From 0bec37b6454673b2f1d0cf7c408a6cacd0185bf8 Mon Sep 17 00:00:00 2001 From: Lada Trimasova Date: Mon, 18 Jan 2016 17:44:13 +0300 Subject: [PATCH] trousers: disable pie option on ARC ARC gcc understands "-pie" option and attempts to generate PIE binaries as of today PIE is not really supported for user-space applications. So we provide option which checks if compiler understands relro and pie options and disable PIE detection if building for ARC. Also AUTORECONF option should be added because of modified configure.in and Makefile.am files. Signed-off-by: Lada Trimasova Cc: Alexey Brodkin Cc: Thomas Petazzoni Cc: Peter Korsgaard Signed-off-by: Lada Trimasova > Signed-off-by: Thomas Petazzoni --- ...er-understands-pie-and-relro-options.patch | 215 ++++++++++++++++++ package/trousers/trousers.mk | 9 + 2 files changed, 224 insertions(+) create mode 100644 package/trousers/0002-Check-if-the-compiler-understands-pie-and-relro-options.patch diff --git a/package/trousers/0002-Check-if-the-compiler-understands-pie-and-relro-options.patch b/package/trousers/0002-Check-if-the-compiler-understands-pie-and-relro-options.patch new file mode 100644 index 0000000000..3275b76a2c --- /dev/null +++ b/package/trousers/0002-Check-if-the-compiler-understands-pie-and-relro-options.patch @@ -0,0 +1,215 @@ +From 9abda1bb380bdbef1affaec381742ced394ca118 Mon Sep 17 00:00:00 2001 +From: Lada Trimasova +Date: Mon, 18 Jan 2016 15:58:19 +0300 +Subject: [PATCH] Check if the compiler understands pie and relro options + +-pie and -fpie enable the building of position-independent +executables, and -Wl,-z,relro turns on read-only relocation support in gcc. +Add checks to ensure that the compiler and linker understand these options. + +Signed-off-by: Lada Trimasova +--- + configure.in | 5 +++ + m4/ax_check_compile_flag.m4 | 72 ++++++++++++++++++++++++++++++++++++ + m4/ax_check_link_flag.m4 | 71 +++++++++++++++++++++++++++++++++++ + src/tcsd/Makefile.am | 4 +- + 4 files changed, 150 insertions(+), 2 deletions(-) + create mode 100644 m4/ax_check_compile_flag.m4 + create mode 100644 m4/ax_check_link_flag.m4 + +diff --git a/configure.in b/configure.in +index add23dc..9603353 100644 +--- a/configure.in ++++ b/configure.in +@@ -12,6 +12,7 @@ TSS_VER_MINOR=3 + # compute $target + AC_CANONICAL_TARGET + AM_INIT_AUTOMAKE([foreign 1.6]) ++AC_CONFIG_MACRO_DIR([m4]) + + # Debugging support + AC_ARG_ENABLE([debug], +@@ -383,6 +384,10 @@ elif test x"${prefix}" = x"NONE"; then + localstatedir="/usr/local/var" + fi + ++AX_CHECK_COMPILE_FLAG([-fPIE -DPIE], [PIE_CFLAGS="-fPIE -DPIE"]) ++AX_CHECK_LINK_FLAG([-pie], [PIE_LDFLAGS="$PIE_LDFLAGS -pie"]) ++AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="$LDFLAGS -Wl,-z,relro"]) ++ + AC_OUTPUT(dist/tcsd.conf \ + dist/fedora/trousers.spec \ + dist/trousers.spec \ +diff --git a/m4/ax_check_compile_flag.m4 b/m4/ax_check_compile_flag.m4 +new file mode 100644 +index 0000000..c3a8d69 +--- /dev/null ++++ b/m4/ax_check_compile_flag.m4 +@@ -0,0 +1,72 @@ ++# =========================================================================== ++# http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS]) ++# ++# DESCRIPTION ++# ++# Check whether the given FLAG works with the current language's compiler ++# or gives an error. (Warnings, however, are ignored) ++# ++# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on ++# success/failure. ++# ++# If EXTRA-FLAGS is defined, it is added to the current language's default ++# flags (e.g. CFLAGS) when the check is done. The check is thus made with ++# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to ++# force the compiler to issue an error when a bad flag is given. ++# ++# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this ++# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG. ++# ++# LICENSE ++# ++# Copyright (c) 2008 Guido U. Draheim ++# Copyright (c) 2011 Maarten Bosmans ++# ++# This program is free software: you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation, either version 3 of the License, or (at your ++# option) any later version. ++# ++# This program is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General ++# Public License for more details. ++# ++# You should have received a copy of the GNU General Public License along ++# with this program. If not, see . ++# ++# As a special exception, the respective Autoconf Macro's copyright owner ++# gives unlimited permission to copy, distribute and modify the configure ++# scripts that are the output of Autoconf when processing the Macro. You ++# need not follow the terms of the GNU General Public License when using ++# or distributing such scripts, even though portions of the text of the ++# Macro appear in them. The GNU General Public License (GPL) does govern ++# all other use of the material that constitutes the Autoconf Macro. ++# ++# This special exception to the GPL applies to versions of the Autoconf ++# Macro released by the Autoconf Archive. When you make and distribute a ++# modified version of the Autoconf Macro, you may extend this special ++# exception to the GPL to apply to your modified version as well. ++ ++#serial 2 ++ ++AC_DEFUN([AX_CHECK_COMPILE_FLAG], ++[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX ++AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl ++AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [ ++ ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS ++ _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1" ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], ++ [AS_VAR_SET(CACHEVAR,[yes])], ++ [AS_VAR_SET(CACHEVAR,[no])]) ++ _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags]) ++AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes], ++ [m4_default([$2], :)], ++ [m4_default([$3], :)]) ++AS_VAR_POPDEF([CACHEVAR])dnl ++])dnl AX_CHECK_COMPILE_FLAGS +diff --git a/m4/ax_check_link_flag.m4 b/m4/ax_check_link_flag.m4 +new file mode 100644 +index 0000000..e2d0d36 +--- /dev/null ++++ b/m4/ax_check_link_flag.m4 +@@ -0,0 +1,71 @@ ++# =========================================================================== ++# http://www.gnu.org/software/autoconf-archive/ax_check_link_flag.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_CHECK_LINK_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS]) ++# ++# DESCRIPTION ++# ++# Check whether the given FLAG works with the linker or gives an error. ++# (Warnings, however, are ignored) ++# ++# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on ++# success/failure. ++# ++# If EXTRA-FLAGS is defined, it is added to the linker's default flags ++# when the check is done. The check is thus made with the flags: "LDFLAGS ++# EXTRA-FLAGS FLAG". This can for example be used to force the linker to ++# issue an error when a bad flag is given. ++# ++# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this ++# macro in sync with AX_CHECK_{PREPROC,COMPILE}_FLAG. ++# ++# LICENSE ++# ++# Copyright (c) 2008 Guido U. Draheim ++# Copyright (c) 2011 Maarten Bosmans ++# ++# This program is free software: you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation, either version 3 of the License, or (at your ++# option) any later version. ++# ++# This program is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General ++# Public License for more details. ++# ++# You should have received a copy of the GNU General Public License along ++# with this program. If not, see . ++# ++# As a special exception, the respective Autoconf Macro's copyright owner ++# gives unlimited permission to copy, distribute and modify the configure ++# scripts that are the output of Autoconf when processing the Macro. You ++# need not follow the terms of the GNU General Public License when using ++# or distributing such scripts, even though portions of the text of the ++# Macro appear in them. The GNU General Public License (GPL) does govern ++# all other use of the material that constitutes the Autoconf Macro. ++# ++# This special exception to the GPL applies to versions of the Autoconf ++# Macro released by the Autoconf Archive. When you make and distribute a ++# modified version of the Autoconf Macro, you may extend this special ++# exception to the GPL to apply to your modified version as well. ++ ++#serial 2 ++ ++AC_DEFUN([AX_CHECK_LINK_FLAG], ++[AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_ldflags_$4_$1])dnl ++AC_CACHE_CHECK([whether the linker accepts $1], CACHEVAR, [ ++ ax_check_save_flags=$LDFLAGS ++ LDFLAGS="$LDFLAGS $4 $1" ++ AC_LINK_IFELSE([AC_LANG_PROGRAM()], ++ [AS_VAR_SET(CACHEVAR,[yes])], ++ [AS_VAR_SET(CACHEVAR,[no])]) ++ LDFLAGS=$ax_check_save_flags]) ++AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes], ++ [m4_default([$2], :)], ++ [m4_default([$3], :)]) ++AS_VAR_POPDEF([CACHEVAR])dnl ++])dnl AX_CHECK_LINK_FLAGS +diff --git a/src/tcsd/Makefile.am b/src/tcsd/Makefile.am +index 2210734..6640ab2 100644 +--- a/src/tcsd/Makefile.am ++++ b/src/tcsd/Makefile.am +@@ -1,8 +1,8 @@ + sbin_PROGRAMS=tcsd + +-tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include -fPIE -DPIE ++tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include $(PIE_CFLAGS) + tcsd_LDADD=${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@ +-tcsd_LDFLAGS=-pie -Wl,-z,relro -Wl,-z,now ++tcsd_LDFLAGS=$(PIE_LDFLAGS) $(RELRO_LDFLAGS) + + tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c + +-- +2.5.0 + diff --git a/package/trousers/trousers.mk b/package/trousers/trousers.mk index 5ecab70f7e..70daa88172 100644 --- a/package/trousers/trousers.mk +++ b/package/trousers/trousers.mk @@ -10,6 +10,8 @@ TROUSERS_SITE = http://downloads.sourceforge.net/project/trousers/trousers/$(TRO TROUSERS_LICENSE = BSD-3c TROUSERS_LICENSE_FILES = LICENSE TROUSERS_INSTALL_STAGING = YES +# Need autoreconf because of a patch touching configure.in and Makefile.am +TROUSERS_AUTORECONF = YES TROUSERS_DEPENDENCIES = openssl ifeq ($(BR2_PACKAGE_LIBICONV),y) @@ -21,4 +23,11 @@ endif # workaround. TROUSERS_CONF_OPTS += --disable-usercheck +# uClibc toolchain for ARC doesn't support PIE at the moment +ifeq ($(BR2_arc),y) +TROUSERS_CONF_ENV += \ + ax_cv_check_cflags___fPIE__DPIE=no \ + ax_cv_check_ldflags___pie=no +endif + $(eval $(autotools-package)) -- 2.30.2