glibc: sync patches with arch, disable multi-arch which broke static builds.

This commit is contained in:
Juan RP 2011-02-02 17:48:18 +01:00
parent 8feb045471
commit ac2187eb3d
8 changed files with 76 additions and 150 deletions

View File

@ -5,6 +5,8 @@ long_desc="${long_desc}
This package contains files for development: headers, static libs, etc." This package contains files for development: headers, static libs, etc."
revision=1
Add_dependency run kernel-libc-headers Add_dependency run kernel-libc-headers
Add_dependency run glibc Add_dependency run glibc

View File

@ -5,6 +5,7 @@ long_desc="${long_desc}
This package contains the ${sourcepkg} locale files, for non US users." This package contains the ${sourcepkg} locale files, for non US users."
revision=1
noarch=yes noarch=yes
do_install() do_install()

View File

@ -5,6 +5,7 @@ long_desc="
This package contains nscd, a daemon that provides a cache for the This package contains nscd, a daemon that provides a cache for the
most common name service requests." most common name service requests."
revision=1
openrc_services="nscd default false" openrc_services="nscd default false"
conf_files="/etc/nscd.conf" conf_files="/etc/nscd.conf"

View File

@ -1,31 +0,0 @@
Index: sysdeps/unix/sysv/linux/i386/sysdep.h
===================================================================
--- sysdeps/unix/sysv/linux/i386/sysdep.h (revision 1469)
+++ sysdeps/unix/sysv/linux/i386/sysdep.h (working copy)
@@ -29,6 +29,10 @@
#include <dl-sysdep.h>
#include <tls.h>
+#if defined __i686 && defined __ASSEMBLER__
+#undef __i686
+#define __i686 __i686
+#endif
/* For Linux we can use the system call table in the header file
/usr/include/asm/unistd.h
Index: nptl/sysdeps/pthread/pt-initfini.c
===================================================================
--- nptl/sysdeps/pthread/pt-initfini.c (revision 1469)
+++ nptl/sysdeps/pthread/pt-initfini.c (working copy)
@@ -45,6 +45,11 @@
/* Embed an #include to pull in the alignment and .end directives. */
asm ("\n#include \"defs.h\"");
+asm ("\n#if defined __i686 && defined __ASSEMBLER__");
+asm ("\n#undef __i686");
+asm ("\n#define __i686 __i686");
+asm ("\n#endif");
+
/* The initial common code ends here. */
asm ("\n/*@HEADER_ENDS*/");

View File

@ -1,85 +0,0 @@
From 2232b90f0bd3a41b4d63cac98a5b60abbfaccd46 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@redhat.com>
Date: Mon, 18 Oct 2010 11:46:00 +0200
Subject: [PATCH] Never expand $ORIGIN in privileged programs
---
ChangeLog | 6 ++++++
elf/dl-load.c | 30 +++++++++++++-----------------
2 files changed, 19 insertions(+), 17 deletions(-)
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 0adddf5..1cc6f25 100644
--- elf/dl-load.c
+++ elf/dl-load.c
@@ -169,8 +169,7 @@ local_strdup (const char *s)
static size_t
-is_dst (const char *start, const char *name, const char *str,
- int is_path, int secure)
+is_dst (const char *start, const char *name, const char *str, int is_path)
{
size_t len;
bool is_curly = false;
@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
&& (!is_path || name[len] != ':'))
return 0;
- if (__builtin_expect (secure, 0)
- && ((name[len] != '\0' && (!is_path || name[len] != ':'))
- || (name != start + 1 && (!is_path || name[-2] != ':'))))
- return 0;
-
return len;
}
@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
{
size_t len;
- /* $ORIGIN is not expanded for SUID/GUID programs (except if it
- is $ORIGIN alone) and it must always appear first in path. */
+ /* $ORIGIN is not expanded for SUID/GUID programs. */
++name;
- if ((len = is_dst (start, name, "ORIGIN", is_path,
- INTUSE(__libc_enable_secure))) != 0
- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
+ && !INTUSE(__libc_enable_secure))
+ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
+ || (len = is_dst (start, name, "LIB", is_path)) != 0)
++cnt;
name = strchr (name + len, '$');
@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
size_t len;
++name;
- if ((len = is_dst (start, name, "ORIGIN", is_path,
- INTUSE(__libc_enable_secure))) != 0)
+ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
{
+ /* Ignore this path element in SUID/SGID programs. */
+ if (INTUSE(__libc_enable_secure))
+ repl = (const char *) -1;
+ else
#ifndef SHARED
if (l == NULL)
repl = _dl_get_origin ();
@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
#endif
repl = l->l_origin;
}
- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
+ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
repl = GLRO(dl_platform);
- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+ else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
repl = DL_DST_LIB;
if (repl != NULL && repl != (const char *) -1)
--
1.7.2

View File

@ -0,0 +1,26 @@
From d14e6b09d60d52cc12f0396c3106b14e1bd0fe8f Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@redhat.com>
Date: Thu, 9 Dec 2010 15:00:59 +0100
Subject: [PATCH 1/1] Ignore origin of privileged program
---
ChangeLog | 5 +++++
elf/dl-object.c | 3 +++
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/elf/dl-object.c b/elf/dl-object.c
index 22a1635..7674d49 100644
--- elf/dl-object.c.orig
+++ elf/dl-object.c
@@ -214,6 +214,9 @@ _dl_new_object (char *realname, const char *libname, int type,
out:
new->l_origin = origin;
}
+ else if (INTUSE(__libc_enable_secure) && type == lt_executable)
+ /* The origin of a privileged program cannot be trusted. */
+ new->l_origin = (char *) -1;
return new;
}
--
1.7.2

View File

@ -0,0 +1,13 @@
diff -Naur glibc-old//sysdeps/i386/Makefile glibc//sysdeps/i386/Makefile
--- sysdeps/i386/Makefile.orig 2010-03-18 11:52:30.000000000 +1000
+++ sysdeps/i386/Makefile 2010-04-16 15:05:50.000000000 +1000
@@ -1,6 +1,7 @@
# The mpn functions need a #define for asm syntax flavor.
-# Every i386 port in use uses gas syntax (I think).
-asm-CPPFLAGS += -DGAS_SYNTAX
+# Every i386 port in use uses gas syntax (I think). Don't replace
+# __i686 in __i686.get_pc_thunk.bx.
+asm-CPPFLAGS += -DGAS_SYNTAX -U __i686
# The i386 `long double' is a distinct type we support.
long-double-fcts = yes

View File

@ -1,15 +1,9 @@
# Template file for 'glibc' # Template file for 'glibc'
pkgname=glibc pkgname=glibc
version=2.13 version=2.13
revision=1
distfiles="http://ftp.gnu.org/gnu/glibc/glibc-${version}.tar.bz2" distfiles="http://ftp.gnu.org/gnu/glibc/glibc-${version}.tar.bz2"
build_style=gnu_configure build_style=custom-install
build_wrksrc="build"
configure_script="../configure"
configure_args="--with-tls --enable-kernel=2.6.27 --enable-add-ons
--libexecdir=/usr/lib --libdir=/usr/lib --enable-stackguard-randomization
--with-headers=$XBPS_MASTERDIR/usr/include --enable-bind-now SHELL=/bin/bash"
make_install_target="SHELL=/bin/bash
install_root=$XBPS_DESTDIR/$pkgname-$version install"
short_desc="The GNU C library" short_desc="The GNU C library"
maintainer="Juan RP <xtraeme@gmail.com>" maintainer="Juan RP <xtraeme@gmail.com>"
checksum=0173c92a0545e6d99a46a4fbed2da00ba26556f5c6198e2f9f1631ed5318dbb2 checksum=0173c92a0545e6d99a46a4fbed2da00ba26556f5c6198e2f9f1631ed5318dbb2
@ -20,12 +14,6 @@ long_desc="
as C++ and Objective C; the runtime facilities of other programming as C++ and Objective C; the runtime facilities of other programming
languages use the C library to access the underlying operating system." languages use the C library to access the underlying operating system."
# Build with -mno-tls-direct-seg-refs to avoid performance problems
# with Xen on x86 32bit.
if [ "${xbps_machine}" = "i686" ]; then
CFLAGS="-mno-tls-direct-seg-refs"
fi
# Don't check for deps here # Don't check for deps here
ignore_vdeps_dir="/usr/lib/gconv" ignore_vdeps_dir="/usr/lib/gconv"
@ -33,33 +21,46 @@ base_chroot=yes
conf_files="/etc/rpc /etc/ld.so.conf /etc/nsswitch.conf" conf_files="/etc/rpc /etc/ld.so.conf /etc/nsswitch.conf"
subpackages="glibc-devel glibc-locales nscd" subpackages="glibc-devel glibc-locales nscd"
Add_dependency build gcc Add_dependency run xbps-base-files
Add_dependency build kernel-libc-headers Add_dependency run libgcc
Add_dependency run xbps-base-files Add_dependency run glibc-locales
Add_dependency run libgcc Add_dependency build gcc
Add_dependency run glibc-locales Add_dependency build kernel-libc-headers
pre_configure() do_build()
{ {
# We must configure it in another directory. local cflags
mkdir -p ${build_wrksrc}
echo "slibdir=/lib" > ${build_wrksrc}/configparms mkdir build && cd build
# glibc fails to build if -march not set for a minimal cpu. echo "slibdir=/lib" > configparms
if [ "$xbps_machine" != "x86_64" ]; then
echo "CFLAGS+=-march=${xbps_machine%%-*} -mtune=generic" \ # Build with -mno-tls-direct-seg-refs to avoid performance problems
>> ${build_wrksrc}/configparms # with Xen on x86 32bit.
if [ "${xbps_machine}" = "i686" ]; then
cflags="-mno-tls-direct-seg-refs -march=${xbps_machine%%-*}"
cflags="$cflags -mtune=generic"
fi fi
cflags="$XBPS_CFLAGS $cflags"
echo "CFLAGS=$cflags" >> configparms
SHELL=/bin/bash ../configure --prefix=/usr --with-tls \
--enable-add-ons --disable-multi-arch \
--enable-bind-now --enable-kernel=2.6.27 \
--enable-stack-guard-randomization --disable-profile \
--without-cvs --without-gd --libexecdir=/usr/lib \
--libdir=/usr/lib --with-headers=${XBPS_MASTERDIR}/usr/include
make ${makejobs}
} }
pre_install() do_install()
{ {
# Create DESTDIR/etc/ld.so.conf # Create DESTDIR/etc/ld.so.conf
mkdir -p ${DESTDIR}/etc mkdir -p ${DESTDIR}/etc
echo "include /etc/ld.so.conf.d/*.conf" > ${DESTDIR}/etc/ld.so.conf echo "include /etc/ld.so.conf.d/*.conf" > ${DESTDIR}/etc/ld.so.conf
}
post_install() cd ${wrksrc}/build && make SHELL=/bin/bash install_root=${DESTDIR} install
{
# Replace hardcoded path to bash. # Replace hardcoded path to bash.
. $XBPS_HELPERSDIR/replace-interpreter.sh . $XBPS_HELPERSDIR/replace-interpreter.sh
replace_interpreter bash ${DESTDIR}/usr/bin/ldd replace_interpreter bash ${DESTDIR}/usr/bin/ldd
@ -70,9 +71,7 @@ post_install()
sed -i "s|^RTLDLIST.*$|RTLDLIST=\"$rtldlist\"|" \ sed -i "s|^RTLDLIST.*$|RTLDLIST=\"$rtldlist\"|" \
${DESTDIR}/usr/bin/ldd ${DESTDIR}/usr/bin/ldd
fi fi
install -m644 ${FILESDIR}/nsswitch.conf \ install -m644 ${FILESDIR}/nsswitch.conf ${DESTDIR}/etc/nsswitch.conf
${DESTDIR}/etc/nsswitch.conf || return 1
install -d ${DESTDIR}/etc/ld.so.conf.d install -d ${DESTDIR}/etc/ld.so.conf.d
echo "/usr/local/lib" > ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf echo "/usr/local/lib" > ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf
chmod 644 ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf chmod 644 ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf