Because of CVE-2018-6574, some compiler options and linker options are restricted to prevent arbitrary code execution.
https://github.com/golang/go/issues/23672
By this change, building a Go code with LLVM Go bindings causes a compilation error as follows.
go build llvm.org/llvm/bindings/go/llvm: invalid flag in #cgo LDFLAGS: -Wl,-headerpad_max_install_names
llvm-go tool generates cgo LDFLAGS directive from `llvm-config --ldflags` and it contains -Wl,option options. But -Wl,option is banned by default. To avoid this problem, we need to set $CGO_LDFLAGS_ALLOW environment variable to notify a compiler that the flags should be allowed.
$ export CGO_LDFLAGS_ALLOW='-Wl,(-search_paths_first|-headerpad_max_install_names)'
By default for go 1.10 and go 1.9.5 these options should appear in the accepted set of options, however, if you're running into the error it's useful to have this documented.
Patch by Ryuichi Hayashida
llvm-svn: 325946
projects / platform / upstream / llvm.git / commit