From: Schantl Stefan Date: Sun, 21 Mar 2010 17:07:48 +0000 (+0100) Subject: binutils: Add a bunch of gentoo patches. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bed94d1d99f905ed182dcb8256e57f83328e9f56;p=ipfire-3.x.git binutils: Add a bunch of gentoo patches. They provide new security features, and funktions for linking. --- diff --git a/pkgs/core/binutils/patches/binutils-2.20.1-all_dobumen-new-dtags-behaviour.patch b/pkgs/core/binutils/patches/binutils-2.20.1-all_dobumen-new-dtags-behaviour.patch new file mode 100644 index 000000000..3587c99db --- /dev/null +++ b/pkgs/core/binutils/patches/binutils-2.20.1-all_dobumen-new-dtags-behaviour.patch @@ -0,0 +1,16 @@ +Index: binutils-2.19.51.0.5/ld/ld.texinfo +=================================================================== +--- binutils-2.19.51.0.5.orig/ld/ld.texinfo ++++ binutils-2.19.51.0.5/ld/ld.texinfo +@@ -2036,8 +2036,9 @@ This linker can create the new dynamic t + systems may not understand them. If you specify + @option{--enable-new-dtags}, the dynamic tags will be created as needed. + If you specify @option{--disable-new-dtags}, no new dynamic tags will be +-created. By default, the new dynamic tags are not created. Note that +-those options are only available for ELF systems. ++created. On IPFire, by default, the new dynamic tags are created (this ++differs from upstream behaviour). Note that those options are only ++available for ELF systems. + + @kindex --hash-size=@var{number} + @item --hash-size=@var{number} diff --git a/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-flexible-tests.patch b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-flexible-tests.patch new file mode 100644 index 000000000..c95e369ba --- /dev/null +++ b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-flexible-tests.patch @@ -0,0 +1,82 @@ +making some of the address matches more flexible fixes tests when using +pax/relro/hash patches + +--- binutils/ld/testsuite/ld-i386/hidden2.d ++++ binutils/ld/testsuite/ld-i386/hidden2.d +@@ -8,6 +8,6 @@ + Disassembly of section .text: + + [a-f0-9]+ : +-[ ]*[a-f0-9]+: e8 af fe ff ff call 0 ++[ ]*[a-f0-9]+: e8 ([a-f0-9]{2} ){2}ff ff call 0 + [ ]*[a-f0-9]+: c3 ret + #pass +--- binutils/ld/testsuite/ld-x86-64/hidden2.d ++++ binutils/ld/testsuite/ld-x86-64/hidden2.d +@@ -8,6 +8,6 @@ + Disassembly of section .text: + + [a-f0-9]+ : +-[ ]*[a-f0-9]+: e8 33 fe ff ff callq 0 ++[ ]*[a-f0-9]+: e8 ([a-f0-9]{2} ){2}ff ff callq 0 + [ ]*[a-f0-9]+: c3 retq + #pass +--- binutils/ld/testsuite/ld-x86-64/protected3.d ++++ binutils/ld/testsuite/ld-x86-64/protected3.d +@@ -8,6 +8,6 @@ + Disassembly of section .text: + + 0+[a-f0-9]+ : +-[ ]*[a-f0-9]+: 8b 05 ce 00 20 00 mov 0x[a-f0-9]+\(%rip\),%eax # [a-f0-9]+ ++[ ]*[a-f0-9]+: 8b 05 ([a-f0-9]{2} ){2}20 00 mov 0x[a-f0-9]+\(%rip\),%eax # [a-f0-9]+ + [ ]*[a-f0-9]+: c3 retq + #pass +--- binutils/ld/testsuite/ld-ifunc/ifunc-1-local-x86.d ++++ binutils/ld/testsuite/ld-ifunc/ifunc-1-local-x86.d +@@ -3,5 +3,5 @@ + #target: x86_64-*-* i?86-*-* + + #... +-[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*(\+0x200|)@plt> ++[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*(\+0x[a-f0-9]+|)@plt> + #pass +--- binutils/ld/testsuite/ld-ifunc/ifunc-1-x86.d ++++ binutils/ld/testsuite/ld-ifunc/ifunc-1-x86.d +@@ -3,5 +3,5 @@ + #target: x86_64-*-* i?86-*-* + + #... +-[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*(\+0x220|)@plt> ++[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*(\+0x[a-f0-9]+|)@plt> + #pass +--- binutils/ld/testsuite/ld-ifunc/ifunc-2-local-x86-64.d ++++ binutils/ld/testsuite/ld-ifunc/ifunc-2-local-x86-64.d +@@ -4,6 +4,6 @@ + #target: x86_64-*-* + + #... +-[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> +-[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> ++[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> ++[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> + #pass +--- binutils/ld/testsuite/ld-ifunc/ifunc-2-x86-64.d ++++ binutils/ld/testsuite/ld-ifunc/ifunc-2-x86-64.d +@@ -4,6 +4,6 @@ + #target: x86_64-*-* + + #... +-[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> +-[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x220@plt> ++[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> ++[ \t0-9a-f]+:[ \t0-9a-f]+lea[ \t]+.*\(%rip\),%rax.*[ \t0-9a-fq]+<\*ABS\*\+0x[a-f0-9]+@plt> + #pass +--- binutils/ld/testsuite/ld-ifunc/ifunc-3a-x86.d ++++ binutils/ld/testsuite/ld-ifunc/ifunc-3a-x86.d +@@ -4,5 +4,5 @@ + #target: x86_64-*-* i?86-*-* + + #... +-[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*(\+0x258|)@plt> ++[ \t0-9a-f]+:[ \t0-9a-f]+call[ \t0-9a-fq]+<\*ABS\*(\+0x[a-f0-9]+|)@plt> + #pass diff --git a/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-rpath_envvar-smack.patch b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-rpath_envvar-smack.patch new file mode 100644 index 000000000..2e90f0c15 --- /dev/null +++ b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-rpath_envvar-smack.patch @@ -0,0 +1,13 @@ +http://sourceware.org/ml/binutils/2007-07/msg00401.html +http://sourceware.org/bugzilla/show_bug.cgi?id=4970 + +--- a/configure ++++ b/configure +@@ -5601,6 +5601,7 @@ case "${host}" in + *-*-mingw* | *-*-cygwin ) RPATH_ENVVAR=PATH ;; + *) RPATH_ENVVAR=LD_LIBRARY_PATH ;; + esac ++RPATH_ENVVAR="cant_touch_this_nah_nah_nah" + + # On systems where the dynamic library environment variable is PATH, + if test "$RPATH_ENVVAR" = PATH; then diff --git a/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-use-new-ld-dtags.patch b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-use-new-ld-dtags.patch new file mode 100644 index 000000000..84e20f70b --- /dev/null +++ b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-use-new-ld-dtags.patch @@ -0,0 +1,10 @@ +--- binutils/ld/ldmain.c ++++ binutils/ld/ldmain.c +@@ -296,6 +296,7 @@ main (int argc, char **argv) + + link_info.allow_undefined_version = TRUE; + link_info.keep_memory = TRUE; ++ link_info.new_dtags = TRUE; + link_info.combreloc = TRUE; + link_info.strip_discarded = TRUE; + link_info.callbacks = &link_callbacks; diff --git a/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-use-relro.patch b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-use-relro.patch new file mode 100644 index 000000000..db3276b62 --- /dev/null +++ b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-use-relro.patch @@ -0,0 +1,9 @@ +background: +http://www.airs.com/blog/archives/189 + +--- binutils/ld/ldmain.c ++++ binutils/ld/ldmain.c +@@ -293,2 +293,3 @@ main (int argc, char **argv) + link_info.combreloc = TRUE; ++ link_info.relro = TRUE; + link_info.strip_discarded = TRUE; diff --git a/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-warn-textrel.patch b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-warn-textrel.patch new file mode 100644 index 000000000..c8783a287 --- /dev/null +++ b/pkgs/core/binutils/patches/binutils-2.20.1-gentoo-warn-textrel.patch @@ -0,0 +1,85 @@ +textrels are bad for forcing copy-on-write (this affects everyone), +and for security/runtime code generation, this affects security ppl. +But in either case, it doesn't matter who needs textrels, it's +the very fact that they're needed at all. + +2006-06-10 Ned Ludd , Mike Frysinger + + * bfd/elflink.c (bfd_elf_final_link): Check all objects for TEXTRELs. + * ld/ldmain.c (main): Change textrel warning default to true. + * ld/testsuite/lib/ld-lib.exp (default_ld_simple_link): Scrub TEXTREL + warnings from ld output. + +--- binutils/bfd/elflink.c ++++ binutils/bfd/elflink.c +@@ -8652,14 +8652,12 @@ + goto error_return; + + /* Check for DT_TEXTREL (late, in case the backend removes it). */ +- if (info->warn_shared_textrel && info->shared) ++ o = bfd_get_section_by_name (dynobj, ".dynamic"); ++ if (info->warn_shared_textrel && o != NULL) + { + bfd_byte *dyncon, *dynconend; + + /* Fix up .dynamic entries. */ +- o = bfd_get_section_by_name (dynobj, ".dynamic"); +- BFD_ASSERT (o != NULL); +- + dyncon = o->contents; + dynconend = o->contents + o->size; + for (; dyncon < dynconend; dyncon += bed->s->sizeof_dyn) +@@ -8702,7 +8702,7 @@ bfd_elf_final_link (bfd *abfd, struct bf + if (dyn.d_tag == DT_TEXTREL) + { + info->callbacks->einfo +- (_("%P: warning: creating a DT_TEXTREL in a shared object.\n")); ++ (_("%P: warning: creating a DT_TEXTREL in object.\n")); + break; + } + } +--- binutils/ld/ldmain.c ++++ binutils/ld/ldmain.c +@@ -282,2 +282,3 @@ + link_info.spare_dynamic_tags = 5; ++ link_info.warn_shared_textrel = TRUE; + link_info.sharable_sections = FALSE; +--- binutils/ld/testsuite/lib/ld-lib.exp ++++ binutils/ld/testsuite/lib/ld-lib.exp +@@ -181,6 +181,10 @@ proc default_ld_simple_link { ld target + # symbol, since the default linker script might use ENTRY. + regsub -all "(^|\n)(\[^\n\]*: warning: cannot find entry symbol\[^\n\]*\n?)" $exec_output "\\1" exec_output + ++ # Gentoo tweak: ++ # We want to ignore TEXTREL warnings since we force enable them by default ++ regsub -all "^.*ld-new: warning: creating a DT_TEXTREL in object\." $exec_output "\\1" exec_output ++ + if [string match "" $exec_output] then { + return 1 + } else { +@@ -899,6 +903,10 @@ + remote_file build delete "ld.tmp" + set cmdret [lindex $cmdret 0] + ++ # Gentoo tweak: ++ # We want to ignore TEXTREL warnings since we force enable them by default ++ regsub -all "^.*ld-new: warning: creating a DT_TEXTREL in object\." $comp_output "\\1" comp_output ++ + if { $cmdret == 0 && $run_objcopy } { + set infile $objfile + set objfile "tmpdir/dump1" + +this sucks, but the warn test explicitly checks for textrels, and we +change/filter that output with the above hunks + +--- binutils/ld/testsuite/ld-i386/i386.exp ++++ binutils/ld/testsuite/ld-i386/i386.exp +@@ -176,7 +176,7 @@ + run_dump_test "pcrel16" + run_dump_test "pcrel16abs" + run_dump_test "alloc" +-run_dump_test "warn1" ++#run_dump_test "warn1" + run_dump_test "tlsgd2" + run_dump_test "tlsie2" + run_dump_test "tlsie3"