diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/Manifest index b177c7dd04..17f7aad642 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/Manifest @@ -1,7 +1,3 @@ DIST gcc-4.7.3-r1-multilib-bootstrap.tar.bz2 8064097 SHA256 34aec5a59bb4d0ecf908c62fd418461d0f3793238296897687305fd7a1f27299 SHA512 40b93e194ad41a75d649d84d1c49070680f253a13f0617803243bc61c44fed1ca2d0a7572a97ebb79353f312b58b5f6360be916dd7435928cc53935082e15269 WHIRLPOOL bbce19e7fe5c30faa55ddd4e29070f0d1fdfca3a04e8d68e0772260fa9be89ccde63ec92badb490209008df5fee6e53dfdeec4ae51857b90ba298a79315a199f -DIST glibc-2.17-patches-8.tar.bz2 83707 SHA256 477946a4915dcd0cc0565ff8532d219e2ee868f6e821ea71ce579652d01ccbb3 SHA512 6675357e62b554d9d0f8ef70341b8038f8f89591fba384bc3783ef81aead0532486e2218af71da9c6f88a3b8b382edec81bed36eb636ee231eac80e111acbfd8 WHIRLPOOL 946f431b28ec60cc61d44364187f64a2d6e92ed7c9071126cf70277843c656de4dfac9f184f572f9a72c0cb452d879cdb7aca5b9f92f8ff02a8b1a521fffef43 -DIST glibc-2.17.tar.xz 10981956 SHA256 6914e337401e0e0ade23694e1b2c52a5f09e4eda3270c67e7c3ba93a89b5b23e SHA512 384e54037daaa344a26ce58242acc3f9a249d0765088d18a540a305745afa33ae6dec4024adae958eacd7100be9c713d117260ace8340f6d8c8396dbde4868d2 WHIRLPOOL 9b98c1c298aeff607aaa554341c300c15491b7314f127524fc5c048c67c5059daaf706e6cf206bb69213d5307e37bed87137ab46f504d8072bb778310081fc23 -DIST glibc-2.19-patches-3.tar.bz2 80664 SHA256 6fb03292e224199e0dd9ba7ee83aca723e1560f26831e85cdc6302b187c6de3c SHA512 d281d6a2757920124cf8a3f02b97e75192598b08d96ae48840df34c7ffdcb212952d171f233e6f12a429b19437d0a296212fe1f2eae164d6a1c6793cb3cb69f0 WHIRLPOOL 6f28a2d0dff42e8ad0e77859938e3093753f77f78821375777eebb2db5568bf1c56e8b8208f02280f23acb2dd26dc8a313fedd5b2c10755f1659e6d324a1dbc3 -DIST glibc-2.19.tar.xz 12083312 SHA256 2d3997f588401ea095a0b27227b1d50cdfdd416236f6567b564549d3b46ea2a2 SHA512 9e021fcb3afbb9ace2a0e37fded231a62de861bd766e29d47163a03182e37add718b7acc3963d1c525f9556773e842297725715acde48dcfbaab6e756af1a23d WHIRLPOOL 9581a3a23ebdd56bc559b56b95b7bcd21ca039546ec19c6c0e4e0738597542164fdb21ab1d1f36d5e73a205fb51f0974c7d497972615bce69ae002298f6475b6 -DIST glibc-2.20-patches-4.tar.bz2 55075 SHA256 f0d5d1d4a2e9ba11a96b79c089525122fbfdf13004f219ddfcf7046896696529 SHA512 36881a85f9e3f75b7e6bd688aedd7075adc832eb6e795a435eb9f74aab7f4160c95ea8be209a786b4bb4d0785a538a2ca41375c68ca0592bebfcb6b134cdbceb WHIRLPOOL b995733f82146bb5040e2f02afd33cf96c2e7c8efe7edec70d2bc724921aaf47b992e033b2fe0512e33420e1ca2af5b7203d618bf5aa2ebeab87d1350d850364 -DIST glibc-2.20.tar.xz 12283992 SHA256 f84b6d42aecc288d593c397b0a3d02260a33ee686bce0c634eb9b32798f36ba5 SHA512 7a8eea8b71d3ccba766c3f304cab61055446d451ef063309476b26dc40d880562dc33b1b68fbedeedb4b55b84c26415b9202311aaa71ef8c141b6849a814d2fa WHIRLPOOL 042f74d75c62a655ae35348c9cd0bed0845ab199e37a76635eb74c04ed927b5eca77723c38d2dc46f12fca62c1004001887b43946a914b079ad22f6a9cc8daaa +DIST glibc-2.21-patches-5.tar.bz2 34237 SHA256 8f6a5dd094ad2c4b82368ef4b081ce6c634f61ea2783cdc68bcd9250d61682e1 SHA512 19b0e706cee387aa3a9ed40dd20081ffe98eaaf9a5ca027ee4abd3e46c3403af06c5189bd764d8d477cb356507e1142b5fde852ec710cf24e108c307f5843837 WHIRLPOOL 96c4ec00af41c60c238f681ea5448cec4db11dc59b4853eed5ba700aa21f804de2443166aa48d30f76af6b1a2eb74a47a7d1163e2067e5bbdcdbe3e4bf2a38c4 +DIST glibc-2.21.tar.xz 12322092 SHA256 aeeb362437965a5d3f40b151094ca79def04a115bd363fdd4a9a0c69482923b8 SHA512 8cded6693618bec115f678fcbd0b77556f97dfa8337608f66e37224aefa55b38765ba61cb4d58beea37b5934e5ec8e30bad58613707388484906f2a0ce77997d WHIRLPOOL d07fec32bd92eade065a3b6170932b8bd41d07df4aa69dd5a860ebb9678c22bd1e20bf88b1fc05c3ecc18e709c0a63118e12525dc668e0399d7ef7fe4454702d diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch deleted file mode 100644 index a1c9eef6a9..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch +++ /dev/null @@ -1,168 +0,0 @@ -Add backwards compat support for gcc-3.x ssp ... older ssp versions -used __guard and __stack_smash_handler symbols while gcc-4.1 and newer -uses __stack_chk_guard and __stack_chk_fail. - ---- config.h.in -+++ config.h.in -@@ -42,6 +42,9 @@ - assembler instructions per line. Default is `;' */ - #undef ASM_LINE_SEP - -+/* Define if we want to enable support for old ssp symbols */ -+#undef ENABLE_OLD_SSP_COMPAT -+ - /* Define if not using ELF, but `.init' and `.fini' sections are available. */ - #undef HAVE_INITFINI - ---- configure -+++ configure -@@ -1378,6 +1378,9 @@ Optional Features: - --enable-kernel=VERSION compile for compatibility with kernel not older than - VERSION - --enable-all-warnings enable all useful warnings gcc can issue -+ --disable-old-ssp-compat -+ enable support for older ssp symbols -+ [default=no] - --enable-multi-arch enable single DSO with optimizations for multiple - architectures - --enable-experimental-malloc -@@ -6462,6 +6465,20 @@ fi - $as_echo "$libc_cv_ssp" >&6; } - - -+# Check whether --enable-old-ssp-compat or --disable-old-ssp-compat was given. -+if test "${enable_old_ssp_compat+set}" = set; then -+ enableval="$enable_old_ssp_compat" -+ enable_old_ssp_compat=$enableval -+else -+ enable_old_ssp_compat=no -+fi; -+if test "x$enable_old_ssp_compat" = "xyes"; then -+ cat >>confdefs.h <<\_ACEOF -+#define ENABLE_OLD_SSP_COMPAT 1 -+_ACEOF -+ -+fi -+ - { $as_echo "$as_me:$LINENO: checking for -fgnu89-inline" >&5 - $as_echo_n "checking for -fgnu89-inline... " >&6; } - if test "${libc_cv_gnu89_inline+set}" = set; then ---- configure.in -+++ configure.in -@@ -1641,6 +1641,15 @@ fi - rm -f conftest*]) - AC_SUBST(libc_cv_ssp) - -+AC_ARG_ENABLE([old-ssp-compat], -+ AC_HELP_STRING([--enable-old-ssp-compat], -+ [enable support for older ssp symbols @<:@default=no@:>@]), -+ [enable_old_ssp_compat=$enableval], -+ [enable_old_ssp_compat=no]) -+if test "x$enable_old_ssp_compat" = "xyes"; then -+ AC_DEFINE(ENABLE_OLD_SSP_COMPAT) -+fi -+ - AC_CACHE_CHECK(for -fgnu89-inline, libc_cv_gnu89_inline, [dnl - cat > conftest.c < - - * Makeconfig (+link): Set to +link-pie. - (+link-static): Change $(static-start-installed-name) to - S$(static-start-installed-name). - (+prector): Set to +prectorS. - (+postctor): Set to +postctorS. - ---- libc/Makeconfig -+++ libc/Makeconfig -@@ -447,11 +447,12 @@ - $(common-objpfx)libc% $(+postinit),$^) \ - $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) - endif -++link = $(+link-pie) - # Command for statically linking programs with the C library. - ifndef +link-static - +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -549,11 +550,10 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) --print-file-name=crtbegin.o` --+postctor = `$(CC) --print-file-name=crtend.o` --# Variants of the two previous definitions for linking PIE programs. - +prectorS = `$(CC) --print-file-name=crtbeginS.o` - +postctorS = `$(CC) --print-file-name=crtendS.o` -++prector = $(+prectorS) -++postctor = $(+postctorS) - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch deleted file mode 100644 index 3315171d95..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch +++ /dev/null @@ -1,39 +0,0 @@ -2010-08-11 Magnus Granberg - - #332331 - * Makeconfig (+link): Set to +link-pie. - (+link-static): Change $(static-start-installed-name) to - S$(static-start-installed-name). - (+prector): Set to +prectorS. - (+postctor): Set to +postctorS. - ---- libc/Makeconfig -+++ libc/Makeconfig -@@ -447,11 +447,12 @@ - $(common-objpfx)libc% $(+postinit),$^) \ - $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) - endif -++link = $(+link-pie) - # Command for statically linking programs with the C library. - ifndef +link-static - +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -549,11 +550,10 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` --+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` --# Variants of the two previous definitions for linking PIE programs. - +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` - +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` -++prector = $(+prectorS) -++postctor = $(+postctorS) - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch deleted file mode 100644 index a850a61a27..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch +++ /dev/null @@ -1,39 +0,0 @@ -2012-11-11 Magnus Granberg - - #442712 - * Makeconfig (+link): Set to +link-pie. - (+link-static-before-libc): Change $(static-start-installed-name) to - S$(static-start-installed-name). - (+prector): Set to +prectorS. - (+postctor): Set to +postctorS. - ---- libc/Makeconfig -+++ libc/Makeconfig -@@ -447,11 +447,12 @@ - $(common-objpfx)libc% $(+postinit),$^) \ - $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) - endif -++link = $(+link-pie) - # Command for statically linking programs with the C library. - ifndef +link-static - +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -549,11 +550,10 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` --+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` --# Variants of the two previous definitions for linking PIE programs. - +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` - +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` -++prector = $(+prectorS) -++postctor = $(+postctorS) - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.17/glibc-2.17-parsing-in-gethostbyname.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.17/glibc-2.17-parsing-in-gethostbyname.patch deleted file mode 100644 index 606ecefacd..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.17/glibc-2.17-parsing-in-gethostbyname.patch +++ /dev/null @@ -1,244 +0,0 @@ -From d5dd6189d506068ed11c8bfa1e1e9bffde04decd Mon Sep 17 00:00:00 2001 -From: Andreas Schwab -Date: Mon, 21 Jan 2013 17:41:28 +0100 -Subject: [PATCH] Fix parsing of numeric hosts in gethostbyname_r - ---- - ChangeLog | 14 ++++++++++ - NEWS | 12 ++++----- - nss/Makefile | 2 +- - nss/digits_dots.c | 73 ++++++++++++++------------------------------------ - nss/getXXbyYY_r.c | 5 +++- - nss/test-digits-dots.c | 38 ++++++++++++++++++++++++++ - 6 files changed, 83 insertions(+), 61 deletions(-) - create mode 100644 nss/test-digits-dots.c - -diff --git nss/Makefile nss/Makefile -index 449a258..553eafa 100644 ---- nss/Makefile -+++ nss/Makefile -@@ -37,7 +37,7 @@ install-bin := getent makedb - makedb-modules = xmalloc hash-string - extra-objs += $(makedb-modules:=.o) - --tests = test-netdb tst-nss-test1 -+tests = test-netdb tst-nss-test1 test-digits-dots - xtests = bug-erange - - include ../Makeconfig -diff --git nss/digits_dots.c nss/digits_dots.c -index 2b86295..e007ef4 100644 ---- nss/digits_dots.c -+++ nss/digits_dots.c -@@ -46,7 +46,10 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - { - if (h_errnop) - *h_errnop = NETDB_INTERNAL; -- *result = NULL; -+ if (buffer_size == NULL) -+ *status = NSS_STATUS_TRYAGAIN; -+ else -+ *result = NULL; - return -1; - } - -@@ -83,14 +86,16 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - } - - size_needed = (sizeof (*host_addr) -- + sizeof (*h_addr_ptrs) + strlen (name) + 1); -+ + sizeof (*h_addr_ptrs) -+ + sizeof (*h_alias_ptr) + strlen (name) + 1); - - if (buffer_size == NULL) - { - if (buflen < size_needed) - { -+ *status = NSS_STATUS_TRYAGAIN; - if (h_errnop != NULL) -- *h_errnop = TRY_AGAIN; -+ *h_errnop = NETDB_INTERNAL; - __set_errno (ERANGE); - goto done; - } -@@ -109,7 +114,7 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - *buffer_size = 0; - __set_errno (save); - if (h_errnop != NULL) -- *h_errnop = TRY_AGAIN; -+ *h_errnop = NETDB_INTERNAL; - *result = NULL; - goto done; - } -@@ -149,7 +154,9 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - if (! ok) - { - *h_errnop = HOST_NOT_FOUND; -- if (buffer_size) -+ if (buffer_size == NULL) -+ *status = NSS_STATUS_NOTFOUND; -+ else - *result = NULL; - goto done; - } -@@ -190,7 +197,7 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - if (buffer_size == NULL) - *status = NSS_STATUS_SUCCESS; - else -- *result = resbuf; -+ *result = resbuf; - goto done; - } - -@@ -201,15 +208,6 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - - if ((isxdigit (name[0]) && strchr (name, ':') != NULL) || name[0] == ':') - { -- const char *cp; -- char *hostname; -- typedef unsigned char host_addr_t[16]; -- host_addr_t *host_addr; -- typedef char *host_addr_list_t[2]; -- host_addr_list_t *h_addr_ptrs; -- size_t size_needed; -- int addr_size; -- - switch (af) - { - default: -@@ -225,7 +223,10 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - /* This is not possible. We cannot represent an IPv6 address - in an `struct in_addr' variable. */ - *h_errnop = HOST_NOT_FOUND; -- *result = NULL; -+ if (buffer_size == NULL) -+ *status = NSS_STATUS_NOTFOUND; -+ else -+ *result = NULL; - goto done; - - case AF_INET6: -@@ -233,42 +234,6 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - break; - } - -- size_needed = (sizeof (*host_addr) -- + sizeof (*h_addr_ptrs) + strlen (name) + 1); -- -- if (buffer_size == NULL && buflen < size_needed) -- { -- if (h_errnop != NULL) -- *h_errnop = TRY_AGAIN; -- __set_errno (ERANGE); -- goto done; -- } -- else if (buffer_size != NULL && *buffer_size < size_needed) -- { -- char *new_buf; -- *buffer_size = size_needed; -- new_buf = realloc (*buffer, *buffer_size); -- -- if (new_buf == NULL) -- { -- save = errno; -- free (*buffer); -- __set_errno (save); -- *buffer = NULL; -- *buffer_size = 0; -- *result = NULL; -- goto done; -- } -- *buffer = new_buf; -- } -- -- memset (*buffer, '\0', size_needed); -- -- host_addr = (host_addr_t *) *buffer; -- h_addr_ptrs = (host_addr_list_t *) -- ((char *) host_addr + sizeof (*host_addr)); -- hostname = (char *) h_addr_ptrs + sizeof (*h_addr_ptrs); -- - for (cp = name;; ++cp) - { - if (!*cp) -@@ -281,7 +246,9 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf, - if (inet_pton (AF_INET6, name, host_addr) <= 0) - { - *h_errnop = HOST_NOT_FOUND; -- if (buffer_size) -+ if (buffer_size == NULL) -+ *status = NSS_STATUS_NOTFOUND; -+ else - *result = NULL; - goto done; - } -diff --git nss/getXXbyYY_r.c nss/getXXbyYY_r.c -index 1067744..44d00f4 100644 ---- nss/getXXbyYY_r.c -+++ nss/getXXbyYY_r.c -@@ -179,6 +179,9 @@ INTERNAL (REENTRANT_NAME) (ADD_PARAMS, LOOKUP_TYPE *resbuf, char *buffer, - case -1: - return errno; - case 1: -+#ifdef NEED_H_ERRNO -+ any_service = true; -+#endif - goto done; - } - #endif -@@ -288,7 +291,7 @@ done: - /* Either we failed to lookup the functions or the functions themselves - had a system error. Set NETDB_INTERNAL here to let the caller know - that the errno may have the real reason for failure. */ -- *h_errnop = NETDB_INTERNAL; -+ *h_errnop = NETDB_INTERNAL; - else if (status != NSS_STATUS_SUCCESS && !any_service) - /* We were not able to use any service. */ - *h_errnop = NO_RECOVERY; -diff --git nss/test-digits-dots.c nss/test-digits-dots.c -new file mode 100644 -index 0000000..1efa344 ---- /dev/null -+++ nss/test-digits-dots.c -@@ -0,0 +1,38 @@ -+/* Copyright (C) 2013 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+/* Testcase for BZ #15014 */ -+ -+#include -+#include -+#include -+ -+static int -+do_test (void) -+{ -+ char buf[32]; -+ struct hostent *result = NULL; -+ struct hostent ret; -+ int h_err = 0; -+ int err; -+ -+ err = gethostbyname_r ("1.2.3.4", &ret, buf, sizeof (buf), &result, &h_err); -+ return err == ERANGE && h_err == NETDB_INTERNAL ? EXIT_SUCCESS : EXIT_FAILURE; -+} -+ -+#define TEST_FUNCTION do_test () -+#include "../test-skeleton.c" --- -1.9.3 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.3.3/glibc-2.3.3-localedef-fix-trampoline.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.3.3/glibc-2.3.3-localedef-fix-trampoline.patch deleted file mode 100644 index 7c4399f845..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.3.3/glibc-2.3.3-localedef-fix-trampoline.patch +++ /dev/null @@ -1,68 +0,0 @@ -#! /bin/sh -e - -# DP: Description: Fix localedef segfault when run under exec-shield, -# PaX or similar. (#231438, #198099) -# DP: Dpatch Author: James Troup -# DP: Patch Author: (probably) Jakub Jelinek -# DP: Upstream status: Unknown -# DP: Status Details: Unknown -# DP: Date: 2004-03-16 - -if [ $# -ne 2 ]; then - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1 -fi -case "$1" in - -patch) patch -d "$2" -f --no-backup-if-mismatch -p1 < $0;; - -unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p1 < $0;; - *) - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1 -esac -exit 0 - ---- glibc-2.3.3-net/locale/programs/3level.h 16 Jun 2003 07:19:09 -0000 1.1.1.5 -+++ glibc-2.3.3-redhat/locale/programs/3level.h 16 Jun 2003 09:32:40 -0000 1.4 -@@ -204,6 +204,42 @@ CONCAT(TABLE,_iterate) (struct TABLE *t, - } - } - } -+ -+/* GCC ATM seems to do a poor job with pointers to nested functions passed -+ to inlined functions. Help it a little bit with this hack. */ -+#define wchead_table_iterate(tp, fn) \ -+do \ -+ { \ -+ struct wchead_table *t = (tp); \ -+ uint32_t index1; \ -+ for (index1 = 0; index1 < t->level1_size; index1++) \ -+ { \ -+ uint32_t lookup1 = t->level1[index1]; \ -+ if (lookup1 != ((uint32_t) ~0)) \ -+ { \ -+ uint32_t lookup1_shifted = lookup1 << t->q; \ -+ uint32_t index2; \ -+ for (index2 = 0; index2 < (1 << t->q); index2++) \ -+ { \ -+ uint32_t lookup2 = t->level2[index2 + lookup1_shifted]; \ -+ if (lookup2 != ((uint32_t) ~0)) \ -+ { \ -+ uint32_t lookup2_shifted = lookup2 << t->p; \ -+ uint32_t index3; \ -+ for (index3 = 0; index3 < (1 << t->p); index3++) \ -+ { \ -+ struct element_t *lookup3 \ -+ = t->level3[index3 + lookup2_shifted]; \ -+ if (lookup3 != NULL) \ -+ fn ((((index1 << t->q) + index2) << t->p) + index3, \ -+ lookup3); \ -+ } \ -+ } \ -+ } \ -+ } \ -+ } \ -+ } while (0) -+ - #endif - - #ifndef NO_FINALIZE diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c deleted file mode 100644 index e304440003..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c +++ /dev/null @@ -1,311 +0,0 @@ -/* Copyright (C) 2005 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ - -/* Copyright (C) 2006 Gentoo Foundation Inc. - * License terms as above. - * - * Hardened Gentoo SSP handler - * - * An SSP failure handler that does not use functions from the rest of - * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures - * no possibility of recursion into the handler. - * - * Direct all bug reports to http://bugs.gentoo.org/ - * - * Re-written from the glibc-2.3 Hardened Gentoo SSP handler - * by Kevin F. Quinn - - * - * The following people contributed to the glibc-2.3 Hardened - * Gentoo SSP handler, from which this implementation draws much: - * - * Ned Ludd - - * Alexander Gabert - - * The PaX Team - - * Peter S. Mazinger - - * Yoann Vandoorselaere - - * Robert Connolly - - * Cory Visi - * Mike Frysinger - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include - -#include - -#include -/* from sysdeps */ -#include -/* for the stuff in bits/socket.h */ -#include -#include - - -/* Sanity check on SYSCALL macro names - force compilation - * failure if the names used here do not exist - */ -#if !defined __NR_socketcall && !defined __NR_socket -# error Cannot do syscall socket or socketcall -#endif -#if !defined __NR_socketcall && !defined __NR_connect -# error Cannot do syscall connect or socketcall -#endif -#ifndef __NR_write -# error Cannot do syscall write -#endif -#ifndef __NR_close -# error Cannot do syscall close -#endif -#ifndef __NR_getpid -# error Cannot do syscall getpid -#endif -#ifndef __NR_kill -# error Cannot do syscall kill -#endif -#ifndef __NR_exit -# error Cannot do syscall exit -#endif -#ifdef SSP_SMASH_DUMPS_CORE -# if !defined _KERNEL_NSIG && !defined _NSIG -# error No _NSIG or _KERNEL_NSIG for rt_sigaction -# endif -# if !defined __NR_sigation && !defined __NR_rt_sigaction -# error Cannot do syscall sigaction or rt_sigaction -# endif -#endif - - - -/* Define DO_SOCKET/DO_CONNECT macros to deal with socketcall vs socket/connect */ -#ifdef __NR_socketcall - -# define DO_SOCKET(result,domain,type,protocol) \ - {socketargs[0] = domain; \ - socketargs[1] = type; \ - socketargs[2] = protocol; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall,2,SOCKOP_socket,socketargs);} - -# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ - {socketargs[0] = sockfd; \ - socketargs[1] = (unsigned long int)serv_addr; \ - socketargs[2] = addrlen; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall,2,SOCKOP_connect,socketargs);} - -#else - -# define DO_SOCKET(result,domain,type,protocol) \ - {result = INLINE_SYSCALL(socket,3,domain,type,protocol);} - -# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ - {result = INLINE_SYSCALL(connect,3,sockfd,serv_addr,addrlen);} - -#endif -/* __NR_socketcall */ - - -#ifndef _PATH_LOG -# define _PATH_LOG "/dev/log" -#endif - -static const char path_log[]=_PATH_LOG; - -/* For building glibc with SSP switched on, define __progname to a - * constant if building for the run-time loader, to avoid pulling - * in more of libc.so into ld.so - */ -#ifdef IS_IN_rtld -static char *__progname = ""; -#else -extern char *__progname; -#endif - - -/* Common handler code, used by stack_chk_fail and __stack_smash_handler - * Inlined to ensure no self-references to the handler within itself. - * Data static to avoid putting more than necessary on the stack, - * to aid core debugging. - */ -static inline void -__attribute__ ((__noreturn__ , __always_inline__)) -__hardened_gentoo_stack_chk_fail (char func[], int damaged) -{ -#define MESSAGE_BUFSIZ 256 - static pid_t pid; - static int plen, i; - static char message[MESSAGE_BUFSIZ]; - static const char msg_ssa[]=": stack smashing attack"; - static const char msg_inf[]=" in function "; - static const char msg_ssd[]="*** stack smashing detected ***: "; - static const char msg_terminated[]=" - terminated\n"; - static const char msg_report[]="Report to http://bugs.gentoo.org/\n"; - static const char msg_unknown[]=""; -#ifdef SSP_SMASH_DUMPS_CORE - static struct sigaction default_abort_act; -#endif - static int log_socket, connect_result; - static struct sockaddr_un sock; -#ifdef __NR_socketcall - static unsigned long int socketargs[4]; -#endif - - /* Build socket address - */ - sock.sun_family = AF_UNIX; - i=0; - while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) - { - sock.sun_path[i]=path_log[i]; - i++; - } - sock.sun_path[i]='\0'; - - /* Try SOCK_DGRAM connection to syslog */ - connect_result=-1; - DO_SOCKET(log_socket,AF_UNIX,SOCK_DGRAM,0); - if (log_socket != -1) - DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); - if (connect_result == -1) - { - if (log_socket != -1) - INLINE_SYSCALL(close,1,log_socket); - /* Try SOCK_STREAM connection to syslog */ - DO_SOCKET(log_socket,AF_UNIX,SOCK_STREAM,0); - if (log_socket != -1) - DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); - } - - /* Build message. Messages are generated both in the old style and new style, - * so that log watchers that are configured for the old-style message continue - * to work. - */ -#define strconcat(str) \ - {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ - {\ - message[plen+i]=str[i];\ - i++;\ - }\ - plen+=i;} - - /* R.Henderson post-gcc-4 style message */ - plen=0; - strconcat(msg_ssd); - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); - if (connect_result != -1) - INLINE_SYSCALL(write,3,log_socket,message,plen); - - /* Dr. Etoh pre-gcc-4 style message */ - plen=0; - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_ssa); - strconcat(msg_inf); - if (func!=NULL) - strconcat(func) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); - if (connect_result != -1) - INLINE_SYSCALL(write,3,log_socket,message,plen); - - /* Direct reports to bugs.gentoo.org */ - plen=0; - strconcat(msg_report); - message[plen++]='\0'; - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); - if (connect_result != -1) - INLINE_SYSCALL(write,3,log_socket,message,plen); - - if (log_socket != -1) - INLINE_SYSCALL(close,1,log_socket); - - /* Suicide */ - pid=INLINE_SYSCALL(getpid,0); -#ifdef SSP_SMASH_DUMPS_CORE - /* Remove any user-supplied handler for SIGABRT, before using it */ - default_abort_act.sa_handler = SIG_DFL; - default_abort_act.sa_sigaction = NULL; - __sigfillset(&default_abort_act.sa_mask); - default_abort_act.sa_flags = 0; - /* sigaction doesn't exist on amd64; however rt_sigaction seems to - * exist everywhere. rt_sigaction has an extra parameter - the - * size of sigset_t. - */ -# ifdef __NR_sigation - if (INLINE_SYSCALL(sigaction,3,SIGABRT,&default_abort_act,NULL) == 0) -# else - /* Although rt_sigaction expects sizeof(sigset_t) - it expects the size - * of the _kernel_ sigset_t which is not the same as the user sigset_t. - * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for - * some reason. - */ -# ifdef _KERNEL_NSIG - if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_KERNEL_NSIG/8) == 0) -# else - if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_NSIG/8) == 0) -# endif -# endif - INLINE_SYSCALL(kill,2,pid,SIGABRT); -#endif - /* Note; actions cannot be added to SIGKILL */ - INLINE_SYSCALL(kill,2,pid,SIGKILL); - - /* In case the kill didn't work, exit anyway - * The loop prevents gcc thinking this routine returns - */ - while (1) INLINE_SYSCALL(exit,0); -} - -void -__attribute__ ((__noreturn__)) - __stack_chk_fail (void) -{ - __hardened_gentoo_stack_chk_fail(NULL,0); -} - -#ifdef ENABLE_OLD_SSP_COMPAT -void -__attribute__ ((__noreturn__)) -__stack_smash_handler(char func[], int damaged) -{ - __hardened_gentoo_stack_chk_fail(func,damaged); -} -#endif - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch deleted file mode 100644 index 253a61bb6d..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch +++ /dev/null @@ -1,29 +0,0 @@ -Prevent default-fPIE from confusing configure into thinking -PIC code is default. This causes glibc to build both PIC and -non-PIC code as normal, which on the hardened compiler generates -PIC and PIE. - -Patch by Kevin F. Quinn - ---- configure.in -+++ configure.in -@@ -2145,7 +2145,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then - pic_default=no - fi - rm -f conftest.*]) ---- configure -+++ configure -@@ -7698,7 +7698,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then - pic_default=no - fi - rm -f conftest.* diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch deleted file mode 100644 index 420e6fdd98..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,283 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn - ---- csu/libc-start.c.orig 2007-01-21 11:51:06.000000000 +0100 -+++ csu/libc-start.c 2007-01-21 11:55:57.000000000 +0100 -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include -+#include - #ifndef SHARED - # include - extern void __pthread_initialize_minimal (void) -@@ -133,6 +134,14 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP -+ if (__pthread_initialize_minimal) -+# endif -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -142,15 +151,17 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. If there is no thread library and we - handle TLS the function is defined in the libc to initialized the - TLS handling. */ --# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP -+# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP - if (__pthread_initialize_minimal) --# endif -+# endif - __pthread_initialize_minimal (); -+# endif - #endif - - # ifndef SHARED ---- csu/libc-tls.c.orig 2007-01-21 11:37:02.000000000 +0100 -+++ csu/libc-tls.c 2007-01-21 12:09:33.000000000 +0100 -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - - #ifdef SHARED -@@ -30,6 +31,9 @@ - #endif - - #ifdef USE_TLS -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+# endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -142,14 +146,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - # if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - # elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - # else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c.orig 2007-01-21 11:38:27.000000000 +0100 -+++ misc/sbrk.c 2007-01-21 12:07:29.000000000 +0100 -@@ -18,6 +18,7 @@ - - #include - #include -+#include - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c.orig 2007-01-21 11:39:16.000000000 +0100 -+++ sysdeps/unix/sysv/linux/i386/brk.c 2007-01-21 11:44:01.000000000 +0100 -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h.orig 2007-01-21 13:08:00.000000000 +0100 -+++ sysdeps/unix/sysv/linux/i386/sysdep.h 2007-01-21 13:19:10.000000000 +0100 -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch deleted file mode 100644 index 46f3de4f78..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch +++ /dev/null @@ -1,39 +0,0 @@ -Change link commands for glibc executables to build PIEs - -Patch by Kevin F. Quinn - ---- Makeconfig -+++ Makeconfig -@@ -415,10 +415,10 @@ - - # Command for linking programs with the C library. - ifndef +link --+link = $(CC) -nostdlib -nostartfiles -o $@ \ -++link = $(CC) -nostdlib -nostartfiles -fPIE -pie -o $@ \ - $(sysdep-LDFLAGS) $(config-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ - $(combreloc-LDFLAGS) $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \ -- $(addprefix $(csu-objpfx),$(start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -429,7 +429,7 @@ - ifndef +link-static - +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -528,8 +528,8 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) --print-file-name=crtbegin.o` --+postctor = `$(CC) --print-file-name=crtend.o` -++prector = `$(CC) --print-file-name=crtbeginS.o` -++postctor = `$(CC) --print-file-name=crtendS.o` - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch deleted file mode 100644 index be8ca1963c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,273 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include -+#include - #ifndef SHARED - # include - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - #endif - - # ifndef SHARED ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - - #include - #include -+#include - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch deleted file mode 100644 index ecf57a911b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,273 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include -+#include - #ifndef SHARED - # include - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - - /* Set up the stack checker's canary. */ - uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - - #include - #include -+#include - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/common.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/common.eblit index 2f7471ed32..51ba4a9239 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/common.eblit +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/common.eblit @@ -1,6 +1,6 @@ -# Copyright 1999-2014 Gentoo Foundation +# Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/common.eblit,v 1.45 2014/10/18 23:09:51 vapier Exp $ +# $Id$ alt_prefix() { is_crosscompile && echo /usr/${CTARGET} @@ -58,6 +58,13 @@ setup_target_flags() { case $(tc-arch) in x86) # -march needed for #185404 #199334 + # TODO: When creating the first glibc cross-compile, this test will + # always fail as it does a full link which in turn requires glibc. + # Probably also applies when changing multilib profile settings (e.g. + # enabling x86 when the profile was amd64-only previously). + # We could change main to _start and pass -nostdlib here so that we + # only test the gcc code compilation. Or we could do a compile and + # then look for the symbol via scanelf. if ! glibc_compile_test "" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then local t=${CTARGET_OPT:-${CTARGET}} t=${t%%-*} @@ -68,9 +75,15 @@ setup_target_flags() { ;; amd64) # -march needed for #185404 #199334 + # Note: This test only matters when the x86 ABI is enabled, so we could + # optimize a bit and elide it. + # TODO: See cross-compile issues listed above for x86. if ! glibc_compile_test "${CFLAGS_x86}" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then local t=${CTARGET_OPT:-${CTARGET}} t=${t%%-*} + # Normally the target is x86_64-xxx, so turn that into the -march that + # gcc actually accepts. #528708 + [[ ${t} == "x86_64" ]] && t="x86-64" filter-flags '-march=*' # ugly, ugly, ugly. ugly. CFLAGS_x86=$(CFLAGS=${CFLAGS_x86} filter-flags '-march=*'; echo "${CFLAGS}") @@ -78,6 +91,10 @@ setup_target_flags() { einfo "Auto adding -march=${t} to CFLAGS_x86 #185404" fi ;; + mips) + # The mips abi cannot support the GNU style hashes. #233233 + filter-ldflags -Wl,--hash-style=gnu -Wl,--hash-style=both + ;; ppc) append-flags "-freorder-blocks" ;; diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_postinst.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_postinst.eblit index 9e5447d267..9bf6336146 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_postinst.eblit +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_postinst.eblit @@ -1,6 +1,6 @@ # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_postinst.eblit,v 1.2 2012/04/15 20:04:44 vapier Exp $ +# $Id$ eblit-glibc-pkg_postinst() { # nothing to do if just installing headers @@ -16,12 +16,6 @@ eblit-glibc-pkg_postinst() { # errors from this step #253697 /sbin/telinit U 2>/dev/null - # if the host locales.gen contains no entries, we'll install everything - local locale_list="${ROOT}etc/locale.gen" - if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then - ewarn "Generating all locales; edit /etc/locale.gen to save time/space" - locale_list="${ROOT}usr/share/i18n/SUPPORTED" - fi - locale-gen -j $(makeopts_jobs) --config "${locale_list}" + ## COREOS: locale-gen is not installed fi } diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_preinst.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_preinst.eblit index 0fcb24a09e..4c19b76728 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_preinst.eblit +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_preinst.eblit @@ -1,6 +1,6 @@ -# Copyright 1999-2014 Gentoo Foundation +# Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_preinst.eblit,v 1.13 2014/08/10 03:35:56 vapier Exp $ +# $Id$ # Simple test to make sure our new glibc isnt completely broken. # Make sure we don't test with statically built binaries since @@ -29,6 +29,9 @@ glibc_sanity_check() { *"statically linked"*) continue;; *"ASCII text"*) continue;; esac + # We need to clear the locale settings as the upgrade might want + # incompatible locale data. This test is not for verifying that. + LC_ALL=C \ ./ld-*.so --library-path . ${x} > /dev/null \ || die "simple run test (${x}) failed" done @@ -43,27 +46,14 @@ eblit-glibc-pkg_preinst() { # prepare /etc/ld.so.conf.d/ for files mkdir -p "${EROOT}"/etc/ld.so.conf.d - # Default /etc/hosts.conf:multi to on for systems with small dbs. - if [[ $(wc -l < "${EROOT}"/etc/hosts) -lt 1000 ]] ; then - sed -i '/^multi off/s:off:on:' "${ED}"/etc/host.conf - elog "Defaulting /etc/host.conf:multi to on" - fi + ## COREOS: host.conf is not installed [[ ${ROOT} != "/" ]] && return 0 [[ -d ${D}/$(get_libdir) ]] || return 0 glibc_sanity_check - # Make sure devpts is mounted correctly for use w/out setuid pt_chown. - if in_iuse suid && ! use suid ; then - if awk '$3 == "devpts" && $4 ~ /[, ]gid=5[, ]/ { exit 1 }' /proc/mounts ; then - eerror "In order to use glibc with USE=-suid, you must make sure that" - eerror "you have devpts mounted at /dev/pts with the gid=5 option." - eerror "Openrc should do this for you, so you should check /etc/fstab" - eerror "and make sure you do not have any invalid settings there." - # Do not die on older kernels as devpts did not export these settings #489520. - if version_is_at_least 2.6.25 $(uname -r) ; then - die "mount & fix your /dev/pts settings" - fi - fi + # For newer EAPIs, this was run in pkg_pretend. + if [[ ${EAPI:-0} == [0123] ]] ; then + check_devpts fi } diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_pretend.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_pretend.eblit new file mode 100644 index 0000000000..c900ccc62f --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/pkg_pretend.eblit @@ -0,0 +1,157 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +glibc_compile_test() { + local ret save_cflags=${CFLAGS} + CFLAGS+=" $1" + shift + + pushd "${T}" >/dev/null + + rm -f glibc-test* + printf '%b' "$*" > glibc-test.c + + _nonfatal emake -s glibc-test + ret=$? + + popd >/dev/null + + CFLAGS=${save_cflags} + return ${ret} +} + +glibc_run_test() { + local ret + + if [[ ${EMERGE_FROM} == "binary" ]] ; then + # ignore build failures when installing a binary package #324685 + glibc_compile_test "" "$@" 2>/dev/null || return 0 + else + if ! glibc_compile_test "" "$@" ; then + ewarn "Simple build failed ... assuming this is desired #324685" + return 0 + fi + fi + + pushd "${T}" >/dev/null + + ./glibc-test + ret=$? + rm -f glibc-test* + + popd >/dev/null + + return ${ret} +} + +check_devpts() { + # Make sure devpts is mounted correctly for use w/out setuid pt_chown. + + # If merely building the binary package, then there's nothing to verify. + [[ ${MERGE_TYPE} == "buildonly" ]] && return + + # Only sanity check when installing the native glibc. + [[ ${ROOT} != "/" ]] && return + + # Older versions always installed setuid, so no need to check. + in_iuse suid || return + + # If they're opting in to the old suid code, then no need to check. + use suid && return + + if awk '$3 == "devpts" && $4 ~ /[, ]gid=5[, ]/ { exit 1 }' /proc/mounts ; then + eerror "In order to use glibc with USE=-suid, you must make sure that" + eerror "you have devpts mounted at /dev/pts with the gid=5 option." + eerror "Openrc should do this for you, so you should check /etc/fstab" + eerror "and make sure you do not have any invalid settings there." + # Do not die on older kernels as devpts did not export these settings #489520. + if version_is_at_least 2.6.25 $(uname -r) ; then + die "mount & fix your /dev/pts settings" + fi + fi +} + +eblit-glibc-pkg_pretend() { + # For older EAPIs, this is run in pkg_preinst. + if [[ ${EAPI:-0} != [0123] ]] ; then + check_devpts + fi + + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if [[ ${MERGE_TYPE} != "buildonly" ]] && \ + [[ ${ROOT} == "/" ]] && \ + [[ ${CBUILD} == ${CHOST} ]] && \ + [[ ${CHOST} == ${CTARGET} ]] ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + + if ! glibc_run_test '#include \nint main(){return getpwuid(0)==0;}\n' + then + eerror "Your patched vendor kernel is broken. You need to get an" + eerror "update from whoever is providing the kernel to you." + eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" + eerror "http://bugs.gentoo.org/262698" + die "keeping your system alive, say thank you" + fi + + if ! glibc_run_test '#include \n#include \nint main(){return syscall(1000)!=-1;}\n' + then + eerror "Your old kernel is broken. You need to update it to" + eerror "a newer version as syscall() will break." + eerror "http://bugs.gentoo.org/279260" + die "keeping your system alive, say thank you" + fi + fi + + # users have had a chance to phase themselves, time to give em the boot + if [[ -e ${EROOT}/etc/locale.gen ]] && [[ -e ${EROOT}/etc/locales.build ]] ; then + eerror "You still haven't deleted ${EROOT}/etc/locales.build." + eerror "Do so now after making sure ${EROOT}/etc/locale.gen is kosher." + die "lazy upgrader detected" + fi + + if [[ ${CTARGET} == i386-* ]] ; then + eerror "i386 CHOSTs are no longer supported." + eerror "Chances are you don't actually want/need i386." + eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" + die "please fix your CHOST" + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty when running with a 32bit" + ewarn "hypervisor, which is probably not what you want." + fi + + use hardened && ! gcc-specs-pie && \ + ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" + + # Make sure host system is up to date #394453 + if has_version '/dev/null - - rm -f glibc-test* - printf '%b' "$*" > glibc-test.c - - _nonfatal emake -s glibc-test - ret=$? - - popd >/dev/null - - CFLAGS=${save_cflags} - return ${ret} -} - -glibc_run_test() { - local ret - - if [[ ${EMERGE_FROM} == "binary" ]] ; then - # ignore build failures when installing a binary package #324685 - glibc_compile_test "" "$@" 2>/dev/null || return 0 - else - if ! glibc_compile_test "" "$@" ; then - ewarn "Simple build failed ... assuming this is desired #324685" - return 0 - fi - fi - - pushd "${T}" >/dev/null - - ./glibc-test - ret=$? - rm -f glibc-test* - - popd >/dev/null - - return ${ret} -} +[[ ${EAPI:-0} == [0123] ]] && source "${FILESDIR}/eblits/pkg_pretend.eblit" eblit-glibc-pkg_setup() { - # prevent native builds from downgrading ... maybe update to allow people - # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) - if [[ ${MERGE_TYPE} != "buildonly" ]] && \ - [[ ${ROOT} == "/" ]] && \ - [[ ${CBUILD} == ${CHOST} ]] && \ - [[ ${CHOST} == ${CTARGET} ]] ; then - if has_version '>'${CATEGORY}/${PF} ; then - eerror "Sanity check to keep you from breaking your system:" - eerror " Downgrading glibc is not supported and a sure way to destruction" - die "aborting to save your system" - fi - - if ! glibc_run_test '#include \nint main(){return getpwuid(0)==0;}\n' - then - eerror "Your patched vendor kernel is broken. You need to get an" - eerror "update from whoever is providing the kernel to you." - eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" - eerror "http://bugs.gentoo.org/262698" - die "keeping your system alive, say thank you" - fi - - if ! glibc_run_test '#include \n#include \nint main(){return syscall(1000)!=-1;}\n' - then - eerror "Your old kernel is broken. You need to update it to" - eerror "a newer version as syscall() will break." - eerror "http://bugs.gentoo.org/279260" - die "keeping your system alive, say thank you" - fi - fi - - # users have had a chance to phase themselves, time to give em the boot - if [[ -e ${EROOT}/etc/locale.gen ]] && [[ -e ${EROOT}/etc/locales.build ]] ; then - eerror "You still haven't deleted ${EROOT}/etc/locales.build." - eerror "Do so now after making sure ${EROOT}/etc/locale.gen is kosher." - die "lazy upgrader detected" - fi - - if [[ ${CTARGET} == i386-* ]] ; then - eerror "i386 CHOSTs are no longer supported." - eerror "Chances are you don't actually want/need i386." - eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" - die "please fix your CHOST" - fi - - if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then - ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." - ewarn "This will result in a 50% performance penalty when running with a 32bit" - ewarn "hypervisor, which is probably not what you want." - fi - - use hardened && ! gcc-specs-pie && \ - ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" - - # Make sure host system is up to date #394453 - if has_version '/dev/null + sed -i -e '/^CC +=/s:=.*:= -D_MIPS_SZPTR=32:' mips32/Makefile mips64/n32/Makefile || die + sed -i -e '/^CC +=/s:=.*:= -D_MIPS_SZPTR=64:' mips64/n64/Makefile || die + popd >/dev/null + fi + local myconf=() myconf+=( --disable-sanity-checks diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_install.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_install.eblit index 8030d935a6..faadfb8af6 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_install.eblit +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_install.eblit @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_install.eblit,v 1.38 2014/09/10 18:15:55 vapier Exp $ +# $Id$ toolchain-glibc_src_install() { local builddir=$(builddir $(want_linuxthreads && echo linuxthreads || echo nptl)) @@ -133,70 +133,40 @@ toolchain-glibc_src_install() { return 0 fi - # Files for Debian-style locale updating - dodir /usr/share/i18n - sed \ - -e "/^#/d" \ - -e "/SUPPORTED-LOCALES=/d" \ - -e "s: \\\\::g" -e "s:/: :g" \ - "${S}"/localedata/SUPPORTED > "${ED}"/usr/share/i18n/SUPPORTED \ - || die "generating /usr/share/i18n/SUPPORTED failed" - cd "${WORKDIR}"/extra/locale - dosbin locale-gen || die - doman *.[0-8] - insinto /etc - doins locale.gen || die + ## COREOS ## + # For reference, the rest of this function has been modified to do: + # - The SDK just gets the full locale archive, no need for locale-gen. + # - CoreOS targets (which are cross compiled) don't get any locales. + # - Config files are installed by baselayout, not glibc. + # - Forget about nscd for now, we have the use flag off anyway. + + if ! tc-is-cross-compiler ; then + emake install_root="${D}$(alt_prefix)" localedata/install-locales || die + # Sanity check the above command worked + [[ -f ${ED}/usr/$(get_libdir)/locale/locale-archive ]] || die + else + keepdir /usr/$(get_libdir)/locale + fi # Make sure all the ABI's can find the locales and so we only # have to generate one set local a - keepdir /usr/$(get_libdir)/locale for a in $(get_install_abis) ; do if [[ ! -e ${ED}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale fi done - cd "${S}" - - # Install misc network config files - insinto /etc - doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die - doins "${WORKDIR}"/extra/etc/*.conf || die - - if ! in_iuse nscd || use nscd ; then - doinitd "${WORKDIR}"/extra/etc/nscd || die - - local nscd_args=( - -e "s:@PIDFILE@:$(strings "${ED}"/usr/sbin/nscd | grep nscd.pid):" - ) - version_is_at_least 2.16 || nscd_args+=( -e 's: --foreground : :' ) - sed -i "${nscd_args[@]}" "${ED}"/etc/init.d/nscd - - # Newer versions of glibc include the nscd.service themselves. - # TODO: Drop the $FILESDIR copy once 2.19 goes stable. - if version_is_at_least 2.19 ; then - systemd_dounit nscd/nscd.service || die - systemd_newtmpfilesd nscd/nscd.tmpfiles nscd.conf || die - else - systemd_dounit "${FILESDIR}"/nscd.service || die - systemd_newtmpfilesd "${FILESDIR}"/nscd.tmpfilesd nscd.conf || die - fi - else - # Do this since extra/etc/*.conf above might have nscd.conf. - rm -f "${ED}"/etc/nscd.conf - fi + # Clean out any default configs + rm -rf "${ED}"/etc echo 'LDPATH="include ld.so.conf.d/*.conf"' > "${T}"/00glibc doenvd "${T}"/00glibc || die + cd "${S}" for d in BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* ; do [[ -s ${d} ]] && dodoc ${d} done - - # Prevent overwriting of the /etc/localtime symlink. We'll handle the - # creation of the "factory" symlink in pkg_postinst(). - rm -f "${ED}"/etc/localtime } toolchain-glibc_headers_install() { diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_prepare.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_prepare.eblit index dc57faee3e..162cf530c8 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_prepare.eblit +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_prepare.eblit @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_prepare.eblit,v 1.1 2014/09/10 05:59:03 vapier Exp $ +# $Id$ eblit-glibc-src_prepare() { # XXX: We should do the branchupdate, before extracting the manpages and diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_test.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_test.eblit index 210cca3a46..fc5b950f46 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_test.eblit +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_test.eblit @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_test.eblit,v 1.9 2014/09/17 22:53:43 vapier Exp $ +# $Id$ glibc_src_test() { cd "$(builddir $1)" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_unpack.eblit b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_unpack.eblit index 94f33b5e72..8d4c740717 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_unpack.eblit +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/eblits/src_unpack.eblit @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_unpack.eblit,v 1.27 2014/09/10 05:59:03 vapier Exp $ +# $Id$ [[ ${EAPI:-0} == [01] ]] && source "${FILESDIR}/eblits/src_prepare.eblit" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/locale-default-en_US.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/locale-default-en_US.patch deleted file mode 100644 index 83f75a4895..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/locale-default-en_US.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- extra/locale/locale.gen.orig 2014-03-18 10:38:23.993988978 -0700 -+++ extra/locale/locale.gen 2014-03-18 10:38:38.140049907 -0700 -@@ -15,8 +15,8 @@ - # rebuilt for you. After updating this file, you can simply run `locale-gen` - # yourself instead of re-emerging glibc. - --#en_US ISO-8859-1 --#en_US.UTF-8 UTF-8 -+en_US ISO-8859-1 -+en_US.UTF-8 UTF-8 - #ja_JP.EUC-JP EUC-JP - #ja_JP.UTF-8 UTF-8 - #ja_JP EUC-JP diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd old mode 100755 new mode 100644 index b102de0705..e47f9b98bd --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nscd,v 1.7 2007/02/23 12:09:39 uberlord Exp $ +# $Id$ depend() { use dns ldap net slapd diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nsswitch.conf b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nsswitch.conf index eb169614d4..f28d534edf 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nsswitch.conf +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nsswitch.conf @@ -1,5 +1,5 @@ # /etc/nsswitch.conf: -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nsswitch.conf,v 1.1 2005/05/17 00:52:41 vapier Exp $ +# $Id$ passwd: compat shadow: compat diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.17-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.17-r4.ebuild deleted file mode 120000 index 4528bca682..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.17-r4.ebuild +++ /dev/null @@ -1 +0,0 @@ -glibc-2.17.ebuild \ No newline at end of file diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.17.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.17.ebuild deleted file mode 100644 index 24083dc217..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.17.ebuild +++ /dev/null @@ -1,221 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.17.ebuild,v 1.34 2014/04/05 16:05:07 vapier Exp $ - -inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing - -DESCRIPTION="GNU libc6 (also called glibc2) C library" -HOMEPAGE="http://www.gnu.org/software/libc/libc.html" - -LICENSE="LGPL-2.1+ BSD HPND ISC inner-net rc PCRE" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" -RESTRICT="strip" # strip ourself #46186 -EMULTILIB_PKG="true" - -# Configuration variables -RELEASE_VER="" -case ${PV} in -9999*) - EGIT_REPO_URIS="git://sourceware.org/git/glibc.git" - EGIT_SOURCEDIRS="${S}" - inherit git-2 - ;; -*) - RELEASE_VER=${PV} - ;; -esac -GCC_BOOTSTRAP_VER="4.7.3-r1" -PATCH_VER="8" # Gentoo patchset -NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.16"} # min kernel version nptl requires - -IUSE="debug gd hardened multilib nscd selinux systemtap profile suid vanilla crosscompile_opts_headers-only" - -# Here's how the cross-compile logic breaks down ... -# CTARGET - machine that will target the binaries -# CHOST - machine that will host the binaries -# CBUILD - machine that will build the binaries -# If CTARGET != CHOST, it means you want a libc for cross-compiling. -# If CHOST != CBUILD, it means you want to cross-compile the libc. -# CBUILD = CHOST = CTARGET - native build/install -# CBUILD != (CHOST = CTARGET) - cross-compile a native build -# (CBUILD = CHOST) != CTARGET - libc for cross-compiler -# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler -# For install paths: -# CHOST = CTARGET - install into / -# CHOST != CTARGET - install into /usr/CTARGET/ - -export CBUILD=${CBUILD:-${CHOST}} -export CTARGET=${CTARGET:-${CHOST}} -if [[ ${CTARGET} == ${CHOST} ]] ; then - if [[ ${CATEGORY} == cross-* ]] ; then - export CTARGET=${CATEGORY#cross-} - fi -fi - -[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.16/2.6.20} - -is_crosscompile() { - [[ ${CHOST} != ${CTARGET} ]] -} - -# Why SLOT 2.2 you ask yourself while sippin your tea ? -# Everyone knows 2.2 > 0, duh. -SLOT="2.2" - -# General: We need a new-enough binutils/gcc to match upstream baseline. -# arch: we need to make sure our binutils/gcc supports TLS. -DEPEND=">=app-misc/pax-utils-0.1.10 - ! [version] -eblit-include() { - local skipable=false - [[ $1 == "--skip" ]] && skipable=true && shift - [[ $1 == pkg_* ]] && skipable=true - - local e v func=$1 ver=$2 - [[ -z ${func} ]] && die "Usage: eblit-include [version]" - for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do - e="${FILESDIR}/eblits/${func}${v}.eblit" - if [[ -e ${e} ]] ; then - source "${e}" - return 0 - fi - done - ${skipable} && return 0 - die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" -} - -# eblit-run-maybe -# run the specified function if it is defined -eblit-run-maybe() { - [[ $(type -t "$@") == "function" ]] && "$@" -} - -# eblit-run [version] -# aka: src_unpack() { eblit-run src_unpack ; } -eblit-run() { - eblit-include --skip common "${*:2}" - eblit-include "$@" - eblit-run-maybe eblit-$1-pre - eblit-${PN}-$1 - eblit-run-maybe eblit-$1-post -} - -src_unpack() { eblit-run src_unpack ; } -src_compile() { eblit-run src_compile ; } -src_test() { eblit-run src_test ; } -src_install() { eblit-run src_install ; } - -# FILESDIR might not be available during binpkg install -for x in setup {pre,post}inst ; do - e="${FILESDIR}/eblits/pkg_${x}.eblit" - if [[ -e ${e} ]] ; then - . "${e}" - eval "pkg_${x}() { eblit-run pkg_${x} ; }" - fi -done - -eblit-src_unpack-pre() { - GLIBC_PATCH_EXCLUDE+=" 6600_mips_librt-mips.patch" #456912 - [[ -n ${GCC_BOOTSTRAP_VER} ]] && use multilib && unpack gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2 -} - -eblit-src_unpack-post() { - cd "${WORKDIR}" - epatch "${FILESDIR}"/locale-default-en_US.patch - - if use hardened ; then - cd "${S}" - einfo "Patching to get working PIE binaries on PIE (hardened) platforms" - gcc-specs-pie && epatch "${FILESDIR}"/2.17/glibc-2.17-hardened-pie.patch - epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch - epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch - epatch "${FILESDIR}"/2.17/glibc-2.17-parsing-in-gethostbyname.patch - - einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" - cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ - debug/stack_chk_fail.c || die - cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ - debug/chk_fail.c || die - - if use debug ; then - # When using Hardened Gentoo stack handler, have smashes dump core for - # analysis - debug only, as core could be an information leak - # (paranoia). - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug stack handler" - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug fortify handler" - fi - - # Build nscd with ssp-all - sed -i \ - -e 's:-fstack-protector$:-fstack-protector-all:' \ - nscd/Makefile \ - || die "Failed to ensure nscd builds with ssp-all" - fi -} - -eblit-pkg_preinst-post() { - if [[ ${CTARGET} == arm* ]] ; then - # Backwards compat support for renaming hardfp ldsos #417287 - local oldso='/lib/ld-linux.so.3' - local nldso='/lib/ld-linux-armhf.so.3' - if [[ -e ${D}${nldso} ]] ; then - if scanelf -qRyi "${ROOT}$(alt_prefix)"/*bin/ | grep -s "^${oldso}" ; then - ewarn "Symlinking old ldso (${oldso}) to new ldso (${nldso})." - ewarn "Please rebuild all packages using this old ldso as compat" - ewarn "support will be dropped in the future." - ln -s "${nldso##*/}" "${D}$(alt_prefix)${oldso}" - fi - fi - fi -} - -# CoreOS tweaks: -# - drop host.conf and gai.conf -# - nsswitch.conf and rpc are provided by baselayout -eblit-src_install-post() { - rm -f "${D}"/etc/{gai.conf,host.conf,nsswitch.conf,rpc} || die -} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.19-r1.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.19-r1.ebuild deleted file mode 100644 index d93ba66ae2..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.19-r1.ebuild +++ /dev/null @@ -1,219 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.19-r1.ebuild,v 1.11 2014/10/26 08:05:50 vapier Exp $ - -inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing - -DESCRIPTION="GNU libc6 (also called glibc2) C library" -HOMEPAGE="http://www.gnu.org/software/libc/libc.html" - -LICENSE="LGPL-2.1+ BSD HPND ISC inner-net rc PCRE" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" -RESTRICT="strip" # strip ourself #46186 -EMULTILIB_PKG="true" - -# Configuration variables -RELEASE_VER="" -case ${PV} in -9999*) - EGIT_REPO_URIS="git://sourceware.org/git/glibc.git" - EGIT_SOURCEDIRS="${S}" - inherit git-2 - ;; -*) - RELEASE_VER=${PV} - ;; -esac -GCC_BOOTSTRAP_VER="4.7.3-r1" -PATCH_VER="3" # Gentoo patchset -NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.16"} # min kernel version nptl requires - -IUSE="debug gd hardened multilib nscd selinux systemtap profile suid vanilla crosscompile_opts_headers-only" - -# Here's how the cross-compile logic breaks down ... -# CTARGET - machine that will target the binaries -# CHOST - machine that will host the binaries -# CBUILD - machine that will build the binaries -# If CTARGET != CHOST, it means you want a libc for cross-compiling. -# If CHOST != CBUILD, it means you want to cross-compile the libc. -# CBUILD = CHOST = CTARGET - native build/install -# CBUILD != (CHOST = CTARGET) - cross-compile a native build -# (CBUILD = CHOST) != CTARGET - libc for cross-compiler -# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler -# For install paths: -# CHOST = CTARGET - install into / -# CHOST != CTARGET - install into /usr/CTARGET/ - -export CBUILD=${CBUILD:-${CHOST}} -export CTARGET=${CTARGET:-${CHOST}} -if [[ ${CTARGET} == ${CHOST} ]] ; then - if [[ ${CATEGORY} == cross-* ]] ; then - export CTARGET=${CATEGORY#cross-} - fi -fi - -[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.16/2.6.20} - -is_crosscompile() { - [[ ${CHOST} != ${CTARGET} ]] -} - -# Why SLOT 2.2 you ask yourself while sippin your tea ? -# Everyone knows 2.2 > 0, duh. -SLOT="2.2" - -# General: We need a new-enough binutils/gcc to match upstream baseline. -# arch: we need to make sure our binutils/gcc supports TLS. -DEPEND=">=app-misc/pax-utils-0.1.10 - ! [version] -eblit-include() { - local skipable=false - [[ $1 == "--skip" ]] && skipable=true && shift - [[ $1 == pkg_* ]] && skipable=true - - local e v func=$1 ver=$2 - [[ -z ${func} ]] && die "Usage: eblit-include [version]" - for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do - e="${FILESDIR}/eblits/${func}${v}.eblit" - if [[ -e ${e} ]] ; then - source "${e}" - return 0 - fi - done - ${skipable} && return 0 - die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" -} - -# eblit-run-maybe -# run the specified function if it is defined -eblit-run-maybe() { - [[ $(type -t "$@") == "function" ]] && "$@" -} - -# eblit-run [version] -# aka: src_unpack() { eblit-run src_unpack ; } -eblit-run() { - eblit-include --skip common "${*:2}" - eblit-include "$@" - eblit-run-maybe eblit-$1-pre - eblit-${PN}-$1 - eblit-run-maybe eblit-$1-post -} - -src_unpack() { eblit-run src_unpack ; } -src_compile() { eblit-run src_compile ; } -src_test() { eblit-run src_test ; } -src_install() { eblit-run src_install ; } - -# FILESDIR might not be available during binpkg install -for x in setup {pre,post}inst ; do - e="${FILESDIR}/eblits/pkg_${x}.eblit" - if [[ -e ${e} ]] ; then - . "${e}" - eval "pkg_${x}() { eblit-run pkg_${x} ; }" - fi -done - -eblit-src_unpack-pre() { - [[ -n ${GCC_BOOTSTRAP_VER} ]] && use multilib && unpack gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2 -} - -eblit-src_unpack-post() { - cd "${WORKDIR}" - epatch "${FILESDIR}"/locale-default-en_US.patch - - if use hardened ; then - cd "${S}" - einfo "Patching to get working PIE binaries on PIE (hardened) platforms" - gcc-specs-pie && epatch "${FILESDIR}"/2.17/glibc-2.17-hardened-pie.patch - epatch "${FILESDIR}"/2.19/glibc-2.19-hardened-configure-picdefault.patch - epatch "${FILESDIR}"/2.18/glibc-2.18-hardened-inittls-nosysenter.patch - - einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" - cp -f "${FILESDIR}"/2.18/glibc-2.18-gentoo-stack_chk_fail.c \ - debug/stack_chk_fail.c || die - cp -f "${FILESDIR}"/2.18/glibc-2.18-gentoo-chk_fail.c \ - debug/chk_fail.c || die - - if use debug ; then - # When using Hardened Gentoo stack handler, have smashes dump core for - # analysis - debug only, as core could be an information leak - # (paranoia). - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug stack handler" - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug fortify handler" - fi - - # Build nscd with ssp-all - sed -i \ - -e 's:-fstack-protector$:-fstack-protector-all:' \ - nscd/Makefile \ - || die "Failed to ensure nscd builds with ssp-all" - fi -} - -eblit-pkg_preinst-post() { - if [[ ${CTARGET} == arm* ]] ; then - # Backwards compat support for renaming hardfp ldsos #417287 - local oldso='/lib/ld-linux.so.3' - local nldso='/lib/ld-linux-armhf.so.3' - if [[ -e ${D}${nldso} ]] ; then - if scanelf -qRyi "${ROOT}$(alt_prefix)"/*bin/ | grep -s "^${oldso}" ; then - ewarn "Symlinking old ldso (${oldso}) to new ldso (${nldso})." - ewarn "Please rebuild all packages using this old ldso as compat" - ewarn "support will be dropped in the future." - ln -s "${nldso##*/}" "${D}$(alt_prefix)${oldso}" - fi - fi - fi -} - -# CoreOS tweaks: -# - drop host.conf and gai.conf -# - nsswitch.conf and rpc are provided by baselayout -eblit-src_install-post() { - rm -f "${D}"/etc/{gai.conf,host.conf,nsswitch.conf,rpc} || die -} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.20-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.21-r1.ebuild similarity index 87% rename from sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.20-r2.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.21-r1.ebuild index 861b8471a5..9963ae3152 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.20-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.21-r1.ebuild @@ -1,16 +1,16 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.20-r2.ebuild,v 1.2 2015/03/22 20:38:54 zlogene Exp $ +# $Id$ EAPI="4" inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing DESCRIPTION="GNU libc6 (also called glibc2) C library" -HOMEPAGE="http://www.gnu.org/software/libc/libc.html" +HOMEPAGE="https://www.gnu.org/software/libc/libc.html" LICENSE="LGPL-2.1+ BSD HPND ISC inner-net rc PCRE" -KEYWORDS="~alpha amd64 ~arm ~arm64 -hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" RESTRICT="strip" # strip ourself #46186 EMULTILIB_PKG="true" @@ -27,7 +27,7 @@ case ${PV} in ;; esac GCC_BOOTSTRAP_VER="4.7.3-r1" -PATCH_VER="4" # Gentoo patchset +PATCH_VER="5" # Gentoo patchset : ${NPTL_KERN_VER:="2.6.32"} # min kernel version nptl requires IUSE="debug gd hardened multilib nscd selinux systemtap profile suid vanilla crosscompile_opts_headers-only" @@ -76,13 +76,13 @@ RDEPEND="!sys-kernel/ps3-sources if [[ ${CATEGORY} == cross-* ]] ; then DEPEND+=" !crosscompile_opts_headers-only? ( >=${CATEGORY}/binutils-2.24 - >=${CATEGORY}/gcc-4.4 + >=${CATEGORY}/gcc-4.6 )" [[ ${CATEGORY} == *-linux* ]] && DEPEND+=" ${CATEGORY}/linux-headers" else DEPEND+=" >=sys-devel/binutils-2.24 - >=sys-devel/gcc-4.4 + >=sys-devel/gcc-4.6 virtual/os-headers" RDEPEND+=" vanilla? ( !sys-libs/timezone-data )" PDEPEND+=" !vanilla? ( sys-libs/timezone-data )" @@ -92,8 +92,8 @@ upstream_uris() { echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 } gentoo_uris() { - local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI HTTP~blueness/glibc/URI" - devspace=${devspace//HTTP/http://dev.gentoo.org/} + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/https://dev.gentoo.org/} echo mirror://gentoo/$1 ${devspace//URI/$1} } SRC_URI=$( @@ -145,7 +145,7 @@ src_test() { eblit-run src_test ; } src_install() { eblit-run src_install ; } # FILESDIR might not be available during binpkg install -for x in setup {pre,post}inst ; do +for x in pretend setup {pre,post}inst ; do e="${FILESDIR}/eblits/pkg_${x}.eblit" if [[ -e ${e} ]] ; then . "${e}" @@ -158,9 +158,6 @@ eblit-src_unpack-pre() { } eblit-src_prepare-post() { - cd "${WORKDIR}" - epatch "${FILESDIR}"/locale-default-en_US.patch - cd "${S}" if use hardened ; then @@ -188,11 +185,12 @@ eblit-src_prepare-post() { -e 's:-fstack-protector$:-fstack-protector-all:' \ */Makefile || die fi -} -# CoreOS tweaks: -# - drop host.conf and gai.conf -# - nsswitch.conf and rpc are provided by baselayout -eblit-src_install-post() { - rm -f "${D}"/etc/{gai.conf,host.conf,nsswitch.conf,rpc} || die + case $(gcc-fullversion) in + 4.8.[0-3]|4.9.0) + eerror "You need to switch to a newer compiler; gcc-4.8.[0-3] and gcc-4.9.0 miscompile" + eerror "glibc. See https://bugs.gentoo.org/547420 for details." + die "need to switch compilers #547420" + ;; + esac }