Shall we do a 1.4.12 ?
Gilles Espinasse
g.esp at free.fr
Fri Jan 13 09:04:45 CET 2012
----- Original Message -----
From: "Werner Koch" <wk at gnupg.org>
To: "Gilles Espinasse" <g.esp at free.fr>
Cc: <gnupg-devel at gnupg.org>
Sent: Tuesday, January 10, 2012 11:36 AM
Subject: Re: Shall we do a 1.4.12 ?
> On Sun, 8 Jan 2012 23:36, g.esp at free.fr said:
>
> > /usr/bin/ld: warning: creating a DT_TEXTREL in a shared object.
> >
> > The compiler I use is gcc-4.4.5 modified with hardening by default,
reason
>
> If you want to get rid of this warning, please help to track it down.
>
I try to see what happen using CC='gcc -v' and adding '-no-fatal-warnings'
to LDFLAGS
That way, I see all DT_TEXTREL issues without stoping at the first and find
three.
gcc -v -Os -march=i486 -mtune=pentium -pipe -fomit-frame-pointer -Wall -Wno
-pointer-sign -Wl,--hash-style=gnu -no-fatal-warnings -o mpicalc mpicalc.o
../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
Using built-in specs.
Target: i486-linux-gnu
Configured with:
../gcc-4.4.5/configure --prefix=/usr --libexecdir=/usr/lib --disable-nls --e
nable-checking=release --enable-shared --enable-threads=posix --enable-__cxa
_atexit --enable-clocale=gnu --enable-languages=c,c++ --disable-libmudflap -
-disable-libgomp --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-
linux-gnu --with-arch=i486 --with-tune=pentium --disable-bootstrap
Thread model: posix
gcc version 4.4.5 (GCC)
COMPILER_PATH=/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i486-linux-gnu
/4.4.5/:/usr/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr
/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i48
6-linux-gnu/
LIBRARY_PATH=/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i486-linux-gnu/
4.4.5/:/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-Os' '-march=i486' '-mtune=pentium' '-pipe'
'-fomit-frame-pointer' '-Wall' '-Wno-pointer-sign' '-no-fatal-warnings' '-o'
'mpicalc'
/usr/lib/gcc/i486-linux-gnu/4.4.5/collect2 --eh-frame-hdr -m
elf_i386 -dynamic-linker /lib/ld-linux.so.2 -pie --warn-shared-textrel -z
relro -z combreloc -z now -o mpicalc
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../Scrt1.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../crti.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/crtbeginS.o -L/usr/lib/gcc/i486-linux-gnu/
4.4.5 -L/usr/lib/gcc/i486-linux-gnu/4.4.5 -L/usr/lib/gcc/i486-linux-gnu/4.4.
5/../../.. --hash-style=gnu mpicalc.o ../cipher/libcipher.a ../mpi/libmpi.a
../util/libutil.a -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-ne
eded -lgcc_s --no-as-needed /usr/lib/gcc/i486-linux-gnu/4.4.5/crtendS.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../crtn.o
/usr/bin/ld: warning: creating a DT_TEXTREL in a shared object.
gcc -v -Os -march=i486 -mtune=pentium -pipe -fomit-frame-pointer -Wall -Wno
-pointer-sign -Wl,--hash-style=gnu -no-fatal-warnings -o gpg gpg.o
build-packet.o compress.o free-packet.o getkey.o keydb.o keyring.o seskey.o
kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o
openfile.o keyid.o parse-packet.o status.o plaintext.o sig-check.o keylist.o
signal.o pkclist.o skclist.o pubkey-enc.o passphrase.o seckey-cert.o
encr-data.o cipher.o encode.o sign.o verify.o revoke.o decrypt.o keyedit.o
dearmor.o import.o export.o trustdb.o tdbdump.o tdbio.o delkey.o keygen.o
pipemode.o helptext.o keyserver.o photoid.o exec.o ../cipher/libcipher.a
../mpi/libmpi.a ../util/libutil.a -lz -lreadline
Using built-in specs.
Target: i486-linux-gnu
Configured with:
../gcc-4.4.5/configure --prefix=/usr --libexecdir=/usr/lib --disable-nls --e
nable-checking=release --enable-shared --enable-threads=posix --enable-__cxa
_atexit --enable-clocale=gnu --enable-languages=c,c++ --disable-libmudflap -
-disable-libgomp --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-
linux-gnu --with-arch=i486 --with-tune=pentium --disable-bootstrap
Thread model: posix
gcc version 4.4.5 (GCC)
COMPILER_PATH=/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i486-linux-gnu
/4.4.5/:/usr/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr
/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i48
6-linux-gnu/
LIBRARY_PATH=/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i486-linux-gnu/
4.4.5/:/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-Os' '-march=i486' '-mtune=pentium' '-pipe'
'-fomit-frame-pointer' '-Wall' '-Wno-pointer-sign' '-no-fatal-warnings' '-o'
'gpg'
/usr/lib/gcc/i486-linux-gnu/4.4.5/collect2 --eh-frame-hdr -m
elf_i386 -dynamic-linker /lib/ld-linux.so.2 -pie --warn-shared-textrel -z
relro -z combreloc -z now -o gpg
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../Scrt1.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../crti.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/crtbeginS.o -L/usr/lib/gcc/i486-linux-gnu/
4.4.5 -L/usr/lib/gcc/i486-linux-gnu/4.4.5 -L/usr/lib/gcc/i486-linux-gnu/4.4.
5/../../.. --hash-style=gnu gpg.o build-packet.o compress.o free-packet.o
getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o
textfilter.o progress.o misc.o openfile.o keyid.o parse-packet.o status.o
plaintext.o sig-check.o keylist.o signal.o pkclist.o skclist.o pubkey-enc.o
passphrase.o seckey-cert.o encr-data.o cipher.o encode.o sign.o verify.o
revoke.o decrypt.o keyedit.o dearmor.o import.o export.o trustdb.o tdbdump.o
tdbio.o delkey.o keygen.o pipemode.o helptext.o keyserver.o photoid.o exec.o
../cipher/libcipher.a ../mpi/libmpi.a
../util/libutil.a -lz -lreadline -lgcc --as-needed -lgcc_s --no-as-needed -l
c -lgcc --as-needed -lgcc_s --no-as-needed
/usr/lib/gcc/i486-linux-gnu/4.4.5/crtendS.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../crtn.o
/usr/bin/ld: warning: creating a DT_TEXTREL in a shared object.
gcc -v -Os -march=i486 -mtune=pentium -pipe -fomit-frame-pointer -Wall -Wno
-pointer-sign -Wl,--hash-style=gnu -no-fatal-warnings -o gpgv gpgv.o
build-packet.o compress.o free-packet.o getkey.o keydb.o keyring.o seskey.o
kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o
openfile.o keyid.o parse-packet.o status.o plaintext.o sig-check.o keylist.o
signal.o verify.o ../cipher/libcipher.a ../mpi/libmpi.a
til/libutil.a -lz -lreadline
Using built-in specs.
Target: i486-linux-gnu
Configured with:
../gcc-4.4.5/configure --prefix=/usr --libexecdir=/usr/lib --disable-nls --e
nable-checking=release --enable-shared --enable-threads=posix --enable-__cxa
_atexit --enable-clocale=gnu --enable-languages=c,c++ --disable-libmudflap -
-disable-libgomp --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-
linux-gnu --with-arch=i486 --with-tune=pentium --disable-bootstrap
Thread model: posix
gcc version 4.4.5 (GCC)
COMPILER_PATH=/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i486-linux-gnu
/4.4.5/:/usr/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr
/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i48
6-linux-gnu/
LIBRARY_PATH=/usr/lib/gcc/i486-linux-gnu/4.4.5/:/usr/lib/gcc/i486-linux-gnu/
4.4.5/:/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-Os' '-march=i486' '-mtune=pentium' '-pipe'
'-fomit-frame-pointer' '-Wall' '-Wno-pointer-sign' '-no-fatal-warnings' '-o'
'gpgv'
/usr/lib/gcc/i486-linux-gnu/4.4.5/collect2 --eh-frame-hdr -m
elf_i386 -dynamic-linker /lib/ld-linux.so.2 -pie --warn-shared-textrel -z
relro -z combreloc -z now -o gpgv
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../Scrt1.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../crti.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/crtbeginS.o -L/usr/lib/gcc/i486-linux-gnu/
4.4.5 -L/usr/lib/gcc/i486-linux-gnu/4.4.5 -L/usr/lib/gcc/i486-linux-gnu/4.4.
5/../../.. --hash-style=gnu gpgv.o build-packet.o compress.o free-packet.o
getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o
textfilter.o progress.o misc.o openfile.o keyid.o parse-packet.o status.o
plaintext.o sig-check.o keylist.o signal.o verify.o ../cipher/libcipher.a
../mpi/libmpi.a
../util/libutil.a -lz -lreadline -lgcc --as-needed -lgcc_s --no-as-needed -l
c -lgcc --as-needed -lgcc_s --no-as-needed
/usr/lib/gcc/i486-linux-gnu/4.4.5/crtendS.o
/usr/lib/gcc/i486-linux-gnu/4.4.5/../../../crtn.o
/usr/bin/ld: warning: creating a DT_TEXTREL in a shared object.
Using scanelf as documented in gentoo hardened
http://www.gentoo.org/proj/en/hardened/pic-fix-guide.xml#doc_chap2
scanelf -qT g10/gpg g10/gpgv tools/mpicalc
gpg: (memory/data?) [0x66EBE] in (optimized out: previous mpihelp_add_n)
[0x66E90]
gpg: (memory/data?) [0x66F4E] in (optimized out: previous mpihelp_sub_n)
[0x66F20]
g10/gpg
gpgv: (memory/data?) [0x312BE] in (optimized out: previous mpihelp_add_n)
[0x31290]
gpgv: (memory/data?) [0x3134E] in (optimized out: previous mpihelp_sub_n)
[0x31320]
g10/gpgv
mpicalc: (memory/data?) [0x6A1E] in (optimized out: previous
mpihelp_add_n) [0x69F0]
mpicalc: (memory/data?) [0x6AAE] in (optimized out: previous
mpihelp_sub_n) [0x6A80]
tools/mpicalc
I see that the issue should be in the same part of code.
But I don't understand what need to be fixed and why adding -pie like I do
fix that issue (mostly following what Fedora do with LDFLAGS).
I should say I don't know if my gcc modified spec is wrong or right.
It look -pie is added at the right place but something is missing for
mpihelp_* right behavior.
> > Compilation produce those new warnings, not seen in 1.4.11
> > miscutil.c:238: warning: format not a string literal, format string not
> > checked
> > estream-printf.c:1056: warning: format not a string literal, argument
types
> > not checked
> > estream-printf.c:1059: warning: format not a string literal, argument
types
> > not checked
> > so something is wrong, not yet understood what
>
> Well, we request a warning when using a non-literal in a format.
> However at that places we retrieve or create our format string and thus
> we will be warned. For gcc 4.6 I added a pragma to suppress thes
> warnings.
>
I understand -Wformat-nonliteral was added after 1.4.11.
That's not a big issue seeing a new warning if you know why (gcc doesn't
support well strftime string format)
> > Using AC_CHECK_FUNCS for clock_gettime is not enought as a test should
be
> > made with -lrt
>
> I am now looking at this.
>
>
Maybe adding m4/clock_time.m4 from coreutils is enought (need still to plug
that to the makefile)
Gilles
More information about the Gnupg-devel
mailing list