Re: simple wxneeded setting from port Makefiles
On Sat, Aug 20, 2016 at 03:25:25PM +0200, Jeremie Courreges-Anglas wrote: > Pretty much any time you see this, you can assume that the kernel > returned ENOEXEC. This can happen with an invalid executable, > a partition mounted "noexec", or... a program annotated with wxneeded > but placed on a partition that isn't mounted with "wxallowed". Check > the partition that holds WRKOBJDIR (probably /home here). Great tip, thank you very much. The diff is now just a USE_WXNEEDED addition :-) Frank
Re: simple wxneeded setting from port Makefiles
Frank Groeneveld writes:
> On Thu, Aug 18, 2016 at 11:49:04PM +0100, Stuart Henderson wrote:
>> I think that would be prefereable, if it works.
>
> Thanks for making this simpler for us! I tried applying it to
> wkhtmltopdf (because of the bundled Webkit) and think I've found a
> build that doesn't work with USE_WXNEEDED (haven't gotten it to
> work in other ways either). Attached the output. It seems the
> qmake binary get corrupted somehow. Any hints on how to debug this?
[...]
> mkdir /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/src/tools
> mkdir /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/src/tools/uic
> Creating qmake. Please wait...
> qbytearray.o: In function `qstrcpy(char*, char const*)':
> /home/pobj/wkhtmltopdf-0.12.3.2/wkhtmltopdf-0.12.3.2/qt/src/corelib/tools/qbytearray.cpp:143:
> warning: warning: strcpy() is almost always misused, please use strlcpy()
> option.o: In function `qmake_version()':
> /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/qmake/option.cpp:695: warning:
> warning: sprintf() is often misused, please use snprintf()
> qglobal.o: In function `qrand()':
> /home/pobj/wkhtmltopdf-0.12.3.2/wkhtmltopdf-0.12.3.2/qt/src/corelib/global/qglobal.cpp:2810:
> warning: warning: rand() may return deterministic values, is that what you
> want?
> /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/bin/qmake[1]: : not found
> /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/bin/qmake[1]: ELF: not found
> /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/bin/qmake[3]: ÿÿ%BXh: not found
> /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/bin/qmake[3]: @ÿÿ%BXh
0ÿÿ%BXh
> : not found
> /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/bin/qmake[3]:
> CXhéÿÿ%CXhpÿÿ%BXhþÿ%rBXhéPÿÿ%jBXhé@ÿÿ%bBXhé0ÿÿ%ZBXhé:
> not found
> /home/pobj/wkhtmltopdf-0.12.3.2/build-amd64/qt/bin/qmake[5]: syntax error:
> `(' unexpected
Pretty much any time you see this, you can assume that the kernel
returned ENOEXEC. This can happen with an invalid executable,
a partition mounted "noexec", or... a program annotated with wxneeded
but placed on a partition that isn't mounted with "wxallowed". Check
the partition that holds WRKOBJDIR (probably /home here).
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: simple wxneeded setting from port Makefiles
On 2016/08/18 19:38, Christian Weisgerber wrote: > On 2016-08-18, Stuart Henderson wrote: > > > This factors out the wrapper so it can be generated by ports > > infrastructure instead (by setting USE_WXNEEDED=Yes), and adds > > it to the sqlports database so we can spot them more easily. > > I guess ports that were changed to use LDFLAGS=-Wl,-z,wxneeded > should now use USE_WXNEEDED instead, right? I think that would be prefereable, if it works.
Re: simple wxneeded setting from port Makefiles
On 2016-08-18, Stuart Henderson wrote: > This factors out the wrapper so it can be generated by ports > infrastructure instead (by setting USE_WXNEEDED=Yes), and adds > it to the sqlports database so we can spot them more easily. I guess ports that were changed to use LDFLAGS=-Wl,-z,wxneeded should now use USE_WXNEEDED instead, right? -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: simple wxneeded setting from port Makefiles
On 2016/08/18 12:12, Jeremie Courreges-Anglas wrote:
> Stuart Henderson writes:
>
> > As most readers know by now, ports requiring WX mappings must now
> > be annotated when the binaries are created. Because there are many
> > build systems in ports (sometimes even different ones within a
> > single port) this is an utter pain to setup, so for the jdk ports
> > I've used a wrapper installed to ${WRKDIR}/bin/ld that adds the
> > relevant flag.
> >
> > This factors out the wrapper so it can be generated by ports
> > infrastructure instead (by setting USE_WXNEEDED=Yes), and adds
> > it to the sqlports database so we can spot them more easily.
> >
> > Any comments?
>
> This may not be enough to fix everything (eg lisp stuff that dumps
> executables) but whatever.
Agreed, I don't think we are going to fix everything this way, but
it makes the more common cases a lot easier.
> I guess that you didn't want to introduce a more generic ld wrapper
> script?
I hadn't thought of that.. I certainly like the simple USE_WXNEEDED
flag and feeding that into sqlports, if we needed to add some other
flags we could switch to a more generic wrapper and have USE_WXNEEDED
trigger adding to that. I can't think of a use case right now though.
> > OK?
>
> Looks fine, ok
>
> (one nit below)
good call, I'll switch to @.
Re: simple wxneeded setting from port Makefiles
Stuart Henderson writes:
> As most readers know by now, ports requiring WX mappings must now
> be annotated when the binaries are created. Because there are many
> build systems in ports (sometimes even different ones within a
> single port) this is an utter pain to setup, so for the jdk ports
> I've used a wrapper installed to ${WRKDIR}/bin/ld that adds the
> relevant flag.
>
> This factors out the wrapper so it can be generated by ports
> infrastructure instead (by setting USE_WXNEEDED=Yes), and adds
> it to the sqlports database so we can spot them more easily.
>
> Any comments?
This may not be enough to fix everything (eg lisp stuff that dumps
executables) but whatever.
I guess that you didn't want to introduce a more generic ld wrapper
script?
> OK?
Looks fine, ok
(one nit below)
> Index: ports/infrastructure/mk/bsd.port.mk
> ===
> RCS file: /cvs/ports/infrastructure/mk/bsd.port.mk,v
> retrieving revision 1.1319
> diff -u -p -r1.1319 bsd.port.mk
> --- ports/infrastructure/mk/bsd.port.mk 10 Jul 2016 18:51:03 -
> 1.1319
> +++ ports/infrastructure/mk/bsd.port.mk 18 Aug 2016 09:06:19 -
> @@ -110,7 +110,7 @@ _ALL_VARIABLES += HOMEPAGE DISTNAME \
> SHARED_LIBS TARGETS PSEUDO_FLAVOR \
> MAINTAINER AUTOCONF_VERSION AUTOMAKE_VERSION CONFIGURE_ARGS \
> GH_ACCOUNT GH_COMMIT GH_PROJECT GH_TAGNAME PORTROACH \
> - PORTROACH_COMMENT MAKEFILE_LIST
> + PORTROACH_COMMENT MAKEFILE_LIST USE_WXNEEDED
> _ALL_VARIABLES_PER_ARCH += BROKEN
> # and stuff needing to be MULTI_PACKAGE'd
> _ALL_VARIABLES_INDEXED += COMMENT PKGNAME \
> @@ -361,6 +361,7 @@ BASELOCALSTATEDIR ?= ${VARBASE}
> LOCALSTATEDIR ?= ${BASELOCALSTATEDIR}
>
> RCDIR ?= /etc/rc.d
> +USE_WXNEEDED ?= No
> USE_GMAKE ?= No
> .if ${USE_GMAKE:L} == "yes"
> BUILD_DEPENDS += devel/gmake
> @@ -2595,6 +2596,10 @@ ${_PATCH_COOKIE}: ${_EXTRACT_COOKIE}
> if $$error; then exit 1; fi; \
> fi
> # End of PATCH.
> +.endif
> +.if ${USE_WXNEEDED:L} == "yes"
> + @printf '#!/bin/sh\nexec /usr/bin/ld -z wxneeded $$*\n' >
> ${WRKDIR}/bin/ld
> + @chmod 555 ${WRKDIR}/bin/ld
> .endif
> .if target(post-patch)
> @${_MAKESYS} post-patch
> Index: ports/databases/sqlports/Makefile
> ===
> RCS file: /cvs/ports/databases/sqlports/Makefile,v
> retrieving revision 1.61
> diff -u -p -r1.61 Makefile
> --- ports/databases/sqlports/Makefile 20 Mar 2016 20:03:07 - 1.61
> +++ ports/databases/sqlports/Makefile 18 Aug 2016 09:09:47 -
> @@ -1,7 +1,7 @@
> # $OpenBSD: Makefile,v 1.61 2016/03/20 20:03:07 naddy Exp $
>
> CATEGORIES = databases
> -V = 5.0
> +V = 6.0
> DISTNAME = sqlports-$V
> DISTFILES =
> COMMENT =sqlite database of ports
> Index: ports/databases/sqlports/files/Info.pm
> ===
> RCS file: /cvs/ports/databases/sqlports/files/Info.pm,v
> retrieving revision 1.18
> diff -u -p -r1.18 Info.pm
> --- ports/databases/sqlports/files/Info.pm20 Mar 2016 20:03:07 -
> 1.18
> +++ ports/databases/sqlports/files/Info.pm18 Aug 2016 09:09:47 -
> @@ -95,6 +95,7 @@ our $vars = {
> USE_GMAKE => 'YesNoVar',
> USE_GROFF => 'YesNoVar',
> USE_LIBTOOL => 'YesNoGnuVar',
> +USE_WXNEEDED => 'YesNoVar',
> WANTLIB => 'WantlibVar',
> # XXX those variables are part of the dump for dpb, but really should
> # not end up in sqlports. But make sure we know about them.
> Index: src/share/man/man5/bsd.port.mk.5
> ===
> RCS file: /cvs/src/share/man/man5/bsd.port.mk.5,v
> retrieving revision 1.437
> diff -u -p -r1.437 bsd.port.mk.5
> --- src/share/man/man5/bsd.port.mk.5 1 Aug 2016 00:48:22 - 1.437
> +++ src/share/man/man5/bsd.port.mk.5 18 Aug 2016 09:06:19 -
> @@ -2922,6 +2922,13 @@ and not intended to be a user setting.
> See
> .Ev WRKOBJDIR_MFS
> for configuration.
> +.It Ev USE_WXNEEDED
> +Set to
> +.Sq Yes
> +if this port needs to disable the default W^X enforcement on memory
> +mappings.
> +Adds a wrapper script to ${WRKDIR}/bin/ld in
> +.Cm post-patch .
> .It Ev USE_X11
> Normally, presence of ${X11BASE} is enforced by default for building ports.
> But there is an experimental way to hook the xenocara build into
> Index: ports/devel/jdk/1.7/Makefile
> ===
> RCS file: /cvs/ports/devel/jdk/1.7/Makefile,v
> retrieving revision 1.82
> diff -u -p -r1.82 Makefile
> --- ports/devel/jdk/1.7/Makefile 17 Aug 2016 21:36:47 - 1.82
> +++ ports/devel/jdk/1.7/Makefile 18 Aug 2016 09:06:19 -
> @@ -1,6 +1,7 @@
> # $OpenBSD: Makefile,v 1.82 2016/08/17 21:36:47 sthen Exp $
>
> ONLY_FOR_ARCHS= i386 amd64
> +USE_WXNEEDED=Yes
>
> C
Re: simple wxneeded setting from port Makefiles
On 2016/08/18 10:12, Stuart Henderson wrote:
> As most readers know by now, ports requiring WX mappings must now
> be annotated when the binaries are created. Because there are many
> build systems in ports (sometimes even different ones within a
> single port) this is an utter pain to setup, so for the jdk ports
> I've used a wrapper installed to ${WRKDIR}/bin/ld that adds the
> relevant flag.
>
> This factors out the wrapper so it can be generated by ports
> infrastructure instead (by setting USE_WXNEEDED=Yes), and adds
> it to the sqlports database so we can spot them more easily.
Updated manpage section after feedback from jasper@.
Index: man5/bsd.port.mk.5
===
RCS file: /cvs/src/share/man/man5/bsd.port.mk.5,v
retrieving revision 1.437
diff -u -p -r1.437 bsd.port.mk.5
--- man5/bsd.port.mk.5 1 Aug 2016 00:48:22 - 1.437
+++ man5/bsd.port.mk.5 18 Aug 2016 10:07:13 -
@@ -2922,6 +2922,14 @@ and not intended to be a user setting.
See
.Ev WRKOBJDIR_MFS
for configuration.
+.It Ev USE_WXNEEDED
+If set to
+.Sq Yes ,
+writes a wrapper script to ${WRKDIR}/bin/ld in
+.Cm patch
+to request that the linker adds an OPENBSD_WXNEEDED ELF section.
+Use when a port requires memory mappings that are both executable
+and writable and cannot be modified to avoid this.
.It Ev USE_X11
Normally, presence of ${X11BASE} is enforced by default for building ports.
But there is an experimental way to hook the xenocara build into
simple wxneeded setting from port Makefiles
As most readers know by now, ports requiring WX mappings must now
be annotated when the binaries are created. Because there are many
build systems in ports (sometimes even different ones within a
single port) this is an utter pain to setup, so for the jdk ports
I've used a wrapper installed to ${WRKDIR}/bin/ld that adds the
relevant flag.
This factors out the wrapper so it can be generated by ports
infrastructure instead (by setting USE_WXNEEDED=Yes), and adds
it to the sqlports database so we can spot them more easily.
Any comments?
OK?
Index: ports/infrastructure/mk/bsd.port.mk
===
RCS file: /cvs/ports/infrastructure/mk/bsd.port.mk,v
retrieving revision 1.1319
diff -u -p -r1.1319 bsd.port.mk
--- ports/infrastructure/mk/bsd.port.mk 10 Jul 2016 18:51:03 - 1.1319
+++ ports/infrastructure/mk/bsd.port.mk 18 Aug 2016 09:06:19 -
@@ -110,7 +110,7 @@ _ALL_VARIABLES += HOMEPAGE DISTNAME \
SHARED_LIBS TARGETS PSEUDO_FLAVOR \
MAINTAINER AUTOCONF_VERSION AUTOMAKE_VERSION CONFIGURE_ARGS \
GH_ACCOUNT GH_COMMIT GH_PROJECT GH_TAGNAME PORTROACH \
- PORTROACH_COMMENT MAKEFILE_LIST
+ PORTROACH_COMMENT MAKEFILE_LIST USE_WXNEEDED
_ALL_VARIABLES_PER_ARCH += BROKEN
# and stuff needing to be MULTI_PACKAGE'd
_ALL_VARIABLES_INDEXED += COMMENT PKGNAME \
@@ -361,6 +361,7 @@ BASELOCALSTATEDIR ?= ${VARBASE}
LOCALSTATEDIR ?= ${BASELOCALSTATEDIR}
RCDIR ?= /etc/rc.d
+USE_WXNEEDED ?= No
USE_GMAKE ?= No
.if ${USE_GMAKE:L} == "yes"
BUILD_DEPENDS += devel/gmake
@@ -2595,6 +2596,10 @@ ${_PATCH_COOKIE}: ${_EXTRACT_COOKIE}
if $$error; then exit 1; fi; \
fi
# End of PATCH.
+.endif
+.if ${USE_WXNEEDED:L} == "yes"
+ @printf '#!/bin/sh\nexec /usr/bin/ld -z wxneeded $$*\n' >
${WRKDIR}/bin/ld
+ @chmod 555 ${WRKDIR}/bin/ld
.endif
.if target(post-patch)
@${_MAKESYS} post-patch
Index: ports/databases/sqlports/Makefile
===
RCS file: /cvs/ports/databases/sqlports/Makefile,v
retrieving revision 1.61
diff -u -p -r1.61 Makefile
--- ports/databases/sqlports/Makefile 20 Mar 2016 20:03:07 - 1.61
+++ ports/databases/sqlports/Makefile 18 Aug 2016 09:09:47 -
@@ -1,7 +1,7 @@
# $OpenBSD: Makefile,v 1.61 2016/03/20 20:03:07 naddy Exp $
CATEGORIES = databases
-V =5.0
+V =6.0
DISTNAME = sqlports-$V
DISTFILES =
COMMENT = sqlite database of ports
Index: ports/databases/sqlports/files/Info.pm
===
RCS file: /cvs/ports/databases/sqlports/files/Info.pm,v
retrieving revision 1.18
diff -u -p -r1.18 Info.pm
--- ports/databases/sqlports/files/Info.pm 20 Mar 2016 20:03:07 -
1.18
+++ ports/databases/sqlports/files/Info.pm 18 Aug 2016 09:09:47 -
@@ -95,6 +95,7 @@ our $vars = {
USE_GMAKE => 'YesNoVar',
USE_GROFF => 'YesNoVar',
USE_LIBTOOL => 'YesNoGnuVar',
+USE_WXNEEDED => 'YesNoVar',
WANTLIB => 'WantlibVar',
# XXX those variables are part of the dump for dpb, but really should
# not end up in sqlports. But make sure we know about them.
Index: src/share/man/man5/bsd.port.mk.5
===
RCS file: /cvs/src/share/man/man5/bsd.port.mk.5,v
retrieving revision 1.437
diff -u -p -r1.437 bsd.port.mk.5
--- src/share/man/man5/bsd.port.mk.51 Aug 2016 00:48:22 - 1.437
+++ src/share/man/man5/bsd.port.mk.518 Aug 2016 09:06:19 -
@@ -2922,6 +2922,13 @@ and not intended to be a user setting.
See
.Ev WRKOBJDIR_MFS
for configuration.
+.It Ev USE_WXNEEDED
+Set to
+.Sq Yes
+if this port needs to disable the default W^X enforcement on memory
+mappings.
+Adds a wrapper script to ${WRKDIR}/bin/ld in
+.Cm post-patch .
.It Ev USE_X11
Normally, presence of ${X11BASE} is enforced by default for building ports.
But there is an experimental way to hook the xenocara build into
Index: ports/devel/jdk/1.7/Makefile
===
RCS file: /cvs/ports/devel/jdk/1.7/Makefile,v
retrieving revision 1.82
diff -u -p -r1.82 Makefile
--- ports/devel/jdk/1.7/Makefile17 Aug 2016 21:36:47 - 1.82
+++ ports/devel/jdk/1.7/Makefile18 Aug 2016 09:06:19 -
@@ -1,6 +1,7 @@
# $OpenBSD: Makefile,v 1.82 2016/08/17 21:36:47 sthen Exp $
ONLY_FOR_ARCHS=i386 amd64
+USE_WXNEEDED= Yes
COMMENT-main= Java2(TM) SE Dev Kit v${V}
COMMENT-jre= Java2(TM) SE Runtime Environment v${V}
@@ -136,8 +137,6 @@ COPYFILES= hotspot/src/os/linux/vm/decod
# create initial bsd src from linux src
post-extract:
- @printf '#!/bin/sh\nexec /usr/bin/ld -z wxneeded $$*\n' >
${WRKDIR}/bin/ld
- @chmod 755 ${WRKDIR}/bin/ld
@for f in ${COPYFILES}; do \
t=`echo $$f | sed 's/linux/bsd/g'`; \
