From 734fb3ac6c3e5708ed05b6c5b1d8af92838ee3f5 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Wed, 27 Apr 2016 15:52:53 -0700 Subject: [PATCH] Port dumping to NetBSD with PaX Problem reported by Thomas Klausner (Bug#23371). * configure.ac (PAXCTL_dumped, PAXCTL_notdumped): New vars. Set them to setfattr and/or paxctl commands appropriate for GNU/Linux and/or NetBSD; the latter prefers paxctl +a. Search for paxctl only if setfattr is not found. * src/Makefile.in (PAXCTL_dumped, PAXCTL_notdumped): New vars, replacing PAXCTL_if_present and SETFATTR_if_present. All uses changed. --- configure.ac | 38 +++++++++++++++++++++++++++++--------- src/Makefile.in | 18 ++++++++++++------ 2 files changed, 41 insertions(+), 15 deletions(-) diff --git a/configure.ac b/configure.ac index 4f169b67dc3..8f8c38bd832 100644 --- a/configure.ac +++ b/configure.ac @@ -1140,16 +1140,9 @@ AC_PATH_PROG(GZIP_PROG, gzip) test $with_compress_install != yes && test -n "$GZIP_PROG" && \ GZIP_PROG=" # $GZIP_PROG # (disabled by configure --without-compress-install)" +PAXCTL_dumped= +PAXCTL_notdumped= if test $opsys = gnu-linux; then - AC_PATH_PROG(PAXCTL, paxctl,, - [$PATH$PATH_SEPARATOR/sbin$PATH_SEPARATOR/usr/sbin]) - if test "X$PAXCTL" != X; then - AC_MSG_CHECKING([whether binaries have a PT_PAX_FLAGS header]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], - [if $PAXCTL -v conftest$EXEEXT >/dev/null 2>&1; then AC_MSG_RESULT(yes) - else AC_MSG_RESULT(no); PAXCTL=""; fi]) - fi - if test "${SETFATTR+set}" != set; then AC_CACHE_CHECK([for setfattr], [emacs_cv_prog_setfattr], @@ -1160,6 +1153,7 @@ if test $opsys = gnu-linux; then emacs_cv_prog_setfattr=no fi]) if test "$emacs_cv_prog_setfattr" = yes; then + PAXCTL_notdumped='$(SETFATTR) -n user.pax.flags -v er' SETFATTR=setfattr else SETFATTR= @@ -1168,6 +1162,32 @@ if test $opsys = gnu-linux; then AC_SUBST([SETFATTR]) fi fi +case $opsys,$PAXCTL_notdumped in + gnu-linux, | netbsd,) + AC_PATH_PROG([PAXCTL], [paxctl], [], + [$PATH$PATH_SEPARATOR/sbin$PATH_SEPARATOR/usr/sbin]) + if test -n "$PAXCTL"; then + if test "$opsys" = netbsd; then + PAXCTL_dumped='$(PAXCTL) +a' + PAXCTL_notdumped=$PAXCTL_dumped + else + AC_MSG_CHECKING([whether binaries have a PT_PAX_FLAGS header]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + [if $PAXCTL -v conftest$EXEEXT >/dev/null 2>&1; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PAXCTL= + fi]) + if test -n "$PAXCTL"; then + PAXCTL_dumped='$(PAXCTL) -zex' + PAXCTL_notdumped='$(PAXCTL) -r' + fi + fi + fi;; +esac +AC_SUBST([PAXCTL_dumped]) +AC_SUBST([PAXCTL_notdumped]) ## Need makeinfo >= 4.7 (?) to build the manuals. if test "$MAKEINFO" != "no"; then diff --git a/src/Makefile.in b/src/Makefile.in index 1f0df6f3ec8..d54670932d3 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -114,8 +114,9 @@ TEMACS_LDFLAGS = $(LD_SWITCH_SYSTEM) $(LD_SWITCH_SYSTEM_TEMACS) ## around this, newer ones setfattr. See Bug#11398 and Bug#16343. PAXCTL = @PAXCTL@ SETFATTR = @SETFATTR@ -PAXCTL_if_present = $(or $(PAXCTL),: paxctl) -SETFATTR_if_present = $(or $(SETFATTR),: setfattr) +## Commands to set PaX flags on dumped and not-dumped instances of Emacs. +PAXCTL_dumped = @PAXCTL_dumped@ +PAXCTL_notdumped = @PAXCTL_notdumped@ ## Some systems define this to request special libraries. LIBS_SYSTEM=@LIBS_SYSTEM@ @@ -532,7 +533,9 @@ ifeq ($(CANNOT_DUMP),yes) ln -f temacs$(EXEEXT) $@ else LC_ALL=C $(RUN_TEMACS) -batch -l loadup dump - $(PAXCTL_if_present) -zex $@ + ifneq ($(PAXCTL_dumped),) + $(PAXCTL_dumped) $@ + endif ln -f $@ bootstrap-emacs$(EXEEXT) endif @@ -594,8 +597,9 @@ temacs$(EXEEXT): $(LIBXMENU) $(ALLOBJS) \ -o temacs $(ALLOBJS) $(lib)/libgnu.a $(W32_RES_LINK) $(LIBES) $(MKDIR_P) $(etc) ifneq ($(CANNOT_DUMP),yes) - $(PAXCTL_if_present) -r $@ - $(SETFATTR_if_present) -n user.pax.flags -v er $@ + ifneq ($(PAXCTL_notdumped),) + $(PAXCTL_notdumped) $@ + endif endif ## The following oldxmenu-related rules are only (possibly) used if @@ -734,7 +738,9 @@ ifeq ($(CANNOT_DUMP),yes) ln -f temacs$(EXEEXT) $@ else $(RUN_TEMACS) --batch --load loadup bootstrap - $(PAXCTL_if_present) -zex emacs$(EXEEXT) + ifneq ($(PAXCTL_dumped),) + $(PAXCTL_dumped) emacs$(EXEEXT) + endif mv -f emacs$(EXEEXT) $@ endif @: Compile some files earlier to speed up further compilation. -- 2.39.2