Created attachment 478260 [details, diff] Fix readelf warning on debuginfo files. There is a small bug already fixed in upstream binutils: readelf on a separate debuginfo file will produce a spurious warning, like this example taken directly from the Stack Clash mitigation writeup at https://wiki.gentoo.org/wiki/Hardened/Gentoo_Hardened_and_Stack_Clash for the case of a system using FEATURES=splitdebug: $ readelf -p .comment /usr/lib/debug/usr/bin/whoami.debug readelf: Error: the dynamic segment offset + size exceeds the size of the file String dump of section '.comment': [ 0] GCC: (Gentoo Hardened 5.4.0-r3 p1.3, pie-0.6.5) 5.4.0 This is because of a check that was added recently that does not do the right thing with splitdebug files. This has been fixed upstream, see: https://sourceware.org/ml/binutils/2017-03/msg00279.html These errors are unhandled by tools that use readelf, such as app-admin/checksec-1.7.5 (although it doesn't really expect to be pointed at debuginfo files AFAIK). I have extracted the patch and tested locally, after which I get the expected behavior: $ readelf -p .comment /usr/lib/debug/usr/bin/whoami.debug String dump of section '.comment': [ 0] GCC: (Gentoo Hardened 5.4.0-r3 p1.3, pie-0.6.5) 5.4.0 I'll attach the readelf.c patch, and also the .ebuild patch I used to apply it (only for testing, it looks like toolchain-binutils.eclass does some magic with PATCHVER= to grab the necessary patch bundle).
Created attachment 478262 [details, diff] Modify binutils ebuild to use the readelf patch
Patch applied in 2.28.1 commit cf5003fe2fc3b45f366d0a3c6fdf834ed9d54321 Author: Matthias Maier <tamiko@gentoo.org> Date: Tue Aug 1 19:05:14 2017 -0500 sys-devel/binutils: version bump to 2.28.1, patchset 1.0 Includes fixes for bugs #622036 #622500 #622886 #624524 #624702 Package-Manager: Portage-2.3.6, Repoman-2.3.3
(In reply to Matthias Maier from comment #2) > Patch applied in 2.28.1 > > > > commit cf5003fe2fc3b45f366d0a3c6fdf834ed9d54321 > Author: Matthias Maier <tamiko@gentoo.org> > Date: Tue Aug 1 19:05:14 2017 -0500 > > sys-devel/binutils: version bump to 2.28.1, patchset 1.0 > > Includes fixes for bugs #622036 #622500 #622886 #624524 #624702 > > Package-Manager: Portage-2.3.6, Repoman-2.3.3 I guess we can close this now.