guix/gnu/packages/ld-wrapper.in

#!@BASH@
# -*- mode: scheme; coding: utf-8; -*-

# XXX: We have to go through Bash because there's no command-line switch to
# augment %load-compiled-path, and because of the silly 127-byte limit for
# the shebang line in Linux.
# Use `load-compiled' because `load' (and `-l') doesn't otherwise load our
# .go file (see <http://bugs.gnu.org/12519>).
# Unset 'GUILE_LOAD_COMPILED_PATH' to make sure we do not stumble upon
# incompatible .go files.  See
# <https://lists.gnu.org/archive/html/guile-devel/2016-03/msg00000.html>.

unset GUILE_LOAD_COMPILED_PATH
unset GUILE_SYSTEM_COMPILED_PATH
main="(@ (gnu build-support ld-wrapper) ld-wrapper)"
exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line)))" "$@"
!#
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2020 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2020 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu build-support ld-wrapper)
  #:use-module (srfi srfi-1)
  #:use-module (ice-9 match)
  #:autoload   (ice-9 rdelim) (read-delimited)
  #:export (ld-wrapper))

;;; Commentary:
;;;
;;; This is a wrapper for the linker.  Its purpose is to inspect the -L and
;;; -l switches passed to the linker, add corresponding -rpath arguments, and
;;; invoke the actual linker with this new set of arguments.
;;;
;;; The alternatives to this hack would be:
;;;
;;;   1. Using $LD_RUN_PATH.  However, that would tend to include more than
;;;      needed in the RPATH; for instance, given a package with `libfoo' as
;;;      an input, all its binaries would have libfoo in their RPATH,
;;;      regardless of whether they actually NEED it.
;;;
;;;   2. Use a GCC "lib" spec string such as `%{L*:-rpath %*}', which adds a
;;;      `-rpath LIBDIR' argument for each occurrence of `-L LIBDIR'.
;;;      However, this doesn't work when $LIBRARY_PATH is used, because the
;;;      additional `-L' switches are not matched by the above rule, because
;;;      the rule only matches explicit user-provided switches.  See
;;;      <http://gcc.gnu.org/ml/gcc-help/2012-09/msg00110.html> for details.
;;;
;;; As a bonus, this wrapper checks for "impurities"--i.e., references to
;;; libraries outside the store.
;;;
;;; Code:

(define %real-ld
  ;; Name of the linker that we wrap.
  "@LD@")

(define %store-directory
  ;; File name of the store.
  (or (getenv "NIX_STORE") "/gnu/store"))

(define %temporary-directory
  ;; Temporary directory.
  (or (getenv "TMPDIR") "/tmp"))

(define %build-directory
  ;; Top build directory when run from a builder.
  (getenv "NIX_BUILD_TOP"))

(define %allow-impurities?
  ;; Whether to allow references to libraries outside the store.
  ;; Allow them by default for convenience.
  (let ((value (getenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES")))
    (or (not value)
        (let ((value (string-downcase value)))
          (cond ((member value '("yes" "y" "t" "true" "1"))
                 #t)
                ((member value '("no" "n" "f" "false" "0"))
                 #f)
                (else
                 (format (current-error-port)
                         "ld-wrapper: ~s: invalid value for \
'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'~%"
                         value)))))))

(define %debug?
  ;; Whether to emit debugging output.
  (getenv "GUIX_LD_WRAPPER_DEBUG"))

(define %disable-rpath?
  ;; Whether to disable automatic '-rpath' addition.
  (getenv "GUIX_LD_WRAPPER_DISABLE_RPATH"))

(define (readlink* file)
  ;; Call 'readlink' until the result is not a symlink.
  (define %max-symlink-depth 50)

  (let loop ((file  file)
             (depth 0))
    (define (absolute target)
      (if (absolute-file-name? target)
          target
          (string-append (dirname file) "/" target)))

    (if (>= depth %max-symlink-depth)
        file
        (call-with-values
            (lambda ()
              (catch 'system-error
                (lambda ()
                  (values #t (readlink file)))
                (lambda args
                  (let ((errno (system-error-errno args)))
                    (if (or (= errno EINVAL) (= errno ENOENT))
                        (values #f file)
                        (apply throw args))))))
          (lambda (success? target)
            (if success?
                (loop (absolute target) (+ depth 1))
                file))))))

(define (pure-file-name? file)
  ;; Return #t when FILE is the name of a file either within the store
  ;; (possibly via a symlink) or within the build directory.
  (let ((file (readlink* file)))
    (or (not (string-prefix? "/" file))
        (string-prefix? %store-directory file)
        (string-prefix? %temporary-directory file)
        (and %build-directory
             (string-prefix? %build-directory file)))))

(define (store-file-name? file)
  ;; Return #t when FILE is a store file, possibly indirectly.
  (string-prefix? %store-directory (readlink* file)))

(define (shared-library? file)
  ;; Return #t when FILE denotes a shared library.
  (or (string-suffix? ".so" file)
      (let ((index (string-contains file ".so.")))
        ;; Since we cannot use regexps during bootstrap, roll our own.
        (and index
             (string-every (char-set-union (char-set #\.) char-set:digit)
                           (string-drop file (+ index 3)))))))

(define (library-search-path args)
  ;; Return the library search path as a list of directory names.  The GNU ld
  ;; manual notes that "[a]ll `-L' options apply to all `-l' options,
  ;; regardless of the order in which the options appear", so we must compute
  ;; the search path independently of the -l options.
  (let loop ((args args)
             (path '()))
    (match args
      (()
       (reverse path))
      (("-L" directory . rest)
       (loop rest (cons directory path)))
      ((argument . rest)
       (if (string-prefix? "-L" argument)         ;augment the search path
           (loop rest
                 (cons (string-drop argument 2) path))
           (loop rest path))))))

(define (library-files-linked args library-path)
  ;; Return the absolute file names of shared libraries explicitly linked
  ;; against via `-l' or with an absolute file name in ARGS, looking them up
  ;; in LIBRARY-PATH.
  (define files+args
    (fold (lambda (argument result)
            (match result
              ((library-files ((and flag
                                    (or "-dynamic-linker" "-plugin"))
                               . rest))
               ;; When passed '-dynamic-linker ld.so', ignore 'ld.so'; when
               ;; passed '-plugin liblto_plugin.so', ignore
               ;; 'liblto_plugin.so'.  See <http://bugs.gnu.org/20102>.
               (list library-files
                     (cons* argument flag rest)))
              ((library-files previous-args)
               (cond ((string-prefix? "-l" argument) ;add library
                      (let* ((lib  (string-append "lib"
                                                  (string-drop argument 2)
                                                  ".so"))
                             (full (search-path library-path lib)))
                        (list (if full
                                  (cons full library-files)
                                  library-files)
                              (cons argument previous-args))))
                     ((and (string-prefix? %store-directory argument)
                           (shared-library? argument)) ;add library
                      (list (cons argument library-files)
                            (cons argument previous-args)))
                     (else
                      (list library-files
                            (cons argument previous-args)))))))
          (list '() '())
          args))

  (match files+args
    ((files arguments)
     (reverse files))))

(define (rpath-arguments library-files)
  ;; Return the `-rpath' argument list for each of LIBRARY-FILES, a list of
  ;; absolute file names.
  (fold-right (lambda (file args)
                ;; Add '-rpath' if and only if FILE is in the store; we don't
                ;; want to add '-rpath' for files under %BUILD-DIRECTORY or
                ;; %TEMPORARY-DIRECTORY because that could leak to installed
                ;; files.
                (cond ((and (not %disable-rpath?)
                            (store-file-name? file))
                       (cons* "-rpath" (dirname file) args))
                      ((or %allow-impurities?
                           (pure-file-name? file))
                       args)
                      (else
                       (begin
                         (format (current-error-port)
                                 "ld-wrapper: error: attempt to use \
library outside of ~a: ~s~%"
                                 %store-directory file)
                         (exit 1)))))
              '()
              library-files))

(define (expand-arguments args)
  ;; Expand ARGS such that "response file" arguments, such as "@args.txt", are
  ;; expanded (info "(gcc) Overall Options").
  (define (response-file-arguments file)
    (define (tokenize port)
      ;; Return a list of all strings found in PORT.  Quote characters are
      ;; removed, but whitespaces within quoted strings are preserved.
      (let loop ((tokens '()))
        (let* ((token+delimiter (read-delimited " '\"\n" port 'split))
               (token (car token+delimiter))
               (delim (cdr token+delimiter)))
          (if (eof-object? token)
              (reverse tokens)
              (case delim
                ((#\") (loop (cons (read-delimited "\"" port) tokens)))
                ((#\') (loop (cons (read-delimited "'" port) tokens)))
                (else (if (> (string-length token) 0)
                          (loop (cons token tokens))
                          (loop tokens))))))))

    (when %debug?
      (format (current-error-port)
              "ld-wrapper: attempting to read arguments from '~a'~%" file))

    (call-with-input-file file tokenize))

  (define result
    (fold-right (lambda (arg result)
                  (if (string-prefix? "@" arg)
                      (let ((file (string-drop arg 1)))
                        (append (catch 'system-error
                                  (lambda ()
                                    (response-file-arguments file))
                                  (lambda args
                                    ;; FILE doesn't exist or cannot be read so
                                    ;; leave ARG as is.
                                    (list arg)))
                                result))
                      (cons arg result)))
                '()
                args))

  ;; If there are "@" arguments in RESULT *and* we can expand them (they don't
  ;; refer to nonexistent files), then recurse.
  (if (equal? result args)
      result
      (expand-arguments result)))

(define (ld-wrapper . args)
  ;; Invoke the real `ld' with ARGS, augmented with `-rpath' switches.
  (let* ((args (expand-arguments args))
         (path (library-search-path args))
         (libs (library-files-linked args path))
         (args (append args (rpath-arguments libs))))
    (when %debug?
      (format (current-error-port)
              "ld-wrapper: library search path: ~s~%" path)
      (format (current-error-port)
              "ld-wrapper: libraries linked: ~s~%" libs)
      (format (current-error-port)
              "ld-wrapper: invoking `~a' with ~s~%"
              %real-ld args)
      (force-output (current-error-port)))
    (apply execl %real-ld (basename %real-ld) args)))

;;; ld-wrapper.scm ends here