From patchwork Tue Aug 13 10:04:29 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yann E. MORIN" <yann.morin@orange.com>
X-Patchwork-Id: 1971870
Return-Path: <buildroot-bounces@buildroot.org>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org
 (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org;
 envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)
Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4Wjn730FYLz1yYl
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Tue, 13 Aug 2024 20:04:47 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp1.osuosl.org (Postfix) with ESMTP id AB4F580AC4;
	Tue, 13 Aug 2024 10:04:41 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
 by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id Q_NJLSQ7mnbS; Tue, 13 Aug 2024 10:04:40 +0000 (UTC)
X-Comment: SPF check N/A for local connections - client-ip=140.211.166.34;
 helo=ash.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;
 receiver=<UNKNOWN>
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org F2F4F80C4C
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp1.osuosl.org (Postfix) with ESMTP id F2F4F80C4C;
	Tue, 13 Aug 2024 10:04:39 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
 by ash.osuosl.org (Postfix) with ESMTP id B3C5F1BF35F
 for <buildroot@lists.busybox.net>; Tue, 13 Aug 2024 10:04:36 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp2.osuosl.org (Postfix) with ESMTP id ADCE6403AF
 for <buildroot@lists.busybox.net>; Tue, 13 Aug 2024 10:04:36 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp2.osuosl.org ([127.0.0.1])
 by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id T78vaZxw92Xr for <buildroot@lists.busybox.net>;
 Tue, 13 Aug 2024 10:04:35 +0000 (UTC)
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=80.12.210.124;
 helo=smtp-out.orange.com; envelope-from=yann.morin@orange.com;
 receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org 2319640327
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 2319640327
Received: from smtp-out.orange.com (smtp-out.orange.com [80.12.210.124])
 by smtp2.osuosl.org (Postfix) with ESMTPS id 2319640327
 for <buildroot@buildroot.org>; Tue, 13 Aug 2024 10:04:34 +0000 (UTC)
Received: from unknown (HELO opfedv1rlp0f.nor.fr.ftgroup) ([x.x.x.x]) by
 smtp-out.orange.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Aug 2024 12:04:33 +0200
Received: from unknown (HELO OPE16NORMBX305.corporate.adroot.infra.ftgroup)
 ([x.x.x.x]) by opfedv1rlp0f.nor.fr.ftgroup with
 ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 13 Aug 2024 12:04:34 +0200
Received: from tl-lnx-nyma7486-2 [x.x.x.x] by
 OPE16NORMBX305.corporate.adroot.infra.ftgroup [x.x.x.x] with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.39; Tue, 13 Aug 2024 12:04:31 +0200
Received: by tl-lnx-nyma7486-2 (sSMTP sendmail emulation);
 Tue, 13 Aug 2024 12:04:31 +0200
X-IronPort-AV: E=Sophos;i="6.09,285,1716242400"; d="scan'208";a="178510881"
From: <yann.morin@orange.com>
To: <buildroot@buildroot.org>
Date: Tue, 13 Aug 2024 12:04:29 +0200
Message-ID: 
 <0273851a98aad3af35b660c047ee64ddb1276271.1723543467.git.yann.morin@orange.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1723543467.git.yann.morin@orange.com>
References: <cover.1723543467.git.yann.morin@orange.com>
MIME-Version: 1.0
X-Originating-IP: [10.115.27.51]
X-ClientProxiedBy: OPE16NORMBX405.corporate.adroot.infra.ftgroup
 (10.115.27.14) To OPE16NORMBX305.corporate.adroot.infra.ftgroup
 (10.115.27.10)
X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=orange.com; i=@orange.com; q=dns/txt; s=orange002;
 t=1723543475; x=1755079475;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=vb7gG2Ml6mWEzoUbpKb/2ToIjRZhRU9PxiW1zIoaDY4=;
 b=i2tqOg7xpC+ntzlV5+ZwJc/be28j5YIOXhBX2uWgjUCqfQ8aCaLhNtdb
 VM1cgK6h2uIBl93iEcsKUnqXEaolc/7rn2nClXsNML0jqRQkt6yzR3xDL
 B5YhOKx2TKuDHqrA+0v6d3ioHhTY3jnEL4S0eqJje068/X+xAAGXmXIpT
 W/bAROsUHgunUXrrTNZg0+f3gf/nPLNxCm+7ORQeWxFwf8cbm1wqBrXvc
 yMTIUPphSbr4aDXbNE3fjPwssnjqggR8EZqgj+zYLr2efaPk7itBKKmcE
 nHtwS2SbwMWh37StCeT7xVPsdsPd5vh9Udc5lBl6jqynp9OSLCytWNCfC
 A==;
X-Mailman-Original-Authentication-Results: smtp2.osuosl.org;
 dmarc=pass (p=none dis=none)
 header.from=orange.com
X-Mailman-Original-Authentication-Results: smtp2.osuosl.org;
 dkim=pass (2048-bit key,
 unprotected) header.d=orange.com header.i=@orange.com header.a=rsa-sha256
 header.s=orange002 header.b=i2tqOg7x
Subject: [Buildroot] [PATCH 1/3] toolchain/wrapper: check unsafe paths
 earlier
X-BeenThere: buildroot@buildroot.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.buildroot.org>
List-Unsubscribe: <https://lists.buildroot.org/mailman/options/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=unsubscribe>
List-Archive: <http://lists.buildroot.org/pipermail/buildroot/>
List-Post: <mailto:buildroot@buildroot.org>
List-Help: <mailto:buildroot-request@buildroot.org?subject=help>
List-Subscribe: <https://lists.buildroot.org/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=subscribe>
Cc: Romain Naour <romain.naour@gmail.com>, yann.morin@orange.com,
 Giulio Benetti <giulio.benetti@benettiengineering.com>,
 Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Errors-To: buildroot-bounces@buildroot.org
Sender: "buildroot" <buildroot-bounces@buildroot.org>

From: "Yann E. MORIN" <yann.morin@orange.com>

We currently check for unsafe paths right between adding our arguments,
and adding the one passed from the command line. This not very
consistent.

Unsafe paths can only come from the command line, as we are not adding
any of our own (hopefully, we know better!), so we can run the check as
early as possible.

Move the check very early, but not before we handle --help.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
 toolchain/toolchain-wrapper.c | 44 +++++++++++++++++------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/toolchain/toolchain-wrapper.c b/toolchain/toolchain-wrapper.c
index e436889760..03977eb408 100644
--- a/toolchain/toolchain-wrapper.c
+++ b/toolchain/toolchain-wrapper.c
@@ -321,6 +321,28 @@ int main(int argc, char **argv)
 		}
 	}
 
+	/* Check for unsafe library and header paths */
+	for (i = 1; i < argc; i++) {
+		const struct str_len_s *opt;
+		for (opt=unsafe_opts; opt->str; opt++ ) {
+			/* Skip any non-unsafe option. */
+			if (strncmp(argv[i], opt->str, opt->len))
+				continue;
+
+			/* Handle both cases:
+			 *  - path is a separate argument,
+			 *  - path is concatenated with option.
+			 */
+			if (argv[i][opt->len] == '\0') {
+				i++;
+				if (i == argc)
+					break;
+				check_unsafe_path(argv[i-1], argv[i], 0);
+			} else
+				check_unsafe_path(argv[i], argv[i] + opt->len, 1);
+		}
+	}
+
 #ifdef BR_CCACHE
 	ret = snprintf(ccache_path, sizeof(ccache_path), "%s/bin/ccache", absbasedir);
 	if (ret >= sizeof(ccache_path)) {
@@ -474,28 +496,6 @@ int main(int argc, char **argv)
 #endif
 	}
 
-	/* Check for unsafe library and header paths */
-	for (i = 1; i < argc; i++) {
-		const struct str_len_s *opt;
-		for (opt=unsafe_opts; opt->str; opt++ ) {
-			/* Skip any non-unsafe option. */
-			if (strncmp(argv[i], opt->str, opt->len))
-				continue;
-
-			/* Handle both cases:
-			 *  - path is a separate argument,
-			 *  - path is concatenated with option.
-			 */
-			if (argv[i][opt->len] == '\0') {
-				i++;
-				if (i == argc)
-					break;
-				check_unsafe_path(argv[i-1], argv[i], 0);
-			} else
-				check_unsafe_path(argv[i], argv[i] + opt->len, 1);
-		}
-	}
-
 	/* append forward args */
 	memcpy(cur, &argv[1], sizeof(char *) * (argc - 1));
 	cur += argc - 1;

From patchwork Tue Aug 13 10:04:30 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yann E. MORIN" <yann.morin@orange.com>
X-Patchwork-Id: 1971871
Return-Path: <buildroot-bounces@buildroot.org>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org
 (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org;
 envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)
Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4Wjn754k6Gz1yYl
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Tue, 13 Aug 2024 20:04:49 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp1.osuosl.org (Postfix) with ESMTP id C9B4480C83;
	Tue, 13 Aug 2024 10:04:46 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
 by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id 9eiY9iXL8vKc; Tue, 13 Aug 2024 10:04:44 +0000 (UTC)
X-Comment: SPF check N/A for local connections - client-ip=140.211.166.34;
 helo=ash.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;
 receiver=<UNKNOWN>
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 44C0880CC7
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp1.osuosl.org (Postfix) with ESMTP id 44C0880CC7;
	Tue, 13 Aug 2024 10:04:43 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
 by ash.osuosl.org (Postfix) with ESMTP id 8C5841BF35F
 for <buildroot@lists.busybox.net>; Tue, 13 Aug 2024 10:04:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp2.osuosl.org (Postfix) with ESMTP id 79D99403AF
 for <buildroot@lists.busybox.net>; Tue, 13 Aug 2024 10:04:39 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp2.osuosl.org ([127.0.0.1])
 by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id vkmCcplDhQKb for <buildroot@lists.busybox.net>;
 Tue, 13 Aug 2024 10:04:38 +0000 (UTC)
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=80.12.126.237;
 helo=smtp-out.orange.com; envelope-from=yann.morin@orange.com;
 receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org 03B6A40327
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 03B6A40327
Received: from smtp-out.orange.com (smtp-out.orange.com [80.12.126.237])
 by smtp2.osuosl.org (Postfix) with ESMTPS id 03B6A40327
 for <buildroot@buildroot.org>; Tue, 13 Aug 2024 10:04:37 +0000 (UTC)
Received: from unknown (HELO opfedv1rlp0e.nor.fr.ftgroup) ([x.x.x.x]) by
 smtp-out.orange.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Aug 2024 12:04:35 +0200
Received: from unknown (HELO OPE16NORMBX305.corporate.adroot.infra.ftgroup)
 ([x.x.x.x]) by opfedv1rlp0e.nor.fr.ftgroup with
 ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 13 Aug 2024 12:04:35 +0200
Received: from tl-lnx-nyma7486-2 [x.x.x.x] by
 OPE16NORMBX305.corporate.adroot.infra.ftgroup [x.x.x.x] with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.39; Tue, 13 Aug 2024 12:04:33 +0200
Received: by tl-lnx-nyma7486-2 (sSMTP sendmail emulation);
 Tue, 13 Aug 2024 12:04:33 +0200
X-IronPort-AV: E=Sophos;i="6.09,285,1716242400"; d="scan'208";a="178820188"
From: <yann.morin@orange.com>
To: <buildroot@buildroot.org>
Date: Tue, 13 Aug 2024 12:04:30 +0200
Message-ID: 
 <e4024c6c1e1825bd52ab14faafbc7655d3074eb3.1723543467.git.yann.morin@orange.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1723543467.git.yann.morin@orange.com>
References: <cover.1723543467.git.yann.morin@orange.com>
MIME-Version: 1.0
X-Originating-IP: [10.115.27.53]
X-ClientProxiedBy: OPE16NORMBX304.corporate.adroot.infra.ftgroup
 (10.115.26.13) To OPE16NORMBX305.corporate.adroot.infra.ftgroup
 (10.115.27.10)
X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=orange.com; i=@orange.com; q=dns/txt; s=orange002;
 t=1723543478; x=1755079478;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=IzwiRKOSnQU0zVLmvHf1iUtZQq7BmS4AdDoEwz+2r+k=;
 b=CiGtYZx3qwRwgVnn9uvs4PI91ofCMvoAmqSn5lxABCLuFmrnIndx107l
 J0DA/YdgMD+0LA1wdHsh/EKvucUEuclVoi4Nhxz9uudjiWSKuVYEv+olX
 DcxdpnGPXztXRfwZXO22L+bjcQFes2fAz81popGa7AIdUSkJlC+ves0bI
 ud+TsGrpUpN+7qLKVmOD9qzqHv8luWY9YSV2v3t6hVu8kuOdsVG2a+OFw
 Rrn12+a51uHmHYkB/hAmRy5ImRj8V//8rg/MRp6H9nDxGIe8IoARnc++c
 WhO0aq8U7fN3vUw8X3wO8xmKOyQGUmzcvtWcNPMUzctkt/oQErX8++Hiu
 g==;
X-Mailman-Original-Authentication-Results: smtp2.osuosl.org;
 dmarc=pass (p=none dis=none)
 header.from=orange.com
X-Mailman-Original-Authentication-Results: smtp2.osuosl.org;
 dkim=pass (2048-bit key,
 unprotected) header.d=orange.com header.i=@orange.com header.a=rsa-sha256
 header.s=orange002 header.b=CiGtYZx3
Subject: [Buildroot] [PATCH 2/3] toolchain/wrapper: check we did not add
 more args than expected
X-BeenThere: buildroot@buildroot.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.buildroot.org>
List-Unsubscribe: <https://lists.buildroot.org/mailman/options/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=unsubscribe>
List-Archive: <http://lists.buildroot.org/pipermail/buildroot/>
List-Post: <mailto:buildroot@buildroot.org>
List-Help: <mailto:buildroot-request@buildroot.org?subject=help>
List-Subscribe: <https://lists.buildroot.org/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=subscribe>
Cc: Romain Naour <romain.naour@gmail.com>, yann.morin@orange.com,
 Giulio Benetti <giulio.benetti@benettiengineering.com>,
 Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Errors-To: buildroot-bounces@buildroot.org
Sender: "buildroot" <buildroot-bounces@buildroot.org>

From: "Yann E. MORIN" <yann.morin@orange.com>

We have a hard-coded constant that defines how many expected args we may
conditionally add at most, but it is very easy to miss updating that
when adding new conditional args.

Add a check that we did not overshoot the allowance.

Ideally, we would have a nice way to add to, and extend the *args array
dynamically, but this would be quite costly, while the wrapper is a hot
path to the compiler. So, this test is a better solution in the end: it
is simple and cheap.

Note that this would only trigger at runtime when all conditional args
are added, which can only happen in special conditions, so local testing
might not always catch it.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
 toolchain/toolchain-wrapper.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/toolchain/toolchain-wrapper.c b/toolchain/toolchain-wrapper.c
index 03977eb408..7647a1a12d 100644
--- a/toolchain/toolchain-wrapper.c
+++ b/toolchain/toolchain-wrapper.c
@@ -240,7 +240,7 @@ bool parse_source_date_epoch_from_env(void)
 
 int main(int argc, char **argv)
 {
-	char **args, **cur, **exec_args;
+	char **args, **cur, **exec_args, **cond_args;
 	char *relbasedir, *absbasedir;
 	char *progpath = argv[0];
 	char *basename;
@@ -365,7 +365,7 @@ int main(int argc, char **argv)
 
 	/* start with predefined args */
 	memcpy(cur, predef_args, sizeof(predef_args));
-	cur += sizeof(predef_args) / sizeof(predef_args[0]);
+	cond_args = cur += sizeof(predef_args) / sizeof(predef_args[0]);
 
 #ifdef BR_FLOAT_ABI
 	/* add float abi if not overridden in args */
@@ -496,6 +496,13 @@ int main(int argc, char **argv)
 #endif
 	}
 
+	/* Check that we did not add more conditional args than we expected */
+	if ((cur-cond_args) > EXCLUSIVE_ARGS) {
+		errno = E2BIG;
+		perror(__FILE__ ": Not enough EXCLUSIVE_ARGS");
+		return 3;
+	}
+
 	/* append forward args */
 	memcpy(cur, &argv[1], sizeof(char *) * (argc - 1));
 	cur += argc - 1;

From patchwork Tue Aug 13 10:04:31 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: "Yann E. MORIN" <yann.morin@orange.com>
X-Patchwork-Id: 1971872
Return-Path: <buildroot-bounces@buildroot.org>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org
 (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org;
 envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)
Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4Wjn776vlBz1yYl
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Tue, 13 Aug 2024 20:04:51 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp1.osuosl.org (Postfix) with ESMTP id 2707280C62;
	Tue, 13 Aug 2024 10:04:50 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
 by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id Z3e7ASVhgrMp; Tue, 13 Aug 2024 10:04:48 +0000 (UTC)
X-Comment: SPF check N/A for local connections - client-ip=140.211.166.34;
 helo=ash.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;
 receiver=<UNKNOWN>
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 323B680E3D
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp1.osuosl.org (Postfix) with ESMTP id 323B680E3D;
	Tue, 13 Aug 2024 10:04:48 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
 by ash.osuosl.org (Postfix) with ESMTP id C976C1BF35F
 for <buildroot@lists.busybox.net>; Tue, 13 Aug 2024 10:04:40 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp1.osuosl.org (Postfix) with ESMTP id B268380C6C
 for <buildroot@lists.busybox.net>; Tue, 13 Aug 2024 10:04:40 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
 by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id w69tNFuoVLD0 for <buildroot@lists.busybox.net>;
 Tue, 13 Aug 2024 10:04:39 +0000 (UTC)
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=80.12.210.123;
 helo=smtp-out.orange.com; envelope-from=yann.morin@orange.com;
 receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp1.osuosl.org 110CD80ADC
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 110CD80ADC
Received: from smtp-out.orange.com (smtp-out.orange.com [80.12.210.123])
 by smtp1.osuosl.org (Postfix) with ESMTPS id 110CD80ADC
 for <buildroot@buildroot.org>; Tue, 13 Aug 2024 10:04:36 +0000 (UTC)
Received: from unknown (HELO opfedv1rlp0h.nor.fr.ftgroup) ([x.x.x.x]) by
 smtp-out.orange.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Aug 2024 12:04:36 +0200
Received: from unknown (HELO OPE16NORMBX305.corporate.adroot.infra.ftgroup)
 ([x.x.x.x]) by opfedv1rlp0h.nor.fr.ftgroup with
 ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 13 Aug 2024 12:04:36 +0200
Received: from tl-lnx-nyma7486-2 [x.x.x.x] by
 OPE16NORMBX305.corporate.adroot.infra.ftgroup [x.x.x.x] with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.39; Tue, 13 Aug 2024 12:04:35 +0200
Received: by tl-lnx-nyma7486-2 (sSMTP sendmail emulation);
 Tue, 13 Aug 2024 12:04:34 +0200
X-IronPort-AV: E=Sophos;i="6.09,285,1716242400"; d="scan'208";a="178909847"
From: <yann.morin@orange.com>
To: <buildroot@buildroot.org>
Date: Tue, 13 Aug 2024 12:04:31 +0200
Message-ID: 
 <8402ba3c5551505159a155c5cf0fc5b58c6a3614.1723543467.git.yann.morin@orange.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1723543467.git.yann.morin@orange.com>
References: <cover.1723543467.git.yann.morin@orange.com>
MIME-Version: 1.0
X-Originating-IP: [10.115.27.53]
X-ClientProxiedBy: OPE16NORMBX304.corporate.adroot.infra.ftgroup
 (10.115.26.13) To OPE16NORMBX305.corporate.adroot.infra.ftgroup
 (10.115.27.10)
X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=orange.com; i=@orange.com; q=dns/txt; s=orange002;
 t=1723543477; x=1755079477;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=l4uh5wF4iKBQtWel4atvYvt7fCxgrOAANsi9NDvrcpI=;
 b=nFj/U6djW/95KvtUaWdhC+MRO6BUmdOJ0Mt6yan93fDm/0GHGM7hhCaN
 Cgl58uzcLdZs24ogvrk32fh/qNnhUvjIKm2i3msNQPqSZx4eV4lxOzNts
 rQUKPaQTol5lgvdh23S1uJuDBRt3KJlscdOThCwS65y3QDq+60UHlpjVC
 AUsU4ISjjki3nvBYHhhF+DXDSqRbKs8KUeusNxbc15U550b1oP2ShiAiV
 dTxckK4gdqu0HGR1CgaFt2LsUtcgUJ/+GEzAMo2XCcmvoFeQ7fRPmxtal
 5/1oCpRzPHQDauZFmxz0AqSEVxLXmh/uPE8GIxiDI/yPkk6HPmTvJzyCd
 w==;
X-Mailman-Original-Authentication-Results: smtp1.osuosl.org;
 dmarc=pass (p=none dis=none)
 header.from=orange.com
X-Mailman-Original-Authentication-Results: smtp1.osuosl.org;
 dkim=pass (2048-bit key) header.d=orange.com header.i=@orange.com
 header.a=rsa-sha256 header.s=orange002 header.b=nFj/U6dj
Subject: [Buildroot] [PATCH 3/3] toolchain/wrapper: move -ztext from LDFLAGS
 to toolchain wrapper
X-BeenThere: buildroot@buildroot.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.buildroot.org>
List-Unsubscribe: <https://lists.buildroot.org/mailman/options/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=unsubscribe>
List-Archive: <http://lists.buildroot.org/pipermail/buildroot/>
List-Post: <mailto:buildroot@buildroot.org>
List-Help: <mailto:buildroot-request@buildroot.org?subject=help>
List-Subscribe: <https://lists.buildroot.org/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=subscribe>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>,
 Romain Naour <romain.naour@gmail.com>, yann.morin@orange.com,
	=?utf-8?b?SiAuIE5ldXNjaMOkZmVy?= <j.neuschaefer@gmx.net>,
 Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Errors-To: buildroot-bounces@buildroot.org
Sender: "buildroot" <buildroot-bounces@buildroot.org>

From: "Yann E. MORIN" <yann.morin@orange.com>

Passing linker flags via LDFLAGS is notoriously fragile: packages either
use LDFLAGS with the gcc frontend, or directly with ld. This means that
care must be taken to only pass flags that are recognised by both gcc
and ld, which usually proves a bit challenging, as bd035872be99
(package/Makefile.in: Use "-z text" instead of "-Wl, -z, text")
demonstrates (later ammended by 3a39e706a91a).

It turns out that we already have a better, robust way of passing
LDFLAGS via the gcc frotned: the toolchain wrapper, which we already use
to pass relro for example.

We can revert back to using -Wl,-z,text, as we're sure whis is going to
be a call to the gcc frontend (the wrapper is not used for ld), which
makes it consistent with the other similar args for -z relro and -z now.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: J. Neuschäfer <j.neuschaefer@gmx.net>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Markus Mayer <mmayer@broadcom.com>
---
 package/Makefile.in            | 19 -------------------
 toolchain/toolchain-wrapper.c  |  6 +++++-
 toolchain/toolchain-wrapper.mk |  9 +++++++++
 3 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/package/Makefile.in b/package/Makefile.in
index 808b71a93e..47a89f1ae1 100644
--- a/package/Makefile.in
+++ b/package/Makefile.in
@@ -149,25 +149,6 @@ endif
 
 TARGET_LDFLAGS = $(call qstrip,$(BR2_TARGET_LDFLAGS))
 
-# musl's dynamic loader doesn't support DT_TEXTREL, which results in a runtime
-# crash if it gets used. The "-z text" linker option issues a build-time error
-# when DT_TEXREL is used, so we capture the problem earlier.
-#
-# See also: https://www.openwall.com/lists/musl/2020/09/25/4
-#
-# NOTE: We're using "-ztext" instead of "-Wl,-z,text" here, because some
-# packages pass TARGET_LDFLAGS directly to ld rather than gcc, and ld doesn't
-# support -Wl,[...]. -z is supported by both gcc and clang, so it probably
-# won't cause us problems.
-#
-# We're using "-ztext" instead of "-z text" here, because some buildsystems
-# (like scons, for gpsd) will reorder and/or drop LDFLAGS, causing a lone
-# "-z" to be passed and the "text" keyword to be dropped otherwise. Both
-# gcc and ld supports that, so it probably won't cause us problems.
-ifeq ($(BR2_TOOLCHAIN_USES_MUSL):$(BR2_STATIC_LIBS),y:)
-TARGET_LDFLAGS += -ztext
-endif
-
 # By design, _FORTIFY_SOURCE requires gcc optimization to be enabled.
 # Therefore, we need to pass _FORTIFY_SOURCE and the optimization level
 # through the same mechanism, i.e currently through CFLAGS. Passing
diff --git a/toolchain/toolchain-wrapper.c b/toolchain/toolchain-wrapper.c
index 7647a1a12d..de54f838ec 100644
--- a/toolchain/toolchain-wrapper.c
+++ b/toolchain/toolchain-wrapper.c
@@ -51,10 +51,11 @@ static char _date_[sizeof("-D__DATE__=\"MMM DD YYYY\"")];
  * 	-Wno-builtin-macro-redefined
  * 	-Wl,-z,now
  * 	-Wl,-z,relro
+ * 	-Wl,-z,text
  * 	-fPIE
  * 	-pie
  */
-#define EXCLUSIVE_ARGS	10
+#define EXCLUSIVE_ARGS	11
 
 static char *predef_args[] = {
 #ifdef BR_CCACHE
@@ -486,6 +487,9 @@ int main(int argc, char **argv)
 			break;
 	}
 	if (i == argc) {
+#ifdef BR2_ZTEXT
+		*cur++ = "-Wl,-z,text";
+#endif
 		/* https://wiki.gentoo.org/wiki/Hardened/Toolchain#Mark_Read-Only_Appropriate_Sections */
 #ifdef BR2_RELRO_PARTIAL
 		*cur++ = "-Wl,-z,relro";
diff --git a/toolchain/toolchain-wrapper.mk b/toolchain/toolchain-wrapper.mk
index cbf46f15fa..d605e41f2c 100644
--- a/toolchain/toolchain-wrapper.mk
+++ b/toolchain/toolchain-wrapper.mk
@@ -83,6 +83,15 @@ else ifeq ($(BR2_RELRO_FULL),y)
 TOOLCHAIN_WRAPPER_ARGS += -DBR2_RELRO_FULL
 endif
 
+# musl's dynamic loader doesn't support DT_TEXTREL, which results in a runtime
+# crash if it gets used. The "-z text" linker option issues a build-time error
+# when DT_TEXREL is used, so we capture the problem earlier.
+#
+# See also: https://www.openwall.com/lists/musl/2020/09/25/4
+ifeq ($(BR2_TOOLCHAIN_USES_MUSL):$(BR2_STATIC_LIBS),y:)
+TOOLCHAIN_WRAPPER_ARGS += -DBR2_ZTEXT
+endif
+
 define TOOLCHAIN_WRAPPER_BUILD
 	$(HOSTCC) $(HOST_CFLAGS) $(TOOLCHAIN_WRAPPER_ARGS) \
 		-s -Wl,--hash-style=$(TOOLCHAIN_WRAPPER_HASH_STYLE) \