diff --git a/binutils-2.22.52.0.1-relro-on-by-default.patch b/binutils-2.22.52.0.1-relro-on-by-default.patch new file mode 100644 index 0000000..57ea12c --- /dev/null +++ b/binutils-2.22.52.0.1-relro-on-by-default.patch @@ -0,0 +1,93 @@ +diff -cpr ../binutils-2.22.52.0.1.orig/ld/emultempl/elf32.em ld/emultempl/elf32.em +*** ../binutils-2.22.52.0.1.orig/ld/emultempl/elf32.em 2012-03-06 14:00:29.959957689 +0000 +--- ld/emultempl/elf32.em 2012-03-06 14:09:33.492940503 +0000 +*************** gld${EMULATION_NAME}_before_parse (void) +*** 106,111 **** +--- 106,112 ---- + config.dynamic_link = ${DYNAMIC_LINK-TRUE}; + config.has_shared = `if test -n "$GENERATE_SHLIB_SCRIPT" ; then echo TRUE ; else echo FALSE ; fi`; + link_info.sharable_sections = `if test "$SHARABLE_SECTIONS" = "yes" ; then echo TRUE ; else echo FALSE ; fi`; ++ link_info.relro = TRUE; + } + + EOF +diff -cpr ../binutils-2.22.52.0.1.orig/ld/testsuite/config/default.exp ld/testsuite/config/default.exp +*** ../binutils-2.22.52.0.1.orig/ld/testsuite/config/default.exp 2012-03-06 14:00:31.141957656 +0000 +--- ld/testsuite/config/default.exp 2012-03-06 14:09:33.492940503 +0000 +*************** +*** 23,29 **** + # + + if ![info exists ld] then { +! set ld [findfile $base_dir/ld-new $base_dir/ld-new [transform ld]] + } + + if ![info exists as] then { +--- 23,29 ---- + # + + if ![info exists ld] then { +! set ld "[findfile $base_dir/ld-new $base_dir/ld-new [transform ld]] -znorelro" + } + + if ![info exists as] then { +*************** if {![file isdirectory tmpdir/ld]} then +*** 69,75 **** + catch "exec ln -s ../../ld-new tmpdir/ld/ld" status + catch "exec ln -s ld tmpdir/ld/collect-ld" status + } +! set gcc_ld_flag "-B[pwd]/tmpdir/ld/" + + # load the linker path + if {[file exists tmpdir/libpath.exp]} { +--- 69,75 ---- + catch "exec ln -s ../../ld-new tmpdir/ld/ld" status + catch "exec ln -s ld tmpdir/ld/collect-ld" status + } +! set gcc_ld_flag "-B[pwd]/tmpdir/ld/ -Wl,-z,norelro" + + # load the linker path + if {[file exists tmpdir/libpath.exp]} { +*************** if ![info exists READELFFLAGS] then { +*** 279,285 **** + } + + if ![info exists LD] then { +! set LD [findfile $base_dir/ld-new ./ld-new [transform ld]] + } + + if ![info exists LDFLAGS] then { +--- 279,285 ---- + } + + if ![info exists LD] then { +! set LD "[findfile $base_dir/ld-new ./ld-new [transform ld]] -znorelro" + } + + if ![info exists LDFLAGS] then { +diff -cpr ../binutils-2.22.52.0.1.orig/ld/testsuite/ld-bootstrap/bootstrap.exp ld/testsuite/ld-bootstrap/bootstrap.exp +*** ../binutils-2.22.52.0.1.orig/ld/testsuite/ld-bootstrap/bootstrap.exp 2012-03-06 14:00:30.503957676 +0000 +--- ld/testsuite/ld-bootstrap/bootstrap.exp 2012-03-06 15:03:33.949837926 +0000 +*************** foreach flags {"" "strip" "--static" "-- +*** 71,77 **** + + # This test can only be run if we have the ld build directory, + # since we need the object files. +! if {$ld != "$objdir/ld-new"} { + untested $testname + continue + } +--- 71,83 ---- + + # This test can only be run if we have the ld build directory, + # since we need the object files. +! set ldexe $ld +! set ldparm [string first " " $ld] +! if { $ldparm > 0 } then { +! set ldparm [expr $ldparm - 1] +! set ldexe [string range $ld 0 $ldparm] +! } +! if {$ldexe != "$objdir/ld-new"} { + untested $testname + continue + } diff --git a/binutils.spec b/binutils.spec index 6a12ac2..c8a3be7 100644 --- a/binutils.spec +++ b/binutils.spec @@ -17,7 +17,7 @@ Summary: A GNU collection of binary utilities Name: %{?cross}binutils%{?_with_debug:-debug} Version: 2.22.52.0.1 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv3+ Group: Development/Tools URL: http://sources.redhat.com/binutils @@ -41,6 +41,8 @@ Patch08: binutils-2.22.52.0.1-weakdef.patch Patch09: binutils-2.22.52.0.1-ld-13621.patch # From upstream Patch10: binutils-rh797752.patch +# Enable -zrelro by default: BZ #621983 +Patch11: binutils-2.22.52.0.1-relro-on-by-default.patch %define gold_arches %ix86 x86_64 @@ -141,6 +143,7 @@ using libelf instead of BFD. %patch08 -p1 -b .weakdef~ %patch09 -p1 -b .ld-13621~ %patch10 -p1 -b .cxxfilt-docs~ +%patch11 -p0 -b .relro~ # We cannot run autotools as there is an exact requirement of autoconf-2.59. @@ -435,6 +438,9 @@ exit 0 %endif # %{isnative} %changelog +* Tue Mar 06 2012 Nick Clifton - 2.22.52.0.1-7 +- Enable -zrelro be default. (#621983) + * Mon Feb 27 2012 Jeff Law - 2.22.52.0.1-6 - Fix c++filt docs (#797752)