@@ -408,6 +408,25 @@ proc check_relro_support { } {
return $relro_available_saved
}
+proc check_memory_seal_support { } {
+ global memory_seal_available_saved
+ global ld
+
+ if {![info exists memory_seal_available_saved]} {
+ remote_file host delete nomemory_seal
+ set ld_output [remote_exec host $ld "-z nomemory-seal"]
+ if { [string first "not supported" $ld_output] >= 0
+ || [string first "unrecognized option" $ld_output] >= 0
+ || [string first "-z nomemory-seal ignored" $ld_output] >= 0
+ || [string first "cannot find nomemory-seal" $ld_output] >= 0 } {
+ set memory_seal_available_saved 0
+ } else {
+ set memory_seal_available_saved 1
+ }
+ }
+ return $memory_seal_available_saved
+}
+
# Check for support of the .noinit section, used for data that is not
# initialized at load, or during the application's initialization sequence.
proc supports_noinit_section {} {
@@ -1390,6 +1409,9 @@ proc run_dump_test { name {extra_options {}} } {
if [check_relro_support] {
set ld_extra_opt "-z norelro"
}
+ if [check_memory_seal_support] {
+ append ld_extra_opt " -z nomemory-seal"
+ }
# Add -L$srcdir/$subdir so that the linker command can use
# linker scripts in the source directory.
@@ -24,7 +24,8 @@ Changes in 2.43:
* Add -plugin-save-temps to store plugin intermediate files permanently.
* Add -z memory-seal/-z nomemory-seal options to ELF linker to mark the
- object to memory sealed.
+ object to memory sealed. Also added --enable-memory-seal configure option
+ to enable the memory sealing by default.
Changes in 2.42:
@@ -60,6 +60,9 @@
default. */
#undef DEFAULT_LD_Z_SEPARATE_CODE
+/* Define to 1 if you want to enable -z memory-seal in ELF linker by default. */
+#undef DEFAULT_LD_Z_MEMORY_SEAL
+
/* Define to 1 if you want to set DT_RUNPATH instead of DT_RPATH by default.
*/
#undef DEFAULT_NEW_DTAGS
@@ -854,6 +854,7 @@ enable_textrel_check
enable_separate_code
enable_rosegment
enable_mark_plt
+enable_memory_seal
enable_warn_execstack
enable_error_execstack
enable_warn_rwx_segments
@@ -1551,6 +1552,7 @@ Optional Features:
--enable-separate-code enable -z separate-code in ELF linker by default
--enable-rosegment enable --rosegment in the ELF linker by default
--enable-mark-plt enable -z mark-plt in ELF x86-64 linker by default
+ --enable-memory-seal enable -z memory-seal in ELF linker by default
--enable-warn-execstack enable warnings when creating an executable stack
--enable-error-execstack
turn executable stack warnings into errors
@@ -11686,7 +11688,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 11689 "configure"
+#line 11691 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -11792,7 +11794,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 11795 "configure"
+#line 11797 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -15709,6 +15711,17 @@ esac
fi
+# Decide if -z memory-seal should be enabled in ELF linker by default.
+ac_default_ld_z_memory_seal=unset
+# Check whether --enable-memory-seal was given.
+if test "${enable_memory_seal+set}" = set; then :
+ enableval=$enable_memory_seal; case "${enableval}" in
+ yes) ac_default_ld_z_memory_seal=1 ;;
+ no) ac_default_ld_z_memory_seal=0 ;;
+esac
+fi
+
+
# By default warn when an executable stack is created due to object files
# requesting such, not when the user specifies -z execstack.
@@ -18975,6 +18988,8 @@ main ()
if (*(data + i) != *(data3 + i))
return 14;
close (fd);
+ free (data);
+ free (data3);
return 0;
}
_ACEOF
@@ -19454,6 +19469,15 @@ cat >>confdefs.h <<_ACEOF
_ACEOF
+if test "${ac_default_ld_z_memory_seal}" = unset; then
+ ac_default_ld_z_memory_seal=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define DEFAULT_LD_Z_MEMORY_SEAL $ac_default_ld_z_memory_seal
+_ACEOF
+
+
cat >>confdefs.h <<_ACEOF
@@ -232,6 +232,16 @@ AC_ARG_ENABLE(mark-plt,
no) ac_default_ld_z_mark_plt=0 ;;
esac])
+# Decide if -z memory-seal should be enabled in ELF linker by default.
+ac_default_ld_z_memory_seal=unset
+AC_ARG_ENABLE(memory-seal,
+ AS_HELP_STRING([--enable-memory-seal],
+ [enable -z memory-seal in ELF linker by default]),
+[case "${enableval}" in
+ yes) ac_default_ld_z_memory_seal=1 ;;
+ no) ac_default_ld_z_memory_seal=0 ;;
+esac])
+
# By default warn when an executable stack is created due to object files
# requesting such, not when the user specifies -z execstack.
@@ -617,6 +627,13 @@ AC_DEFINE_UNQUOTED(DEFAULT_LD_Z_MARK_PLT,
$ac_default_ld_z_mark_plt,
[Define to 1 if you want to enable -z mark-plt in ELF x86-64 linker by default.])
+if test "${ac_default_ld_z_memory_seal}" = unset; then
+ ac_default_ld_z_memory_seal=0
+fi
+AC_DEFINE_UNQUOTED(DEFAULT_LD_Z_MEMORY_SEAL,
+ $ac_default_ld_z_memory_seal,
+ [Define to 1 if you want to enable -z memory_seal in ELF linker by default.])
+
AC_DEFINE_UNQUOTED(DEFAULT_LD_WARN_EXECSTACK,
$ac_default_ld_warn_execstack,
@@ -99,6 +99,7 @@ fragment <<EOF
link_info.default_execstack = DEFAULT_LD_EXECSTACK;
link_info.error_execstack = DEFAULT_LD_ERROR_EXECSTACK;
link_info.warn_is_error_for_rwx_segments = DEFAULT_LD_ERROR_RWX_SEGMENTS;
+ link_info.memory_seal = DEFAULT_LD_Z_MEMORY_SEAL;
}
EOF
@@ -2271,10 +2271,17 @@ elf_shlib_list_options (FILE *file)
fprintf (file, _("\
-z textoff Don't treat DT_TEXTREL in output as error\n"));
}
+#if DEFAULT_LD_Z_MEMORY_SEAL
+ fprintf (file, _("\
+ -z memory-seal Mark object be memory sealed (default)\n"));
+ fprintf (file, _("\
+ -z nomemory-seal Don't mark oject to be memory sealed\n"));
+#else
fprintf (file, _("\
-z memory-seal Mark object be memory sealed\n"));
fprintf (file, _("\
-z nomemory-seal Don't mark oject to be memory sealed (default)\n"));
+#endif
}
static void
@@ -382,6 +382,14 @@ if { ![info exists NO_DT_RELR_CC_LDFLAGS] } then {
}
}
+if { ![info exists NO_MEMORY_SEAL_LDFLAGS] } then {
+ if { [check_memory_seal_support] } then {
+ set NO_MEMORY_SEAL_LDFLAGS "-z nomemory-seal"
+ } else {
+ set NO_MEMORY_SEAL_LDFLAGS {}
+ }
+}
+
# Set LD_CLASS to "64bit" for a 64-bit *host* linker.
if { ![info exists LD_CLASS] } then {
set REAL_LD [findfile $base_dir/.libs/ld-new .libs/ld-new $LD [transform ld]]
@@ -226,12 +226,15 @@ proc run_srec_test { test objs } {
global objcopy
global sizeof_headers
global host_triplet
+ global extra_flags
# Tell the ELF linker to not do anything clever with .eh_frame,
# not to put anything in small data, and define various symbols.
set flags "--traditional-format -G 0 -e 0 "
append flags [ld_link_defsyms]
+ append flags " $extra_flags"
+
# If the linker script uses SIZEOF_HEADERS, use a -Ttext argument
# to force both the normal link and the S-record link to be put in
# the same place. We don't always use -Ttext because it interacts
@@ -345,6 +348,7 @@ set test2 "S-records with constructors"
# See whether the default linker script uses SIZEOF_HEADERS.
set exec_output [run_host_cmd "$ld" "--verbose"]
set sizeof_headers [string match "*SIZEOF_HEADERS*" $exec_output]
+set extra_flags " $NO_MEMORY_SEAL_LDFLAGS"
# First test linking a C program. We don't require any libraries. We
# link it normally, and objcopy to the S-record format, and then link
@@ -460,6 +460,9 @@ proc run_ld_link_tests { ldtests args } {
if [check_relro_support] {
append ld_extra_opt " -z norelro"
}
+ if [check_memory_seal_support] {
+ append ld_extra_opt " -z nomemory-seal"
+ }
foreach testitem $ldtests {
set testname [lindex $testitem 0]
@@ -977,6 +980,9 @@ proc run_cc_link_tests { ldtests } {
set failed 1
}
} else {
+ if [check_memory_seal_support] {
+ append ldflags " -z nomemory-seal"
+ }
if { [string match "" $STATIC_LDFLAGS] \
&& [regexp -- ".* \[-\]+static .*" " $board_cflags $board_ldflags $ldflags $objfiles "] } {
untested $testname