brp-verify_elf, verify-elf: simplify VERIFY_ELF_* parameter passing
This commit is contained in:
Alexey Tourbin
parent
f82116d5f9
commit
e6683d0de4
@ -34,42 +34,25 @@ export VERIFY_ELF_UNRESOLVED=normal
|
||||
for t in `printf %s "$RPM_VERIFY_ELF_METHOD" |tr , ' '`; do
|
||||
case "$t" in
|
||||
no|none|skip)
|
||||
Info 'ELF verification disabled'
|
||||
exit 0
|
||||
;;
|
||||
arch)
|
||||
VERIFY_ELF_ARCH=normal
|
||||
;;
|
||||
arch=*)
|
||||
arch=?*)
|
||||
VERIFY_ELF_ARCH="${t#arch=}"
|
||||
;;
|
||||
fhs)
|
||||
VERIFY_ELF_FHS=normal
|
||||
;;
|
||||
fhs=*)
|
||||
fhs=?*)
|
||||
VERIFY_ELF_FHS="${t#fhs=}"
|
||||
;;
|
||||
rpath)
|
||||
VERIFY_ELF_RPATH=normal
|
||||
;;
|
||||
rpath=*)
|
||||
rpath=?*)
|
||||
VERIFY_ELF_RPATH="${t#rpath=}"
|
||||
;;
|
||||
stack)
|
||||
VERIFY_ELF_STACK=normal
|
||||
;;
|
||||
stack=*)
|
||||
stack=?*)
|
||||
VERIFY_ELF_STACK="${t#stack=}"
|
||||
;;
|
||||
textrel)
|
||||
VERIFY_ELF_TEXTREL=normal
|
||||
;;
|
||||
textrel=*)
|
||||
textrel=?*)
|
||||
VERIFY_ELF_TEXTREL="${t#textrel=}"
|
||||
;;
|
||||
unresolved)
|
||||
VERIFY_ELF_UNRESOLVED=normal
|
||||
;;
|
||||
unresolved=*)
|
||||
unresolved=?*)
|
||||
VERIFY_ELF_UNRESOLVED="${t#unresolved=}"
|
||||
;;
|
||||
normal)
|
||||
@ -106,19 +89,6 @@ done
|
||||
[ -z "$RPM_TARGET_ARCH" -o -n "${RPM_TARGET_ARCH##arm*}" ] ||
|
||||
VERIFY_ELF_STACK=no
|
||||
|
||||
[ "$VERIFY_ELF_ARCH" != no ] || VERIFY_ELF_ARCH=
|
||||
[ -z "$RPM_VERIFY_ELF_ARCH" ] || VERIFY_ELF_ARCH="$RPM_VERIFY_ELF_ARCH"
|
||||
[ "$VERIFY_ELF_FHS" != no ] || VERIFY_ELF_FHS=
|
||||
[ -z "$RPM_VERIFY_ELF_FHS" ] || VERIFY_ELF_FHS="$RPM_VERIFY_ELF_FHS"
|
||||
[ "$VERIFY_ELF_RPATH" != no ] || VERIFY_ELF_RPATH=
|
||||
[ -z "$RPM_VERIFY_ELF_RPATH" ] || VERIFY_ELF_RPATH="$RPM_VERIFY_ELF_RPATH"
|
||||
[ "$VERIFY_ELF_STACK" != no ] || VERIFY_ELF_STACK=
|
||||
[ -z "$RPM_VERIFY_ELF_STACK" ] || VERIFY_ELF_STACK="$RPM_VERIFY_ELF_STACK"
|
||||
[ "$VERIFY_ELF_TEXTREL" != no ] || VERIFY_ELF_TEXTREL=
|
||||
[ -z "$RPM_VERIFY_ELF_TEXTREL" ] || VERIFY_ELF_TEXTREL="$RPM_VERIFY_ELF_TEXTREL"
|
||||
[ "$VERIFY_ELF_UNRESOLVED" != no ] || VERIFY_ELF_UNRESOLVED=
|
||||
[ -z "$RPM_VERIFY_ELF_UNRESOLVED" ] || VERIFY_ELF_UNRESOLVED="$RPM_VERIFY_ELF_UNRESOLVED"
|
||||
|
||||
: ${RPM_VERIFY_ELF_TOPDIR:=}
|
||||
: ${RPM_VERIFY_ELF_SKIPLIST:=}
|
||||
[ -d "$RPM_BUILD_ROOT$RPM_VERIFY_ELF_TOPDIR" ] || exit 0
|
||||
|
||||
@ -57,19 +57,19 @@ VerifyELF()
|
||||
fname="${f#$RPM_BUILD_ROOT}"
|
||||
fname="${fname#.}"
|
||||
|
||||
if [ -n "$VERIFY_ELF_ARCH" -a "$RPM_TARGET_ARCH" = noarch ]; then
|
||||
if [ "${VERIFY_ELF_ARCH:=normal}" != no ] && [ "$RPM_TARGET_ARCH" = noarch ]; then
|
||||
[ "$VERIFY_ELF_ARCH" = relaxed ] && prefix=WARNING || prefix=ERROR
|
||||
[ "$VERIFY_ELF_ARCH" = relaxed ] || rc=1
|
||||
Info "$prefix: $f: ELF object for \"$RPM_TARGET_ARCH\" architecture"
|
||||
fi
|
||||
|
||||
if [ -n "$VERIFY_ELF_FHS" ] && [ -z "${fname##/usr/share/*}" -o -z "${fname##/etc/*}" ]; then
|
||||
if [ "${VERIFY_ELF_FHS:=normal}" != no ] && [ -z "${fname##/usr/share/*}" -o -z "${fname##/etc/*}" ]; then
|
||||
[ "$VERIFY_ELF_FHS" = relaxed ] && prefix=WARNING || prefix=ERROR
|
||||
[ "$VERIFY_ELF_FHS" = relaxed ] || rc=1
|
||||
Info "$prefix: $f: ELF object out of allowed directory tree"
|
||||
fi
|
||||
|
||||
if [ -n "$VERIFY_ELF_RPATH" ]; then
|
||||
if [ "${VERIFY_ELF_RPATH:=normal}" != no ]; then
|
||||
rpath="$(printf %s "$objdump_info" |awk '{if ($1=="RPATH") print $2}')"
|
||||
if [ -n "$rpath" ]; then
|
||||
prefix=
|
||||
@ -106,7 +106,7 @@ VerifyELF()
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "$VERIFY_ELF_STACK" ]; then
|
||||
if [ "${VERIFY_ELF_STACK:=normal}" != no ]; then
|
||||
if [ -z "${t##*ELF* executable*}" -o -z "${t##*ELF* shared object*}" ]; then
|
||||
stack="$(printf %s "$objdump_info" |sed -ne 's/^[[:space:]]*STACK[[:space:]]\+\([^[:space:]]\+\).*/\1/p')"
|
||||
if [ -z "$stack" ]; then
|
||||
@ -122,7 +122,7 @@ VerifyELF()
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "$VERIFY_ELF_TEXTREL" ]; then
|
||||
if [ "${VERIFY_ELF_TEXTREL:=normal}" != no ]; then
|
||||
textrel="$(printf %s "$objdump_info" |sed -ne 's/^[[:space:]]*TEXTREL[[:space:]]\+\([^[:space:]]\+\).*/\1/p')"
|
||||
if [ -n "$textrel" ]; then
|
||||
[ "$VERIFY_ELF_TEXTREL" = relaxed ] && prefix=WARNING || prefix=ERROR
|
||||
@ -131,7 +131,7 @@ VerifyELF()
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "$VERIFY_ELF_UNRESOLVED" ]; then
|
||||
if [ "${VERIFY_ELF_UNRESOLVED:=normal}" != no ]; then
|
||||
while [ -z "${t##*ELF* executable*dynamically linked*}" -o -z "${t##*ELF* shared object*}" ]; do
|
||||
rpath="$(printf %s "$objdump_info" |awk '{if ($1=="RPATH") print $2}' |tr -s : ' ' |sed -e "s|\$ORIGIN|${fname%/*}|g")"
|
||||
if [ -n "$rpath" ]; then
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user