Bug #233077 - Add QA check which verifies that LDFLAGS are respected. For now

this only works when LDFLAGS contains --hash-style=gnu since in this case the
the elf files should not contain .hash sections and we can use scanelf to
check whether or not the those sections exist. This adds a QA_DT_HASH variable
that is analogous to existing QA control variables documented in the ebuild.5
man page. There is also a complementary QA_STRICT_DT_HASH variable that can
be set in make.conf in order to ignore QA_DT_HASH settings in ebuilds. Thanks
to Arfrever Frehtes Taifersar Arahesis for this patch which I've tweaked in
just a few minor ways. 

svn path=/main/trunk/; revision=11205

3 files changed, 40 insertions, 0 deletions

diff --git a/bin/misc-functions.sh b/bin/misc-functions.sh
index e8b23a4d3..369823793 100755
--- a/bin/misc-functions.sh
+++ b/bin/misc-functions.sh
@@ -60,6 +60,7 @@ install_qa_check() {
 
 	if type -P scanelf > /dev/null && ! hasq binchecks ${RESTRICT}; then
 		local qa_var insecure_rpath=0 tmp_quiet=${PORTAGE_QUIET}
+		local f x
 
 		# display warnings when using stricter because we die afterwards
 		if has stricter ${FEATURES} ; then
@@ -158,6 +159,36 @@ install_qa_check() {
 			sleep 1
 		fi
 
+		# Check for files built without respecting LDFLAGS
+		if [[ "${LDFLAGS}" == *--hash-style=gnu* ]] && [[ "${PN}" != *-bin ]] ; then
+			f=$(scanelf -qyRF '%k %p' -k .hash "${D}" | sed -e "s:\.hash ::")
+			if [[ -n ${f} ]] ; then
+				echo "${f}" > "${T}"/scanelf-ignored-LDFLAGS.log
+				if [ "${QA_STRICT_DT_HASH-unset}" == unset ] ; then
+					if [[ ${#QA_DT_HASH[@]} -gt 1 ]] ; then
+						for x in "${QA_DT_HASH[@]}" ; do
+							sed -e "s#^${x#/}\$##" -i "${T}"/scanelf-ignored-LDFLAGS.log
+						done
+					else
+						for x in ${QA_DT_HASH} ; do
+							sed -e "s#^${x#/}\$##" -i "${T}"/scanelf-ignored-LDFLAGS.log
+						done
+					fi
+				fi
+				sed -e "/^\$/d" -e "s#^#/#" -i "${T}"/scanelf-ignored-LDFLAGS.log
+				f=$(<"${T}"/scanelf-ignored-LDFLAGS.log)
+				if [[ -n ${f} ]] ; then
+					vecho -ne '\a\n'
+					eqawarn "QA Notice: Files built without respecting LDFLAGS have been detected"
+					eqawarn " Please include this file in your report:"
+					eqawarn " ${T}/scanelf-ignored-LDFLAGS.log"
+					eqawarn "${f}"
+					vecho -ne '\a\n'
+					sleep 1
+				fi
+			fi
+		fi
+
 		# Save NEEDED information after removing self-contained providers
 		scanelf -qyRF '%a;%p;%S;%r;%n' "${D}" | { while IFS= read l; do
 			arch=${l%%;*}; l=${l#*;}
diff --git a/man/ebuild.5 b/man/ebuild.5
index d04cae228..4957dd973 100644
--- a/man/ebuild.5
+++ b/man/ebuild.5
@@ -422,6 +422,11 @@ stack (i.e. not those marked to need it which in fact do not).
 This should contain a list of file paths, relative to the image directory, of
 files that contain writable and executable segments.  These are rare.
 The paths may contain regular expressions.
+.TP
+\fBQA_DT_HASH\fR
+This should contain a list of file paths, relative to the image directory, of
+files that contain .hash sections. The paths may contain regular expressions
+with escape\-quoted special characters.
 .SH "PORTAGE DECLARATIONS"
 .TP
 .B inherit
diff --git a/man/make.conf.5 b/man/make.conf.5
index 4c291c0da..b1e0693f5 100644
--- a/man/make.conf.5
+++ b/man/make.conf.5
@@ -552,6 +552,10 @@ settings from ebuilds.  See also \fBebuild\fR(5).
 Set this to cause portage to ignore any \fIQA_TEXTREL\fR override
 settings from ebuilds.  See also \fBebuild\fR(5).
 .TP
+\fBQA_STRICT_DT_HASH = \fI"set"\fR
+Set this to cause portage to ignore any \fIQA_DT_HASH\fR override
+settings from ebuilds.  See also \fBebuild\fR(5).
+.TP
 .B RESUMECOMMAND
 This variable contains the command used for resuming package sources that
 have been partially downloaded.  It should be defined using the same format