PUBLIC_REPOS
/
buildroot
peilaus alkaen git://git.buildroot.net/buildroot


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309
							From a6d90a842e349545ceb27f022317618dd99378ce Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Fri, 25 Dec 2015 11:45:38 +0100
Subject: [PATCH] poison-system-directories

Patch adapted to binutils 2.23.2 and extended to use
BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni.

[Waldemar: rebase on top of 2.39]
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Romain: rebase on top of 2.33.1]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[Gustavo: adapt to binutils 2.25]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

Upstream-Status: Inappropriate [distribution: codesourcery]
Upstream: N/A [Buildroot specific]

Patch originally created by Mark Hatle, forward-ported to
binutils 2.21 by Scott Garman.

purpose:  warn for uses of system directories when cross linking

Code Merged from Sourcery G++ binutils 2.19 - 4.4-277

2008-07-02  Joseph Myers  <joseph@codesourcery.com>

    ld/
    * ld.h (args_type): Add error_poison_system_directories.
    * ld.texinfo (--error-poison-system-directories): Document.
    * ldfile.c (ldfile_add_library_path): Check
    command_line.error_poison_system_directories.
    * ldmain.c (main): Initialize
    command_line.error_poison_system_directories.
    * lexsup.c (enum option_values): Add
    OPTION_ERROR_POISON_SYSTEM_DIRECTORIES.
    (ld_options): Add --error-poison-system-directories.
    (parse_args): Handle new option.

2007-06-13  Joseph Myers  <joseph@codesourcery.com>

    ld/
    * config.in: Regenerate.
    * ld.h (args_type): Add poison_system_directories.
    * ld.texinfo (--no-poison-system-directories): Document.
    * ldfile.c (ldfile_add_library_path): Check
    command_line.poison_system_directories.
    * ldmain.c (main): Initialize
    command_line.poison_system_directories.
    * lexsup.c (enum option_values): Add
    OPTION_NO_POISON_SYSTEM_DIRECTORIES.
    (ld_options): Add --no-poison-system-directories.
    (parse_args): Handle new option.

2007-04-20  Joseph Myers  <joseph@codesourcery.com>

    Merge from Sourcery G++ binutils 2.17:

    2007-03-20  Joseph Myers  <joseph@codesourcery.com>
    Based on patch by Mark Hatle <mark.hatle@windriver.com>.
    ld/
    * configure.ac (--enable-poison-system-directories): New option.
    * configure, config.in: Regenerate.
    * ldfile.c (ldfile_add_library_path): If
    ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib,
    /usr/lib, /usr/local/lib or /usr/X11R6/lib.

Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
---
 ld/config.in    |  3 +++
 ld/configure    | 14 ++++++++++++++
 ld/configure.ac | 10 ++++++++++
 ld/ld.h         |  8 ++++++++
 ld/ld.texi      | 12 ++++++++++++
 ld/ldfile.c     | 17 +++++++++++++++++
 ld/ldlex.h      |  2 ++
 ld/ldmain.c     |  2 ++
 ld/lexsup.c     | 21 +++++++++++++++++++++
 9 files changed, 89 insertions(+)

diff --git a/ld/config.in b/ld/config.in
index ad0dc6a106c..d21edaddce7 100644
--- a/ld/config.in
+++ b/ld/config.in
@@ -58,6 +58,9 @@
    language is requested. */
 #undef ENABLE_NLS
 
+/* Define to warn for use of native system library directories */
+#undef ENABLE_POISON_SYSTEM_DIRECTORIES
+
 /* Additional extension a shared object might have. */
 #undef EXTRA_SHLIB_EXTENSION
 
diff --git a/ld/configure b/ld/configure
index 43b44be1dc6..28f054ea3f8 100755
--- a/ld/configure
+++ b/ld/configure
@@ -839,6 +839,7 @@ with_lib_path
 enable_targets
 enable_64_bit_bfd
 with_sysroot
+enable_poison_system_directories
 enable_gold
 enable_got
 enable_compressed_debug_sections
@@ -1521,6 +1522,8 @@ Optional Features:
   --enable-checking       enable run-time checks
   --enable-targets        alternative target configurations
   --enable-64-bit-bfd     64-bit support (on hosts with narrower word sizes)
+  --enable-poison-system-directories
+                          warn for use of native system library directories
   --enable-gold[=ARG]     build gold [ARG={default,yes,no}]
   --enable-got=<type>     GOT handling scheme (target, single, negative,
                           multigot)
@@ -15504,7 +15507,18 @@ else
 fi
 
 
+# Check whether --enable-poison-system-directories was given.
+if test "${enable_poison_system_directories+set}" = set; then :
+  enableval=$enable_poison_system_directories;
+else
+  enable_poison_system_directories=no
+fi
+
+if test "x${enable_poison_system_directories}" = "xyes"; then
 
+$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
+
+fi
 
 # Check whether --enable-got was given.
 if test "${enable_got+set}" = set; then :
diff --git a/ld/configure.ac b/ld/configure.ac
index 77edac3258c..a74dac63038 100644
--- a/ld/configure.ac
+++ b/ld/configure.ac
@@ -103,6 +103,16 @@ AC_SUBST(use_sysroot)
 AC_SUBST(TARGET_SYSTEM_ROOT)
 AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE)
 
+AC_ARG_ENABLE([poison-system-directories],
+         AS_HELP_STRING([--enable-poison-system-directories],
+                [warn for use of native system library directories]),,
+         [enable_poison_system_directories=no])
+if test "x${enable_poison_system_directories}" = "xyes"; then
+  AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
+       [1],
+       [Define to warn for use of native system library directories])
+fi
+
 dnl Use --enable-gold to decide if this linker should be the default.
 dnl "install_as_default" is set to false if gold is the default linker.
 dnl "installed_linker" is the installed BFD linker name.
diff --git a/ld/ld.h b/ld/ld.h
index 05649ff61b8..1818c227473 100644
--- a/ld/ld.h
+++ b/ld/ld.h
@@ -163,6 +163,14 @@ typedef struct
      in the linker script.  */
   bool force_group_allocation;
 
+  /* If TRUE (the default) warn for uses of system directories when
+     cross linking.  */
+  bool poison_system_directories;
+
+  /* If TRUE (default FALSE) give an error for uses of system
+     directories when cross linking instead of a warning.  */
+  bool error_poison_system_directories;
+
   /* Big or little endian as set on command line.  */
   enum endian_enum endian;
 
diff --git a/ld/ld.texi b/ld/ld.texi
index db3a9f09b45..9dacc934f80 100644
--- a/ld/ld.texi
+++ b/ld/ld.texi
@@ -2949,6 +2949,18 @@ string identifying the original linked file does not change.
 Passing @code{none} for @var{style} disables the setting from any
 @code{--build-id} options earlier on the command line.
 
+@kindex --no-poison-system-directories
+@item --no-poison-system-directories
+Do not warn for @option{-L} options using system directories such as
+@file{/usr/lib} when cross linking.  This option is intended for use
+in chroot environments when such directories contain the correct
+libraries for the target system rather than the host.
+
+@kindex --error-poison-system-directories
+@item --error-poison-system-directories
+Give an error instead of a warning for @option{-L} options using
+system directories when cross linking.
+
 @kindex --package-metadata=@var{JSON}
 @item --package-metadata=@var{JSON}
 Request the creation of a @code{.note.package} ELF note section.  The
diff --git a/ld/ldfile.c b/ld/ldfile.c
index b8fd4e5d8e0..1f1d8e23bc9 100644
--- a/ld/ldfile.c
+++ b/ld/ldfile.c
@@ -117,6 +117,23 @@ ldfile_add_library_path (const char *name, bool cmdline)
     new_dirs->name = concat (ld_sysroot, name + strlen ("$SYSROOT"), (const char *) NULL);
   else
     new_dirs->name = xstrdup (name);
+
+#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
+  if (command_line.poison_system_directories
+  && ((!strncmp (name, "/lib", 4))
+      || (!strncmp (name, "/usr/lib", 8))
+      || (!strncmp (name, "/usr/local/lib", 14))
+      || (!strncmp (name, "/usr/X11R6/lib", 14))))
+   {
+     if (command_line.error_poison_system_directories)
+       einfo (_("%X%P: error: library search path \"%s\" is unsafe for "
+            "cross-compilation\n"), name);
+     else
+       einfo (_("%P: warning: library search path \"%s\" is unsafe for "
+            "cross-compilation\n"), name);
+   }
+#endif
+
 }
 
 /* Try to open a BFD for a lang_input_statement.  */
diff --git a/ld/ldlex.h b/ld/ldlex.h
index 0538f0a06a1..d1de3aec23d 100644
--- a/ld/ldlex.h
+++ b/ld/ldlex.h
@@ -166,6 +166,8 @@ enum option_values
   OPTION_CTF_VARIABLES,
   OPTION_NO_CTF_VARIABLES,
   OPTION_CTF_SHARE_TYPES,
+  OPTION_NO_POISON_SYSTEM_DIRECTORIES,
+  OPTION_ERROR_POISON_SYSTEM_DIRECTORIES,
   OPTION_WARN_EXECSTACK,
   OPTION_NO_WARN_EXECSTACK,
   OPTION_WARN_RWX_SEGMENTS,
diff --git a/ld/ldmain.c b/ld/ldmain.c
index 9290a189b0d..e2e3074e872 100644
--- a/ld/ldmain.c
+++ b/ld/ldmain.c
@@ -321,6 +321,8 @@ main (int argc, char **argv)
   command_line.warn_mismatch = true;
   command_line.warn_search_mismatch = true;
   command_line.check_section_addresses = -1;
+  command_line.poison_system_directories = true;
+  command_line.error_poison_system_directories = false;
 
   /* We initialize DEMANGLING based on the environment variable
      COLLECT_NO_DEMANGLE.  The gcc collect2 program will demangle the
diff --git a/ld/lexsup.c b/ld/lexsup.c
index c5960385572..da0a7829914 100644
--- a/ld/lexsup.c
+++ b/ld/lexsup.c
@@ -613,6 +613,14 @@ static const struct ld_option ld_options[] =
 		   "                                <method> is: share-unconflicted (default),\n"
 		   "                                             share-duplicated"),
     TWO_DASHES },
+  { {"no-poison-system-directories", no_argument, NULL,
+    OPTION_NO_POISON_SYSTEM_DIRECTORIES},
+    '\0', NULL, N_("Do not warn for -L options using system directories"),
+    TWO_DASHES },
+  { {"error-poison-system-directories", no_argument, NULL,
+    OPTION_ERROR_POISON_SYSTEM_DIRECTORIES},
+    '\0', NULL, N_("Give an error for -L options using system directories"),
+    TWO_DASHES },
 };
 
 #define OPTION_COUNT ARRAY_SIZE (ld_options)
@@ -625,6 +633,7 @@ parse_args (unsigned argc, char **argv)
   int ingroup = 0;
   char *default_dirlist = NULL;
   char *shortopts;
+  char *BR_paranoid_env;
   struct option *longopts;
   struct option *really_longopts;
   int last_optind;
@@ -1692,6 +1701,14 @@ parse_args (unsigned argc, char **argv)
 	  }
 	  break;
 
+	case OPTION_NO_POISON_SYSTEM_DIRECTORIES:
+	  command_line.poison_system_directories = false;
+	  break;
+
+	case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES:
+	  command_line.error_poison_system_directories = true;
+	  break;
+
 	case OPTION_PUSH_STATE:
 	  input_flags.pushed = xmemdup (&input_flags,
 					sizeof (input_flags),
@@ -1837,6 +1854,10 @@ parse_args (unsigned argc, char **argv)
       command_line.soname = NULL;
     }
 
+  BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
+  if (BR_paranoid_env && strlen(BR_paranoid_env) > 0)
+    command_line.error_poison_system_directories = true;
+
   while (ingroup)
     {
       einfo (_("%P: missing --end-group; added as last command line option\n"));
-- 
2.40.1