[Pkg-pascal-devel] Bug#985946: patch proposal - hardening
David Bannon
dbannon at internode.on.net
Thu Dec 2 04:03:28 GMT 2021
Real Subject : hardening on PPC64 and now Arm, Amd64...
Abou, this is getting crazy ! I tried the hardening stuff on an Arm
RasPi, using the old Buster based OS but current FPC.
And it behaved in exactly the same way. The hardened binary will not
run. So, I looked a bit closer and noted that the binary is linked to
be run by "/lib/ld64.so.1" - that does not exist on my RasPI. So I
jumped to a Bullseye AMD64 VM and exactly the same problem. The
hardened Hello World app will not run, same reason, it needs
/lib/ld64.so.1 to run it and /lib/ld64.so.1 does not exist !
So, on the same box, I built my app, tomboy-ng, it builds and runs fine
hardened. Its interpreter is /lib64/ld-linux-x86-64.so.2. Only
difference is that my app links in a whole lot of lazarus (and RTL?)
units. Otherwise, exactly the same command line.
I have added an entry about this on the bug report I put in a week or
so ago on the FPC bug list,
https://gitlab.com/freepascal.org/fpc/source/-/issues/39451
There has to be a point where FPC decides to use /lib64/ld-linux-x86-
64.so.2 instead of /lib/ld64.so.1, I will try to find just what
triggers that change.
Davo On Tue, 2021-11-30 at 09:00 +0100, Abou Al Montacir wrote:
> I just check build logs and it looks like -Cg is supplied only for
> amd64. I cloud not find them for ppc64el or evem arm*.
>
> So maybe you are just pointing a serious bug that none identified in
> the past. I need more time to analyse the situation.
>
Hmm, thats interesting.
PPC64le - I have tried the older FPC322 and it has the same problem.
Little point in going back to 304, it was made before Hardening became
popular IMHO.
Is this likely to have Lazarus AND FPC removed from PPC64le ? If you
think thats a possibility, I will have something to append to my bug
report. :-)
And, perhaps, my testing
ARM - I believe, but have not tested, that it works fine. I have a Pi
somewhere with the 32bit OS on it ....
Davo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-pascal-devel/attachments/20211202/05b574cb/attachment.htm>
More information about the Pkg-pascal-devel
mailing list