diff options
-rw-r--r-- | debian/changelog | 123 | ||||
-rw-r--r-- | debian/control | 21 | ||||
-rw-r--r-- | debian/copyright | 50 | ||||
-rw-r--r-- | debian/docs | 1 | ||||
-rw-r--r-- | debian/gbp.conf | 7 | ||||
-rw-r--r-- | debian/patches/Adjust-DT_MIPS_RLD_MAP_REL-dynamic-section-entry-if-prese.patch | 154 | ||||
-rw-r--r-- | debian/patches/Adjust-PT_MIPS_ABIFLAGS-segment-if-present.patch | 60 | ||||
-rw-r--r-- | debian/patches/series | 2 | ||||
-rwxr-xr-x | debian/rules | 26 | ||||
-rw-r--r-- | debian/source/format | 1 | ||||
-rw-r--r-- | debian/source/options | 4 | ||||
-rw-r--r-- | debian/upstream/metadata | 6 | ||||
-rw-r--r-- | debian/watch | 6 |
13 files changed, 461 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..80dca45 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,123 @@ +patchelf (0.13-1) UNRELEASED; urgency=medium + + * New upstream release + - Update MIPS fix patch with what was merged upstream. + It didn't make 0.13, but it will be there for 0.14 + + -- Felipe Sateler <fsateler@debian.org> Tue, 24 Aug 2021 20:17:47 -0400 + +patchelf (0.12-1) unstable; urgency=medium + + * New upstream version + * Refresh patches for new release + + -- Felipe Sateler <fsateler@debian.org> Sat, 29 Aug 2020 12:03:40 -0400 + +patchelf (0.11-2) unstable; urgency=medium + + * The brown paper bag release + * Update docs to install README.md instead of README + + -- Felipe Sateler <fsateler@debian.org> Sun, 14 Jun 2020 12:10:14 -0400 + +patchelf (0.11-1) unstable; urgency=medium + + * New upstream version 0.11 + - More modern C++ has avoided a memory leak (Closes: #816468) + - force-rpath is now consistently used (Closes: #816467) + * Set field Upstream-Contact in debian/copyright. + * Set upstream metadata fields: Bug-Submit. + * Remove obsolete fields Contact, Name from debian/upstream/metadata + (already present in machine-readable debian/copyright). + * Update standards version to 4.5.0, no changes needed. + * Drop patches picked from upstream + * Fix set-rpath corrupting binaries on mips. + Pick a couple of proposed upstream patches to address the mips set-rpath + failures. + (Closes: #821435) + + -- Felipe Sateler <fsateler@debian.org> Sat, 13 Jun 2020 14:41:30 -0400 + +patchelf (0.10-2) unstable; urgency=medium + + * Use secure URI in Homepage field. + * Update standards version, no changes needed. + * Bump debhelper from old 11 to 12. + * Set upstream metadata fields: Name. + * Upload to unstable. + + -- Felipe Sateler <fsateler@debian.org> Sat, 27 Jul 2019 08:34:41 -0400 + +patchelf (0.10-1) experimental; urgency=medium + + [ Ondřej Nový ] + * d/copyright: Use https protocol in Format field + + [ Felipe Sateler ] + * New upstream version + - Refresh patches + * Bump Standards-Version (no changes needed) + * Release to experimental due to freeze + + -- Felipe Sateler <fsateler@debian.org> Thu, 18 Apr 2019 20:13:49 -0400 + +patchelf (0.9+52.20180509-1) unstable; urgency=medium + + [ Felipe Sateler ] + * Package an upstream git snapshot + - Makes some binaries strippable after patching (Closes: #903396) + * no-rpath-prebuild: force pagesize to 4096 on prebuilt binaries. + They all have that page size, and the host-detected one might be + different. + * Update watchfile + - Use format version 4 + - Use github as source page + * Migrate to salsa for hosting + * Bump debhelper compat to 11. + Also switch to the debhelper-compat virtual package + * Bump Standards-Version + * Enable hardening flags + + [ Drew Parsons ] + * add new patch adjust_startPage_issue127_commit1cc234fea.patch from + upstream Issue #127. Fixes build-time tests. + + -- Felipe Sateler <fsateler@debian.org> Fri, 28 Sep 2018 17:20:09 -0300 + +patchelf (0.9-1) unstable; urgency=medium + + * New upstream release + - Drop all patches, applied upstream + - No longer breaks hardlinks (Closes: #759497) + * Force pagesize for no-rpath-prebuild test: We know the page size, + and it may be different from system one + + -- Felipe Sateler <fsateler@debian.org> Mon, 29 Feb 2016 17:32:24 -0300 + +patchelf (0.8-4) unstable; urgency=medium + + * Disable no-rpath.sh test, as it may fail when the binary is of foreign + architecture. Really Closes: #799880 + + -- Felipe Sateler <fsateler@debian.org> Sun, 15 Nov 2015 16:05:13 -0300 + +patchelf (0.8-3) unstable; urgency=medium + + * Pick upstream commit to use a dynamic page size. Fixes FTBFS on ppc64el. + Closes: #799880 + + -- Felipe Sateler <fsateler@debian.org> Thu, 12 Nov 2015 20:29:11 -0300 + +patchelf (0.8-2) unstable; urgency=medium + + * Document --remove-needed in manpage + * Fix typo in manpage. Closes: #742468 + Thanks Gianluigi Tiesi + + -- Felipe Sateler <fsateler@debian.org> Fri, 28 Mar 2014 15:28:41 -0300 + +patchelf (0.8-1) unstable; urgency=low + + * Initial release (Closes: #742049) + + -- Felipe Sateler <fsateler@debian.org> Tue, 18 Mar 2014 12:57:47 -0300 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..32dae9a --- /dev/null +++ b/debian/control @@ -0,0 +1,21 @@ +Source: patchelf +Section: utils +Priority: optional +Maintainer: Felipe Sateler <fsateler@debian.org> +Build-Depends: debhelper-compat (= 12) +Standards-Version: 4.5.0 +Homepage: https://nixos.org/patchelf.html +Vcs-Git: https://salsa.debian.org/debian/patchelf.git +Vcs-Browser: https://salsa.debian.org/debian/patchelf + +Package: patchelf +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: modify properties of ELF executables + PatchELF is a simple utility for modifying existing ELF executables and + libraries. In particular, it can do the following: + . + * Change the dynamic loader ("ELF interpreter") of executables + * Change the RPATH of executables and libraries + * Remove declared dependencies on dynamic libraries + (DT_NEEDED entries) diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..6445969 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,50 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: patchelf +Source: http://nixos.org/patchelf.html +Upstream-Contact: https://github.com/NixOS/patchelf/issues + +Files: * +Copyright: 2004-2014 Eelco Dolstra <eelco.dolstra@logicblox.com> +License: GPL-3.0+ + +Files: debian/* +Copyright: 2014 Felipe Sateler <fsateler@debian.org> +License: GPL-3.0+ + +Files: src/elf.h +Copyright: 1995-2003,2004,2005,2006,2007,2008 Free Software Foundation, Inc. +License: LGPL-2.1+ + +License: GPL-3.0+ + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + . + On Debian systems, the complete text of the GNU General + Public License version 3 can be found in "/usr/share/common-licenses/GPL-3". + +License: LGPL-2.1+ + This package is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + . + On Debian systems, the complete text of the GNU Lesser General + Public License can be found in "/usr/share/common-licenses/LGPL-2.1". diff --git a/debian/docs b/debian/docs new file mode 100644 index 0000000..b43bf86 --- /dev/null +++ b/debian/docs @@ -0,0 +1 @@ +README.md diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 0000000..6c53ab8 --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,7 @@ +[DEFAULT] +pristine-tar = True +debian-branch = debian +upstream-branch = upstream + +[import-orig] +upstream-vcs-tag = %(version)s diff --git a/debian/patches/Adjust-DT_MIPS_RLD_MAP_REL-dynamic-section-entry-if-prese.patch b/debian/patches/Adjust-DT_MIPS_RLD_MAP_REL-dynamic-section-entry-if-prese.patch new file mode 100644 index 0000000..b05fac1 --- /dev/null +++ b/debian/patches/Adjust-DT_MIPS_RLD_MAP_REL-dynamic-section-entry-if-prese.patch @@ -0,0 +1,154 @@ +From: "Ivan A. Melnikov" <iv@altlinux.org> +Date: Thu, 22 Aug 2019 15:30:11 +0400 +Subject: Adjust DT_MIPS_RLD_MAP_REL dynamic section entry if present + +`patchelf --set-rpath` corrupted executables on mips32el: the dynamic +liker crushed with Segmentation fault when loading any executable with +RPATH added that way. + +The problem was around the MIPS-specific mechanism of setting up the +debug map pointer. When DT_MIPS_RLD_MAP_REL entry in the dynamic section +is present, it holds the relative address of __RLD_MAP -- an offset +relative to this dynamic section entry. Dynamic linker puts the +pointer to the `r_debug` structure there. + +When patchelf updates the executable RPATH, it moves the .dynamic +section both in the binary and in memory, while __RLD_MAP is not moved +in memory, since it belongs to special .rld_map section that has type +PROGBITS. So, the offset stored in DT_MIPS_RLD_MAP_REL entry is not +valid anymore and should be updated. + +This commit adds the necessary update. + +In the corner case when DT_MIPS_RLD_MAP_REL is present, but +.rld_map section is not, the dynamic loader writes the debug +pointer to some arbitrary bytes in memory. To avoid crushes +on otherwise "working" binaries, we set offset to zero +so that the dynamic loader would just overwrite the dynamic +section. + +Here we also import DT_MIPS_RLD_MAP_REL definition in elf.h form +glibc commit a2057c984e4314c3740f04cf54e36c824e4c8f32. + +Refs: #82 +Signed-off-by: Ivan A. Melnikov <iv@altlinux.org> +--- + src/elf.h | 6 +++++- + src/patchelf.cc | 21 +++++++++++++++++++-- + tests/Makefile.am | 1 + + tests/set-rpath-rel-map.sh | 37 +++++++++++++++++++++++++++++++++++++ + 4 files changed, 62 insertions(+), 3 deletions(-) + create mode 100755 tests/set-rpath-rel-map.sh + +diff --git a/src/elf.h b/src/elf.h +index 576990d..ae1524a 100644 +--- a/src/elf.h ++++ b/src/elf.h +@@ -1642,7 +1642,11 @@ typedef struct + PLT is writable. For a non-writable PLT, this is omitted or has a zero + value. */ + #define DT_MIPS_RWPLT 0x70000034 +-#define DT_MIPS_NUM 0x35 ++/* An alternative description of the classic MIPS RLD_MAP that is usable ++ in a PIE as it stores a relative offset from the address of the tag ++ rather than an absolute address. */ ++#define DT_MIPS_RLD_MAP_REL 0x70000035 ++#define DT_MIPS_NUM 0x36 + + /* Legal values for DT_MIPS_FLAGS Elf32_Dyn entry. */ + +diff --git a/src/patchelf.cc b/src/patchelf.cc +index fd1e7b7..d713728 100644 +--- a/src/patchelf.cc ++++ b/src/patchelf.cc +@@ -1089,9 +1089,9 @@ void ElfFile<ElfFileParamNames>::rewriteHeaders(Elf_Addr phdrAddress) + (e.g., those produced by klibc's klcc). */ + auto shdrDynamic = findSection2(".dynamic"); + if (shdrDynamic) { +- auto dyn = (Elf_Dyn *)(contents + rdi(shdrDynamic->sh_offset)); ++ auto dyn_table = (Elf_Dyn *) (contents + rdi(shdrDynamic->sh_offset)); + unsigned int d_tag; +- for ( ; (d_tag = rdi(dyn->d_tag)) != DT_NULL; dyn++) ++ for (auto dyn = dyn_table; (d_tag = rdi(dyn->d_tag)) != DT_NULL; dyn++) + if (d_tag == DT_STRTAB) + dyn->d_un.d_ptr = findSection(".dynstr").sh_addr; + else if (d_tag == DT_STRSZ) +@@ -1130,6 +1130,23 @@ void ElfFile<ElfFileParamNames>::rewriteHeaders(Elf_Addr phdrAddress) + dyn->d_un.d_ptr = findSection(".gnu.version_r").sh_addr; + else if (d_tag == DT_VERSYM) + dyn->d_un.d_ptr = findSection(".gnu.version").sh_addr; ++ else if (d_tag == DT_MIPS_RLD_MAP_REL) { ++ /* the MIPS_RLD_MAP_REL tag stores the offset to the debug ++ pointer, relative to the address of the tag */ ++ auto shdr = findSection2(".rld_map"); ++ if (shdr) { ++ auto rld_map_addr = findSection(".rld_map").sh_addr; ++ auto dyn_offset = ((char*)dyn) - ((char*)dyn_table); ++ dyn->d_un.d_ptr = rld_map_addr + dyn_offset - shdrDynamic->sh_addr; ++ } else { ++ /* ELF file with DT_MIPS_RLD_MAP_REL but without .rld_map ++ is broken, and it's not our job to fix it; yet, we have ++ to find some location for dynamic loader to write the ++ debug pointer to; well, let's write it right here */ ++ fprintf(stderr, "warning: DT_MIPS_RLD_MAP_REL entry is present, but .rld_map section is not\n"); ++ dyn->d_un.d_ptr = 0; ++ } ++ } + } + + +diff --git a/tests/Makefile.am b/tests/Makefile.am +index f8176e0..3e6b356 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -22,6 +22,7 @@ src_TESTS = \ + plain-fail.sh plain-run.sh shrink-rpath.sh set-interpreter-short.sh \ + set-interpreter-long.sh set-rpath.sh add-rpath.sh no-rpath.sh big-dynstr.sh \ + set-rpath-library.sh soname.sh shrink-rpath-with-allowed-prefixes.sh \ ++ set-rpath-rel-map.sh \ + force-rpath.sh \ + plain-needed.sh \ + output-flag.sh \ +diff --git a/tests/set-rpath-rel-map.sh b/tests/set-rpath-rel-map.sh +new file mode 100755 +index 0000000..efc0943 +--- /dev/null ++++ b/tests/set-rpath-rel-map.sh +@@ -0,0 +1,37 @@ ++#! /bin/sh -e ++ ++if ! objdump -p main | grep -q MIPS_RLD_MAP_REL; then ++ echo "No MIPS_RLD_MAP_REL dynamic section entry, skipping" ++ exit 0 ++fi ++ ++SCRATCH=scratch/$(basename $0 .sh) ++ ++rm -rf ${SCRATCH} ++mkdir -p ${SCRATCH} ++mkdir -p ${SCRATCH}/libsA ++mkdir -p ${SCRATCH}/libsB ++ ++cp main ${SCRATCH}/ ++cp libfoo.so ${SCRATCH}/libsA/ ++cp libbar.so ${SCRATCH}/libsB/ ++ ++# break the main executable by removing .rld_map section ++objcopy --remove-section .rld_map ${SCRATCH}/main ++ ++oldRPath=$(../src/patchelf --print-rpath ${SCRATCH}/main) ++if test -z "$oldRPath"; then oldRPath="/oops"; fi ++../src/patchelf --force-rpath --set-rpath $oldRPath:$(pwd)/${SCRATCH}/libsA:$(pwd)/${SCRATCH}/libsB ${SCRATCH}/main ++ ++if test "$(uname)" = FreeBSD; then ++ export LD_LIBRARY_PATH=$(pwd)/${SCRATCH}/libsB ++fi ++ ++exitCode=0 ++ ++(cd ${SCRATCH} && ./main) || exitCode=$? ++ ++if test "$exitCode" != 46; then ++ echo "bad exit code!" ++ exit 1 ++fi diff --git a/debian/patches/Adjust-PT_MIPS_ABIFLAGS-segment-if-present.patch b/debian/patches/Adjust-PT_MIPS_ABIFLAGS-segment-if-present.patch new file mode 100644 index 0000000..dfd35fb --- /dev/null +++ b/debian/patches/Adjust-PT_MIPS_ABIFLAGS-segment-if-present.patch @@ -0,0 +1,60 @@ +From: "Ivan A. Melnikov" <iv@altlinux.org> +Date: Thu, 22 Aug 2019 18:04:57 +0400 +Subject: Adjust PT_MIPS_ABIFLAGS segment if present + +When loading the executable on MIPS, the dynamic loader looks for MIPS +ABI flags using PT_MIPS_ABIFLAGS header. The flags themselves are stored +in the .MIPS.abiflags section, so the header must be updated when the +section is moved. + +Here we also import PT_MIPS_ABIFLAGS definition from glibc commit +0bd956720c457ff054325b48f26ac7c91cb060e8. + +Closes: #82 +Signed-off-by: Ivan A. Melnikov <iv@altlinux.org> +--- + src/elf.h | 7 ++++--- + src/patchelf.cc | 12 ++++++++++++ + 2 files changed, 16 insertions(+), 3 deletions(-) + +diff --git a/src/elf.h b/src/elf.h +index ae1524a..b3e567c 100644 +--- a/src/elf.h ++++ b/src/elf.h +@@ -1574,9 +1574,10 @@ typedef struct + + /* Legal values for p_type field of Elf32_Phdr. */ + +-#define PT_MIPS_REGINFO 0x70000000 /* Register usage information */ +-#define PT_MIPS_RTPROC 0x70000001 /* Runtime procedure table. */ +-#define PT_MIPS_OPTIONS 0x70000002 ++#define PT_MIPS_REGINFO 0x70000000 /* Register usage information. */ ++#define PT_MIPS_RTPROC 0x70000001 /* Runtime procedure table. */ ++#define PT_MIPS_OPTIONS 0x70000002 ++#define PT_MIPS_ABIFLAGS 0x70000003 /* FP mode requirement. */ + + /* Special program header types. */ + +diff --git a/src/patchelf.cc b/src/patchelf.cc +index d713728..ac8b2cd 100644 +--- a/src/patchelf.cc ++++ b/src/patchelf.cc +@@ -757,6 +757,18 @@ void ElfFile<ElfFileParamNames>::writeReplacedSections(Elf_Off & curOff, + } + } + ++ /* If there is .MIPS.abiflags section, then the PT_MIPS_ABIFLAGS ++ segment must be sync'ed with it. */ ++ if (sectionName == ".MIPS.abiflags") { ++ for (auto & phdr : phdrs) { ++ if (rdi(phdr.p_type) == PT_MIPS_ABIFLAGS) { ++ phdr.p_offset = shdr.sh_offset; ++ phdr.p_vaddr = phdr.p_paddr = shdr.sh_addr; ++ phdr.p_filesz = phdr.p_memsz = shdr.sh_size; ++ } ++ } ++ } ++ + curOff += roundUp(i.second.size(), sectionAlignment); + } + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..c9bfdcd --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,2 @@ +Adjust-DT_MIPS_RLD_MAP_REL-dynamic-section-entry-if-prese.patch +Adjust-PT_MIPS_ABIFLAGS-segment-if-present.patch diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..86ae5e7 --- /dev/null +++ b/debian/rules @@ -0,0 +1,26 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +export DEB_BUILD_MAINT_OPTIONS=hardening=+all + +%: + dh $@ + +override_dh_auto_build: src/elf.h.bak + dh_auto_build + +override_dh_auto_clean: src/elf.h + [ ! -f Makefile ] || $(MAKE) maintainer-clean + rm -rf build-aux + find . -name Makefile.in -delete + rm -f configure + rm -f aclocal.m4 + +src/elf.h.bak: + mv src/elf.h src/elf.h.bak + +src/elf.h: + mv src/elf.h.bak src/elf.h diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/source/options b/debian/source/options new file mode 100644 index 0000000..a40b7ef --- /dev/null +++ b/debian/source/options @@ -0,0 +1,4 @@ +extend-diff-ignore=bootstrap.sh +extend-diff-ignore=release.nix +extend-diff-ignore=version +extend-diff-ignore=BUGS diff --git a/debian/upstream/metadata b/debian/upstream/metadata new file mode 100644 index 0000000..472f548 --- /dev/null +++ b/debian/upstream/metadata @@ -0,0 +1,6 @@ +--- +Archive: GitHub +Bug-Database: https://github.com/NixOS/patchelf/issues +Bug-Submit: https://github.com/NixOS/patchelf/issues/new +Repository: https://github.com/NixOS/patchelf.git +Repository-Browse: https://github.com/NixOS/patchelf diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..28e09a2 --- /dev/null +++ b/debian/watch @@ -0,0 +1,6 @@ + +version=4 +opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%patchelf-$1.tar.gz%" \ + https://github.com/NixOS/patchelf/tags \ + (?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate + |