Darren Tucker
2018-Jun-08 00:37 UTC
vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
One difference I notice is that in your failing example you are
invoking /usr/bin/ld directly to link:
/usr/bin/ld -o ssh ssh.o readconf.o clientloop.o
sshtty.o sshconnect.o sshconnect2.o mux.o -L. -Lopenbsd-compat/
-Wl,-z,retpolineplt -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack
-fstack-protector-strong -pie -lssh -lopenbsd-compat -lutil -lz
-lcrypt -lresolv
whereas my example is invoking via gcc. I assume you are explicitly
setting the LD env var?
To narrow this down I suggest:
a) take the failing link command line and delete -Wl, options other
than retpoline and see if it will link at any point. Perhaps the
problem is the problem is occurs due to an interaction with other
flags
b) try using LD=gcc and see if it behaves any different (also, see if
the list of options it detects is different).
--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
PGNet Dev
2018-Jun-08 00:52 UTC
vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
On 6/7/18 5:37 PM, Darren Tucker wrote:> One difference I notice is that in your failing example you are > invoking /usr/bin/ld directly to link: > > /usr/bin/ld -o ssh ssh.o readconf.o clientloop.o > sshtty.o sshconnect.o sshconnect2.o mux.o -L. -Lopenbsd-compat/ > -Wl,-z,retpolineplt -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack > -fstack-protector-strong -pie -lssh -lopenbsd-compat -lutil -lz > -lcrypt -lresolv > > whereas my example is invoking via gcc.Subtle. Nice catch.> I assume you are explicitly setting the LD env var?Yep, as part of usual env, env | grep LD LD=/usr/bin/ld ls -al /usr/bin/ld lrwxrwxrwx 1 root root 20 Jun 7 05:00 /usr/bin/ld -> /etc/alternatives/ld* ls -al /etc/alternatives/ld lrwxrwxrwx 1 root root 15 Jun 7 10:16 /etc/alternatives/ld -> /usr/bin/ld.bfd*> To narrow this down I suggest: > a) take the failing link command line and delete -Wl, options other > than retpoline and see if it will link at any point. Perhaps the > problem is the problem is occurs due to an interaction with other > flags > b) try using LD=gcc and see if it behaves any different (also, see if > the list of options it detects is different).'bingo!' it seems. (1) make distclean unset LDFLAGS CFLAGS CXXFLAGS CPPFLAGS unset LD autoreconf -fiv ./configure --without-openssl make V=1 no errors! (warnings ...) ./sshd --version unknown option -- - OpenSSH_7.7p1, without OpenSSL usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time] [-h host_key_file] [-o option] [-p port] [-u len] make install /usr/local/bin/ssh -V OpenSSH_7.7p1, without OpenSSL (2) make uninstall make distclean unset LDFLAGS CFLAGS CXXFLAGS CPPFLAGS export LD=gcc autoreconf -fiv ./configure --without-openssl make V=1 again, no errors! (warnings ...) ./sshd --version unknown option -- - OpenSSH_7.7p1, without OpenSSL usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time] [-h host_key_file] [-o option] [-p port] [-u len] make install /usr/local/bin/ssh -V OpenSSH_7.7p1, without OpenSSL So, there's a problem for OpenSSH build with spec'ing LD=/usr/bin/ld ? Fwiw, I note that there's no "--with-gnu-ld" config option (&, I assume the code that goes with it) as found in numerous other packages' configure these days ... What's *intended* re: openssh? Support for LD=ld or only =gcc, or undef'd ?
Darren Tucker
2018-Jun-08 00:53 UTC
vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
On 8 June 2018 at 10:37, Darren Tucker <dtucker at dtucker.net> wrote:> whereas my example is invoking via gcc. I assume you are explicitly > setting the LD env var?I can reproduce it by setting LD=ld. I think I see what's happening: the test is invoking $CC as a linker instead of $LD and they behave differently in this case. configure:6352: checking if ld supports link flag -Wl,-z,retpolineplt configure:6375: gcc -o conftest -g -O2 -pipe -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -mfunction-return=thunk -mindirect-branch=thunk -Werror -Wl,-z,retpolineplt conftest.c >&5 /usr/bin/ld: warning: -z retpolineplt ignored. -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Darren Tucker
2018-Jun-08 01:08 UTC
vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
On 8 June 2018 at 10:52, PGNet Dev <pgnet.dev at gmail.com> wrote: [...]> So, there's a problem for OpenSSH build with spec'ing LD=/usr/bin/ld ?in this particular case, apparently yes. not generally, though. [...]> What's *intended* re: openssh? Support for LD=ld or only =gcc, or undef'd ?Well the intent is you should be able to set CC and LD to whatever you want as long as they work. In this case, the OSSH_CHECK_LDFLAG_LINK test invokes autoconf's AC_LINK_IFELSE with uses CC not LD. I'm not sure what to do about it yet though. -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.