Only set -rpath=$ORIGIN in component builds by default.

Statically-linked binaries do not need -rpath=$ORIGIN set, and setting it can be a source of strange security issues (see bug for more details). Manually add this to some test binaries that require shared libraries to be loaded from the build directory. R=phajdan.jr@chromium.org, thestig@chromium.org BUG=556843 Renald of https://codereview.chromium.org/1525733002/ TBR=dpranke@chromium.org Review URL: https://codereview.chromium.org/1525773002 Cr-Commit-Position: refs/heads/master@{#365125}
joone · Dec 14, 2015 · 5e63330 · 5e63330
1 parent db165b7
commit 5e63330
Show file tree

Hide file tree

Showing 6 changed files with 99 additions and 9 deletions.
diff --git a/base/BUILD.gn b/base/BUILD.gn
@@ -1565,11 +1565,17 @@ test("base_unittests") {
   if (is_linux) {
     sources -= [ "file_version_info_unittest.cc" ]
     sources += [ "nix/xdg_util_unittest.cc" ]
+
     deps += [ "//base/test:malloc_wrapper" ]
 
     if (use_glib) {
       configs += [ "//build/config/linux:glib" ]
     }
+
+    if (!is_component_build) {
+      # Set rpath to find libmalloc_wrapper.so even in a non-component build.
+      configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+    }
   }
 
   if (!is_linux || use_ozone) {

diff --git a/build/config/gcc/BUILD.gn b/build/config/gcc/BUILD.gn
@@ -20,6 +20,45 @@ config("symbol_visibility_hidden") {
   cflags = [ "-fvisibility=hidden" ]
 }
 
+# The rpath is the dynamic library search path. Setting this config on a link
+# step will put the directory where the build generates shared libraries into
+# the rpath.
+#
+# It's important that this *not* be used for release builds we push out.
+# Chrome uses some setuid binaries, and hard links preserve setuid bits. An
+# unprivileged user could gain root privileges by hardlinking a setuid
+# executable and then adding in whatever binaries they want to run into the lib
+# directory.
+#
+# Example bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520126
+#
+# This is required for component builds since the build generates many shared
+# libraries in the build directory that we expect to be automatically loaded.
+# It will be automatically applied in this case by :executable_ldconfig.
+#
+# In non-component builds, certain test binaries may expect to load dynamic
+# libraries from the current directory. As long as these aren't distributed,
+# this is OK. For these cases use something like this:
+#
+#  if (is_linux && !is_component_build) {
+#    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+#  }
+config("rpath_for_built_shared_libraries") {
+  if (!is_android) {
+    # Note: Android doesn't support rpath.
+    if (shlib_subdir != ".") {
+      rpath_link = "${shlib_subdir}/"
+    } else {
+      rpath_link = "."
+    }
+    ldflags = [
+      # Want to pass "\$". GN will re-escape as required for ninja.
+      "-Wl,-rpath=\$ORIGIN/${rpath_link}",
+      "-Wl,-rpath-link=${rpath_link}",
+    ]
+  }
+}
+
 # Settings for executables and shared libraries.
 config("executable_ldconfig") {
   if (is_android) {
@@ -28,16 +67,13 @@ config("executable_ldconfig") {
       "-Wl,-z,nocopyreloc",
     ]
   } else {
-    # Note: Android doesn't support rpath.
-    rpath_link = "."
-    if (shlib_subdir != ".") {
-      rpath_link = "${shlib_subdir}/"
+    if (is_component_build) {
+      configs = [ ":rpath_for_built_shared_libraries" ]
     }
-    ldflags = [
-      # Want to pass "\$". GN will re-escape as required for ninja.
-      "-Wl,-rpath=\$ORIGIN/${rpath_link}",
-      "-Wl,-rpath-link=${rpath_link}",
 
+    ldflags = [
+      # TODO(GYP): Do we need a check on the binutils version here?
+      #
       # Newer binutils don't set DT_RPATH unless you disable "new" dtags
       # and the new DT_RUNPATH doesn't work without --no-as-needed flag.
       "-Wl,--disable-new-dtags",

diff --git a/chrome/test/BUILD.gn b/chrome/test/BUILD.gn
@@ -1066,6 +1066,12 @@ if (!is_android) {
                 "//chrome")
       }
     }
+
+    if (is_linux && !is_component_build) {
+      # Set rpath to find the CDM adapter even in a non-component build.
+      configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+    }
+
     if (is_chromeos) {
       sources += rebase_path(
               chrome_tests_gypi_values.chrome_browser_tests_chromeos_sources,

diff --git a/mojo/common/BUILD.gn b/mojo/common/BUILD.gn
@@ -97,6 +97,12 @@ test("mojo_common_unittests") {
     "../message_pump/message_pump_mojo_unittest.cc",
     "common_type_converters_unittest.cc",
   ]
+
+  if (is_linux && !is_component_build) {
+    # This tests dynamically loads libmojo_test_support even in non-component
+    # builds.
+    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+  }
 }
 
 test("mojo_common_perftests") {

diff --git a/ppapi/BUILD.gn b/ppapi/BUILD.gn
@@ -70,7 +70,7 @@ shared_library("power_saver_test_plugin") {
   ]
 }
 
-shared_library("blink_test_plugin") {
+loadable_module("blink_test_plugin") {
   sources = [
     "tests/blink_test_plugin.cc",
   ]

diff --git a/third_party/mojo/src/mojo/edk/test/BUILD.gn b/third_party/mojo/src/mojo/edk/test/BUILD.gn
@@ -96,39 +96,75 @@ test("mojo_public_bindings_unittests") {
     ":run_all_unittests",
     "//mojo/public/cpp/bindings/tests",
   ]
+
+  if (is_linux && !is_component_build) {
+    # This tests dynamically loads libmojo_test_support even in non-component
+    # builds.
+    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+  }
 }
 
 test("mojo_public_bindings_perftests") {
   deps = [
     ":run_all_perftests",
     "//mojo/public/cpp/bindings/tests:perftests",
   ]
+
+  if (is_linux && !is_component_build) {
+    # This tests dynamically loads libmojo_test_support even in non-component
+    # builds.
+    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+  }
 }
 
 test("mojo_public_environment_unittests") {
   deps = [
     ":run_all_unittests",
     "//mojo/public/cpp/environment/tests",
   ]
+
+  if (is_linux && !is_component_build) {
+    # This tests dynamically loads libmojo_test_support even in non-component
+    # builds.
+    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+  }
 }
 
 test("mojo_public_system_perftests") {
   deps = [
     ":run_all_perftests",
     "//mojo/public/c/system/tests:perftests",
   ]
+
+  if (is_linux && !is_component_build) {
+    # This tests dynamically loads libmojo_test_support even in non-component
+    # builds.
+    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+  }
 }
 
 test("mojo_public_system_unittests") {
   deps = [
     ":run_all_unittests",
     "//mojo/public/cpp/system/tests",
   ]
+
+  if (is_linux && !is_component_build) {
+    # This tests dynamically loads libmojo_test_support even in non-component
+    # builds.
+    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+  }
 }
 
 test("mojo_public_utility_unittests") {
   deps = [
     ":run_all_unittests",
     "//mojo/public/cpp/utility/tests",
   ]
+
+  if (is_linux && !is_component_build) {
+    # This tests dynamically loads libmojo_test_support even in non-component
+    # builds.
+    configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
+  }
 }