1 |
commit: e483cb18fde536893270e87aa39157da9ebda406 |
2 |
Author: David James <davidjames <AT> google <DOT> com> |
3 |
AuthorDate: Sat Apr 30 00:21:58 2011 +0000 |
4 |
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Apr 30 00:21:58 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=e483cb18 |
7 |
|
8 |
Check for references to ${ROOT} in install_qa_checks. |
9 |
|
10 |
When ROOT != /, binaries that reference ROOT will load their |
11 |
dependencies from ROOT first rather than from the system-configured |
12 |
path. This is a problem because the ROOT will be / on the target |
13 |
system. |
14 |
|
15 |
Besides the above, this patch also fixes incorrect parsing of scanelf |
16 |
output, where we would treat the RPATHs returned by scanelf as the |
17 |
names of binaries. |
18 |
|
19 |
TEST=When "stricter" FEATURE is enabled, verify that emerge |
20 |
fails when an ebuild references broken rpaths referencing |
21 |
ROOT. When "stricter" FEATURE is not enabled, verify that such |
22 |
references are automatically fixed. Also verify that ebuilds |
23 |
with non-broken RPATHs (e.g. RPATHs referencing $ORIGIN/../lib) |
24 |
are not touched by the change. |
25 |
|
26 |
BUG=chromium-os:14271 |
27 |
|
28 |
Change-Id: I4f29cc4ea9195a1255f080284da1f676e4a2c26b |
29 |
|
30 |
Review URL: http://codereview.chromium.org/6903153 |
31 |
|
32 |
--- |
33 |
bin/misc-functions.sh | 34 ++++++++++++++++++++++++++-------- |
34 |
1 files changed, 26 insertions(+), 8 deletions(-) |
35 |
|
36 |
diff --git a/bin/misc-functions.sh b/bin/misc-functions.sh |
37 |
index af0cc27..c310998 100755 |
38 |
--- a/bin/misc-functions.sh |
39 |
+++ b/bin/misc-functions.sh |
40 |
@@ -184,16 +184,37 @@ install_qa_check() { |
41 |
unset PORTAGE_QUIET |
42 |
fi |
43 |
|
44 |
- # Make sure we disallow insecure RUNPATH/RPATHs |
45 |
- # Don't want paths that point to the tree where the package was built |
46 |
- # (older, broken libtools would do this). Also check for null paths |
47 |
- # because the loader will search $PWD when it finds null paths. |
48 |
- f=$(scanelf -qyRF '%r %p' "${D}" | grep -E "(${PORTAGE_BUILDDIR}|: |::|^:|^ )") |
49 |
+ # Make sure we disallow insecure RUNPATH/RPATHs. |
50 |
+ # 1) References to PORTAGE_BUILDDIR are banned because it's a |
51 |
+ # security risk. We don't want to load files from a |
52 |
+ # temporary directory. |
53 |
+ # 2) If ROOT != "/", references to ROOT are banned because |
54 |
+ # that directory won't exist on the target system. |
55 |
+ # 3) Null paths are banned because the loader will search $PWD when |
56 |
+ # it finds null paths. |
57 |
+ local forbidden_dirs="${PORTAGE_BUILDDIR}" |
58 |
+ if [[ -n "$ROOT" ]] && [[ "$ROOT" != "/" ]]; then |
59 |
+ forbidden_dirs="${forbidden_dirs} ${ROOT}" |
60 |
+ fi |
61 |
+ local dir="" rpath_files=$(scanelf -F '%F:%r' -qBR "${D}") |
62 |
+ f="" |
63 |
+ for dir in ${forbidden_dirs}; do |
64 |
+ for l in $(echo "${rpath_files}" | grep -E ":${dir}|::|: "); do |
65 |
+ f+=" ${l%%:*}\n" |
66 |
+ if ! has stricter ${FEATURES}; then |
67 |
+ vecho "Auto fixing rpaths for ${l%%:*}" |
68 |
+ TMPDIR="${dir}" scanelf -BXr "${l%%:*}" -o /dev/null |
69 |
+ fi |
70 |
+ done |
71 |
+ done |
72 |
+ |
73 |
# Reject set*id binaries with $ORIGIN in RPATH #260331 |
74 |
x=$( |
75 |
find "${D}" -type f \( -perm -u+s -o -perm -g+s \) -print0 | \ |
76 |
xargs -0 scanelf -qyRF '%r %p' | grep '$ORIGIN' |
77 |
) |
78 |
+ |
79 |
+ # Print QA notice. |
80 |
if [[ -n ${f}${x} ]] ; then |
81 |
vecho -ne '\n' |
82 |
eqawarn "QA Notice: The following files contain insecure RUNPATHs" |
83 |
@@ -203,9 +224,6 @@ install_qa_check() { |
84 |
vecho -ne '\n' |
85 |
if [[ -n ${x} ]] || has stricter ${FEATURES} ; then |
86 |
insecure_rpath=1 |
87 |
- else |
88 |
- vecho "Auto fixing rpaths for ${f}" |
89 |
- TMPDIR=${PORTAGE_BUILDDIR} scanelf -BXr ${f} -o /dev/null |
90 |
fi |
91 |
fi |