[PATCH] xen/build: Fix build failure from LDFLAGS mismatch

From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Cc: "Andrew Cooper" <andrew.cooper3@citrix.com>,
	"Anthony PERARD" <anthony.perard@citrix.com>,
	"Bertrand Marquis" <bertrand.marquis@arm.com>,
	"George Dunlap" <George.Dunlap@eu.citrix.com>,
	"Jan Beulich" <JBeulich@suse.com>,
	"Juergen Gross" <jgross@suse.com>,
	"Julien Grall" <julien@xen.org>,
	"Roger Pau Monné" <roger.pau@citrix.com>,
	"Stefano Stabellini" <sstabellini@kernel.org>,
	"Volodymyr Babchuk" <Volodymyr_Babchuk@epam.com>,
	"Wei Liu" <wl@xen.org>
Subject: [PATCH] xen/build: Fix build failure from LDFLAGS mismatch
Date: Tue, 26 Apr 2022 00:06:56 +0100	[thread overview]
Message-ID: <20220425230656.12808-1-andrew.cooper3@citrix.com> (raw)

In a GNU compatbile makefile, $(LDFLAGS) are passed to $(CC), not $(LD).

In a default CentOS 7 build environment, $(LDFLAGS) is set to -Wl,-z,relro,
which causes the Xen build to explode with:

  ld: unrecognized option '-Wl,-z,relro'
  ld: use the --help option for usage information

It turns out that many downstreams identify this as a breakage in Xen's build
system and bodge around it in various ways, mostly by unsetting all of
$(CFLAGS), $(AFLAGS) and $(LDFLAGS).

However, that is a security issue because it means that tools/ is not built
with the distro-wide hardening flags that are otherwise expected of
packages (relro, _FORTIFY_SOURCE, stack-protector, etc).

tools/ specifically should honour the packaging environment's choice of flags,
while xen/ must not pass $(LDFLAGS) to $(LD), and should not be influenced by
the others either.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Anthony PERARD <anthony.perard@citrix.com>
CC: Bertrand Marquis <bertrand.marquis@arm.com>
CC: George Dunlap <George.Dunlap@eu.citrix.com>
CC: Jan Beulich <JBeulich@suse.com>
CC: Juergen Gross <jgross@suse.com>
CC: Julien Grall <julien@xen.org>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
CC: Wei Liu <wl@xen.org>

RFC, because CFLAGS/AFLAGS need nuking too, and they're rather more entangled.
I expect this to cause some disgreement, but Xen is behaving in a very
nonstandard way even among embedded projects and all downstreams are suffering
security problems as a consequence.
---
 xen/Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/xen/Makefile b/xen/Makefile
index ec34524ed21d..a8e1de54823b 100644
--- a/xen/Makefile
+++ b/xen/Makefile
@@ -254,6 +254,8 @@ export KBUILD_DEFCONFIG := $(ARCH)_defconfig
 # reparsing Config.mk by e.g. arch/x86/boot/.
 export XEN_TREEWIDE_CFLAGS := $(CFLAGS)
 
+LDFLAGS :=
+
 # CLANG_FLAGS needs to be calculated before calling Kconfig
 ifneq ($(shell $(CC) --version 2>&1 | head -n 1 | grep clang),)
 CLANG_FLAGS :=
-- 
2.11.0


