kumquat-buildroot/package/binutils/arc-2023.09-release/0001-poison-system-directories.patch
Alexey Brodkin 7f13171e9d package/binutils: re-add poison system directories patch to ARC binutils
While updating ARC GNU toolchain version (see [1]) we unintentionally
got rid of "0001-poison-system-directories.patch" which still makes
sense.

Even though one may think that we do not need these Binutils patches
because we do "poisoning" of system directories in toolchain wrapper,
but these wrappers don't exist for tools originated from Binutils, only
for gcc, g++ etc.

So we need to keep that patch still, sorry.

[1] https://git.buildroot.net/buildroot/commit/?id=045ab73702b8bc09f94ca1f3b8e5bf3acb0b0843

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-01-10 21:38:04 +01:00

310 lines
11 KiB
Diff

From a6d90a842e349545ceb27f022317618dd99378ce Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Fri, 25 Dec 2015 11:45:38 +0100
Subject: [PATCH] poison-system-directories
Patch adapted to binutils 2.23.2 and extended to use
BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni.
[Waldemar: rebase on top of 2.39]
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Romain: rebase on top of 2.33.1]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[Gustavo: adapt to binutils 2.25]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Upstream-Status: Inappropriate [distribution: codesourcery]
Upstream: N/A [Buildroot specific]
Patch originally created by Mark Hatle, forward-ported to
binutils 2.21 by Scott Garman.
purpose: warn for uses of system directories when cross linking
Code Merged from Sourcery G++ binutils 2.19 - 4.4-277
2008-07-02 Joseph Myers <joseph@codesourcery.com>
ld/
* ld.h (args_type): Add error_poison_system_directories.
* ld.texinfo (--error-poison-system-directories): Document.
* ldfile.c (ldfile_add_library_path): Check
command_line.error_poison_system_directories.
* ldmain.c (main): Initialize
command_line.error_poison_system_directories.
* lexsup.c (enum option_values): Add
OPTION_ERROR_POISON_SYSTEM_DIRECTORIES.
(ld_options): Add --error-poison-system-directories.
(parse_args): Handle new option.
2007-06-13 Joseph Myers <joseph@codesourcery.com>
ld/
* config.in: Regenerate.
* ld.h (args_type): Add poison_system_directories.
* ld.texinfo (--no-poison-system-directories): Document.
* ldfile.c (ldfile_add_library_path): Check
command_line.poison_system_directories.
* ldmain.c (main): Initialize
command_line.poison_system_directories.
* lexsup.c (enum option_values): Add
OPTION_NO_POISON_SYSTEM_DIRECTORIES.
(ld_options): Add --no-poison-system-directories.
(parse_args): Handle new option.
2007-04-20 Joseph Myers <joseph@codesourcery.com>
Merge from Sourcery G++ binutils 2.17:
2007-03-20 Joseph Myers <joseph@codesourcery.com>
Based on patch by Mark Hatle <mark.hatle@windriver.com>.
ld/
* configure.ac (--enable-poison-system-directories): New option.
* configure, config.in: Regenerate.
* ldfile.c (ldfile_add_library_path): If
ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib,
/usr/lib, /usr/local/lib or /usr/X11R6/lib.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
---
ld/config.in | 3 +++
ld/configure | 14 ++++++++++++++
ld/configure.ac | 10 ++++++++++
ld/ld.h | 8 ++++++++
ld/ld.texi | 12 ++++++++++++
ld/ldfile.c | 17 +++++++++++++++++
ld/ldlex.h | 2 ++
ld/ldmain.c | 2 ++
ld/lexsup.c | 21 +++++++++++++++++++++
9 files changed, 89 insertions(+)
diff --git a/ld/config.in b/ld/config.in
index ad0dc6a106c..d21edaddce7 100644
--- a/ld/config.in
+++ b/ld/config.in
@@ -58,6 +58,9 @@
language is requested. */
#undef ENABLE_NLS
+/* Define to warn for use of native system library directories */
+#undef ENABLE_POISON_SYSTEM_DIRECTORIES
+
/* Additional extension a shared object might have. */
#undef EXTRA_SHLIB_EXTENSION
diff --git a/ld/configure b/ld/configure
index 43b44be1dc6..28f054ea3f8 100755
--- a/ld/configure
+++ b/ld/configure
@@ -839,6 +839,7 @@ with_lib_path
enable_targets
enable_64_bit_bfd
with_sysroot
+enable_poison_system_directories
enable_gold
enable_got
enable_compressed_debug_sections
@@ -1521,6 +1522,8 @@ Optional Features:
--enable-checking enable run-time checks
--enable-targets alternative target configurations
--enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes)
+ --enable-poison-system-directories
+ warn for use of native system library directories
--enable-gold[=ARG] build gold [ARG={default,yes,no}]
--enable-got=<type> GOT handling scheme (target, single, negative,
multigot)
@@ -15504,7 +15507,18 @@ else
fi
+# Check whether --enable-poison-system-directories was given.
+if test "${enable_poison_system_directories+set}" = set; then :
+ enableval=$enable_poison_system_directories;
+else
+ enable_poison_system_directories=no
+fi
+
+if test "x${enable_poison_system_directories}" = "xyes"; then
+$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
+
+fi
# Check whether --enable-got was given.
if test "${enable_got+set}" = set; then :
diff --git a/ld/configure.ac b/ld/configure.ac
index 77edac3258c..a74dac63038 100644
--- a/ld/configure.ac
+++ b/ld/configure.ac
@@ -103,6 +103,16 @@ AC_SUBST(use_sysroot)
AC_SUBST(TARGET_SYSTEM_ROOT)
AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE)
+AC_ARG_ENABLE([poison-system-directories],
+ AS_HELP_STRING([--enable-poison-system-directories],
+ [warn for use of native system library directories]),,
+ [enable_poison_system_directories=no])
+if test "x${enable_poison_system_directories}" = "xyes"; then
+ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
+ [1],
+ [Define to warn for use of native system library directories])
+fi
+
dnl Use --enable-gold to decide if this linker should be the default.
dnl "install_as_default" is set to false if gold is the default linker.
dnl "installed_linker" is the installed BFD linker name.
diff --git a/ld/ld.h b/ld/ld.h
index 05649ff61b8..1818c227473 100644
--- a/ld/ld.h
+++ b/ld/ld.h
@@ -163,6 +163,14 @@ typedef struct
in the linker script. */
bool force_group_allocation;
+ /* If TRUE (the default) warn for uses of system directories when
+ cross linking. */
+ bool poison_system_directories;
+
+ /* If TRUE (default FALSE) give an error for uses of system
+ directories when cross linking instead of a warning. */
+ bool error_poison_system_directories;
+
/* Big or little endian as set on command line. */
enum endian_enum endian;
diff --git a/ld/ld.texi b/ld/ld.texi
index db3a9f09b45..9dacc934f80 100644
--- a/ld/ld.texi
+++ b/ld/ld.texi
@@ -2949,6 +2949,18 @@ string identifying the original linked file does not change.
Passing @code{none} for @var{style} disables the setting from any
@code{--build-id} options earlier on the command line.
+@kindex --no-poison-system-directories
+@item --no-poison-system-directories
+Do not warn for @option{-L} options using system directories such as
+@file{/usr/lib} when cross linking. This option is intended for use
+in chroot environments when such directories contain the correct
+libraries for the target system rather than the host.
+
+@kindex --error-poison-system-directories
+@item --error-poison-system-directories
+Give an error instead of a warning for @option{-L} options using
+system directories when cross linking.
+
@kindex --package-metadata=@var{JSON}
@item --package-metadata=@var{JSON}
Request the creation of a @code{.note.package} ELF note section. The
diff --git a/ld/ldfile.c b/ld/ldfile.c
index b8fd4e5d8e0..1f1d8e23bc9 100644
--- a/ld/ldfile.c
+++ b/ld/ldfile.c
@@ -117,6 +117,23 @@ ldfile_add_library_path (const char *name, bool cmdline)
new_dirs->name = concat (ld_sysroot, name + strlen ("$SYSROOT"), (const char *) NULL);
else
new_dirs->name = xstrdup (name);
+
+#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
+ if (command_line.poison_system_directories
+ && ((!strncmp (name, "/lib", 4))
+ || (!strncmp (name, "/usr/lib", 8))
+ || (!strncmp (name, "/usr/local/lib", 14))
+ || (!strncmp (name, "/usr/X11R6/lib", 14))))
+ {
+ if (command_line.error_poison_system_directories)
+ einfo (_("%X%P: error: library search path \"%s\" is unsafe for "
+ "cross-compilation\n"), name);
+ else
+ einfo (_("%P: warning: library search path \"%s\" is unsafe for "
+ "cross-compilation\n"), name);
+ }
+#endif
+
}
/* Try to open a BFD for a lang_input_statement. */
diff --git a/ld/ldlex.h b/ld/ldlex.h
index 0538f0a06a1..d1de3aec23d 100644
--- a/ld/ldlex.h
+++ b/ld/ldlex.h
@@ -166,6 +166,8 @@ enum option_values
OPTION_CTF_VARIABLES,
OPTION_NO_CTF_VARIABLES,
OPTION_CTF_SHARE_TYPES,
+ OPTION_NO_POISON_SYSTEM_DIRECTORIES,
+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES,
OPTION_WARN_EXECSTACK,
OPTION_NO_WARN_EXECSTACK,
OPTION_WARN_RWX_SEGMENTS,
diff --git a/ld/ldmain.c b/ld/ldmain.c
index 9290a189b0d..e2e3074e872 100644
--- a/ld/ldmain.c
+++ b/ld/ldmain.c
@@ -321,6 +321,8 @@ main (int argc, char **argv)
command_line.warn_mismatch = true;
command_line.warn_search_mismatch = true;
command_line.check_section_addresses = -1;
+ command_line.poison_system_directories = true;
+ command_line.error_poison_system_directories = false;
/* We initialize DEMANGLING based on the environment variable
COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the
diff --git a/ld/lexsup.c b/ld/lexsup.c
index c5960385572..da0a7829914 100644
--- a/ld/lexsup.c
+++ b/ld/lexsup.c
@@ -613,6 +613,14 @@ static const struct ld_option ld_options[] =
" <method> is: share-unconflicted (default),\n"
" share-duplicated"),
TWO_DASHES },
+ { {"no-poison-system-directories", no_argument, NULL,
+ OPTION_NO_POISON_SYSTEM_DIRECTORIES},
+ '\0', NULL, N_("Do not warn for -L options using system directories"),
+ TWO_DASHES },
+ { {"error-poison-system-directories", no_argument, NULL,
+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES},
+ '\0', NULL, N_("Give an error for -L options using system directories"),
+ TWO_DASHES },
};
#define OPTION_COUNT ARRAY_SIZE (ld_options)
@@ -625,6 +633,7 @@ parse_args (unsigned argc, char **argv)
int ingroup = 0;
char *default_dirlist = NULL;
char *shortopts;
+ char *BR_paranoid_env;
struct option *longopts;
struct option *really_longopts;
int last_optind;
@@ -1692,6 +1701,14 @@ parse_args (unsigned argc, char **argv)
}
break;
+ case OPTION_NO_POISON_SYSTEM_DIRECTORIES:
+ command_line.poison_system_directories = false;
+ break;
+
+ case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES:
+ command_line.error_poison_system_directories = true;
+ break;
+
case OPTION_PUSH_STATE:
input_flags.pushed = xmemdup (&input_flags,
sizeof (input_flags),
@@ -1837,6 +1854,10 @@ parse_args (unsigned argc, char **argv)
command_line.soname = NULL;
}
+ BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
+ if (BR_paranoid_env && strlen(BR_paranoid_env) > 0)
+ command_line.error_poison_system_directories = true;
+
while (ingroup)
{
einfo (_("%P: missing --end-group; added as last command line option\n"));
--
2.40.1