"), + TWO_DASHES }, +@@ -1643,6 +1655,18 @@ parse_args (unsigned argc, char **argv) + } + break; + ++ case OPTION_WARN_POISON_SYSTEM_DIRECTORIES: ++ command_line.warn_poison_system_directories = true; ++ break; ++ ++ case OPTION_NO_WARN_POISON_SYSTEM_DIRECTORIES: ++ command_line.warn_poison_system_directories = false; ++ break; ++ ++ case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES: ++ command_line.error_poison_system_directories = true; ++ break; ++ + case OPTION_PUSH_STATE: + input_flags.pushed = xmemdup (&input_flags, + sizeof (input_flags), +-- +2.31.1 + |