From 7cde91f57f5991cb45f15cee1d22c4150fc36e83 Mon Sep 17 00:00:00 2001 From: John Johansen Date: Fri, 4 Feb 2022 02:05:37 -0800 Subject: [PATCH] libapparmor: fix building with link time optimization (lto) Currently libapparmor fails to build when lto is used because it uses the asm directive to provide different version of some symbols. Unfortunately gcc does not recognize this and the symbols defined by asm are lost and optimized out by lto and then the link fails. Fixes: https://gitlab.com/apparmor/apparmor/-/issues/214 MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/831 Signed-off-by: John Johansen --- libraries/libapparmor/src/Makefile.am | 2 +- libraries/libapparmor/src/kernel.c | 5 +++-- libraries/libapparmor/src/libapparmor.map | 10 +++++----- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/libraries/libapparmor/src/Makefile.am b/libraries/libapparmor/src/Makefile.am index 401145068..2984d45cf 100644 --- a/libraries/libapparmor/src/Makefile.am +++ b/libraries/libapparmor/src/Makefile.am @@ -38,7 +38,7 @@ include $(COMMONDIR)/Make.rules BUILT_SOURCES = grammar.h scanner.h af_protos.h AM_LFLAGS = -v AM_YFLAGS = -d -p aalogparse_ -AM_CFLAGS = -Wall $(EXTRA_WARNINGS) -fPIC +AM_CFLAGS = -Wall $(EXTRA_WARNINGS) -fPIC -flto-partition=none AM_CPPFLAGS = -D_GNU_SOURCE -I$(top_srcdir)/include/ scanner.h: scanner.l $(LEX) -v $< diff --git a/libraries/libapparmor/src/kernel.c b/libraries/libapparmor/src/kernel.c index 7063799c9..5fab36e56 100644 --- a/libraries/libapparmor/src/kernel.c +++ b/libraries/libapparmor/src/kernel.c @@ -43,6 +43,7 @@ __asm__ (".symver " #real "," #name "@" #version) #define default_symbol_version(real, name, version) \ __asm__ (".symver " #real "," #name "@@" #version) +#define DLLEXPORT __attribute__((visibility("default"),externally_visible)) #define UNCONFINED "unconfined" #define UNCONFINED_SIZE strlen(UNCONFINED) @@ -824,7 +825,7 @@ int aa_change_onexec(const char *profile) } /* create an alias for the old change_hat@IMMUNIX_1.0 symbol */ -extern typeof((__change_hat)) __old_change_hat __attribute__((alias ("__change_hat"))); +DLLEXPORT extern typeof((__change_hat)) __old_change_hat __attribute__((alias ("__change_hat"))); symbol_version(__old_change_hat, change_hat, IMMUNIX_1.0); default_symbol_version(__change_hat, change_hat, APPARMOR_1.0); @@ -1222,7 +1223,7 @@ int query_label(uint32_t mask, char *query, size_t size, int *allowed, /* export multiple aa_query_label symbols to compensate for downstream * releases with differing symbol versions. */ -extern typeof((query_label)) __aa_query_label __attribute__((alias ("query_label"))); +DLLEXPORT extern typeof((query_label)) __aa_query_label __attribute__((alias ("query_label"))); symbol_version(__aa_query_label, aa_query_label, APPARMOR_1.1); default_symbol_version(query_label, aa_query_label, APPARMOR_2.9); diff --git a/libraries/libapparmor/src/libapparmor.map b/libraries/libapparmor/src/libapparmor.map index 41e541ac2..7ca7caea3 100644 --- a/libraries/libapparmor/src/libapparmor.map +++ b/libraries/libapparmor/src/libapparmor.map @@ -6,14 +6,14 @@ IMMUNIX_1.0 { global: - change_hat; + change_hat; __old_change_hat; local: *; }; APPARMOR_1.0 { global: - change_hat; + change_hat; __change_hat; parse_record; free_record; local: @@ -24,7 +24,7 @@ APPARMOR_1.1 { global: aa_is_enabled; aa_find_mountpoint; - aa_change_hat; + aa_change_hat; __old_change_hat; aa_change_hatv; aa_change_hat_vargs; aa_change_profile; @@ -37,7 +37,7 @@ APPARMOR_1.1 { free_record; aa_getprocattr_raw; aa_getprocattr; - aa_query_label; + aa_query_label; __aa_query_label; # no more symbols here, please @@ -47,7 +47,7 @@ APPARMOR_1.1 { APPARMOR_2.9 { global: - aa_query_label; + aa_query_label; query_label; local: *; } APPARMOR_1.1;