299 lines
11 KiB
Diff
299 lines
11 KiB
Diff
|
From 4d8705ddb55897e8a74b617ab95736d520d9e1ea Mon Sep 17 00:00:00 2001
|
||
|
From: Romain Naour <romain.naour@gmail.com>
|
||
|
Date: Fri, 25 Dec 2015 11:45:38 +0100
|
||
|
Subject: [PATCH] poison-system-directories
|
||
|
|
||
|
Patch adapted to binutils 2.23.2 and extended to use
|
||
|
BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni.
|
||
|
|
||
|
[Waldemar: rebase on top of 2.39]
|
||
|
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
|
||
|
[Romain: rebase on top of 2.33.1]
|
||
|
Signed-off-by: Romain Naour <romain.naour@gmail.com>
|
||
|
[Gustavo: adapt to binutils 2.25]
|
||
|
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
||
|
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
|
||
|
|
||
|
Upstream-Status: Inappropriate [distribution: codesourcery]
|
||
|
|
||
|
Patch originally created by Mark Hatle, forward-ported to
|
||
|
binutils 2.21 by Scott Garman.
|
||
|
|
||
|
purpose: warn for uses of system directories when cross linking
|
||
|
|
||
|
Code Merged from Sourcery G++ binutils 2.19 - 4.4-277
|
||
|
|
||
|
2008-07-02 Joseph Myers <joseph@codesourcery.com>
|
||
|
|
||
|
ld/
|
||
|
* ld.h (args_type): Add error_poison_system_directories.
|
||
|
* ld.texinfo (--error-poison-system-directories): Document.
|
||
|
* ldfile.c (ldfile_add_library_path): Check
|
||
|
command_line.error_poison_system_directories.
|
||
|
* ldmain.c (main): Initialize
|
||
|
command_line.error_poison_system_directories.
|
||
|
* lexsup.c (enum option_values): Add
|
||
|
OPTION_ERROR_POISON_SYSTEM_DIRECTORIES.
|
||
|
(ld_options): Add --error-poison-system-directories.
|
||
|
(parse_args): Handle new option.
|
||
|
|
||
|
2007-06-13 Joseph Myers <joseph@codesourcery.com>
|
||
|
|
||
|
ld/
|
||
|
* config.in: Regenerate.
|
||
|
* ld.h (args_type): Add poison_system_directories.
|
||
|
* ld.texinfo (--no-poison-system-directories): Document.
|
||
|
* ldfile.c (ldfile_add_library_path): Check
|
||
|
command_line.poison_system_directories.
|
||
|
* ldmain.c (main): Initialize
|
||
|
command_line.poison_system_directories.
|
||
|
* lexsup.c (enum option_values): Add
|
||
|
OPTION_NO_POISON_SYSTEM_DIRECTORIES.
|
||
|
(ld_options): Add --no-poison-system-directories.
|
||
|
(parse_args): Handle new option.
|
||
|
|
||
|
2007-04-20 Joseph Myers <joseph@codesourcery.com>
|
||
|
|
||
|
Merge from Sourcery G++ binutils 2.17:
|
||
|
|
||
|
2007-03-20 Joseph Myers <joseph@codesourcery.com>
|
||
|
Based on patch by Mark Hatle <mark.hatle@windriver.com>.
|
||
|
ld/
|
||
|
* configure.ac (--enable-poison-system-directories): New option.
|
||
|
* configure, config.in: Regenerate.
|
||
|
* ldfile.c (ldfile_add_library_path): If
|
||
|
ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib,
|
||
|
/usr/lib, /usr/local/lib or /usr/X11R6/lib.
|
||
|
|
||
|
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
||
|
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
||
|
---
|
||
|
ld/config.in | 3 +++
|
||
|
ld/configure | 14 ++++++++++++++
|
||
|
ld/configure.ac | 10 ++++++++++
|
||
|
ld/ld.h | 8 ++++++++
|
||
|
ld/ld.texi | 12 ++++++++++++
|
||
|
ld/ldfile.c | 17 +++++++++++++++++
|
||
|
ld/ldlex.h | 2 ++
|
||
|
ld/ldmain.c | 2 ++
|
||
|
ld/lexsup.c | 21 +++++++++++++++++++++
|
||
|
9 files changed, 89 insertions(+)
|
||
|
|
||
|
diff -Nur binutils-2.39.orig/ld/config.in binutils-2.39/ld/config.in
|
||
|
--- binutils-2.39.orig/ld/config.in 2022-08-05 11:56:56.000000000 +0200
|
||
|
+++ binutils-2.39/ld/config.in 2022-08-11 13:00:55.310472243 +0200
|
||
|
@@ -55,6 +55,9 @@
|
||
|
language is requested. */
|
||
|
#undef ENABLE_NLS
|
||
|
|
||
|
+/* Define to warn for use of native system library directories */
|
||
|
+#undef ENABLE_POISON_SYSTEM_DIRECTORIES
|
||
|
+
|
||
|
/* Additional extension a shared object might have. */
|
||
|
#undef EXTRA_SHLIB_EXTENSION
|
||
|
|
||
|
diff -Nur binutils-2.39.orig/ld/configure binutils-2.39/ld/configure
|
||
|
--- binutils-2.39.orig/ld/configure 2022-08-05 11:56:54.000000000 +0200
|
||
|
+++ binutils-2.39/ld/configure 2022-08-11 13:00:55.370470806 +0200
|
||
|
@@ -836,6 +836,7 @@
|
||
|
enable_targets
|
||
|
enable_64_bit_bfd
|
||
|
with_sysroot
|
||
|
+enable_poison_system_directories
|
||
|
enable_gold
|
||
|
enable_got
|
||
|
enable_compressed_debug_sections
|
||
|
@@ -1514,6 +1515,8 @@
|
||
|
--enable-checking enable run-time checks
|
||
|
--enable-targets alternative target configurations
|
||
|
--enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes)
|
||
|
+ --enable-poison-system-directories
|
||
|
+ warn for use of native system library directories
|
||
|
--enable-gold[=ARG] build gold [ARG={default,yes,no}]
|
||
|
--enable-got=<type> GOT handling scheme (target, single, negative,
|
||
|
multigot)
|
||
|
@@ -15370,7 +15373,18 @@
|
||
|
fi
|
||
|
|
||
|
|
||
|
+# Check whether --enable-poison-system-directories was given.
|
||
|
+if test "${enable_poison_system_directories+set}" = set; then :
|
||
|
+ enableval=$enable_poison_system_directories;
|
||
|
+else
|
||
|
+ enable_poison_system_directories=no
|
||
|
+fi
|
||
|
+
|
||
|
+if test "x${enable_poison_system_directories}" = "xyes"; then
|
||
|
|
||
|
+$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
|
||
|
+
|
||
|
+fi
|
||
|
|
||
|
# Check whether --enable-got was given.
|
||
|
if test "${enable_got+set}" = set; then :
|
||
|
diff -Nur binutils-2.39.orig/ld/configure.ac binutils-2.39/ld/configure.ac
|
||
|
--- binutils-2.39.orig/ld/configure.ac 2022-07-08 11:46:48.000000000 +0200
|
||
|
+++ binutils-2.39/ld/configure.ac 2022-08-11 13:00:55.370470806 +0200
|
||
|
@@ -102,6 +102,16 @@
|
||
|
AC_SUBST(TARGET_SYSTEM_ROOT)
|
||
|
AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE)
|
||
|
|
||
|
+AC_ARG_ENABLE([poison-system-directories],
|
||
|
+ AS_HELP_STRING([--enable-poison-system-directories],
|
||
|
+ [warn for use of native system library directories]),,
|
||
|
+ [enable_poison_system_directories=no])
|
||
|
+if test "x${enable_poison_system_directories}" = "xyes"; then
|
||
|
+ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
|
||
|
+ [1],
|
||
|
+ [Define to warn for use of native system library directories])
|
||
|
+fi
|
||
|
+
|
||
|
dnl Use --enable-gold to decide if this linker should be the default.
|
||
|
dnl "install_as_default" is set to false if gold is the default linker.
|
||
|
dnl "installed_linker" is the installed BFD linker name.
|
||
|
diff -Nur binutils-2.39.orig/ld/ldfile.c binutils-2.39/ld/ldfile.c
|
||
|
--- binutils-2.39.orig/ld/ldfile.c 2022-07-08 11:46:48.000000000 +0200
|
||
|
+++ binutils-2.39/ld/ldfile.c 2022-08-11 13:00:55.394470231 +0200
|
||
|
@@ -117,6 +117,23 @@
|
||
|
new_dirs->name = concat (ld_sysroot, name + strlen ("$SYSROOT"), (const char *) NULL);
|
||
|
else
|
||
|
new_dirs->name = xstrdup (name);
|
||
|
+
|
||
|
+#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
|
||
|
+ if (command_line.poison_system_directories
|
||
|
+ && ((!strncmp (name, "/lib", 4))
|
||
|
+ || (!strncmp (name, "/usr/lib", 8))
|
||
|
+ || (!strncmp (name, "/usr/local/lib", 14))
|
||
|
+ || (!strncmp (name, "/usr/X11R6/lib", 14))))
|
||
|
+ {
|
||
|
+ if (command_line.error_poison_system_directories)
|
||
|
+ einfo (_("%X%P: error: library search path \"%s\" is unsafe for "
|
||
|
+ "cross-compilation\n"), name);
|
||
|
+ else
|
||
|
+ einfo (_("%P: warning: library search path \"%s\" is unsafe for "
|
||
|
+ "cross-compilation\n"), name);
|
||
|
+ }
|
||
|
+#endif
|
||
|
+
|
||
|
}
|
||
|
|
||
|
/* Try to open a BFD for a lang_input_statement. */
|
||
|
diff -Nur binutils-2.39.orig/ld/ld.h binutils-2.39/ld/ld.h
|
||
|
--- binutils-2.39.orig/ld/ld.h 2022-07-08 11:46:48.000000000 +0200
|
||
|
+++ binutils-2.39/ld/ld.h 2022-08-11 13:00:55.382470519 +0200
|
||
|
@@ -162,6 +162,14 @@
|
||
|
in the linker script. */
|
||
|
bool force_group_allocation;
|
||
|
|
||
|
+ /* If TRUE (the default) warn for uses of system directories when
|
||
|
+ cross linking. */
|
||
|
+ bool poison_system_directories;
|
||
|
+
|
||
|
+ /* If TRUE (default FALSE) give an error for uses of system
|
||
|
+ directories when cross linking instead of a warning. */
|
||
|
+ bool error_poison_system_directories;
|
||
|
+
|
||
|
/* Big or little endian as set on command line. */
|
||
|
enum endian_enum endian;
|
||
|
|
||
|
diff -Nur binutils-2.39.orig/ld/ldlex.h binutils-2.39/ld/ldlex.h
|
||
|
--- binutils-2.39.orig/ld/ldlex.h 2022-07-08 11:46:48.000000000 +0200
|
||
|
+++ binutils-2.39/ld/ldlex.h 2022-08-11 13:03:35.462636396 +0200
|
||
|
@@ -164,6 +164,8 @@
|
||
|
OPTION_CTF_VARIABLES,
|
||
|
OPTION_NO_CTF_VARIABLES,
|
||
|
OPTION_CTF_SHARE_TYPES,
|
||
|
+ OPTION_NO_POISON_SYSTEM_DIRECTORIES,
|
||
|
+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES,
|
||
|
OPTION_WARN_EXECSTACK,
|
||
|
OPTION_NO_WARN_EXECSTACK,
|
||
|
OPTION_WARN_RWX_SEGMENTS,
|
||
|
diff -Nur binutils-2.39.orig/ld/ldmain.c binutils-2.39/ld/ldmain.c
|
||
|
--- binutils-2.39.orig/ld/ldmain.c 2022-07-08 11:46:48.000000000 +0200
|
||
|
+++ binutils-2.39/ld/ldmain.c 2022-08-11 13:00:55.402470040 +0200
|
||
|
@@ -321,6 +321,8 @@
|
||
|
command_line.warn_mismatch = true;
|
||
|
command_line.warn_search_mismatch = true;
|
||
|
command_line.check_section_addresses = -1;
|
||
|
+ command_line.poison_system_directories = true;
|
||
|
+ command_line.error_poison_system_directories = false;
|
||
|
|
||
|
/* We initialize DEMANGLING based on the environment variable
|
||
|
COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the
|
||
|
diff -Nur binutils-2.39.orig/ld/ld.texi binutils-2.39/ld/ld.texi
|
||
|
--- binutils-2.39.orig/ld/ld.texi 2022-07-08 11:46:48.000000000 +0200
|
||
|
+++ binutils-2.39/ld/ld.texi 2022-08-11 13:02:44.627853889 +0200
|
||
|
@@ -2936,6 +2936,18 @@
|
||
|
Passing @code{none} for @var{style} disables the setting from any
|
||
|
@code{--build-id} options earlier on the command line.
|
||
|
|
||
|
+@kindex --no-poison-system-directories
|
||
|
+@item --no-poison-system-directories
|
||
|
+Do not warn for @option{-L} options using system directories such as
|
||
|
+@file{/usr/lib} when cross linking. This option is intended for use
|
||
|
+in chroot environments when such directories contain the correct
|
||
|
+libraries for the target system rather than the host.
|
||
|
+
|
||
|
+@kindex --error-poison-system-directories
|
||
|
+@item --error-poison-system-directories
|
||
|
+Give an error instead of a warning for @option{-L} options using
|
||
|
+system directories when cross linking.
|
||
|
+
|
||
|
@kindex --package-metadata=@var{JSON}
|
||
|
@item --package-metadata=@var{JSON}
|
||
|
Request the creation of a @code{.note.package} ELF note section. The
|
||
|
diff -Nur binutils-2.39.orig/ld/lexsup.c binutils-2.39/ld/lexsup.c
|
||
|
--- binutils-2.39.orig/ld/lexsup.c 2022-07-08 11:46:48.000000000 +0200
|
||
|
+++ binutils-2.39/ld/lexsup.c 2022-08-11 13:00:55.434469274 +0200
|
||
|
@@ -608,6 +608,14 @@
|
||
|
" <method> is: share-unconflicted (default),\n"
|
||
|
" share-duplicated"),
|
||
|
TWO_DASHES },
|
||
|
+ { {"no-poison-system-directories", no_argument, NULL,
|
||
|
+ OPTION_NO_POISON_SYSTEM_DIRECTORIES},
|
||
|
+ '\0', NULL, N_("Do not warn for -L options using system directories"),
|
||
|
+ TWO_DASHES },
|
||
|
+ { {"error-poison-system-directories", no_argument, NULL,
|
||
|
+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES},
|
||
|
+ '\0', NULL, N_("Give an error for -L options using system directories"),
|
||
|
+ TWO_DASHES },
|
||
|
};
|
||
|
|
||
|
#define OPTION_COUNT ARRAY_SIZE (ld_options)
|
||
|
@@ -620,6 +628,7 @@
|
||
|
int ingroup = 0;
|
||
|
char *default_dirlist = NULL;
|
||
|
char *shortopts;
|
||
|
+ char *BR_paranoid_env;
|
||
|
struct option *longopts;
|
||
|
struct option *really_longopts;
|
||
|
int last_optind;
|
||
|
@@ -1679,6 +1688,14 @@
|
||
|
}
|
||
|
break;
|
||
|
|
||
|
+ case OPTION_NO_POISON_SYSTEM_DIRECTORIES:
|
||
|
+ command_line.poison_system_directories = false;
|
||
|
+ break;
|
||
|
+
|
||
|
+ case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES:
|
||
|
+ command_line.error_poison_system_directories = true;
|
||
|
+ break;
|
||
|
+
|
||
|
case OPTION_PUSH_STATE:
|
||
|
input_flags.pushed = xmemdup (&input_flags,
|
||
|
sizeof (input_flags),
|
||
|
@@ -1824,6 +1841,10 @@
|
||
|
command_line.soname = NULL;
|
||
|
}
|
||
|
|
||
|
+ BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
|
||
|
+ if (BR_paranoid_env && strlen(BR_paranoid_env) > 0)
|
||
|
+ command_line.error_poison_system_directories = true;
|
||
|
+
|
||
|
while (ingroup)
|
||
|
{
|
||
|
einfo (_("%P: missing --end-group; added as last command line option\n"));
|
||
|
--
|
||
|
2.31.1
|