Print this page
XXXX check_rtime should be able to forbid libraries
XXXX check_rtime needs to learn libnsl is safe now
XXXX check_rtime could use MACH() more thoroughly
XXXX check_rtime exceptions could be tidied up.

Split Close
Expand all
Collapse all
          --- old/exception_lists/check_rtime
          +++ new/exception_lists/check_rtime
↓ open down ↓ 55 lines elided ↑ open up ↑
  56   56  
  57   57  # picl file exclusions (4385799)
  58   58  SKIP            ^usr/platform/.*/libpsvcplugin_psr\.so\.1
  59   59  SKIP            ^usr/platform/.*/libpsvcpolicy_psr\.so\.1
  60   60  SKIP            ^usr/platform/.*/libpsvcpolicy\.so\.1
  61   61  SKIP            ^usr/lib/sysevent/modules/picl_slm.so$
  62   62  
  63   63  # Objects that are allowed to have executable data segments
  64   64  EXEC_DATA       ^MACH(lib)/ld\.so\.1$
  65   65  EXEC_DATA       ^lib/libc\.so\.1$       # 6524709, 32-bit, needed for x86 only
  66      -EXEC_DATA       ^lib/amd64/libumem\.so\.1$ # ptcumem
  67      -EXEC_DATA       ^lib/libumem\.so\.1$    # ptcumem
       66 +EXEC_DATA       ^MACH(lib)/libumem\.so\.1$ # ptcumem
  68   67  EXEC_DATA       ^opt/SUNWdtrt/tst/.*/ustack/tst\.helper\.exe$
  69   68  EXEC_DATA       ^platform/.*/MACH(kernel)/unix$
  70      -EXEC_DATA       ^platform/.*/multiboot$
  71   69  
  72   70  # Objects that are allowed to have an executable stack
  73   71  EXEC_STACK      ^platform/.*/MACH(kernel)/unix$
  74   72  EXEC_STACK      ^platform/.*/multiboot$
  75   73  EXEC_STACK      ^opt/os-tests/tests/secflags/stacky$
  76   74  
  77   75  # Objects for which we allow relocations to the text segment
  78   76  TEXTREL         ^platform/.*/MACH(kernel)/unix$
  79   77  
  80   78  # Directories and files that are allowed to have no direct bound symbols
↓ open down ↓ 8 lines elided ↑ open up ↑
  89   87  
  90   88  # Files that should contain debugging information.
  91   89  STAB    ^platform/.*/MACH(kernel)/unix$
  92   90  
  93   91  # Files that are allowed undefined references
  94   92  UNDEF_REF       ^usr/lib/libnisdb\.so\.2$
  95   93  
  96   94  # Objects allowed to have unused dependencies
  97   95  UNUSED_DEPS     ^usr/lib/picl/plugins/          # require devtree dependencies
  98   96  
  99      -# libm.so.2 dependency
 100      -UNUSED_OBJ      unused object=.*MACH(libm)/libm_hwcap1\.so\.2
 101      -
 102   97  # libnetsnmphelpers.so is empty in some net-snmp versions
 103   98  UNUSED_OBJ      unused object=.*/libnetsnmphelpers\.so\..*
 104   99  UNREF_OBJ       unreferenced object=.*/libnetsnmphelpers\.so\..*
 105  100  
 106  101  # Unused runpaths due to dlopen() use
 107  102  UNUSED_RPATH    /usr/lib/fs/autofs.*\ from\ .automountd
 108  103  UNUSED_RPATH    /etc/ppp/plugins.*\ from\ .*pppd
 109  104  UNUSED_RPATH    /usr/lib/inet/ppp.*\ from\ .*pppd
 110      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libipsecutil\.so\.1
 111  105  UNUSED_RPATH    /usr/platform/.*rsmlib.*\ from\ .*librsm\.so\.2
 112  106  UNUSED_RPATH    \$ORIGIN.*\ from\ .*fcode.so
 113  107  UNUSED_RPATH    /opt/VRTSvxvm/lib.*\ from\ .*libdiskmgt\.so\.1
 114  108  
 115  109  # Unused runpaths in picl code
 116  110  UNUSED_RPATH    /usr/platform/.*\ from\ .*/usr/platform
 117  111  UNUSED_RPATH    /usr/lib/picl/.*\ from\ .*/usr/platform
 118  112  UNUSED_RPATH    /usr/platform/.*\ from\ .*/usr/lib/picl
 119  113  
 120  114  # Unused runpaths in non-OSNET objects we can't change
 121  115  UNUSED_RPATH    /usr/lib/mps.*\ from\ .*libnss3\.so
 122  116  UNUSED_RPATH    /usr/lib/mps.*\ from\ .*libnssutil3\.so
 123  117  UNUSED_RPATH    /usr/lib/mps.*\ from\ .*libsmime3\.so
 124  118  UNUSED_RPATH    /usr/lib/mps.*\ from\ .*libssl3\.so
 125      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libdbus-1\.so\.3
 126      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libdbus-glib-1\.so\.2
 127      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libglib-2\.0\.so\.0
 128      -UNUSED_RPATH    /usr/X11/lib.*\ from\ .*libglib-2\.0\.so\.0
 129      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libgobject-2\.0\.so\.0
 130      -UNUSED_RPATH    /usr/X11/lib.*\ from\ .*libgobject-2\.0\.so\.0
 131      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libgthread-2\.0\.so\.0
 132      -UNUSED_RPATH    /usr/X11/lib.*\ from\ .*libgthread-2\.0\.so\.0
 133      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libcrypto\.so\.0\.9\.8
 134      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libnetsnmp\.so\..*
 135      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libgcc_s\.so\.1
 136      -UNUSED_RPATH    /usr/ccs/lib.*\ from\ .*libgcc_s\.so\.1
 137      -UNUSED_RPATH    /usr/lib.*\ from\ .*libgcc_s\.so\.1
 138      -UNUSED_RPATH    /usr/postgres/8.3/lib.*\ from\ .*libpq\.so\.5
 139      -UNUSED_RPATH    /usr/sfw/lib.*\ from\ .*libpq\.so\.5
 140  119  UNUSED_RPATH    /usr/lib.*\ from\ .*/usr/lib/mps
 141      -UNUSED_RPATH    /usr/ccs/lib.*\ from\ .*/usr/lib/mps
 142  120  UNUSED_RPATH    /usr/gnu/lib.*\ from\ .*/usr/lib/libpython2\..
 143  121  UNUSED_RPATH    /usr/gnu/lib.*\ from\ .*/usr/lib/64/libpython2\..
 144      -UNUSED_RPATH    /usr/snadm/lib.*\ from\ .*/usr/snadm/lib/libspmicommon\.so\.1
 145      -
 146  122  
 147  123  # Unused runpaths for reasons not captured above
 148  124  UNUSED_RPATH    /usr/lib/smbsrv.*\ from\ .*libsmb\.so\.1        # future needs
 149      -UNUSED_RPATH    /usr.*\ from\ .*tst\.gcc\.exe                   # gcc built
 150      -
 151  125  
 152  126  # Unreferenced objects of non-OSnet objects we can't change
 153  127  UNREF_OBJ       /lib.*\ of\ .*libcimapi\.so
 154  128  UNREF_OBJ       /lib.*\ of\ .*libdbus-1\.so\.3
 155  129  UNREF_OBJ       /lib.*\ of\ .*libdbus-glib-1\.so\.2
 156  130  UNREF_OBJ       /lib.*\ of\ .*libgio-2.0\.so\.0
 157  131  UNREF_OBJ       /lib.*\ of\ .*libglib-2.0\.so\.0
 158  132  UNREF_OBJ       /lib.*\ of\ .*libgobject-2.0\.so\.0
 159  133  UNREF_OBJ       /lib.*\ of\ .*libgthread-2\.0\.so\.0
 160  134  UNREF_OBJ       /lib.*\ of\ .*libjvm\.so
↓ open down ↓ 43 lines elided ↑ open up ↑
 204  178  OLDDEP          libthread\.so\.1                # on10 build 53
 205  179  OLDDEP          libw\.so\.1                     # on297 build 7
 206  180  
 207  181  # Files for which we skip checking of duplicate addresses in the
 208  182  # symbol sort sections. Such exceptions should be rare --- most code will
 209  183  # not have duplicate addresses, since it takes assember or a "#pragma weak"
 210  184  # to do such aliasing in C. C++ is different: The compiler generates aliases
 211  185  # for implementation reasons, and the mangled names used to encode argument
 212  186  # and return value types are difficult to handle well in mapfiles.
 213  187  # Furthermore, the Sun compiler and gcc use different and incompatible
 214      -# name mangling conventions. Since ON must be buildable by either, we
      188 +# name mangling conventions. Since illumos must be buildable by either, we
 215  189  # would have to maintain two sets of mapfiles for each such object.
 216      -# C++ use is rare in ON, so this is not worth pursuing.
      190 +# C++ use is rare in illumos, so this is not worth pursuing.
 217  191  #
 218  192  NOSYMSORT       opt/SUNWdtrt/tst/common/pid/tst.weak2.exe       # DTrace test
 219      -NOSYMSORT       lib/amd64/libnsl\.so\.1                         # C++
 220      -NOSYMSORT       lib/sparcv9/libnsl\.so\.1                       # C++
 221      -NOSYMSORT       lib/sparcv9/libfru\.so\.1                       # C++
 222      -NOSYMSORT       usr/lib/lms                                     # C++
 223  193  NOSYMSORT       ld\.so\.1                                       # libc_pic.a user
 224      -NOSYMSORT       lib/libsun_fc\.so\.1                            # C++
 225      -NOSYMSORT       lib/amd64/libsun_fc\.so\.1                      # C++
 226      -NOSYMSORT       lib/sparcv9/libsun_fc\.so\.1                    # C++
 227      -NOSYMSORT       usr/lib/amd64/libfru\.so\.1                     # C++
      194 +NOSYMSORT       usr/MACH(lib)/libsun_fc\.so\.1                  # C++
      195 +NOSYMSORT       usr/MACH(lib)/libfru\.so\.1                     # C++
 228  196  
      197 +# The majority of illumos deliverables should not depend on the GCC runtime
      198 +# (any necessary runtime symbol should be provided by libc.so, instead).
      199 +# However, the GNU C++ runtime requires the GCC runtime, so certain objects
      200 +# must be excepted.
      201 +FORBIDDEN       libgcc_s\.so
      202 +FORBIDDEN_DEP   usr/bin/audioconvert            # C++
      203 +FORBIDDEN_DEP   usr/bin/make                    # C++
      204 +FORBIDDEN_DEP   usr/MACH(lib)/libfru.so.1       # C++
      205 +FORBIDDEN_DEP   usr/MACH(lib)/libsun_fc.so.1    # C++
      206 +FORBIDDEN_DEP   usr/lib/netsvc/yp/rpc.yppasswdd # C++
      207 +FORBIDDEN_DEP   usr/lib/netsvc/yp/ypserv        # C++
      208 +FORBIDDEN_DEP   usr/lib/netsvc/yp/ypxfr         # C++
      209 +FORBIDDEN_DEP   usr/lib/netsvc/yp/ypxfrd        # C++
      210 +
      211 +# libfakekernel is a test environment, not intended for general use
      212 +FORBIDDEN libfakekernel\.so
      213 +FORBIDDEN_DEP usr/MACH(lib)/libzpool.so.1
      214 +FORBIDDEN_DEP usr/bin/amd64/ztest
      215 +FORBIDDEN_DEP usr/bin/i86/ztest
      216 +FORBIDDEN_DEP usr/bin/sparcv7/ztest
      217 +FORBIDDEN_DEP usr/bin/sparcv9/ztest
      218 +FORBIDDEN_DEP usr/lib/MACH(smbsrv)/libfksmbsrv.so.1
      219 +FORBIDDEN_DEP usr/lib/smbsrv/fksmbd
      220 +FORBIDDEN_DEP usr/sbin/amd64/zdb
      221 +FORBIDDEN_DEP usr/sbin/i86/zdb
      222 +FORBIDDEN_DEP usr/sbin/sparcv7/zdb
      223 +FORBIDDEN_DEP usr/sbin/sparcv9/zdb
      224 +
      225 +# libucb is intended for legacy compatibility, not general use
      226 +FORBIDDEN libucb\.so
      227 +FORBIDDEN_DEP usr/ucb/
      228 +FORBIDDEN_DEP usr/ucblib/
      229 +
      230 +# Older versions of libraries only provided for binary compatibility
      231 +FORBIDDEN libm\.so\.1
      232 +FORBIDDEN libresolv\.so\.1
      233 +FORBIDDEN libxcurses\.so\.1
 229  234  
 230  235  # The libprtdiag_psr.so.1 objects built under usr/src/lib/libprtdiag_psr
 231  236  # are a family, all built using the same makefile, targeted at different
 232  237  # sparc hardware variants. There are a small number of cases where this
 233  238  # one size fits all approach causes an object to be linked against an
 234  239  # unneeded library.
 235  240  UNREF_OBJ       lib/(libdevinfo|libcfgadm)\.so\.1; .*\ of\ .*SUNW,Netra-CP2300/lib/libprtdiag_psr\.so\.1
 236      -
 237      -
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX