glibc: sync patches with arch, disable multi-arch which broke static builds.
This commit is contained in:
parent
8feb045471
commit
ac2187eb3d
8 changed files with 76 additions and 150 deletions
|
@ -5,6 +5,8 @@ long_desc="${long_desc}
|
|||
|
||||
This package contains files for development: headers, static libs, etc."
|
||||
|
||||
revision=1
|
||||
|
||||
Add_dependency run kernel-libc-headers
|
||||
Add_dependency run glibc
|
||||
|
||||
|
|
|
@ -5,6 +5,7 @@ long_desc="${long_desc}
|
|||
|
||||
This package contains the ${sourcepkg} locale files, for non US users."
|
||||
|
||||
revision=1
|
||||
noarch=yes
|
||||
|
||||
do_install()
|
||||
|
|
|
@ -5,6 +5,7 @@ long_desc="
|
|||
This package contains nscd, a daemon that provides a cache for the
|
||||
most common name service requests."
|
||||
|
||||
revision=1
|
||||
openrc_services="nscd default false"
|
||||
conf_files="/etc/nscd.conf"
|
||||
|
||||
|
|
|
@ -1,31 +0,0 @@
|
|||
Index: sysdeps/unix/sysv/linux/i386/sysdep.h
|
||||
===================================================================
|
||||
--- sysdeps/unix/sysv/linux/i386/sysdep.h (revision 1469)
|
||||
+++ sysdeps/unix/sysv/linux/i386/sysdep.h (working copy)
|
||||
@@ -29,6 +29,10 @@
|
||||
#include <dl-sysdep.h>
|
||||
#include <tls.h>
|
||||
|
||||
+#if defined __i686 && defined __ASSEMBLER__
|
||||
+#undef __i686
|
||||
+#define __i686 __i686
|
||||
+#endif
|
||||
|
||||
/* For Linux we can use the system call table in the header file
|
||||
/usr/include/asm/unistd.h
|
||||
Index: nptl/sysdeps/pthread/pt-initfini.c
|
||||
===================================================================
|
||||
--- nptl/sysdeps/pthread/pt-initfini.c (revision 1469)
|
||||
+++ nptl/sysdeps/pthread/pt-initfini.c (working copy)
|
||||
@@ -45,6 +45,11 @@
|
||||
/* Embed an #include to pull in the alignment and .end directives. */
|
||||
asm ("\n#include \"defs.h\"");
|
||||
|
||||
+asm ("\n#if defined __i686 && defined __ASSEMBLER__");
|
||||
+asm ("\n#undef __i686");
|
||||
+asm ("\n#define __i686 __i686");
|
||||
+asm ("\n#endif");
|
||||
+
|
||||
/* The initial common code ends here. */
|
||||
asm ("\n/*@HEADER_ENDS*/");
|
||||
|
|
@ -1,85 +0,0 @@
|
|||
From 2232b90f0bd3a41b4d63cac98a5b60abbfaccd46 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schwab <schwab@redhat.com>
|
||||
Date: Mon, 18 Oct 2010 11:46:00 +0200
|
||||
Subject: [PATCH] Never expand $ORIGIN in privileged programs
|
||||
|
||||
---
|
||||
ChangeLog | 6 ++++++
|
||||
elf/dl-load.c | 30 +++++++++++++-----------------
|
||||
2 files changed, 19 insertions(+), 17 deletions(-)
|
||||
|
||||
diff --git a/elf/dl-load.c b/elf/dl-load.c
|
||||
index 0adddf5..1cc6f25 100644
|
||||
--- elf/dl-load.c
|
||||
+++ elf/dl-load.c
|
||||
@@ -169,8 +169,7 @@ local_strdup (const char *s)
|
||||
|
||||
|
||||
static size_t
|
||||
-is_dst (const char *start, const char *name, const char *str,
|
||||
- int is_path, int secure)
|
||||
+is_dst (const char *start, const char *name, const char *str, int is_path)
|
||||
{
|
||||
size_t len;
|
||||
bool is_curly = false;
|
||||
@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
|
||||
&& (!is_path || name[len] != ':'))
|
||||
return 0;
|
||||
|
||||
- if (__builtin_expect (secure, 0)
|
||||
- && ((name[len] != '\0' && (!is_path || name[len] != ':'))
|
||||
- || (name != start + 1 && (!is_path || name[-2] != ':'))))
|
||||
- return 0;
|
||||
-
|
||||
return len;
|
||||
}
|
||||
|
||||
@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
|
||||
{
|
||||
size_t len;
|
||||
|
||||
- /* $ORIGIN is not expanded for SUID/GUID programs (except if it
|
||||
- is $ORIGIN alone) and it must always appear first in path. */
|
||||
+ /* $ORIGIN is not expanded for SUID/GUID programs. */
|
||||
++name;
|
||||
- if ((len = is_dst (start, name, "ORIGIN", is_path,
|
||||
- INTUSE(__libc_enable_secure))) != 0
|
||||
- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
|
||||
- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
|
||||
+ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
|
||||
+ && !INTUSE(__libc_enable_secure))
|
||||
+ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
|
||||
+ || (len = is_dst (start, name, "LIB", is_path)) != 0)
|
||||
++cnt;
|
||||
|
||||
name = strchr (name + len, '$');
|
||||
@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
|
||||
size_t len;
|
||||
|
||||
++name;
|
||||
- if ((len = is_dst (start, name, "ORIGIN", is_path,
|
||||
- INTUSE(__libc_enable_secure))) != 0)
|
||||
+ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
|
||||
{
|
||||
+ /* Ignore this path element in SUID/SGID programs. */
|
||||
+ if (INTUSE(__libc_enable_secure))
|
||||
+ repl = (const char *) -1;
|
||||
+ else
|
||||
#ifndef SHARED
|
||||
if (l == NULL)
|
||||
repl = _dl_get_origin ();
|
||||
@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
|
||||
#endif
|
||||
repl = l->l_origin;
|
||||
}
|
||||
- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
|
||||
+ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
|
||||
repl = GLRO(dl_platform);
|
||||
- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
|
||||
+ else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
|
||||
repl = DL_DST_LIB;
|
||||
|
||||
if (repl != NULL && repl != (const char *) -1)
|
||||
--
|
||||
1.7.2
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
From d14e6b09d60d52cc12f0396c3106b14e1bd0fe8f Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schwab <schwab@redhat.com>
|
||||
Date: Thu, 9 Dec 2010 15:00:59 +0100
|
||||
Subject: [PATCH 1/1] Ignore origin of privileged program
|
||||
|
||||
---
|
||||
ChangeLog | 5 +++++
|
||||
elf/dl-object.c | 3 +++
|
||||
2 files changed, 8 insertions(+), 0 deletions(-)
|
||||
|
||||
diff --git a/elf/dl-object.c b/elf/dl-object.c
|
||||
index 22a1635..7674d49 100644
|
||||
--- elf/dl-object.c.orig
|
||||
+++ elf/dl-object.c
|
||||
@@ -214,6 +214,9 @@ _dl_new_object (char *realname, const char *libname, int type,
|
||||
out:
|
||||
new->l_origin = origin;
|
||||
}
|
||||
+ else if (INTUSE(__libc_enable_secure) && type == lt_executable)
|
||||
+ /* The origin of a privileged program cannot be trusted. */
|
||||
+ new->l_origin = (char *) -1;
|
||||
|
||||
return new;
|
||||
}
|
||||
--
|
||||
1.7.2
|
13
srcpkgs/glibc/patches/glibc-__i686.patch
Normal file
13
srcpkgs/glibc/patches/glibc-__i686.patch
Normal file
|
@ -0,0 +1,13 @@
|
|||
diff -Naur glibc-old//sysdeps/i386/Makefile glibc//sysdeps/i386/Makefile
|
||||
--- sysdeps/i386/Makefile.orig 2010-03-18 11:52:30.000000000 +1000
|
||||
+++ sysdeps/i386/Makefile 2010-04-16 15:05:50.000000000 +1000
|
||||
@@ -1,6 +1,7 @@
|
||||
# The mpn functions need a #define for asm syntax flavor.
|
||||
-# Every i386 port in use uses gas syntax (I think).
|
||||
-asm-CPPFLAGS += -DGAS_SYNTAX
|
||||
+# Every i386 port in use uses gas syntax (I think). Don't replace
|
||||
+# __i686 in __i686.get_pc_thunk.bx.
|
||||
+asm-CPPFLAGS += -DGAS_SYNTAX -U __i686
|
||||
|
||||
# The i386 `long double' is a distinct type we support.
|
||||
long-double-fcts = yes
|
|
@ -1,15 +1,9 @@
|
|||
# Template file for 'glibc'
|
||||
pkgname=glibc
|
||||
version=2.13
|
||||
revision=1
|
||||
distfiles="http://ftp.gnu.org/gnu/glibc/glibc-${version}.tar.bz2"
|
||||
build_style=gnu_configure
|
||||
build_wrksrc="build"
|
||||
configure_script="../configure"
|
||||
configure_args="--with-tls --enable-kernel=2.6.27 --enable-add-ons
|
||||
--libexecdir=/usr/lib --libdir=/usr/lib --enable-stackguard-randomization
|
||||
--with-headers=$XBPS_MASTERDIR/usr/include --enable-bind-now SHELL=/bin/bash"
|
||||
make_install_target="SHELL=/bin/bash
|
||||
install_root=$XBPS_DESTDIR/$pkgname-$version install"
|
||||
build_style=custom-install
|
||||
short_desc="The GNU C library"
|
||||
maintainer="Juan RP <xtraeme@gmail.com>"
|
||||
checksum=0173c92a0545e6d99a46a4fbed2da00ba26556f5c6198e2f9f1631ed5318dbb2
|
||||
|
@ -20,12 +14,6 @@ long_desc="
|
|||
as C++ and Objective C; the runtime facilities of other programming
|
||||
languages use the C library to access the underlying operating system."
|
||||
|
||||
# Build with -mno-tls-direct-seg-refs to avoid performance problems
|
||||
# with Xen on x86 32bit.
|
||||
if [ "${xbps_machine}" = "i686" ]; then
|
||||
CFLAGS="-mno-tls-direct-seg-refs"
|
||||
fi
|
||||
|
||||
# Don't check for deps here
|
||||
ignore_vdeps_dir="/usr/lib/gconv"
|
||||
|
||||
|
@ -33,33 +21,46 @@ base_chroot=yes
|
|||
conf_files="/etc/rpc /etc/ld.so.conf /etc/nsswitch.conf"
|
||||
subpackages="glibc-devel glibc-locales nscd"
|
||||
|
||||
Add_dependency build gcc
|
||||
Add_dependency build kernel-libc-headers
|
||||
Add_dependency run xbps-base-files
|
||||
Add_dependency run libgcc
|
||||
Add_dependency run glibc-locales
|
||||
Add_dependency run xbps-base-files
|
||||
Add_dependency run libgcc
|
||||
Add_dependency run glibc-locales
|
||||
Add_dependency build gcc
|
||||
Add_dependency build kernel-libc-headers
|
||||
|
||||
pre_configure()
|
||||
do_build()
|
||||
{
|
||||
# We must configure it in another directory.
|
||||
mkdir -p ${build_wrksrc}
|
||||
echo "slibdir=/lib" > ${build_wrksrc}/configparms
|
||||
# glibc fails to build if -march not set for a minimal cpu.
|
||||
if [ "$xbps_machine" != "x86_64" ]; then
|
||||
echo "CFLAGS+=-march=${xbps_machine%%-*} -mtune=generic" \
|
||||
>> ${build_wrksrc}/configparms
|
||||
local cflags
|
||||
|
||||
mkdir build && cd build
|
||||
echo "slibdir=/lib" > configparms
|
||||
|
||||
# Build with -mno-tls-direct-seg-refs to avoid performance problems
|
||||
# with Xen on x86 32bit.
|
||||
if [ "${xbps_machine}" = "i686" ]; then
|
||||
cflags="-mno-tls-direct-seg-refs -march=${xbps_machine%%-*}"
|
||||
cflags="$cflags -mtune=generic"
|
||||
fi
|
||||
cflags="$XBPS_CFLAGS $cflags"
|
||||
echo "CFLAGS=$cflags" >> configparms
|
||||
|
||||
SHELL=/bin/bash ../configure --prefix=/usr --with-tls \
|
||||
--enable-add-ons --disable-multi-arch \
|
||||
--enable-bind-now --enable-kernel=2.6.27 \
|
||||
--enable-stack-guard-randomization --disable-profile \
|
||||
--without-cvs --without-gd --libexecdir=/usr/lib \
|
||||
--libdir=/usr/lib --with-headers=${XBPS_MASTERDIR}/usr/include
|
||||
|
||||
make ${makejobs}
|
||||
}
|
||||
|
||||
pre_install()
|
||||
do_install()
|
||||
{
|
||||
# Create DESTDIR/etc/ld.so.conf
|
||||
mkdir -p ${DESTDIR}/etc
|
||||
echo "include /etc/ld.so.conf.d/*.conf" > ${DESTDIR}/etc/ld.so.conf
|
||||
}
|
||||
|
||||
post_install()
|
||||
{
|
||||
cd ${wrksrc}/build && make SHELL=/bin/bash install_root=${DESTDIR} install
|
||||
|
||||
# Replace hardcoded path to bash.
|
||||
. $XBPS_HELPERSDIR/replace-interpreter.sh
|
||||
replace_interpreter bash ${DESTDIR}/usr/bin/ldd
|
||||
|
@ -70,9 +71,7 @@ post_install()
|
|||
sed -i "s|^RTLDLIST.*$|RTLDLIST=\"$rtldlist\"|" \
|
||||
${DESTDIR}/usr/bin/ldd
|
||||
fi
|
||||
install -m644 ${FILESDIR}/nsswitch.conf \
|
||||
${DESTDIR}/etc/nsswitch.conf || return 1
|
||||
|
||||
install -m644 ${FILESDIR}/nsswitch.conf ${DESTDIR}/etc/nsswitch.conf
|
||||
install -d ${DESTDIR}/etc/ld.so.conf.d
|
||||
echo "/usr/local/lib" > ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf
|
||||
chmod 644 ${DESTDIR}/etc/ld.so.conf.d/usr_local.conf
|
||||
|
|
Loading…
Reference in a new issue