Readjusted linker issues etc.
robert at linuxfromscratch.org
Wed May 20 16:08:51 PDT 2009
On Sunday May 17 2009 09:09:10 pm robert baker wrote:
> Going back to my binutils obj/ directory and executing the below
> commad installed a working re-adjusted linker.
> make -C ld install
You should be cross referencing with lfs-svn. Sometimes they have fixes. The
x86_64 additions would be nice, but it's up to you if you want to add them
(you'll need an x86_64 to be sure it works).
I prefer 'make -C ld install'.
> I haven't explored a solution that doesn't require keeping the build
> directory from the previous chapter just yet. Instead I have been
> reviewing the test suite failures that I am experiencing later in the
> build. Running the following for the binutils test suite results in a
> small handfull of errors.
> make CFLAGS="-fPIC -fno-stack-protector -U_FORTIFY_SOURCE -nonow
> -nopie" -k check
> binutils tests
> FAIL: run objcopy of executable
> FAIL: run stripped executable
> FAIL: run stripped executable with saving a symbol
> FAIL: objdump -W
> FAIL: readelf -wa (compressed)
> ld tests
> FAIL: ld-elf/seg
> FAIL: vers4
> FAIL: Check --gc-section/-r/-u
> FAIL: ld-i386/hidden2
> FAIL: NOCROSSREFS 3
> FAIL: S-records
> FAIL: S-records with constructors
> The good news is with similar CFLAGS, and
> LDFLAGS="-Wl,-no-fatal-warning" all the glibc tests pass.
December 16, 2008, I wrote a thread named 'testsuites'. The Glibc, Binutils,
and GCC test suites can be fixed by using GCC pass1 specs, but they need to
be modified to add -fno-stack-protector and -fno-PIE to cc1 and cc1plus
The -fstack-protector-all and -fPIE options are enabled in the gcc binary, not
in the specs file, so they need to be disabled by command line or specs. This
was done so that these options would be used by all compilers, not just C and
The fortify_source and linker options are enabled in the specs file, so using
pass1 specs would disable them. Pass1 specs also use -fPIC, but as far as I
can remember this has never caused test suite failures.
The GCC test suite will probably use 'gcc/specs' instead of the system GCC
specs. If that doesn't work then 'gcc/xgcc' needs to become a shell script
pointing at the xgcc binary and using the --specs-file= option to point at
the modified pass1 specs.
Using the modified pass1 specs will test the hardened toolchain with a vanilla
compiler, so there is absolutely no loss in quality or protection.
Modifying the pass1 specs would use an Sed command to search for "cc1:"
and "cc1plus:, and appending to the next new line. I don't remember how to do
this from memory.
It would be nice if upstream would add -fno-stack-protector and -fno-PIE to
their test suite CFLAGS. They might be willing, but I don't have the first
clue how to make a patch for it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: not available
More information about the hlfs-dev