glibc: sync patches with arch, disable multi-arch which broke static builds.
This commit is contained in:
parent
8feb045471
commit
ac2187eb3d
|
@ -5,6 +5,8 @@ long_desc="${long_desc}
|
||||||
|
|
||||||
This package contains files for development: headers, static libs, etc."
|
This package contains files for development: headers, static libs, etc."
|
||||||
|
|
||||||
|
revision=1
|
||||||
|
|
||||||
Add_dependency run kernel-libc-headers
|
Add_dependency run kernel-libc-headers
|
||||||
Add_dependency run glibc
|
Add_dependency run glibc
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,7 @@ long_desc="${long_desc}
|
||||||
|
|
||||||
This package contains the ${sourcepkg} locale files, for non US users."
|
This package contains the ${sourcepkg} locale files, for non US users."
|
||||||
|
|
||||||
|
revision=1
|
||||||
noarch=yes
|
noarch=yes
|
||||||
|
|
||||||
do_install()
|
do_install()
|
||||||
|
|
|
@ -5,6 +5,7 @@ long_desc="
|
||||||
This package contains nscd, a daemon that provides a cache for the
|
This package contains nscd, a daemon that provides a cache for the
|
||||||
most common name service requests."
|
most common name service requests."
|
||||||
|
|
||||||
|
revision=1
|
||||||
openrc_services="nscd default false"
|
openrc_services="nscd default false"
|
||||||
conf_files="/etc/nscd.conf"
|
conf_files="/etc/nscd.conf"
|
||||||
|
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
Index: sysdeps/unix/sysv/linux/i386/sysdep.h
|
|
||||||
===================================================================
|
|
||||||
--- sysdeps/unix/sysv/linux/i386/sysdep.h (revision 1469)
|
|
||||||
+++ sysdeps/unix/sysv/linux/i386/sysdep.h (working copy)
|
|
||||||
@@ -29,6 +29,10 @@
|
|
||||||
#include <dl-sysdep.h>
|
|
||||||
#include <tls.h>
|
|
||||||
|
|
||||||
+#if defined __i686 && defined __ASSEMBLER__
|
|
||||||
+#undef __i686
|
|
||||||
+#define __i686 __i686
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
/* For Linux we can use the system call table in the header file
|
|
||||||
/usr/include/asm/unistd.h
|
|
||||||
Index: nptl/sysdeps/pthread/pt-initfini.c
|
|
||||||
===================================================================
|
|
||||||
--- nptl/sysdeps/pthread/pt-initfini.c (revision 1469)
|
|
||||||
+++ nptl/sysdeps/pthread/pt-initfini.c (working copy)
|
|
||||||
@@ -45,6 +45,11 @@
|
|
||||||
/* Embed an #include to pull in the alignment and .end directives. */
|
|
||||||
asm ("\n#include \"defs.h\"");
|
|
||||||
|
|
||||||
+asm ("\n#if defined __i686 && defined __ASSEMBLER__");
|
|
||||||
+asm ("\n#undef __i686");
|
|
||||||
+asm ("\n#define __i686 __i686");
|
|
||||||
+asm ("\n#endif");
|
|
||||||
+
|
|
||||||
/* The initial common code ends here. */
|
|
||||||
asm ("\n/*@HEADER_ENDS*/");
|
|
||||||
|
|
|
@ -1,85 +0,0 @@
|
||||||
From 2232b90f0bd3a41b4d63cac98a5b60abbfaccd46 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Andreas Schwab <schwab@redhat.com>
|
|
||||||
Date: Mon, 18 Oct 2010 11:46:00 +0200
|
|
||||||
Subject: [PATCH] Never expand $ORIGIN in privileged programs
|
|
||||||
|
|
||||||
---
|
|
||||||
ChangeLog | 6 ++++++
|
|
||||||
elf/dl-load.c | 30 +++++++++++++-----------------
|
|
||||||
2 files changed, 19 insertions(+), 17 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/elf/dl-load.c b/elf/dl-load.c
|
|
||||||
index 0adddf5..1cc6f25 100644
|
|
||||||
--- elf/dl-load.c
|
|
||||||
+++ elf/dl-load.c
|
|
||||||
@@ -169,8 +169,7 @@ local_strdup (const char *s)
|
|
||||||
|
|
||||||
|
|
||||||
static size_t
|
|
||||||
-is_dst (const char *start, const char *name, const char *str,
|
|
||||||
- int is_path, int secure)
|
|
||||||
+is_dst (const char *start, const char *name, const char *str, int is_path)
|
|
||||||
{
|
|
||||||
size_t len;
|
|
||||||
bool is_curly = false;
|
|
||||||
@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
|
|
||||||
&& (!is_path || name[len] != ':'))
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
- if (__builtin_expect (secure, 0)
|
|
||||||
- && ((name[len] != '\0' && (!is_path || name[len] != ':'))
|
|
||||||
- || (name != start + 1 && (!is_path || name[-2] != ':'))))
|
|
||||||
- return 0;
|
|
||||||
-
|
|
||||||
return len;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
|
|
||||||
{
|
|
||||||
size_t len;
|
|
||||||
|
|
||||||
- /* $ORIGIN is not expanded for SUID/GUID programs (except if it
|
|
||||||
- is $ORIGIN alone) and it must always appear first in path. */
|
|
||||||
+ /* $ORIGIN is not expanded for SUID/GUID programs. */
|
|
||||||
++name;
|
|
||||||
- if ((len = is_dst (start, name, "ORIGIN", is_path,
|
|
||||||
- INTUSE(__libc_enable_secure))) != 0
|
|
||||||
- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
|
|
||||||
- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
|
|
||||||
+ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
|
|
||||||
+ && !INTUSE(__libc_enable_secure))
|
|
||||||
+ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
|
|
||||||
+ || (len = is_dst (start, name, "LIB", is_path)) != 0)
|
|
||||||
++cnt;
|
|
||||||
|
|
||||||
name = strchr (name + len, '$');
|
|
||||||
@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
|
|
||||||
size_t len;
|
|
||||||
|
|
||||||
++name;
|
|
||||||
- if ((len = is_dst (start, name, "ORIGIN", is_path,
|
|
||||||
- INTUSE(__libc_enable_secure))) != 0)
|
|
||||||
+ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
|
|
||||||
{
|
|
||||||
+ /* Ignore this path element in SUID/SGID programs. */
|
|
||||||
+ if (INTUSE(__libc_enable_secure))
|
|
||||||
+ repl = (const char *) -1;
|
|
||||||
+ else
|
|
||||||
#ifndef SHARED
|
|
||||||
if (l == NULL)
|
|
||||||
repl = _dl_get_origin ();
|
|
||||||
@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
|
|
||||||
#endif
|
|
||||||
repl = l->l_origin;
|
|
||||||
}
|
|
||||||
- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
|
|
||||||
+ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
|
|
||||||
repl = GLRO(dl_platform);
|
|
||||||
- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
|
|
||||||
+ else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
|
|
||||||
repl = DL_DST_LIB;
|
|
||||||
|
|
||||||
if (repl != NULL && repl != (const char *) -1)
|
|
||||||
--
|
|
||||||
1.7.2
|
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
From d14e6b09d60d52cc12f0396c3106b14e1bd0fe8f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Andreas Schwab <schwab@redhat.com>
|
||||||
|
Date: Thu, 9 Dec 2010 15:00:59 +0100
|
||||||
|
Subject: [PATCH 1/1] Ignore origin of privileged program
|
||||||
|
|
||||||
|
---
|
||||||
|
ChangeLog | 5 +++++
|
||||||
|
elf/dl-object.c | 3 +++
|
||||||
|
2 files changed, 8 insertions(+), 0 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/elf/dl-object.c b/elf/dl-object.c
|
||||||
|
index 22a1635..7674d49 100644
|
||||||
|
--- elf/dl-object.c.orig
|
||||||
|
+++ elf/dl-object.c
|
||||||
|
@@ -214,6 +214,9 @@ _dl_new_object (char *realname, const char *libname, int type,
|
||||||
|
out:
|
||||||
|
new->l_origin = origin;
|
||||||
|
}
|
||||||
|
+ else if (INTUSE(__libc_enable_secure) && type == lt_executable)
|
||||||
|
+ /* The origin of a privileged program cannot be trusted. */
|
||||||
|
+ new->l_origin = (char *) -1;
|
||||||
|
|
||||||
|
return new;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.7.2
|
|
@ -0,0 +1,13 @@
|
||||||
|
diff -Naur glibc-old//sysdeps/i386/Makefile glibc//sysdeps/i386/Makefile
|
||||||
|
--- sysdeps/i386/Makefile.orig 2010-03-18 11:52:30.000000000 +1000
|
||||||
|
+++ sysdeps/i386/Makefile 2010-04-16 15:05:50.000000000 +1000
|
||||||
|
@@ -1,6 +1,7 @@
|
||||||
|
# The mpn functions need a #define for asm syntax flavor.
|
||||||
|
-# Every i386 port in use uses gas syntax (I think).
|
||||||
|
-asm-CPPFLAGS += -DGAS_SYNTAX
|
||||||
|
+# Every i386 port in use uses gas syntax (I think). Don't replace
|
||||||
|
+# __i686 in __i686.get_pc_thunk.bx.
|
||||||
|
+asm-CPPFLAGS += -DGAS_SYNTAX -U __i686
|
||||||
|
|
||||||
|
# The i386 `long double' is a distinct type we support.
|
||||||
|
long-double-fcts = yes
|
|
@ -1,15 +1,9 @@
|
||||||
# Template file for 'glibc'
|
# Template file for 'glibc'
|
||||||
pkgname=glibc
|
pkgname=glibc
|
||||||
version=2.13
|
version=2.13
|
||||||
|
revision=1
|
||||||
distfiles="http://ftp.gnu.org/gnu/glibc/glibc-${version}.tar.bz2"
|
distfiles="http://ftp.gnu.org/gnu/glibc/glibc-${version}.tar.bz2"
|
||||||
build_style=gnu_configure
|
build_style=custom-install
|
||||||
build_wrksrc="build"
|
|
||||||
configure_script="../configure"
|
|
||||||
configure_args="--with-tls --enable-kernel=2.6.27 --enable-add-ons
|
|
||||||
--libexecdir=/usr/lib --libdir=/usr/lib --enable-stackguard-randomization
|
|
||||||
--with-headers=$XBPS_MASTERDIR/usr/include --enable-bind-now SHELL=/bin/bash"
|
|
||||||
make_install_target="SHELL=/bin/bash
|
|
||||||
install_root=$XBPS_DESTDIR/$pkgname-$version install"
|
|
||||||
short_desc="The GNU C library"
|
short_desc="The GNU C library"
|
||||||
maintainer="Juan RP <xtraeme@gmail.com>"
|
maintainer="Juan RP <xtraeme@gmail.com>"
|
||||||
checksum=0173c92a0545e6d99a46a4fbed2da00ba26556f5c6198e2f9f1631ed5318dbb2
|
checksum=0173c92a0545e6d99a46a4fbed2da00ba26556f5c6198e2f9f1631ed5318dbb2
|
||||||
|
@ -20,12 +14,6 @@ long_desc="
|
||||||
as C++ and Objective C; the runtime facilities of other programming
|
as C++ and Objective C; the runtime facilities of other programming
|
||||||
languages use the C library to access the underlying operating system."
|
languages use the C library to access the underlying operating system."
|
||||||
|
|
||||||
# Build with -mno-tls-direct-seg-refs to avoid performance problems
|
|
||||||
# with Xen on x86 32bit.
|
|
||||||
if [ "${xbps_machine}" = "i686" ]; then
|
|
||||||
CFLAGS="-mno-tls-direct-seg-refs"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Don't check for deps here
|
# Don't check for deps here
|
||||||
ignore_vdeps_dir="/usr/lib/gconv"
|
ignore_vdeps_dir="/usr/lib/gconv"
|
||||||
|
|
||||||
|
@ -33,33 +21,46 @@ base_chroot=yes
|
||||||
conf_files="/etc/rpc /etc/ld.so.conf /etc/nsswitch.conf"
|
conf_files="/etc/rpc /etc/ld.so.conf /etc/nsswitch.conf"
|
||||||
subpackages="glibc-devel glibc-locales nscd"
|
subpackages="glibc-devel glibc-locales nscd"
|
||||||
|
|
||||||
Add_dependency build gcc
|
Add_dependency run xbps-base-files
|
||||||
Add_dependency build kernel-libc-headers
|
Add_dependency run libgcc
|
||||||
Add_dependency run xbps-base-files
|
Add_dependency run glibc-locales
|
||||||
Add_dependency run libgcc
|
Add_dependency build gcc
|
||||||
Add_dependency run glibc-locales
|
Add_dependency build kernel-libc-headers
|
||||||
|
|
||||||
pre_configure()
|
do_build()
|
||||||
{
|
{
|
||||||
# We must configure it in another directory.
|
local cflags
|
||||||
mkdir -p ${build_wrksrc}
|
|
||||||
echo "slibdir=/lib" > ${build_wrksrc}/configparms
|
mkdir build && cd build
|
||||||
# glibc fails to build if -march not set for a minimal cpu.
|
echo "slibdir=/lib" > configparms
|
||||||
if [ "$xbps_machine" != "x86_64" ]; then
|
|
||||||
echo "CFLAGS+=-march=${xbps_machine%%-*} -mtune=generic" \
|
# Build with -mno-tls-direct-seg-refs to avoid performance problems
|
||||||
>> ${build_wrksrc}/configparms
|
# with Xen on x86 32bit.
|
||||||
|
if [ "${xbps_machine}" = "i686" ]; then
|
||||||
|
cflags="-mno-tls-direct-seg-refs -march=${xbps_machine%%-*}"
|
||||||
|
cflags="$cflags -mtune=generic"
|
||||||
fi
|
fi
|
||||||
|
cflags="$XBPS_CFLAGS $cflags"
|
||||||
|
echo "CFLAGS=$cflags" >> configparms
|
||||||
|
|
||||||
|
SHELL=/bin/bash ../configure --prefix=/usr --with-tls \
|
||||||
|
--enable-add-ons --disable-multi-arch \
|
||||||
|
--enable-bind-now --enable-kernel=2.6.27 \
|
||||||
|
--enable-stack-guard-randomization --disable-profile \
|
||||||
|
--without-cvs --without-gd --libexecdir=/usr/lib \
|
||||||
|
--libdir=/usr/lib --with-headers=${XBPS_MASTERDIR}/usr/include
|
||||||
|
|
||||||
|
make ${makejobs}
|
||||||
}
|
}
|
||||||
|
|
||||||
pre_install()
|
do_install()
|
||||||
{
|
{
|
||||||
# Create DESTDIR/etc/ld.so.conf
|
# Create DESTDIR/etc/ld.so.conf
|
||||||
mkdir -p ${DESTDIR}/etc
|
mkdir -p ${DESTDIR}/etc
|
||||||
echo "include /etc/ld.so.conf.d/*.conf" > ${DESTDIR}/etc/ld.so.conf
|
echo "include /etc/ld.so.conf.d/*.conf" > ${DESTDIR}/etc/ld.so.conf
|
||||||
}
|
|
||||||
|
|
||||||
post_install()
|
cd ${wrksrc}/build && make SHELL=/bin/bash install_root=${DESTDIR} install
|
||||||
{
|
|
||||||
# Replace hardcoded path to bash.
|
# Replace hardcoded path to bash.
|
||||||
. $XBPS_HELPERSDIR/replace-interpreter.sh
|
. $XBPS_HELPERSDIR/replace-interpreter.sh
|
||||||
replace_interpreter bash ${DESTDIR}/usr/bin/ldd
|
replace_interpreter bash ${DESTDIR}/usr/bin/ldd
|
||||||
|
@ -70,9 +71,7 @@ post_install()
|
||||||
sed -i "s|^RTLDLIST.*$|RTLDLIST=\"$rtldlist\"|" \
|
sed -i "s|^RTLDLIST.*$|RTLDLIST=\"$rtldlist\"|" \
|
||||||
${DESTDIR}/usr/bin/ldd
|
${DESTDIR}/usr/bin/ldd
|
||||||
fi
|
fi
|
||||||
install -m644 ${FILESDIR}/nsswitch.conf \
|
install -m644 ${FILESDIR}/nsswitch.conf ${DESTDIR}/etc/nsswitch.conf
|
||||||
${DESTDIR}/etc/nsswitch.conf || return 1
|
|
||||||
|
|
||||||
install -d ${DESTDIR}/etc/ld.so.conf.d
|
install -d ${DESTDIR}/etc/ld.so.conf.d
|
||||||
echo "/usr/local/lib" > ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf
|
echo "/usr/local/lib" > ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf
|
||||||
chmod 644 ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf
|
chmod 644 ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf
|
||||||
|
|
Loading…
Reference in New Issue