vapier 16/07/04 05:57:52 Added: 00_all_0001-Add-mips-and-s390-build-targets-for-gold.patch 00_all_0002-ld-Add-a-linker-configure-option-enable-relro.patch 00_all_0003-ld-tests-make-address-matches-more-flexible.patch 00_all_0004-ld-always-warn-about-textrels-in-files.patch 00_all_0005-gold-ld-add-support-for-poisoned-system-directories.patch 00_all_0006-ld-enable-new-dtags-by-default-for-linux-gnu-targets.patch 00_all_0007-gold-ld-enable-gnu-hash-by-default.patch 00_all_0008-libiberty-install-PIC-version-of-libiberty.a.patch README.history Log: initial 2.26.1 patchset based on last 2.25.1 patchset (and on new git branch)
Revision Changes Path 1.1 src/patchsets/binutils/2.26.1/00_all_0001-Add-mips-and-s390-build-targets-for-gold.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0001-Add-mips-and-s390-build-targets-for-gold.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0001-Add-mips-and-s390-build-targets-for-gold.patch?rev=1.1&content-type=text/plain Index: 00_all_0001-Add-mips-and-s390-build-targets-for-gold.patch =================================================================== >From 8f711d3426e1157e8faa83b3d7e6f4c0ad8bb440 Mon Sep 17 00:00:00 2001 From: Cary Coutant <ccout...@gmail.com> Date: Thu, 17 Mar 2016 15:37:10 -0700 Subject: [PATCH] Add mips and s390 build targets for gold. * configure.ac: Add mips and s390 to the gold target check. * configure: Regenerate. (cherry picked from commit ea01647092eefeca9336b36809962ff097306b41) --- configure | 2 +- configure.ac | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 4977d97e770b..606385461e44 100644 --- a/configure.ac +++ b/configure.ac @@ -351,7 +351,7 @@ case "${ENABLE_GOLD}" in # Check for target supported by gold. case "${target}" in i?86-*-* | x86_64-*-* | sparc*-*-* | powerpc*-*-* | arm*-*-* \ - | aarch64*-*-* | tilegx*-*-*) + | aarch64*-*-* | tilegx*-*-* | mips*-*-* | s390*-*-*) configdirs="$configdirs gold" if test x${ENABLE_GOLD} = xdefault; then default_ld=gold diff --git a/configure b/configure index 34b66f7ea123..09b01f1769bb 100755 --- a/configure +++ b/configure @@ -2972,7 +2972,7 @@ case "${ENABLE_GOLD}" in # Check for target supported by gold. case "${target}" in i?86-*-* | x86_64-*-* | sparc*-*-* | powerpc*-*-* | arm*-*-* \ - | aarch64*-*-* | tilegx*-*-*) + | aarch64*-*-* | tilegx*-*-* | mips*-*-* | s390*-*-*) configdirs="$configdirs gold" if test x${ENABLE_GOLD} = xdefault; then default_ld=gold -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/00_all_0002-ld-Add-a-linker-configure-option-enable-relro.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0002-ld-Add-a-linker-configure-option-enable-relro.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0002-ld-Add-a-linker-configure-option-enable-relro.patch?rev=1.1&content-type=text/plain Index: 00_all_0002-ld-Add-a-linker-configure-option-enable-relro.patch =================================================================== >From 68ead870a7388dd4833ea22135ca50e5f82d4ca5 Mon Sep 17 00:00:00 2001 From: "H.J. Lu" <hjl.to...@gmail.com> Date: Wed, 22 Jun 2016 05:37:24 -0700 Subject: [PATCH] ld: Add a linker configure option --enable-relro Add a configure option --enable-relro to decide whether -z relro should be enabled in ELF linker by default. Default to yes for all Linux targets, except FRV, HPPA, IA64 and MIPS, since many relro tests fail on these targets. PR ld/20283 * NEWS: Mention --enable-relro. * configure.ac: Add --enable-relro. (DEFAULT_LD_Z_RELRO): New. Set by --enable-relro. * configure.tgt (ac_default_ld_z_relro): Default it to 1 for some Linux targets. * config.in: Regenerated. * configure: Likewise. * emultempl/elf32.em (gld${EMULATION_NAME}_before_parse): Set link_info.relro to DEFAULT_LD_Z_RELRO. * testsuite/config/default.exp (ld_elf_shared_opt): New. * testsuite/lib/ld-lib.exp (run_dump_test): Pass $ld_elf_shared_opt to ld for ELF targets with shared object support. (run_ld_link_tests): Likewise. (cherry picked from commit 647e4d46495f2bfb0950fd1066c8a660173cca40) --- ld/config.in | 3 +++ ld/configure | 22 ++++++++++++++++++++++ ld/configure.ac | 18 ++++++++++++++++++ ld/configure.tgt | 25 +++++++++++++++++++++++++ ld/emultempl/elf32.em | 1 + ld/testsuite/config/default.exp | 3 +++ ld/testsuite/lib/ld-lib.exp | 18 ++++++++++++++++-- 7 files changed, 88 insertions(+), 2 deletions(-) diff --git a/ld/configure.ac b/ld/configure.ac index e28f38ee3a5e..39ea2c868700 100644 --- a/ld/configure.ac +++ b/ld/configure.ac @@ -155,6 +155,17 @@ AC_ARG_ENABLE(compressed_debug_sections, ,no, | ,none,) ac_default_compressed_debug_sections=no ;; esac])dnl +# Decide if -z relro should be enabled in ELF linker by default. +ac_default_ld_z_relro=unset +# Provide a configure time option to override our default. +AC_ARG_ENABLE(relro, + AS_HELP_STRING([--enable-relro], + [enable -z relro in ELF linker by default]), +[case "${enableval}" in + yes) ac_default_ld_z_relro=1 ;; + no) ac_default_ld_z_relro=0 ;; +esac])dnl + AM_BINUTILS_WARNINGS AM_LC_MESSAGES @@ -388,6 +399,13 @@ if test x$ac_default_compressed_debug_sections = xyes ; then AC_DEFINE(DEFAULT_FLAG_COMPRESS_DEBUG, 1, [Define if you want compressed debug sections by default.]) fi +if test "${ac_default_ld_z_relro}" = unset; then + ac_default_ld_z_relro=0 +fi +AC_DEFINE_UNQUOTED(DEFAULT_LD_Z_RELRO, + $ac_default_ld_z_relro, + [Define to 1 if you want to enable -z relro in ELF linker by default.]) + AC_SUBST(elf_list_options) AC_SUBST(elf_shlib_list_options) AC_SUBST(elf_plt_unwind_list_options) diff --git a/ld/config.in b/ld/config.in index 276fb776da0e..2c6d698b6ce1 100644 --- a/ld/config.in +++ b/ld/config.in @@ -10,6 +10,9 @@ /* Define if you want compressed debug sections by default. */ #undef DEFAULT_FLAG_COMPRESS_DEBUG +/* Define to 1 if you want to enable -z relro in ELF linker by default. */ +#undef DEFAULT_LD_Z_RELRO + /* Define to 1 if translation of program messages to the user's native language is requested. */ #undef ENABLE_NLS diff --git a/ld/configure b/ld/configure index e1216616b795..a4c3350a4e45 100755 --- a/ld/configure +++ b/ld/configure @@ -789,6 +789,7 @@ with_sysroot enable_gold enable_got enable_compressed_debug_sections +enable_relro enable_werror enable_build_warnings enable_nls @@ -1447,6 +1448,7 @@ Optional Features: multigot) --enable-compressed-debug-sections={all,ld,none} compress debug sections by default] + --enable-relro enable -z relro in ELF linker by default --enable-werror treat compile warnings as errors --enable-build-warnings enable build-time compiler warnings --disable-nls do not use Native Language Support @@ -15536,6 +15538,17 @@ if test "${enable_compressed_debug_sections+set}" = set; then : esac fi +# Decide if -z relro should be enabled in ELF linker by default. +ac_default_ld_z_relro=unset +# Provide a configure time option to override our default. +# Check whether --enable-relro was given. +if test "${enable_relro+set}" = set; then : + enableval=$enable_relro; case "${enableval}" in + yes) ac_default_ld_z_relro=1 ;; + no) ac_default_ld_z_relro=0 ;; +esac +fi + # Set the 'development' global. . $srcdir/../bfd/development.sh @@ -17140,6 +17153,15 @@ $as_echo "#define DEFAULT_FLAG_COMPRESS_DEBUG 1" >>confdefs.h fi +if test "${ac_default_ld_z_relro}" = unset; then + ac_default_ld_z_relro=0 +fi + +cat >>confdefs.h <<_ACEOF +#define DEFAULT_LD_Z_RELRO $ac_default_ld_z_relro +_ACEOF + + diff --git a/ld/configure.tgt b/ld/configure.tgt index 6b6bbf25771e..ad24b507f738 100644 --- a/ld/configure.tgt +++ b/ld/configure.tgt @@ -876,3 +876,28 @@ alpha*-*-*) ;; esac + +case "${target}" in +frv-*-* | hppa*-*-* | ia64-*-* | mips*-*-*) + # Don't enable -z relro by default since many relro tests fail on these + # targets: + # FAIL: strip -z relro (relro1) + # FAIL: strip -z relro -shared (relro1) + # FAIL: objcopy -z relro (relro1) + # FAIL: objcopy -z relro -shared (relro1) + # FAIL: objcopy -z relro (tdata1) + # FAIL: objcopy -shared -z relro (tdata1) + # FAIL: objcopy -z relro (tdata2) + # FAIL: objcopy -shared -z relro (tdata2) + # FAIL: objcopy -z relro (tdata3) + # FAIL: objcopy -shared -z relro (tdata3) + # FAIL: objcopy -shared -z relro (tbss1) + # FAIL: objcopy -shared -z relro (tbss2) + # FAIL: objcopy -shared -z relro (tbss3) + ;; +*-*-linux*) + if test ${ac_default_ld_z_relro} = unset; then + ac_default_ld_z_relro=1 + fi + ;; +esac diff --git a/ld/emultempl/elf32.em b/ld/emultempl/elf32.em index 809b27c8bf7f..69a67b0e1f36 100644 --- a/ld/emultempl/elf32.em +++ b/ld/emultempl/elf32.em @@ -104,6 +104,7 @@ gld${EMULATION_NAME}_before_parse (void) config.has_shared = `if test -n "$GENERATE_SHLIB_SCRIPT" ; then echo TRUE ; else echo FALSE ; fi`; config.separate_code = `if test "x${SEPARATE_CODE}" = xyes ; then echo TRUE ; else echo FALSE ; fi`; `if test -n "$CALL_NOP_BYTE" ; then echo link_info.call_nop_byte = $CALL_NOP_BYTE; fi`; + link_info.relro = DEFAULT_LD_Z_RELRO; } EOF diff --git a/ld/testsuite/config/default.exp b/ld/testsuite/config/default.exp index 310a3b21ba85..686dfb1b5dff 100644 --- a/ld/testsuite/config/default.exp +++ b/ld/testsuite/config/default.exp @@ -76,6 +76,9 @@ if {[file exists tmpdir/libpath.exp]} { } } +# Many ELF testcases expect that "-z relro" is off. +set ld_elf_shared_opt "-z norelro" + # The "make check" target in the Makefile passes in # "CC=$(CC_FOR_TARGET)". But, if the user invokes runtest directly # (as when testing an installed linker), these flags may not be set. diff --git a/ld/testsuite/lib/ld-lib.exp b/ld/testsuite/lib/ld-lib.exp index 364c6facba89..d1391da04883 100644 --- a/ld/testsuite/lib/ld-lib.exp +++ b/ld/testsuite/lib/ld-lib.exp @@ -588,6 +588,13 @@ proc run_dump_test { name {extra_options {}} } { global OBJDUMPFLAGS NMFLAGS ASFLAGS OBJCOPYFLAGS READELFFLAGS LDFLAGS global host_triplet runtests global env verbose + global ld_elf_shared_opt + + if { [is_elf_format] && [check_shared_lib_support] } { + set ld_extra_opt "$ld_elf_shared_opt" + } else { + set ld_extra_opt "" + } if [string match "*/*" $name] { set file $name @@ -910,7 +917,7 @@ proc run_dump_test { name {extra_options {}} } { # Add -L$srcdir/$subdir so that the linker command can use # linker scripts in the source directory. - set cmd "$LD $LDFLAGS -L$srcdir/$subdir \ + set cmd "$LD $ld_extra_opt $LDFLAGS -L$srcdir/$subdir \ $opts(ld) -o $objfile $objfiles $opts(ld_after_inputfiles)" # If needed then check for, or add a -Map option. @@ -1164,6 +1171,13 @@ proc run_ld_link_tests { ldtests } { global CFLAGS global runtests global exec_output + global ld_elf_shared_opt + + if { [is_elf_format] && [check_shared_lib_support] } { + set ld_extra_opt "$ld_elf_shared_opt" + } else { + set ld_extra_opt "" + } foreach testitem $ldtests { set testname [lindex $testitem 0] @@ -1226,7 +1240,7 @@ proc run_ld_link_tests { ldtests } { if { ![ar_simple_create $ar $ld_options $binfile "$objfiles $ld_after"] } { set failed 1 } - } elseif { ![ld_simple_link $ld $binfile "-L$srcdir/$subdir $ld_options $objfiles $ld_after"] } { + } elseif { ![ld_simple_link $ld $binfile "$ld_extra_opt -L$srcdir/$subdir $ld_options $objfiles $ld_after"] } { set maybe_failed 1 set ld_output "$exec_output" } -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/00_all_0003-ld-tests-make-address-matches-more-flexible.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0003-ld-tests-make-address-matches-more-flexible.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0003-ld-tests-make-address-matches-more-flexible.patch?rev=1.1&content-type=text/plain Index: 00_all_0003-ld-tests-make-address-matches-more-flexible.patch =================================================================== >From 2a2578b4787d734c0fd638ba422f98b6851b3d90 Mon Sep 17 00:00:00 2001 From: Mike Frysinger <vap...@gentoo.org> Date: Sun, 7 Mar 2010 20:11:55 -0500 Subject: [PATCH] ld: tests: make address matches more flexible Make some of the address matches more flexible fixes tests when using pax/relro/hash patches. These addresses are not important to making sure the test passes/fails. --- ld/testsuite/ld-ifunc/ifunc-2-local-x86-64.d | 4 ++-- ld/testsuite/ld-ifunc/ifunc-2-x86-64.d | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ld/testsuite/ld-ifunc/ifunc-2-local-x86-64.d b/ld/testsuite/ld-ifunc/ifunc-2-local-x86-64.d index f72359d8dc8a..e29323ed84c8 100644 --- a/ld/testsuite/ld-ifunc/ifunc-2-local-x86-64.d +++ b/ld/testsuite/ld-ifunc/ifunc-2-local-x86-64.d @@ -4,6 +4,6 @@ #target: x86_64-*-* #... -[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> -[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> +[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> +[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> #pass diff --git a/ld/testsuite/ld-ifunc/ifunc-2-x86-64.d b/ld/testsuite/ld-ifunc/ifunc-2-x86-64.d index f72359d8dc8a..e29323ed84c8 100644 --- a/ld/testsuite/ld-ifunc/ifunc-2-x86-64.d +++ b/ld/testsuite/ld-ifunc/ifunc-2-x86-64.d @@ -4,6 +4,6 @@ #target: x86_64-*-* #... -[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> -[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> +[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> +[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> #pass -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/00_all_0004-ld-always-warn-about-textrels-in-files.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0004-ld-always-warn-about-textrels-in-files.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0004-ld-always-warn-about-textrels-in-files.patch?rev=1.1&content-type=text/plain Index: 00_all_0004-ld-always-warn-about-textrels-in-files.patch =================================================================== >From 0e182c6ffe388f97f7448674a1baf28b7c93abc8 Mon Sep 17 00:00:00 2001 From: Mike Frysinger <vap...@gentoo.org> Date: Mon, 16 May 2005 22:10:19 -0400 Subject: [PATCH] ld: always warn about textrels in files textrels are bad for forcing copy-on-write (this affects everyone), and for security/runtime code generation, this affects security ppl. But in either case, it doesn't matter who needs textrels, it's the very fact that they're needed at all. --- ld/ldmain.c | 1 + ld/testsuite/lib/ld-lib.exp | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/ld/ldmain.c b/ld/ldmain.c index bb0b9ccb2f44..ca34975ff28b 100644 --- a/ld/ldmain.c +++ b/ld/ldmain.c @@ -280,6 +280,7 @@ main (int argc, char **argv) link_info.extern_protected_data = -1; link_info.pei386_auto_import = -1; link_info.spare_dynamic_tags = 5; + link_info.warn_shared_textrel = TRUE; link_info.path_separator = ':'; #ifdef DEFAULT_FLAG_COMPRESS_DEBUG link_info.compress_debug = COMPRESS_DEBUG_GABI_ZLIB; diff --git a/ld/testsuite/lib/ld-lib.exp b/ld/testsuite/lib/ld-lib.exp index d1391da04883..fab98909ad36 100644 --- a/ld/testsuite/lib/ld-lib.exp +++ b/ld/testsuite/lib/ld-lib.exp @@ -246,6 +246,10 @@ proc default_ld_simple_link { ld target objects } { # symbol, since the default linker script might use ENTRY. regsub -all "(^|\n)(\[^\n\]*: warning: cannot find entry symbol\[^\n\]*\n?)" $exec_output "\\1" exec_output + # Gentoo tweak: + # We want to ignore TEXTREL warnings since we force enable them by default + regsub -all "^lt-ld-new: warning: creating a DT_TEXTREL in object\." $exec_output "\\1" exec_output + return [string match "" $exec_output] } -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/00_all_0005-gold-ld-add-support-for-poisoned-system-directories.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0005-gold-ld-add-support-for-poisoned-system-directories.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0005-gold-ld-add-support-for-poisoned-system-directories.patch?rev=1.1&content-type=text/plain Index: 00_all_0005-gold-ld-add-support-for-poisoned-system-directories.patch =================================================================== >From 91a74546327189c6329ebce2efe067d1f47bee54 Mon Sep 17 00:00:00 2001 From: Mike Frysinger <vap...@gentoo.org> Date: Mon, 25 May 2015 04:42:58 -0400 Subject: [PATCH] gold/ld: add support for poisoned system directories This is based on the old CodeSourcery patch written by Joseph Myers to add support to the link for detecting & rejecting bad -L paths when using a cross-compiler. The differences here: * The command line flags are always available. * We can turn on & off the warning via the command line. * The configure option controls the default warning behavior. * Add support for gold. It is not currently upstream, nor has it been submitted at all. There are no plans to do so currently either. BUG=chromium:488360 TEST=`cbuildbot chromiumos-sdk` passes # tests arm/amd64/mipsel/x86 TEST=`cbuildbot panther_moblab-full whirlwind-release` pass TEST=`cbuildbot {x32,arm64}-generic-full` has no new failures TEST=x86_64-cros-linux-gnu-ld throws warnings when using -L/lib (gold & bfd) Reviewed-on: https://chromium-review.googlesource.com/272083 --- gold/options.cc | 33 +++++++++++++++++++++++++++++++++ gold/options.h | 7 +++++++ ld/config.in | 3 +++ ld/configure | 14 ++++++++++++++ ld/configure.ac | 10 ++++++++++ ld/ld.h | 7 +++++++ ld/ld.texinfo | 18 ++++++++++++++++++ ld/ldfile.c | 20 ++++++++++++++++++++ ld/ldlex.h | 3 +++ ld/ldmain.c | 7 +++++++ ld/lexsup.c | 24 ++++++++++++++++++++++++ 11 files changed, 146 insertions(+) diff --git a/gold/options.cc b/gold/options.cc index c42623f01969..276a6465b3ca 100644 --- a/gold/options.cc +++ b/gold/options.cc @@ -1222,6 +1222,39 @@ General_options::finalize() // in the path, as appropriate. this->add_sysroot(); + // Now check if library_path is poisoned. + if (this->warn_poison_system_directories()) + { + std::vector<std::string> bad_paths; + + bad_paths.push_back("/lib"); + // TODO: This check is disabled for now due to a bunch of packages that + // use libtool and relink with -L/usr/lib paths (albeit after the right + // sysroot path). Once those are fixed we can enable. + // We also need to adjust it so it only rejects one or two levels deep. + // Gcc's internal paths also live below /usr/lib. + // http://crbug.com/488360 + // bad_paths.push_back("/usr/lib"); + bad_paths.push_back("/usr/local/lib"); + bad_paths.push_back("/usr/X11R6/lib"); + + for (std::vector<std::string>::const_iterator b = bad_paths.begin(); + b != bad_paths.end(); + ++b) + for (Dir_list::iterator p = this->library_path_.value.begin(); + p != this->library_path_.value.end(); + ++p) + if (!p->name().compare(0, b->size(), *b)) + { + if (this->error_poison_system_directories()) + gold_fatal(_("library search path \"%s\" is unsafe for " + "cross-compilation"), p->name().c_str()); + else + gold_warning(_("library search path \"%s\" is unsafe for " + "cross-compilation"), p->name().c_str()); + } + } + // Now that we've normalized the options, check for contradictory ones. if (this->shared() && this->is_static()) gold_fatal(_("-shared and -static are incompatible")); diff --git a/gold/options.h b/gold/options.h index ffc44e6d7525..5d820f29fa91 100644 --- a/gold/options.h +++ b/gold/options.h @@ -1219,6 +1219,13 @@ class General_options DEFINE_bool(warn_multiple_gp, options::TWO_DASHES, '\0', false, N_("Ignored"), NULL); + DEFINE_bool(warn_poison_system_directories, options::TWO_DASHES, '\0', false, + N_("Warn for -L options using system directories"), + N_("Do not warn for -L options using system directories")); + DEFINE_bool(error_poison_system_directories, options::TWO_DASHES, '\0', false, + N_("Give an error for -L options using system directories"), + NULL); + DEFINE_bool(warn_search_mismatch, options::TWO_DASHES, '\0', true, N_("Warn when skipping an incompatible library"), N_("Don't warn when skipping an incompatible library")); diff --git a/ld/configure.ac b/ld/configure.ac index 39ea2c868700..1ea1e11324c2 100644 --- a/ld/configure.ac +++ b/ld/configure.ac @@ -95,6 +95,16 @@ AC_SUBST(use_sysroot) AC_SUBST(TARGET_SYSTEM_ROOT) AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE) +AC_ARG_ENABLE([poison-system-directories], + AS_HELP_STRING([--enable-poison-system-directories], + [warn for use of native system library directories]),, + [enable_poison_system_directories=no]) +if test "x${enable_poison_system_directories}" = "xyes"; then + AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES], + [1], + [Define to warn for use of native system library directories]) +fi + dnl Use --enable-gold to decide if this linker should be the default. dnl "install_as_default" is set to false if gold is the default linker. dnl "installed_linker" is the installed BFD linker name. diff --git a/ld/config.in b/ld/config.in index 2c6d698b6ce1..d3cb7e882de9 100644 --- a/ld/config.in +++ b/ld/config.in @@ -17,6 +17,9 @@ language is requested. */ #undef ENABLE_NLS +/* Define to warn for use of native system library directories */ +#undef ENABLE_POISON_SYSTEM_DIRECTORIES + /* Additional extension a shared object might have. */ #undef EXTRA_SHLIB_EXTENSION diff --git a/ld/configure b/ld/configure index a4c3350a4e45..47e657a58893 100755 --- a/ld/configure +++ b/ld/configure @@ -786,6 +786,7 @@ with_lib_path enable_targets enable_64_bit_bfd with_sysroot +enable_poison_system_directories enable_gold enable_got enable_compressed_debug_sections @@ -1443,6 +1444,8 @@ Optional Features: --disable-largefile omit support for large files --enable-targets alternative target configurations --enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes) + --enable-poison-system-directories + warn for use of native system library directories --enable-gold[=ARG] build gold [ARG={default,yes,no}] --enable-got=<type> GOT handling scheme (target, single, negative, multigot) @@ -15493,7 +15496,18 @@ else fi +# Check whether --enable-poison-system-directories was given. +if test "${enable_poison_system_directories+set}" = set; then : + enableval=$enable_poison_system_directories; +else + enable_poison_system_directories=no +fi + +if test "x${enable_poison_system_directories}" = "xyes"; then +$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h + +fi # Check whether --enable-got was given. if test "${enable_got+set}" = set; then : diff --git a/ld/ld.h b/ld/ld.h index d84ec4e634ea..1669f6cff877 100644 --- a/ld/ld.h +++ b/ld/ld.h @@ -164,6 +164,13 @@ typedef struct { /* If set, display the target memory usage (per memory region). */ bfd_boolean print_memory_usage; + /* If TRUE warn for uses of system directories when cross linking. */ + bfd_boolean warn_poison_system_directories; + + /* If TRUE (default FALSE) give an error for uses of system + directories when cross linking instead of a warning. */ + bfd_boolean error_poison_system_directories; + /* Big or little endian as set on command line. */ enum endian_enum endian; diff --git a/ld/ld.texinfo b/ld/ld.texinfo index 238966119323..b61cf2b05d32 100644 --- a/ld/ld.texinfo +++ b/ld/ld.texinfo @@ -2338,6 +2338,24 @@ string identifying the original linked file does not change. Passing @code{none} for @var{style} disables the setting from any @code{--build-id} options earlier on the command line. + +@kindex --warn-poison-system-directories +@item --warn-poison-system-directories +Warn for @option{-L} options using system directories such as +@file{/usr/lib} when cross linking. This option is intended for use +in environments that want to detect and reject incorrect link settings. + +@kindex --no-warn-poison-system-directories +@item --no-warn-poison-system-directories +Do not warn for @option{-L} options using system directories such as +@file{/usr/lib} when cross linking. This option is intended for use +in chroot environments when such directories contain the correct +libraries for the target system rather than the host. + +@kindex --error-poison-system-directories +@item --error-poison-system-directories +Give an error instead of a warning for @option{-L} options using +system directories when cross linking. @end table @c man end diff --git a/ld/ldfile.c b/ld/ldfile.c index 96f9ecc0157d..22390ed7c500 100644 --- a/ld/ldfile.c +++ b/ld/ldfile.c @@ -114,6 +114,26 @@ ldfile_add_library_path (const char *name, bfd_boolean cmdline) new_dirs->name = concat (ld_sysroot, name + 1, (const char *) NULL); else new_dirs->name = xstrdup (name); + + if (command_line.warn_poison_system_directories + && (!strncmp (name, "/lib", 4) + /* TODO: This check is disabled for now due to a bunch of packages that + * use libtool and relink with -L/usr/lib paths (albeit after the right + * sysroot path). Once those are fixed we can enable. + * We also need to adjust it so it only rejects one or two levels deep. + * Gcc's internal paths also live below /usr/lib. + * http://crbug.com/488360 */ + /* || !strncmp (name, "/usr/lib", 8) */ + || !strncmp (name, "/usr/local/lib", 14) + || !strncmp (name, "/usr/X11R6/lib", 14))) + { + if (command_line.error_poison_system_directories) + einfo (_("%X%P: error: library search path \"%s\" is unsafe for " + "cross-compilation\n"), name); + else + einfo (_("%P: warning: library search path \"%s\" is unsafe for " + "cross-compilation\n"), name); + } } /* Try to open a BFD for a lang_input_statement. */ diff --git a/ld/ldlex.h b/ld/ldlex.h index 6f11e7bd2178..50ff957fcfaf 100644 --- a/ld/ldlex.h +++ b/ld/ldlex.h @@ -139,6 +139,9 @@ enum option_values OPTION_PRINT_OUTPUT_FORMAT, OPTION_PRINT_SYSROOT, OPTION_IGNORE_UNRESOLVED_SYMBOL, + OPTION_WARN_POISON_SYSTEM_DIRECTORIES, + OPTION_NO_WARN_POISON_SYSTEM_DIRECTORIES, + OPTION_ERROR_POISON_SYSTEM_DIRECTORIES, OPTION_PUSH_STATE, OPTION_POP_STATE, OPTION_PRINT_MEMORY_USAGE, diff --git a/ld/ldmain.c b/ld/ldmain.c index ca34975ff28b..b73349f74295 100644 --- a/ld/ldmain.c +++ b/ld/ldmain.c @@ -257,6 +257,13 @@ main (int argc, char **argv) command_line.warn_mismatch = TRUE; command_line.warn_search_mismatch = TRUE; command_line.check_section_addresses = -1; + command_line.warn_poison_system_directories = +#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES + TRUE; +#else + FALSE; +#endif + command_line.error_poison_system_directories = FALSE; /* We initialize DEMANGLING based on the environment variable COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the diff --git a/ld/lexsup.c b/ld/lexsup.c index e2fb21264f0f..82fc16666840 100644 --- a/ld/lexsup.c +++ b/ld/lexsup.c @@ -519,6 +519,18 @@ static const struct ld_option ld_options[] = OPTION_IGNORE_UNRESOLVED_SYMBOL}, '\0', N_("SYMBOL"), N_("Unresolved SYMBOL will not cause an error or warning"), TWO_DASHES }, + { {"warn-poison-system-directories", no_argument, NULL, + OPTION_WARN_POISON_SYSTEM_DIRECTORIES}, + '\0', NULL, N_("Warn for -L options using system directories"), + TWO_DASHES }, + { {"no-warn-poison-system-directories", no_argument, NULL, + OPTION_NO_WARN_POISON_SYSTEM_DIRECTORIES}, + '\0', NULL, N_("Do not warn for -L options using system directories"), + TWO_DASHES }, + { {"error-poison-system-directories", no_argument, NULL, + OPTION_ERROR_POISON_SYSTEM_DIRECTORIES}, + '\0', NULL, N_("Give an error for -L options using system directories"), + TWO_DASHES }, { {"push-state", no_argument, NULL, OPTION_PUSH_STATE}, '\0', NULL, N_("Push state of flags governing input file handling"), TWO_DASHES }, @@ -1516,6 +1528,18 @@ parse_args (unsigned argc, char **argv) } break; + case OPTION_WARN_POISON_SYSTEM_DIRECTORIES: + command_line.warn_poison_system_directories = TRUE; + break; + + case OPTION_NO_WARN_POISON_SYSTEM_DIRECTORIES: + command_line.warn_poison_system_directories = FALSE; + break; + + case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES: + command_line.error_poison_system_directories = TRUE; + break; + case OPTION_PUSH_STATE: input_flags.pushed = xmemdup (&input_flags, sizeof (input_flags), -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/00_all_0006-ld-enable-new-dtags-by-default-for-linux-gnu-targets.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0006-ld-enable-new-dtags-by-default-for-linux-gnu-targets.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0006-ld-enable-new-dtags-by-default-for-linux-gnu-targets.patch?rev=1.1&content-type=text/plain Index: 00_all_0006-ld-enable-new-dtags-by-default-for-linux-gnu-targets.patch =================================================================== >From e23fa81adf41d3460f2a73f30471ae532e29df52 Mon Sep 17 00:00:00 2001 From: Mike Frysinger <vap...@gentoo.org> Date: Fri, 7 Jan 2005 00:15:53 -0500 Subject: [PATCH] ld: enable new dtags by default for linux/gnu targets The "new" dtags options have been around for 14+ years now, so for Linux and GNU targets, enable them by default. 2012-01-21 Mike Frysinger <vap...@gentoo.org> * emultempl/elf32.em (gld${EMULATION_NAME}_before_parse): Set link_info.new_dtags to TRUE for linux/gnu targets. * NEWS: Mention new dtags default. 2013-01-22 Roland McGrath <mcgra...@google.com> * emultempl/elf32.em (gld${EMULATION_NAME}_before_parse): Set new_dtags to TRUE for *-*-nacl* targets. --- ld/emultempl/elf32.em | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ld/emultempl/elf32.em b/ld/emultempl/elf32.em index 69a67b0e1f36..533f227e659a 100644 --- a/ld/emultempl/elf32.em +++ b/ld/emultempl/elf32.em @@ -103,6 +103,16 @@ gld${EMULATION_NAME}_before_parse (void) input_flags.dynamic = ${DYNAMIC_LINK-TRUE}; config.has_shared = `if test -n "$GENERATE_SHLIB_SCRIPT" ; then echo TRUE ; else echo FALSE ; fi`; config.separate_code = `if test "x${SEPARATE_CODE}" = xyes ; then echo TRUE ; else echo FALSE ; fi`; +EOF + +case ${target} in + *-*-linux-* | *-*-k*bsd*-* | *-*-gnu* | *-*-nacl*) + fragment <<EOF + link_info.new_dtags = TRUE; +EOF + ;; +esac +fragment <<EOF `if test -n "$CALL_NOP_BYTE" ; then echo link_info.call_nop_byte = $CALL_NOP_BYTE; fi`; link_info.relro = DEFAULT_LD_Z_RELRO; } -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/00_all_0007-gold-ld-enable-gnu-hash-by-default.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0007-gold-ld-enable-gnu-hash-by-default.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0007-gold-ld-enable-gnu-hash-by-default.patch?rev=1.1&content-type=text/plain Index: 00_all_0007-gold-ld-enable-gnu-hash-by-default.patch =================================================================== >From 7e57f673f08ef266788c1fc018209cc543864b3f Mon Sep 17 00:00:00 2001 From: Mike Frysinger <vap...@gentoo.org> Date: Sat, 27 Jan 2007 15:01:08 -0500 Subject: [PATCH] gold/ld: enable gnu hash by default Glibc first added .gnu.hash support to glibc-2.5 (released 29 Sep 2006), and gold was first released after that. Let's default the gnu hash style to the new "gnu" rather than the classic sysv. gold/: 2012-02-03 Mike Frysinger <vap...@gentoo.org> * options.h (General_options): Change default to gnu for hash_style. --- gold/options.h | 2 +- ld/emultempl/elf32.em | 13 +++++++++++++ ld/testsuite/lib/ld-lib.exp | 4 ++-- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/gold/options.h b/gold/options.h index 5d820f29fa91..47269eff6789 100644 --- a/gold/options.h +++ b/gold/options.h @@ -852,7 +852,7 @@ class General_options N_("Min fraction of empty buckets in dynamic hash"), N_("FRACTION")); - DEFINE_enum(hash_style, options::TWO_DASHES, '\0', "sysv", + DEFINE_enum(hash_style, options::TWO_DASHES, '\0', "gnu", N_("Dynamic hash style"), N_("[sysv,gnu,both]"), {"sysv", "gnu", "both"}); diff --git a/ld/emultempl/elf32.em b/ld/emultempl/elf32.em index 533f227e659a..90aaa90721b8 100644 --- a/ld/emultempl/elf32.em +++ b/ld/emultempl/elf32.em @@ -100,6 +100,19 @@ static void gld${EMULATION_NAME}_before_parse (void) { ldfile_set_output_arch ("${OUTPUT_ARCH}", bfd_arch_`echo ${ARCH} | sed -e 's/:.*//'`); +EOF +# Enable gnu hash by default for Linux (non-mips) targets. +# This has been supported since glibc-2.5. +case ${target} in + mips*) ;; + *-*-linux-* | *-*-gnu*) + fragment <<EOF + link_info.emit_hash = FALSE; + link_info.emit_gnu_hash = TRUE; +EOF + ;; +esac +fragment <<EOF input_flags.dynamic = ${DYNAMIC_LINK-TRUE}; config.has_shared = `if test -n "$GENERATE_SHLIB_SCRIPT" ; then echo TRUE ; else echo FALSE ; fi`; config.separate_code = `if test "x${SEPARATE_CODE}" = xyes ; then echo TRUE ; else echo FALSE ; fi`; diff --git a/ld/testsuite/lib/ld-lib.exp b/ld/testsuite/lib/ld-lib.exp index fab98909ad36..7486870354c0 100644 --- a/ld/testsuite/lib/ld-lib.exp +++ b/ld/testsuite/lib/ld-lib.exp @@ -143,7 +143,7 @@ proc default_ld_relocate { ld target objects } { global HOSTING_EMU remote_file host delete $target - return [run_host_cmd_yesno "$ld" "$HOSTING_EMU -o $target -r $objects"] + return [run_host_cmd_yesno "$ld" "$HOSTING_EMU --hash-style=sysv -o $target -r $objects"] } # Check to see if ld is being invoked with a non-endian output format @@ -224,7 +224,7 @@ proc default_ld_link { ld target objects } { remote_file host delete $target - return [run_host_cmd_yesno "$ld" "$HOSTING_EMU $flags -o $target $objs $libs"] + return [run_host_cmd_yesno "$ld" "$HOSTING_EMU --hash-style=sysv $flags -o $target $objs $libs"] } # Link a program using ld, without including any libraries. -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/00_all_0008-libiberty-install-PIC-version-of-libiberty.a.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0008-libiberty-install-PIC-version-of-libiberty.a.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/00_all_0008-libiberty-install-PIC-version-of-libiberty.a.patch?rev=1.1&content-type=text/plain Index: 00_all_0008-libiberty-install-PIC-version-of-libiberty.a.patch =================================================================== >From 9c04d0a47dd0f591fb0ef621fc1dc3a221b860cc Mon Sep 17 00:00:00 2001 From: Mike Frysinger <vap...@gentoo.org> Date: Fri, 7 Jan 2005 00:15:53 -0500 Subject: [PATCH] libiberty: install PIC version of libiberty.a This will install a PIC version of libiberty.a by overwriting the non-PIC version of libiberty.a while compiling. We do this because there is no shared version of libiberty for random apps to link against which means if someone wants to use this in a shared library or PIE, they're out of luck. It's arguable whether people should be able to use this in a shared lib, but usage in PIE should be fine. You could argue that this penalizes the non-PIE users, but the counter point is that people using this library in general are fairly low, and we'd rather have things work for all of them. --- libiberty/Makefile.in | 1 + 1 file changed, 1 insertion(+) diff --git a/libiberty/Makefile.in b/libiberty/Makefile.in index 7d7e2f41efa4..35fcda56a79e 100644 --- a/libiberty/Makefile.in +++ b/libiberty/Makefile.in @@ -254,6 +254,7 @@ $(TARGETLIB): $(REQUIRED_OFILES) $(EXTRA_OFILES) $(LIBOBJS) $(AR) $(AR_FLAGS) $(TARGETLIB) \ $(REQUIRED_OFILES) $(EXTRA_OFILES) $(LIBOBJS); \ $(RANLIB) $(TARGETLIB); \ + cp $(TARGETLIB) ../ ; \ cd ..; \ else true; fi; \ if [ x"$(NOASANFLAG)" != x ]; then \ -- 2.8.0.rc3.226.g39d4020 1.1 src/patchsets/binutils/2.26.1/README.history file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/README.history?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/binutils/2.26.1/README.history?rev=1.1&content-type=text/plain Index: README.history =================================================================== 1.0 04 Jul 2016 + 00_all_0001-Add-mips-and-s390-build-targets-for-gold.patch + 00_all_0002-ld-Add-a-linker-configure-option-enable-relro.patch + 00_all_0003-ld-tests-make-address-matches-more-flexible.patch + 00_all_0004-ld-always-warn-about-textrels-in-files.patch + 00_all_0005-gold-ld-add-support-for-poisoned-system-directories.patch + 00_all_0006-ld-enable-new-dtags-by-default-for-linux-gnu-targets.patch + 00_all_0007-gold-ld-enable-gnu-hash-by-default.patch + 00_all_0008-libiberty-install-PIC-version-of-libiberty.a.patch