aboutsummaryrefslogtreecommitdiffstats
path: root/include/hardening.mk
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2017-01-10 11:37:47 +0100
committerJo-Philipp Wich <jo@mein.io>2017-01-10 12:27:28 +0100
commit72d751cba9cda9ce3ae46d5e6ab962d2f675e970 (patch)
tree6cb06e1d839e32e05aab0ebf0670fb65321ea0d2 /include/hardening.mk
parent38de638eae795f8843f84c0351c5f7f7f85b8361 (diff)
downloadupstream-72d751cba9cda9ce3ae46d5e6ab962d2f675e970.tar.gz
upstream-72d751cba9cda9ce3ae46d5e6ab962d2f675e970.tar.bz2
upstream-72d751cba9cda9ce3ae46d5e6ab962d2f675e970.zip
build: rework library bundling
Rework the bundle-libraries.sh implementation to use a more robust approach for executing host binaries through the shipped ELF loader and libraries. The previous approach relied on symlinks pointing to a wrapper script which caused various issues, especially with multicall binaries as the original argv[0] name was not preserved through the ld.so invocation. Another down- side was the fact that the actual binaries got moved into another directory which caused executables to fail looking up resources with paths relative to the executable location. The new library wrapper implements the following improvements: - Instead of symlinks pointing to a common wrapper, each ELF executable is now replaced by a unqiue shell script which retains the original program name getting called - Instead of letting ld.so invoke the ELF executable directly, launch the final ELF binary through a helper program which fixes up the argv[0] argument for the target program - Support sharing a common location for the bundled libraries instead of having one copy in each directory containing wrapped binaries Finally modify the SDK build to wrap the staging_dir and toolchain binaries which allows to use the SDK on systems with a different glibc version. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'include/hardening.mk')
0 files changed, 0 insertions, 0 deletions