/[gentoo-x86]/eclass/pax-utils.eclass
Gentoo

Contents of /eclass/pax-utils.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1 - (show annotations) (download)
Sun Jan 22 14:18:48 2006 UTC (8 years, 9 months ago) by kevquinn
Branch: MAIN
New eclass providing a support function pax-mark, to wrap use of chpax/paxctl

1 # Copyright 1999-2006 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: $
4
5 # Author:
6 # Kevin F. Quinn <kevquinn@gentoo.org>
7 #
8 # This eclass provides support for manipulating PaX markings on ELF
9 # binaries, wrapping the use of the chpax and paxctl utilities.
10
11 inherit eutils
12
13 ##### pax-mark ####
14 # Mark a file for PaX with the given flags.
15 # Tries chpax (EI_FLAGS) and paxctl (PT_FLAGS) if they are installed.
16 # If neither are installed, returns 0 (i.e. has no effect on non-PaX
17 # systems unless the owner has installed chpax and/or paxctl).
18 # Deliberately does _not_ check whether the build system is PaX or not.
19 #
20 # Syntax:
21 # pax-mark [-q] {<flags>} [{<files>}]
22 #
23 # -q: do things quietly (no einfo/ewarn)
24 #
25 # There must be at least one <flags>, and can include:
26 # -execstack equivalent to -E
27 # -execheap equivalent to -m
28 # -unrestricted equivalent to -psmxer
29 # -{[pPsSmMxXeErR]} as used direcly by chpax/paxctl
30 #
31 # Where more than one flag is given they are concatenated.
32 #
33 # {<files>} may be empty, so it's safe to use for example the results
34 # of a find that may not return any results.
35 #
36 # Return codes:
37 # 0: for all files, all installed utilities succeed.
38 # 1: No flags specified
39 # >1: bit 2 => chpax failed, bit 3 => paxctl failed
40
41 pax-mark() {
42 local flags ret quiet
43 # Fail if no parameters at all (especially no flags)
44 [[ -z $1 ]] && return 1
45 flags=
46 ret=0
47 quiet=
48 while [[ ${1:0:1} == "-" ]]; do
49 case ${1} in
50 -execstack)
51 flags="${flags}E"
52 ;;
53 -execheap)
54 flags="${flags}m"
55 ;;
56 -unrestricted)
57 flags="${flags}psmxer"
58 ;;
59 -q)
60 quiet="/bin/false "
61 ;;
62 *)
63 flags="${flags}${1:1}"
64 ;;
65 esac
66 shift
67 done
68 # Fail if no flags given
69 [[ -z ${flags} ]] && return 1
70 # Quietly exit if no files given
71 [[ -z $1 ]] && return 0
72 if [[ -x /sbin/chpax ]]; then
73 if /sbin/chpax -${flags} $*; then
74 ${quiet} einfo "PaX EI flags set to ${flags} on $*"
75 else
76 ${quiet} ewarn "Failed to set EI flags to ${flags} on $*"
77 (( ret=${ret}|2 ))
78 fi
79 fi
80 if [[ -x /sbin/paxctl ]]; then
81 # Steal PT_GNU_STACK if paxctl supports it
82 /sbin/paxctl -v 2>&1 | grep PT_GNU_STACK > /dev/null && \
83 flags="c${flags}"
84 if /sbin/paxctl -${flags} $*; then
85 ${quiet} einfo "PaX PT flags set to ${flags} on $*"
86 else
87 ${quiet} ewarn "Failed to set PT flags to ${flags} on $*"
88 (( ret=${ret}|4))
89 fi
90 fi
91 return ${ret}
92 }

  ViewVC Help
Powered by ViewVC 1.1.20