[Buildroot] [PATCH 12/12] Add option for paranoid unsafe path checking

From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 12/12] Add option for paranoid unsafe path checking
Date: Wed, 10 Sep 2014 22:12:30 +0200	[thread overview]
Message-ID: <20140910201230.GE23947@free.fr> (raw)
In-Reply-To: <1408540005-26934-13-git-send-email-thomas.petazzoni@free-electrons.com>

Thomas, All,

On 2014-08-20 15:06 +0200, Thomas Petazzoni spake thusly:
> This commit adds a Config.in option to the "Build options" submenu to
> enable paranoid checking of unsafe paths. This mechanism is added as
> an option so that when we'll enable it in the autobuilders, people
> trying to reproduce the build failures will be able to do so by just
> downloading the configuration file. If instead we were leaving this
> feature as an environment variable, everyone would have to remember to
> pass this environment variable to reproduce build issues. And certain
> build issues triggered by paranoid unsafe patch checking may not be
> visible in the build output, for example when they happen during the
> execution of configure scripts.
> 
> Since this option is fairly advanced, a new submenu inside "Build
> options" is created, for Advanced options.
> 
> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

When previous patches have been fixed:

Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>

Regards,
Yann E. MORIN.

> ---
>  Config.in           | 20 ++++++++++++++++++++
>  package/Makefile.in |  4 ++++
>  2 files changed, 24 insertions(+)
> 
> diff --git a/Config.in b/Config.in
> index 14ff55b..3f41b93 100644
> --- a/Config.in
> +++ b/Config.in
> @@ -574,6 +574,26 @@ config BR2_GLOBAL_PATCH_DIR
>  	  Otherwise, if the directory <global-patch-dir>/<packagename> exists,
>  	  then all *.patch files in the directory will be applied.
>  
> +menu "Advanced"
> +
> +config BR2_COMPILER_PARANOID_UNSAFE_PATH
> +	bool "paranoid check of library/header paths"
> +	help
> +	  By default, when this option is disabled, when the Buildroot
> +	  cross-compiler will encounter an unsafe library or header
> +	  path (such as /usr/include, or /usr/lib), the compiler will
> +	  display a warning.
> +
> +	  By enabling this option, this warning is turned into an
> +	  error, which will completely abort the build when such
> +	  unsafe paths are encountered.
> +
> +	  Note that this mechanism is available for both the internal
> +	  toolchain (through gcc and binutils patches) and external
> +	  toolchain backends (through the external toolchain wrapper).
> +
> +endmenu
> +
>  endmenu
>  
>  source "toolchain/Config.in"
> diff --git a/package/Makefile.in b/package/Makefile.in
> index 7d9943c..b9ca7b0 100644
> --- a/package/Makefile.in
> +++ b/package/Makefile.in
> @@ -385,6 +385,10 @@ else
>  SHARED_STATIC_LIBS_OPTS = --enable-static --enable-shared
>  endif
>  
> +ifeq ($(BR2_COMPILER_PARANOID_UNSAFE_PATH),y)
> +export BR_COMPILER_PARANOID_UNSAFE_PATH=enabled
> +endif
> +
>  include package/pkg-download.mk
>  include package/pkg-autotools.mk
>  include package/pkg-cmake.mk
> -- 
> 2.0.0
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'