From e9297b35595d7dd6c50ce6ff7282eee248b7e479 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 15 Jan 2016 06:31:09 +0000
Subject: [PATCH] warn for uses of system directories when cross linking

2008-07-02  Joseph Myers  <joseph@codesourcery.com>

    ld/
    * ld.h (args_type): Add error_poison_system_directories.
    * ld.texinfo (--error-poison-system-directories): Document.
    * ldfile.c (ldfile_add_library_path): Check
    command_line.error_poison_system_directories.
    * ldmain.c (main): Initialize
    command_line.error_poison_system_directories.
    * lexsup.c (enum option_values): Add
    OPTION_ERROR_POISON_SYSTEM_DIRECTORIES.
    (ld_options): Add --error-poison-system-directories.
    (parse_args): Handle new option.

2007-06-13  Joseph Myers  <joseph@codesourcery.com>

    ld/
    * config.in: Regenerate.
    * ld.h (args_type): Add poison_system_directories.
    * ld.texinfo (--no-poison-system-directories): Document.
    * ldfile.c (ldfile_add_library_path): Check
    command_line.poison_system_directories.
    * ldmain.c (main): Initialize
    command_line.poison_system_directories.
    * lexsup.c (enum option_values): Add
    OPTION_NO_POISON_SYSTEM_DIRECTORIES.
    (ld_options): Add --no-poison-system-directories.
    (parse_args): Handle new option.

2007-04-20  Joseph Myers  <joseph@codesourcery.com>

    Merge from Sourcery G++ binutils 2.17:

    2007-03-20  Joseph Myers  <joseph@codesourcery.com>
    Based on patch by Mark Hatle <mark.hatle@windriver.com>.
    ld/
    * configure.in (--enable-poison-system-directories): New option.
    * configure, config.in: Regenerate.
    * ldfile.c (ldfile_add_library_path): If
    ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib,
    /usr/lib, /usr/local/lib or /usr/X11R6/lib.

Upstream-Status: Pending

Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 ld/config.in    |  3 +++
 ld/configure    | 16 ++++++++++++++++
 ld/configure.ac | 10 ++++++++++
 ld/ld.h         |  8 ++++++++
 ld/ld.texi      | 12 ++++++++++++
 ld/ldfile.c     | 17 +++++++++++++++++
 ld/ldlex.h      |  2 ++
 ld/ldmain.c     |  6 ++++--
 ld/lexsup.c     | 15 +++++++++++++++
 9 files changed, 87 insertions(+), 2 deletions(-)

diff --git a/ld/config.in b/ld/config.in
index 2d7b6406d2b..37cd12d20fa 100644
--- a/ld/config.in
+++ b/ld/config.in
@@ -78,6 +78,9 @@
    language is requested. */
 #undef ENABLE_NLS
 
+/* Define to warn for use of native system library directories */
+#undef ENABLE_POISON_SYSTEM_DIRECTORIES
+
 /* Additional extension a shared object might have. */
 #undef EXTRA_SHLIB_EXTENSION
 
diff --git a/ld/configure b/ld/configure
index 597d110f57a..d537ec391d2 100755
--- a/ld/configure
+++ b/ld/configure
@@ -844,6 +844,7 @@ with_lib_path
 enable_targets
 enable_64_bit_bfd
 with_sysroot
+enable_poison_system_directories
 enable_gold
 enable_got
 enable_compressed_debug_sections
@@ -1537,6 +1538,8 @@ Optional Features:
   --enable-checking       enable run-time checks
   --enable-targets        alternative target configurations
   --enable-64-bit-bfd     64-bit support (on hosts with narrower word sizes)
+  --enable-poison-system-directories
+                          warn for use of native system library directories
   --enable-gold[=ARG]     build gold [ARG={default,yes,no}]
   --enable-got=<type>     GOT handling scheme (target, single, negative,
                           multigot)
@@ -15571,6 +15574,19 @@ fi
 
 
 
+# Check whether --enable-poison-system-directories was given.
+if test "${enable_poison_system_directories+set}" = set; then :
+  enableval=$enable_poison_system_directories;
+else
+  enable_poison_system_directories=no
+fi
+
+if test "x${enable_poison_system_directories}" = "xyes"; then
+
+$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
+
+fi
+
 # Check whether --enable-gold was given.
 if test "${enable_gold+set}" = set; then :
   enableval=$enable_gold; case "${enableval}" in
diff --git a/ld/configure.ac b/ld/configure.ac
index 228f2ee4089..50a4b0f4db1 100644
--- a/ld/configure.ac
+++ b/ld/configure.ac
@@ -102,6 +102,16 @@ AC_SUBST(use_sysroot)
 AC_SUBST(TARGET_SYSTEM_ROOT)
 AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE)
 
+AC_ARG_ENABLE([poison-system-directories],
+         AS_HELP_STRING([--enable-poison-system-directories],
+                [warn for use of native system library directories]),,
+         [enable_poison_system_directories=no])
+if test "x${enable_poison_system_directories}" = "xyes"; then
+  AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
+       [1],
+       [Define to warn for use of native system library directories])
+fi
+
 dnl Use --enable-gold to decide if this linker should be the default.
 dnl "install_as_default" is set to false if gold is the default linker.
 dnl "installed_linker" is the installed BFD linker name.
diff --git a/ld/ld.h b/ld/ld.h
index 254f0a097bb..daf777c65c8 100644
--- a/ld/ld.h
+++ b/ld/ld.h
@@ -166,6 +166,14 @@ typedef struct
      in the linker script.  */
   bool force_group_allocation;
 
+  /* If TRUE (the default) warn for uses of system directories when
+     cross linking.  */
+  bool poison_system_directories;
+
+  /* If TRUE (default FALSE) give an error for uses of system
+     directories when cross linking instead of a warning.  */
+  bool error_poison_system_directories;
+
   /* Big or little endian as set on command line.  */
   enum endian_enum endian;
 
diff --git a/ld/ld.texi b/ld/ld.texi
index f6384ad82dd..26479a6a232 100644
--- a/ld/ld.texi
+++ b/ld/ld.texi
@@ -3279,6 +3279,18 @@ creation of the metadata note, if one had been enabled by an earlier
 occurrence of the --package-metadata option.
 If the linker has been built with libjansson, then the JSON string
 will be validated.
+
+@kindex --no-poison-system-directories
+@item --no-poison-system-directories
+Do not warn for @option{-L} options using system directories such as
+@file{/usr/lib} when cross linking.  This option is intended for use
+in chroot environments when such directories contain the correct
+libraries for the target system rather than the host.
+
+@kindex --error-poison-system-directories
+@item --error-poison-system-directories
+Give an error instead of a warning for @option{-L} options using
+system directories when cross linking.
 @end table
 
 @c man end
diff --git a/ld/ldfile.c b/ld/ldfile.c
index 12551504ae6..8bea4e7048f 100644
--- a/ld/ldfile.c
+++ b/ld/ldfile.c
@@ -328,6 +328,23 @@ ldfile_add_library_path (const char *name, bool cmdline)
     new_dirs->name = concat (ld_sysroot, name + strlen ("$SYSROOT"), (const char *) NULL);
   else
     new_dirs->name = xstrdup (name);
+
+#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
+  if (command_line.poison_system_directories
+  && ((!strncmp (name, "/lib", 4))
+      || (!strncmp (name, "/usr/lib", 8))
+      || (!strncmp (name, "/usr/local/lib", 14))
+      || (!strncmp (name, "/usr/X11R6/lib", 14))))
+   {
+     if (command_line.error_poison_system_directories)
+       einfo (_("%X%P: error: library search path \"%s\" is unsafe for "
+            "cross-compilation\n"), name);
+     else
+       einfo (_("%P: warning: library search path \"%s\" is unsafe for "
+            "cross-compilation\n"), name);
+   }
+#endif
+
 }
 
 static void
diff --git a/ld/ldlex.h b/ld/ldlex.h
index b8b7d6b6829..a8faeb635c4 100644
--- a/ld/ldlex.h
+++ b/ld/ldlex.h
@@ -150,6 +150,8 @@ enum option_values
   OPTION_PLUGIN_OPT,
   OPTION_PLUGIN_SAVE_TEMPS,
 #endif /* BFD_SUPPORTS_PLUGINS */
+  OPTION_NO_POISON_SYSTEM_DIRECTORIES,
+  OPTION_ERROR_POISON_SYSTEM_DIRECTORIES,
   OPTION_DEFAULT_SCRIPT,
   OPTION_PRINT_OUTPUT_FORMAT,
   OPTION_PRINT_SYSROOT,
diff --git a/ld/ldmain.c b/ld/ldmain.c
index cce4991b25a..1859465635d 100644
--- a/ld/ldmain.c
+++ b/ld/ldmain.c
@@ -352,6 +352,8 @@ main (int argc, char **argv)
   command_line.warn_mismatch = true;
   command_line.warn_search_mismatch = true;
   command_line.check_section_addresses = -1;
+  command_line.poison_system_directories = true;
+  command_line.error_poison_system_directories = false;
 
   /* We initialize DEMANGLING based on the environment variable
      COLLECT_NO_DEMANGLE.  The gcc collect2 program will demangle the
@@ -1500,7 +1502,7 @@ undefined_symbol (struct bfd_link_info *info,
       argv[1] = "undefined-symbol";
       argv[2] = (char *) name;
       argv[3] = NULL;
-      
+
       if (verbose)
 	einfo (_("%P: About to run error handling script '%s' with arguments: '%s' '%s'\n"),
 	       argv[0], argv[1], argv[2]);
@@ -1521,7 +1523,7 @@ undefined_symbol (struct bfd_link_info *info,
 	 carry on to issue the normal error message.  */
     }
 #endif /* SUPPORT_ERROR_HANDLING_SCRIPT */
-  
+
   if (section != NULL)
     {
       if (error_count < MAX_ERRORS_IN_A_ROW)
diff --git a/ld/lexsup.c b/ld/lexsup.c
index 5399aa45b72..8f9a221bfba 100644
--- a/ld/lexsup.c
+++ b/ld/lexsup.c
@@ -650,6 +650,14 @@ static const struct ld_option ld_options[] =
 		   "                                <method> is: share-unconflicted (default),\n"
 		   "                                             share-duplicated"),
     TWO_DASHES },
+  { {"no-poison-system-directories", no_argument, NULL,
+     OPTION_NO_POISON_SYSTEM_DIRECTORIES},
+    '\0', NULL, N_("Do not warn for -L options using system directories"),
+    TWO_DASHES },
+  { {"error-poison-system-directories", no_argument, NULL,
+    +     OPTION_ERROR_POISON_SYSTEM_DIRECTORIES},
+    '\0', NULL, N_("Give an error for -L options using system directories"),
+    TWO_DASHES },
 };
 
 #define OPTION_COUNT ARRAY_SIZE (ld_options)
@@ -1838,6 +1846,13 @@ parse_args (unsigned argc, char **argv)
 
 	case OPTION_PRINT_MAP_LOCALS:
 	  config.print_map_locals = true;
+
+	case OPTION_NO_POISON_SYSTEM_DIRECTORIES:
+	  command_line.poison_system_directories = false;
+	  break;
+
+	case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES:
+	  command_line.error_poison_system_directories = true;
 	  break;
 
 	case OPTION_DEPENDENCY_FILE: