fanquake
commented at 10:00 pm on December 6, 2019:
member
This performs the same function as -Wl,-z,now, except for ld on macOS.
You can check the binaries using otool -l, and looking for the LC_DYLD_INFO_ONLY section; lazy_bind_off and lazy_bind_size should both be 0.
This seems to be the case with our current release binaries. However we can make the check, and applying the flag explicit in configure.
man ld:
0-bind_at_load
1Sets a bit in the mach header of the resulting binary which tells dyld
2to bind all symbols when the binary is loaded, rather than lazily.
TODO:
Follow up with MH_BINDATLOAD flag.
fanquake added the label
macOS
on Dec 6, 2019
fanquake added the label
Build system
on Dec 6, 2019
fanquake added the label
Needs gitian build
on Dec 6, 2019
DrahtBot
commented at 3:01 am on December 7, 2019:
member
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.
Conflicts
No conflicts as of last run.
DrahtBot
commented at 0:11 am on December 8, 2019:
member
laanwj
commented at 9:40 am on December 9, 2019:
member
Concept ACK
Weren’t you working on extending security-check.py to MacOS as well? It has been shown to be quite important to check these things are actually applied (#17569)
fanquake
commented at 1:41 pm on December 9, 2019:
member
Weren’t you working on extending security-check.py to MacOS as well?
laanwj
commented at 3:40 pm on December 9, 2019:
member
I can integrate those changes, as well as extend to check for the bind flags as part of this PR.
that’d be awesome!
dongcarl
commented at 6:54 pm on December 9, 2019:
member
Concept ACK, would love to see the macos_dylib_check.py be in the codebase and as part of reproducible builds (if that makes sense).
fanquake added the label
Waiting for author
on Dec 9, 2019
fanquake
commented at 8:07 pm on December 9, 2019:
member
Currently on hold as we investigate some discrepancies with the macOS dynamic loader.
build: add -bind_at_load to hardened LDFLAGS
This performs the same function as -Wl,-z,now, except for ld on macOS.
You can check the binaries using otool -l, looking for the
LC_DYLD_INFO_ONLY section. lazy_bind_off and lazy_bind_size should both
be 0.
man ld:
-bind_at_load
Sets a bit in the mach header of the resulting binary which tells dyld
to bind all symbols when the binary is loaded, rather than lazily.
c78b123982
fanquake force-pushed
on Dec 13, 2019
fanquake removed the label
Waiting for author
on Dec 13, 2019
theuni approved
theuni
commented at 8:36 pm on December 17, 2019:
member
ACKc78b123982d59fe2d633659f23d6893de627f3f6.
fanquake referenced this in commit
47f45b6776
on Dec 17, 2019
fanquake merged this
on Dec 17, 2019
fanquake closed this
on Dec 17, 2019
fanquake
commented at 9:33 pm on December 17, 2019:
member
The macOS security and dylib checking changes are going to be PR’d shortly, as well as some additional ld flags error checking.
fanquake deleted the branch
on Dec 17, 2019
sidhujag referenced this in commit
1420874b13
on Dec 17, 2019
fanquake referenced this in commit
d486991aa5
on Apr 9, 2020
sidhujag referenced this in commit
985073abb5
on Apr 13, 2020
sidhujag referenced this in commit
ec6da719c1
on Nov 10, 2020
PastaPastaPasta referenced this in commit
2abb7f0106
on Jun 27, 2021
PastaPastaPasta referenced this in commit
dcf166592b
on Jun 28, 2021
PastaPastaPasta referenced this in commit
bf2b1a6040
on Jun 29, 2021
PastaPastaPasta referenced this in commit
386e576a1e
on Jul 1, 2021
PastaPastaPasta referenced this in commit
e1c33e89d8
on Jul 1, 2021
PastaPastaPasta referenced this in commit
10a4b01361
on Sep 17, 2021
thelazier referenced this in commit
1fe2770c05
on Sep 25, 2021
This is a metadata mirror of the GitHub repository
bitcoin/bitcoin.
This site is not affiliated with GitHub.
Content is generated from a GitHub metadata backup.
generated: 2024-12-19 12:12 UTC
This site is hosted by @0xB10C More mirrored repositories can be found on mirror.b10c.me