mirror of
https://git.busybox.net/buildroot.git
synced 2024-11-27 15:33:28 +08:00
b8ec113eb1
Currently, we repeat all the SSP level selection deep down to the toolchain wrapper itself, where we eventually translate it to the actual SSP option to use. This is a bit redundant. Additionally, we will want to check that the toolchain actually supports that option (for those toolchain where it was backported). So, move the translation into kconfig, and add the qstrip'ed value to the additional flags passed to the wrapper. Add it before user-supplied opitons, to keep the previous behaviour (and allow anyone crazy-enough to override it with BR2_TARGET_OPTIMIZATION). Signed-off-by: "Yann E. MORIN" <yann.morin@orange.com> Cc: Matt Weber <matthew.weber@rockwellcollins.com> Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
533 lines
15 KiB
C
533 lines
15 KiB
C
/**
|
|
* Buildroot wrapper for toolchains. This simply executes the real toolchain
|
|
* with a number of arguments (sysroot/arch/..) hardcoded, to ensure the
|
|
* toolchain uses the correct configuration.
|
|
* The hardcoded path arguments are defined relative to the actual location
|
|
* of the binary.
|
|
*
|
|
* (C) 2011 Peter Korsgaard <jacmet@sunsite.dk>
|
|
* (C) 2011 Daniel Nyström <daniel.nystrom@timeterminal.se>
|
|
* (C) 2012 Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
|
|
* (C) 2013 Spenser Gilliland <spenser@gillilanding.com>
|
|
*
|
|
* This file is licensed under the terms of the GNU General Public License
|
|
* version 2. This program is licensed "as is" without any warranty of any
|
|
* kind, whether express or implied.
|
|
*/
|
|
|
|
#define _GNU_SOURCE
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <limits.h>
|
|
#include <unistd.h>
|
|
#include <stdlib.h>
|
|
#include <errno.h>
|
|
#include <time.h>
|
|
#include <stdbool.h>
|
|
|
|
#ifdef BR_CCACHE
|
|
static char ccache_path[PATH_MAX];
|
|
#endif
|
|
static char path[PATH_MAX];
|
|
static char sysroot[PATH_MAX];
|
|
/* As would be defined by gcc:
|
|
* https://gcc.gnu.org/onlinedocs/cpp/Standard-Predefined-Macros.html
|
|
* sizeof() on string literals includes the terminating \0. */
|
|
static char _time_[sizeof("-D__TIME__=\"HH:MM:SS\"")];
|
|
static char _date_[sizeof("-D__DATE__=\"MMM DD YYYY\"")];
|
|
|
|
/**
|
|
* GCC errors out with certain combinations of arguments (examples are
|
|
* -mfloat-abi={hard|soft} and -m{little|big}-endian), so we have to ensure
|
|
* that we only pass the predefined one to the real compiler if the inverse
|
|
* option isn't in the argument list.
|
|
* This specifies the worst case number of extra arguments we might pass
|
|
* Currently, we may have:
|
|
* -mfloat-abi=
|
|
* -march=
|
|
* -mcpu=
|
|
* -D__TIME__=
|
|
* -D__DATE__=
|
|
* -Wno-builtin-macro-redefined
|
|
* -Wl,-z,now
|
|
* -Wl,-z,relro
|
|
* -fPIE
|
|
* -pie
|
|
*/
|
|
#define EXCLUSIVE_ARGS 10
|
|
|
|
static char *predef_args[] = {
|
|
#ifdef BR_CCACHE
|
|
ccache_path,
|
|
#endif
|
|
path,
|
|
"--sysroot", sysroot,
|
|
#ifdef BR_ABI
|
|
"-mabi=" BR_ABI,
|
|
#endif
|
|
#ifdef BR_NAN
|
|
"-mnan=" BR_NAN,
|
|
#endif
|
|
#ifdef BR_FPU
|
|
"-mfpu=" BR_FPU,
|
|
#endif
|
|
#ifdef BR_SOFTFLOAT
|
|
"-msoft-float",
|
|
#endif /* BR_SOFTFLOAT */
|
|
#ifdef BR_MODE
|
|
"-m" BR_MODE,
|
|
#endif
|
|
#ifdef BR_64
|
|
"-m64",
|
|
#endif
|
|
#ifdef BR_OMIT_LOCK_PREFIX
|
|
"-Wa,-momit-lock-prefix=yes",
|
|
#endif
|
|
#ifdef BR_NO_FUSED_MADD
|
|
"-mno-fused-madd",
|
|
#endif
|
|
#ifdef BR_FP_CONTRACT_OFF
|
|
"-ffp-contract=off",
|
|
#endif
|
|
#ifdef BR_BINFMT_FLAT
|
|
"-Wl,-elf2flt",
|
|
#endif
|
|
#ifdef BR_MIPS_TARGET_LITTLE_ENDIAN
|
|
"-EL",
|
|
#endif
|
|
#if defined(BR_MIPS_TARGET_BIG_ENDIAN) || defined(BR_ARC_TARGET_BIG_ENDIAN)
|
|
"-EB",
|
|
#endif
|
|
#ifdef BR_ADDITIONAL_CFLAGS
|
|
BR_ADDITIONAL_CFLAGS
|
|
#endif
|
|
};
|
|
|
|
/* A {string,length} tuple, to avoid computing strlen() on constants.
|
|
* - str must be a \0-terminated string
|
|
* - len does not account for the terminating '\0'
|
|
*/
|
|
struct str_len_s {
|
|
const char *str;
|
|
size_t len;
|
|
};
|
|
|
|
/* Define a {string,length} tuple. Takes an unquoted constant string as
|
|
* parameter. sizeof() on a string literal includes the terminating \0,
|
|
* but we don't want to count it.
|
|
*/
|
|
#define STR_LEN(s) { #s, sizeof(#s)-1 }
|
|
|
|
/* List of paths considered unsafe for cross-compilation.
|
|
*
|
|
* An unsafe path is one that points to a directory with libraries or
|
|
* headers for the build machine, which are not suitable for the target.
|
|
*/
|
|
static const struct str_len_s unsafe_paths[] = {
|
|
STR_LEN(/lib),
|
|
STR_LEN(/usr/include),
|
|
STR_LEN(/usr/lib),
|
|
STR_LEN(/usr/local/include),
|
|
STR_LEN(/usr/local/lib),
|
|
{ NULL, 0 },
|
|
};
|
|
|
|
/* Unsafe options are options that specify a potentialy unsafe path,
|
|
* that will be checked by check_unsafe_path(), below.
|
|
*/
|
|
static const struct str_len_s unsafe_opts[] = {
|
|
STR_LEN(-I),
|
|
STR_LEN(-idirafter),
|
|
STR_LEN(-iquote),
|
|
STR_LEN(-isystem),
|
|
STR_LEN(-L),
|
|
{ NULL, 0 },
|
|
};
|
|
|
|
/* Check if path is unsafe for cross-compilation. Unsafe paths are those
|
|
* pointing to the standard native include or library paths.
|
|
*
|
|
* We print the arguments leading to the failure. For some options, gcc
|
|
* accepts the path to be concatenated to the argument (e.g. -I/foo/bar)
|
|
* or separated (e.g. -I /foo/bar). In the first case, we need only print
|
|
* the argument as it already contains the path (arg_has_path), while in
|
|
* the second case we need to print both (!arg_has_path).
|
|
*
|
|
* If paranoid, exit in error instead of just printing a warning.
|
|
*/
|
|
static void check_unsafe_path(const char *arg,
|
|
const char *path,
|
|
int paranoid,
|
|
int arg_has_path)
|
|
{
|
|
const struct str_len_s *p;
|
|
|
|
for (p=unsafe_paths; p->str; p++) {
|
|
if (strncmp(path, p->str, p->len))
|
|
continue;
|
|
fprintf(stderr,
|
|
"%s: %s: unsafe header/library path used in cross-compilation: '%s%s%s'\n",
|
|
program_invocation_short_name,
|
|
paranoid ? "ERROR" : "WARNING",
|
|
arg,
|
|
arg_has_path ? "" : "' '", /* close single-quote, space, open single-quote */
|
|
arg_has_path ? "" : path); /* so that arg and path are properly quoted. */
|
|
if (paranoid)
|
|
exit(1);
|
|
}
|
|
}
|
|
|
|
/* Returns false if SOURCE_DATE_EPOCH was not defined in the environment.
|
|
*
|
|
* Returns true if SOURCE_DATE_EPOCH is in the environment and represent
|
|
* a valid timestamp, in which case the timestamp is formatted into the
|
|
* global variables _date_ and _time_.
|
|
*
|
|
* Aborts if SOURCE_DATE_EPOCH was set in the environment but did not
|
|
* contain a valid timestamp.
|
|
*
|
|
* Valid values are defined in the spec:
|
|
* https://reproducible-builds.org/specs/source-date-epoch/
|
|
* but we further restrict them to be positive or null.
|
|
*/
|
|
bool parse_source_date_epoch_from_env(void)
|
|
{
|
|
char *epoch_env, *endptr;
|
|
time_t epoch;
|
|
struct tm epoch_tm;
|
|
|
|
if ((epoch_env = getenv("SOURCE_DATE_EPOCH")) == NULL)
|
|
return false;
|
|
errno = 0;
|
|
epoch = (time_t) strtoll(epoch_env, &endptr, 10);
|
|
/* We just need to test if it is incorrect, but we do not
|
|
* care why it is incorrect.
|
|
*/
|
|
if ((errno != 0) || !*epoch_env || *endptr || (epoch < 0)) {
|
|
fprintf(stderr, "%s: invalid SOURCE_DATE_EPOCH='%s'\n",
|
|
program_invocation_short_name,
|
|
epoch_env);
|
|
exit(1);
|
|
}
|
|
tzset(); /* For localtime_r(), below. */
|
|
if (localtime_r(&epoch, &epoch_tm) == NULL) {
|
|
fprintf(stderr, "%s: cannot parse SOURCE_DATE_EPOCH=%s\n",
|
|
program_invocation_short_name,
|
|
getenv("SOURCE_DATE_EPOCH"));
|
|
exit(1);
|
|
}
|
|
if (!strftime(_time_, sizeof(_time_), "-D__TIME__=\"%T\"", &epoch_tm)) {
|
|
fprintf(stderr, "%s: cannot set time from SOURCE_DATE_EPOCH=%s\n",
|
|
program_invocation_short_name,
|
|
getenv("SOURCE_DATE_EPOCH"));
|
|
exit(1);
|
|
}
|
|
if (!strftime(_date_, sizeof(_date_), "-D__DATE__=\"%b %e %Y\"", &epoch_tm)) {
|
|
fprintf(stderr, "%s: cannot set date from SOURCE_DATE_EPOCH=%s\n",
|
|
program_invocation_short_name,
|
|
getenv("SOURCE_DATE_EPOCH"));
|
|
exit(1);
|
|
}
|
|
return true;
|
|
}
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
char **args, **cur, **exec_args;
|
|
char *relbasedir, *absbasedir;
|
|
char *progpath = argv[0];
|
|
char *basename;
|
|
char *env_debug;
|
|
char *paranoid_wrapper;
|
|
int paranoid;
|
|
int ret, i, count = 0, debug, found_shared = 0;
|
|
|
|
/* Calculate the relative paths */
|
|
basename = strrchr(progpath, '/');
|
|
if (basename) {
|
|
*basename = '\0';
|
|
basename++;
|
|
relbasedir = malloc(strlen(progpath) + 7);
|
|
if (relbasedir == NULL) {
|
|
perror(__FILE__ ": malloc");
|
|
return 2;
|
|
}
|
|
sprintf(relbasedir, "%s/..", argv[0]);
|
|
absbasedir = realpath(relbasedir, NULL);
|
|
} else {
|
|
basename = progpath;
|
|
absbasedir = malloc(PATH_MAX + 1);
|
|
ret = readlink("/proc/self/exe", absbasedir, PATH_MAX);
|
|
if (ret < 0) {
|
|
perror(__FILE__ ": readlink");
|
|
return 2;
|
|
}
|
|
absbasedir[ret] = '\0';
|
|
for (i = ret; i > 0; i--) {
|
|
if (absbasedir[i] == '/') {
|
|
absbasedir[i] = '\0';
|
|
if (++count == 2)
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
if (absbasedir == NULL) {
|
|
perror(__FILE__ ": realpath");
|
|
return 2;
|
|
}
|
|
|
|
/* Fill in the relative paths */
|
|
#ifdef BR_CROSS_PATH_REL
|
|
ret = snprintf(path, sizeof(path), "%s/" BR_CROSS_PATH_REL "/%s" BR_CROSS_PATH_SUFFIX, absbasedir, basename);
|
|
#elif defined(BR_CROSS_PATH_ABS)
|
|
ret = snprintf(path, sizeof(path), BR_CROSS_PATH_ABS "/%s" BR_CROSS_PATH_SUFFIX, basename);
|
|
#else
|
|
ret = snprintf(path, sizeof(path), "%s/bin/%s" BR_CROSS_PATH_SUFFIX, absbasedir, basename);
|
|
#endif
|
|
if (ret >= sizeof(path)) {
|
|
perror(__FILE__ ": overflow");
|
|
return 3;
|
|
}
|
|
#ifdef BR_CCACHE
|
|
ret = snprintf(ccache_path, sizeof(ccache_path), "%s/bin/ccache", absbasedir);
|
|
if (ret >= sizeof(ccache_path)) {
|
|
perror(__FILE__ ": overflow");
|
|
return 3;
|
|
}
|
|
#endif
|
|
ret = snprintf(sysroot, sizeof(sysroot), "%s/" BR_SYSROOT, absbasedir);
|
|
if (ret >= sizeof(sysroot)) {
|
|
perror(__FILE__ ": overflow");
|
|
return 3;
|
|
}
|
|
|
|
cur = args = malloc(sizeof(predef_args) +
|
|
(sizeof(char *) * (argc + EXCLUSIVE_ARGS)));
|
|
if (args == NULL) {
|
|
perror(__FILE__ ": malloc");
|
|
return 2;
|
|
}
|
|
|
|
/* start with predefined args */
|
|
memcpy(cur, predef_args, sizeof(predef_args));
|
|
cur += sizeof(predef_args) / sizeof(predef_args[0]);
|
|
|
|
#ifdef BR_FLOAT_ABI
|
|
/* add float abi if not overridden in args */
|
|
for (i = 1; i < argc; i++) {
|
|
if (!strncmp(argv[i], "-mfloat-abi=", strlen("-mfloat-abi=")) ||
|
|
!strcmp(argv[i], "-msoft-float") ||
|
|
!strcmp(argv[i], "-mhard-float"))
|
|
break;
|
|
}
|
|
|
|
if (i == argc)
|
|
*cur++ = "-mfloat-abi=" BR_FLOAT_ABI;
|
|
#endif
|
|
|
|
#ifdef BR_FP32_MODE
|
|
/* add fp32 mode if soft-float is not args or hard-float overrides soft-float */
|
|
int add_fp32_mode = 1;
|
|
for (i = 1; i < argc; i++) {
|
|
if (!strcmp(argv[i], "-msoft-float"))
|
|
add_fp32_mode = 0;
|
|
else if (!strcmp(argv[i], "-mhard-float"))
|
|
add_fp32_mode = 1;
|
|
}
|
|
|
|
if (add_fp32_mode == 1)
|
|
*cur++ = "-mfp" BR_FP32_MODE;
|
|
#endif
|
|
|
|
#if defined(BR_ARCH) || \
|
|
defined(BR_CPU)
|
|
/* Add our -march/cpu flags, but only if none of
|
|
* -march/mtune/mcpu are already specified on the commandline
|
|
*/
|
|
for (i = 1; i < argc; i++) {
|
|
if (!strncmp(argv[i], "-march=", strlen("-march=")) ||
|
|
!strncmp(argv[i], "-mtune=", strlen("-mtune=")) ||
|
|
!strncmp(argv[i], "-mcpu=", strlen("-mcpu=" )))
|
|
break;
|
|
}
|
|
if (i == argc) {
|
|
#ifdef BR_ARCH
|
|
*cur++ = "-march=" BR_ARCH;
|
|
#endif
|
|
#ifdef BR_CPU
|
|
*cur++ = "-mcpu=" BR_CPU;
|
|
#endif
|
|
}
|
|
#endif /* ARCH || CPU */
|
|
|
|
if (parse_source_date_epoch_from_env()) {
|
|
*cur++ = _time_;
|
|
*cur++ = _date_;
|
|
/* This has existed since gcc-4.4.0. */
|
|
*cur++ = "-Wno-builtin-macro-redefined";
|
|
}
|
|
|
|
#ifdef BR2_RELRO_FULL
|
|
/* Patterned after Fedora/Gentoo hardening approaches.
|
|
* https://fedoraproject.org/wiki/Changes/Harden_All_Packages
|
|
* https://wiki.gentoo.org/wiki/Hardened/Toolchain#Position_Independent_Executables_.28PIEs.29
|
|
*
|
|
* A few checks are added to allow disabling of PIE
|
|
* 1) -fno-pie and -no-pie are used by other distros to disable PIE in
|
|
* cases where the compiler enables it by default. The logic below
|
|
* maintains that behavior.
|
|
* Ref: https://wiki.ubuntu.com/SecurityTeam/PIE
|
|
* 2) A check for -fno-PIE has been used in older Linux Kernel builds
|
|
* in a similar way to -fno-pie or -no-pie.
|
|
* 3) A check is added for Kernel and U-boot defines
|
|
* (-D__KERNEL__ and -D__UBOOT__).
|
|
*/
|
|
for (i = 1; i < argc; i++) {
|
|
/* Apply all incompatible link flag and disable checks first */
|
|
if (!strcmp(argv[i], "-r") ||
|
|
!strcmp(argv[i], "-Wl,-r") ||
|
|
!strcmp(argv[i], "-static") ||
|
|
!strcmp(argv[i], "-D__KERNEL__") ||
|
|
!strcmp(argv[i], "-D__UBOOT__") ||
|
|
!strcmp(argv[i], "-fno-pie") ||
|
|
!strcmp(argv[i], "-fno-PIE") ||
|
|
!strcmp(argv[i], "-no-pie"))
|
|
break;
|
|
/* Record that shared was present which disables -pie but don't
|
|
* break out of loop as a check needs to occur that possibly
|
|
* still allows -fPIE to be set
|
|
*/
|
|
if (!strcmp(argv[i], "-shared"))
|
|
found_shared = 1;
|
|
}
|
|
|
|
if (i == argc) {
|
|
/* Compile and link condition checking have been kept split
|
|
* between these two loops, as there maybe already are valid
|
|
* compile flags set for position independence. In that case
|
|
* the wrapper just adds the -pie for link.
|
|
*/
|
|
for (i = 1; i < argc; i++) {
|
|
if (!strcmp(argv[i], "-fpie") ||
|
|
!strcmp(argv[i], "-fPIE") ||
|
|
!strcmp(argv[i], "-fpic") ||
|
|
!strcmp(argv[i], "-fPIC"))
|
|
break;
|
|
}
|
|
/* Both args below can be set at compile/link time
|
|
* and are ignored correctly when not used
|
|
*/
|
|
if(i == argc)
|
|
*cur++ = "-fPIE";
|
|
|
|
if (!found_shared)
|
|
*cur++ = "-pie";
|
|
}
|
|
#endif
|
|
/* Are we building the Linux Kernel or U-Boot? */
|
|
for (i = 1; i < argc; i++) {
|
|
if (!strcmp(argv[i], "-D__KERNEL__") ||
|
|
!strcmp(argv[i], "-D__UBOOT__"))
|
|
break;
|
|
}
|
|
if (i == argc) {
|
|
/* https://wiki.gentoo.org/wiki/Hardened/Toolchain#Mark_Read-Only_Appropriate_Sections */
|
|
#ifdef BR2_RELRO_PARTIAL
|
|
*cur++ = "-Wl,-z,relro";
|
|
#endif
|
|
#ifdef BR2_RELRO_FULL
|
|
*cur++ = "-Wl,-z,now";
|
|
*cur++ = "-Wl,-z,relro";
|
|
#endif
|
|
}
|
|
|
|
paranoid_wrapper = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
|
|
if (paranoid_wrapper && strlen(paranoid_wrapper) > 0)
|
|
paranoid = 1;
|
|
else
|
|
paranoid = 0;
|
|
|
|
/* Check for unsafe library and header paths */
|
|
for (i = 1; i < argc; i++) {
|
|
const struct str_len_s *opt;
|
|
for (opt=unsafe_opts; opt->str; opt++ ) {
|
|
/* Skip any non-unsafe option. */
|
|
if (strncmp(argv[i], opt->str, opt->len))
|
|
continue;
|
|
|
|
/* Handle both cases:
|
|
* - path is a separate argument,
|
|
* - path is concatenated with option.
|
|
*/
|
|
if (argv[i][opt->len] == '\0') {
|
|
i++;
|
|
if (i == argc)
|
|
break;
|
|
check_unsafe_path(argv[i-1], argv[i], paranoid, 0);
|
|
} else
|
|
check_unsafe_path(argv[i], argv[i] + opt->len, paranoid, 1);
|
|
}
|
|
}
|
|
|
|
/* append forward args */
|
|
memcpy(cur, &argv[1], sizeof(char *) * (argc - 1));
|
|
cur += argc - 1;
|
|
|
|
/* finish with NULL termination */
|
|
*cur = NULL;
|
|
|
|
exec_args = args;
|
|
#ifdef BR_CCACHE
|
|
if (getenv("BR_NO_CCACHE"))
|
|
/* Skip the ccache call */
|
|
exec_args++;
|
|
#endif
|
|
|
|
/* Debug the wrapper to see actual arguments passed to
|
|
* the compiler:
|
|
* unset, empty, or 0: do not trace
|
|
* set to 1 : trace all arguments on a single line
|
|
* set to 2 : trace one argument per line
|
|
*/
|
|
if ((env_debug = getenv("BR2_DEBUG_WRAPPER"))) {
|
|
debug = atoi(env_debug);
|
|
if (debug > 0) {
|
|
fprintf(stderr, "Toolchain wrapper executing:");
|
|
#ifdef BR_CCACHE_HASH
|
|
fprintf(stderr, "%sCCACHE_COMPILERCHECK='string:" BR_CCACHE_HASH "'",
|
|
(debug == 2) ? "\n " : " ");
|
|
#endif
|
|
#ifdef BR_CCACHE_BASEDIR
|
|
fprintf(stderr, "%sCCACHE_BASEDIR='" BR_CCACHE_BASEDIR "'",
|
|
(debug == 2) ? "\n " : " ");
|
|
#endif
|
|
for (i = 0; exec_args[i]; i++)
|
|
fprintf(stderr, "%s'%s'",
|
|
(debug == 2) ? "\n " : " ", exec_args[i]);
|
|
fprintf(stderr, "\n");
|
|
}
|
|
}
|
|
|
|
#ifdef BR_CCACHE_HASH
|
|
/* Allow compilercheck to be overridden through the environment */
|
|
if (setenv("CCACHE_COMPILERCHECK", "string:" BR_CCACHE_HASH, 0)) {
|
|
perror(__FILE__ ": Failed to set CCACHE_COMPILERCHECK");
|
|
return 3;
|
|
}
|
|
#endif
|
|
#ifdef BR_CCACHE_BASEDIR
|
|
/* Allow compilercheck to be overridden through the environment */
|
|
if (setenv("CCACHE_BASEDIR", BR_CCACHE_BASEDIR, 0)) {
|
|
perror(__FILE__ ": Failed to set CCACHE_BASEDIR");
|
|
return 3;
|
|
}
|
|
#endif
|
|
|
|
if (execv(exec_args[0], exec_args))
|
|
perror(path);
|
|
|
|
free(args);
|
|
|
|
return 2;
|
|
}
|