Use binutils 2.24, and Ubuntu-12.04 for Windows builds (7f083aad) · Commits · Matthew Finkel / tor-browser-build

projects/binutils/build

+1 −3

Original line number	Diff line number	Diff line
		@@ -23,9 +23,7 @@ cd [% project %]-[% c("version") %]
		sed 's/= extern_rt_rel_d;/= extern_rt_rel_d;\n memset (extern_rt_rel_d, 0, PE_IDATA5_SIZE);/' -i ld/pe-dll.c
		# Needed for the hardening...
		patch -p1 < ../enable-reloc-section-ld.patch
		# specify-timestamp patch from Stephen Kitt <steve@sk2.org>
		# https://anonscm.debian.org/cgit/collab-maint/binutils-mingw-w64.git/
		patch -p2 < ../specify-timestamp.patch
		patch -p1 < ../peXXigen.patch
		[% END -%]
		./configure --prefix=$distdir [% c('var/configure_opt') %]
		make -j4

projects/binutils/config

+2 −5

Original line number	Diff line number	Diff line
		# vim: filetype=yaml sw=2
		version: 2.25
		version: 2.24
		filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.gz'
		remote_docker: 1
		var:
		@@ -18,8 +18,5 @@ input_files:
		- project: docker-image
		- filename: enable-reloc-section-ld.patch
		enable: '[% c("var/windows") %]'

		# specify-timestamp patch from Stephen Kitt <steve@sk2.org>
		# https://anonscm.debian.org/cgit/collab-maint/binutils-mingw-w64.git/
		- filename: specify-timestamp.patch
		- filename: peXXigen.patch
		enable: '[% c("var/windows") %]'

projects/binutils/enable-reloc-section-ld.patch

+26 −22

Original line number	Diff line number	Diff line
		From 6ef8bae3d2a4f4704c4a32f786c9574db3e70f25 Mon Sep 17 00:00:00 2001
		From 093b08a9e7af23a258306b710ebc4556d12f94f7 Mon Sep 17 00:00:00 2001
		From: Erinn Clark <erinn@torproject.org>
		Date: Fri, 8 Aug 2014 14:23:44 -0400
		Subject: [PATCH] add relocation section so Windows bundles can have ASLR

		Patch by skruffy.

		---
		ld/emultempl/pe.em \| 6 +++++
		ld/emultempl/pep.em \| 8 ++++++-
		@@ -12,18 +13,18 @@ Patch by skruffy.
		4 files changed, 50 insertions(+), 28 deletions(-)

		diff --git a/ld/emultempl/pe.em b/ld/emultempl/pe.em
		index 979cc8b8e960..4a63863289c8 100644
		index 5d6da9e..14c07f7 100644
		--- a/ld/emultempl/pe.em
		+++ b/ld/emultempl/pe.em
		@@ -274,6 +274,7 @@ fragment <<EOF
		@@ -268,6 +268,7 @@ fragment <<EOF
		#define OPTION_TERMINAL_SERVER_AWARE (OPTION_WDM_DRIVER + 1)
		/* Determinism. */
		#define OPTION_INSERT_TIMESTAMP (OPTION_TERMINAL_SERVER_AWARE + 1)
		#define OPTION_NO_INSERT_TIMESTAMP (OPTION_INSERT_TIMESTAMP + 1)
		#define OPTION_BUILD_ID (OPTION_NO_INSERT_TIMESTAMP + 1)
		+#define OPTION_ENABLE_RELOC_SECTION (OPTION_BUILD_ID + 1)
		+#define OPTION_ENABLE_RELOC_SECTION (OPTION_INSERT_TIMESTAMP + 1)

		static void
		gld${EMULATION_NAME}_add_options
		@@ -317,6 +318,7 @@ gld${EMULATION_NAME}_add_options
		@@ -310,6 +311,7 @@ gld${EMULATION_NAME}_add_options
		{"export-all-symbols", no_argument, NULL, OPTION_EXPORT_ALL},
		{"exclude-symbols", required_argument, NULL, OPTION_EXCLUDE_SYMBOLS},
		{"exclude-all-symbols", no_argument, NULL, OPTION_EXCLUDE_ALL_SYMBOLS},
		@@ -31,7 +32,7 @@ index 979cc8b8e960..4a63863289c8 100644
		{"exclude-libs", required_argument, NULL, OPTION_EXCLUDE_LIBS},
		{"exclude-modules-for-implib", required_argument, NULL, OPTION_EXCLUDE_MODULES_FOR_IMPLIB},
		{"kill-at", no_argument, NULL, OPTION_KILL_ATS},
		@@ -787,6 +789,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
		@@ -773,6 +775,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
		case OPTION_EXCLUDE_ALL_SYMBOLS:
		pe_dll_exclude_all_symbols = 1;
		break;
		@@ -41,7 +42,7 @@ index 979cc8b8e960..4a63863289c8 100644
		case OPTION_EXCLUDE_LIBS:
		pe_dll_add_excludes (optarg, EXCLUDELIBS);
		break;
		@@ -2059,6 +2064,7 @@ gld_${EMULATION_NAME}_finish (void)
		@@ -1839,6 +1844,7 @@ gld_${EMULATION_NAME}_finish (void)
		if (link_info.shared
		#if !defined(TARGET_IS_shpe)
		\|\| (!link_info.relocatable && pe_def_file->num_exports != 0)
		@@ -50,20 +51,20 @@ index 979cc8b8e960..4a63863289c8 100644
		)
		{
		diff --git a/ld/emultempl/pep.em b/ld/emultempl/pep.em
		index b24a60820237..caf294663a80 100644
		index b738800..b566903 100644
		--- a/ld/emultempl/pep.em
		+++ b/ld/emultempl/pep.em
		@@ -248,7 +248,8 @@ enum options
		@@ -242,7 +242,8 @@ enum options
		OPTION_NO_BIND,
		OPTION_WDM_DRIVER,
		OPTION_INSERT_TIMESTAMP,
		OPTION_NO_INSERT_TIMESTAMP,
		OPTION_TERMINAL_SERVER_AWARE,
		- OPTION_BUILD_ID
		+ OPTION_BUILD_ID,
		- OPTION_TERMINAL_SERVER_AWARE
		+ OPTION_TERMINAL_SERVER_AWARE,
		+ OPTION_ENABLE_RELOC_SECTION
		};

		static void
		@@ -290,6 +291,7 @@ gld${EMULATION_NAME}_add_options
		@@ -284,6 +285,7 @@ gld${EMULATION_NAME}_add_options
		{"export-all-symbols", no_argument, NULL, OPTION_EXPORT_ALL},
		{"exclude-symbols", required_argument, NULL, OPTION_EXCLUDE_SYMBOLS},
		{"exclude-all-symbols", no_argument, NULL, OPTION_EXCLUDE_ALL_SYMBOLS},
		@@ -71,7 +72,7 @@ index b24a60820237..caf294663a80 100644
		{"exclude-libs", required_argument, NULL, OPTION_EXCLUDE_LIBS},
		{"exclude-modules-for-implib", required_argument, NULL, OPTION_EXCLUDE_MODULES_FOR_IMPLIB},
		{"kill-at", no_argument, NULL, OPTION_KILL_ATS},
		@@ -743,6 +745,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
		@@ -727,6 +729,9 @@ gld${EMULATION_NAME}_handle_option (int optc)
		case OPTION_EXCLUDE_ALL_SYMBOLS:
		pep_dll_exclude_all_symbols = 1;
		break;
		@@ -81,7 +82,7 @@ index b24a60820237..caf294663a80 100644
		case OPTION_EXCLUDE_LIBS:
		pep_dll_add_excludes (optarg, EXCLUDELIBS);
		break;
		@@ -1838,6 +1843,7 @@ gld_${EMULATION_NAME}_finish (void)
		@@ -1618,6 +1623,7 @@ gld_${EMULATION_NAME}_finish (void)

		#ifdef DLL_SUPPORT
		if (link_info.shared
		@@ -90,10 +91,10 @@ index b24a60820237..caf294663a80 100644
		{
		pep_dll_fill_sections (link_info.output_bfd, &link_info);
		diff --git a/ld/pe-dll.c b/ld/pe-dll.c
		index 61d8fa5c7eea..24c0c72a6685 100644
		index e9e133b..4230dc3 100644
		--- a/ld/pe-dll.c
		+++ b/ld/pe-dll.c
		@@ -151,6 +151,7 @@ def_file * pe_def_file = 0;
		@@ -152,6 +152,7 @@ def_file * pe_def_file = 0;
		int pe_dll_export_everything = 0;
		int pe_dll_exclude_all_symbols = 0;
		int pe_dll_do_default_excludes = 1;
		@@ -199,10 +200,10 @@ index 61d8fa5c7eea..24c0c72a6685 100644

		bfd_boolean
		diff --git a/ld/pe-dll.h b/ld/pe-dll.h
		index 24ea30237aeb..6a0d6338646b 100644
		index 4697390..2bf71d9 100644
		--- a/ld/pe-dll.h
		+++ b/ld/pe-dll.h
		@@ -30,6 +30,7 @@ extern def_file *pe_def_file;
		@@ -31,6 +31,7 @@ extern def_file *pe_def_file;
		extern int pe_dll_export_everything;
		extern int pe_dll_exclude_all_symbols;
		extern int pe_dll_do_default_excludes;
		@@ -210,3 +211,6 @@ index 24ea30237aeb..6a0d6338646b 100644
		extern int pe_dll_kill_ats;
		extern int pe_dll_stdcall_aliases;
		extern int pe_dll_warn_dup_exports;
		--
		2.0.1

projects/binutils/peXXigen.patch

0 → 100644

+14 −0

Original line number	Diff line number	Diff line
		diff -crB binutils-2.24/bfd/peXXigen.c binutils-2.24/bfd/peXXigen.c
		*** binutils-2.24/bfd/peXXigen.c Tue Nov 26 11:37:33 2013
		--- binutils-2.24/bfd/peXXigen.c Mon Aug 4 07:10:15 2014
		***************
		* 795,800 **
		--- 795,802 ----
		/* Only use a real timestamp if the option was chosen. */
		if ((pe_data (abfd)->insert_timestamp))
		H_PUT_32 (abfd, time(0), filehdr_out->f_timdat);
		+ else
		+ H_PUT_32 (abfd, 0, filehdr_out->f_timdat);

		PUT_FILEHDR_SYMPTR (abfd, filehdr_in->f_symptr,
		filehdr_out->f_symptr);

projects/binutils/specify-timestamp.patch

deleted100644 → 0

+0 −123

Original line number	Diff line number	Diff line
		--- a/upstream/bfd/peXXigen.c
		+++ b/upstream/bfd/peXXigen.c
		@@ -66,6 +66,9 @@
		#include <wchar.h>
		#endif

		+#include <errno.h>
		+#include <limits.h>
		+
		/* NOTE: it's strange to be including an architecture specific header
		in what's supposed to be general (to PE/PEI) code. However, that's
		where the definitions are, and they don't vary per architecture
		@@ -873,8 +876,36 @@
		H_PUT_16 (abfd, filehdr_in->f_nscns, filehdr_out->f_nscns);

		/* Only use a real timestamp if the option was chosen. */
		- if ((pe_data (abfd)->insert_timestamp))
		- H_PUT_32 (abfd, time (0), filehdr_out->f_timdat);
		+ if (pe_data (abfd)->insert_timestamp) {
		+ time_t now;
		+ char *source_date_epoch;
		+ unsigned long long epoch;
		+ char *endptr;
		+
		+ now = time(NULL);
		+ source_date_epoch = getenv("SOURCE_DATE_EPOCH");
		+ if (source_date_epoch) {
		+ errno = 0;
		+ epoch = strtoull(source_date_epoch, &endptr, 10);
		+ if ((errno == ERANGE && (epoch == ULLONG_MAX \|\| epoch == 0))
		+ \|\| (errno != 0 && epoch == 0)) {
		+ _bfd_error_handler("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n",
		+ strerror(errno));
		+ } else if (endptr == source_date_epoch) {
		+ _bfd_error_handler("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n",
		+ endptr);
		+ } else if (*endptr != '\0') {
		+ _bfd_error_handler("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n",
		+ endptr);
		+ } else if (epoch > ULONG_MAX) {
		+ _bfd_error_handler("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to: %lu but was found to be: %llu\n",
		+ ULONG_MAX, epoch);
		+ } else {
		+ now = epoch;
		+ }
		+ }
		+ H_PUT_32 (abfd, now, filehdr_out->f_timdat);
		+ }

		PUT_FILEHDR_SYMPTR (abfd, filehdr_in->f_symptr,
		filehdr_out->f_symptr);
		--- a/upstream/ld/pe-dll.c
		+++ b/upstream/ld/pe-dll.c
		@@ -26,6 +26,8 @@
		#include "filenames.h"
		#include "safe-ctype.h"

		+#include <errno.h>
		+#include <limits.h>
		#include <time.h>

		#include "ld.h"
		@@ -1185,8 +1187,36 @@

		memset (edata_d, 0, edata_sz);

		- if (pe_data (abfd)->insert_timestamp)
		- H_PUT_32 (abfd, time (0), edata_d + 4);
		+ if (pe_data (abfd)->insert_timestamp) {
		+ time_t now;
		+ char *source_date_epoch;
		+ unsigned long long epoch;
		+ char *endptr;
		+
		+ now = time(NULL);
		+ source_date_epoch = getenv("SOURCE_DATE_EPOCH");
		+ if (source_date_epoch) {
		+ errno = 0;
		+ epoch = strtoull(source_date_epoch, &endptr, 10);
		+ if ((errno == ERANGE && (epoch == ULLONG_MAX \|\| epoch == 0))
		+ \|\| (errno != 0 && epoch == 0)) {
		+ einfo("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n",
		+ strerror(errno));
		+ } else if (endptr == source_date_epoch) {
		+ einfo("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n",
		+ endptr);
		+ } else if (*endptr != '\0') {
		+ einfo("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n",
		+ endptr);
		+ } else if (epoch > ULONG_MAX) {
		+ einfo("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to: %lu but was found to be: %llu\n",
		+ ULONG_MAX, epoch);
		+ } else {
		+ now = epoch;
		+ }
		+ }
		+ H_PUT_32 (abfd, now, edata_d + 4);
		+ }

		if (pe_def_file->version_major != -1)
		{
		--- a/upstream/ld/emultempl/pe.em
		+++ b/upstream/ld/emultempl/pe.em
		@@ -307,7 +307,7 @@
		OPTION_USE_NUL_PREFIXED_IMPORT_TABLES},
		{"no-leading-underscore", no_argument, NULL, OPTION_NO_LEADING_UNDERSCORE},
		{"leading-underscore", no_argument, NULL, OPTION_LEADING_UNDERSCORE},
		- {"insert-timestamp", no_argument, NULL, OPTION_INSERT_TIMESTAMP},
		+ {"insert-timestamp", optional_argument, NULL, OPTION_INSERT_TIMESTAMP},
		{"no-insert-timestamp", no_argument, NULL, OPTION_NO_INSERT_TIMESTAMP},
		#ifdef DLL_SUPPORT
		/* getopt allows abbreviations, so we do this to stop it
		--- a/upstream/ld/emultempl/pep.em
		+++ b/upstream/ld/emultempl/pep.em
		@@ -324,7 +324,7 @@
		{"no-bind", no_argument, NULL, OPTION_NO_BIND},
		{"wdmdriver", no_argument, NULL, OPTION_WDM_DRIVER},
		{"tsaware", no_argument, NULL, OPTION_TERMINAL_SERVER_AWARE},
		- {"insert-timestamp", no_argument, NULL, OPTION_INSERT_TIMESTAMP},
		+ {"insert-timestamp", optional_argument, NULL, OPTION_INSERT_TIMESTAMP},
		{"no-insert-timestamp", no_argument, NULL, OPTION_NO_INSERT_TIMESTAMP},
		{"build-id", optional_argument, NULL, OPTION_BUILD_ID},
		{NULL, no_argument, NULL, 0}