[hardening-discuss] Bug#465827: Bug#465827: FTBFS on m68k using hardening-wrapper
Kees Cook
kees at outflux.net
Fri Mar 21 17:34:09 UTC 2008
Hi!
On Fri, Mar 21, 2008 at 03:47:57PM +0100, Luk Claes wrote:
> On Fri, Feb 15, 2008 at 09:44:40AM +0100, Tobias Toedter wrote:
>
> > I've just switched to use hardening-wrapper for my package worker.
> > However, on m68k, the package FTBFS with this error message:
>
> This is not m68k specific, it happens on some other archs too.
>
> > checking for gcc... gcc
> > checking for C compiler default output file name...
> > configure: error: C compiler cannot create executables
>
> The problem is that '-z relro' is on some archs interpreted as two
> options instead of one because of the whitespace. This can be solved by
> using '-Wl,z,relro' instead...
I think you meant '-Wl,-z,relro', but -Wl is for passing ld flags down
from gcc. In the hardening-wrapper's case, it is passing the -z relro
directly to ld.
Additionally, it's not passed as white-space, it's passed as two
arguments. This is what -Wl,-z,relro does too. For example, if -Wl,-z,relro
works, so should hardening-wrapper:
$ strace -s 1024 -f gcc -o hi hi.c -Wl,-z,relro
...
[pid 15948] execve("/usr/bin/ld", ["/usr/bin/ld", ... "-z", "relro", ...
...
I don't have an m68k machine to test with, but if you run with
DEB_BUILD_HARDENING_DEBUG=1 you should be able to see the commands that
are being run during the configure script, and should help narrow down
the problem.
--
Kees Cook @outflux.net
More information about the hardening-discuss
mailing list