diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/0000-bump-baselayout-coreos-overlay.sh b/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/0000-bump-baselayout-coreos-overlay.sh index e294393eb8..9910b1cfef 100755 --- a/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/0000-bump-baselayout-coreos-overlay.sh +++ b/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/0000-bump-baselayout-coreos-overlay.sh @@ -5,7 +5,7 @@ set -euo pipefail stage1_repo="${1}" new_repo="${2}" -good_version="3.6.8-r9" +good_version="3.6.8-r10" stage1_version='' for f in "${stage1_repo}/sys-apps/baselayout/baselayout-"*'.ebuild'; do diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/README.md b/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/README.md index 5db213fca4..d31163fe6c 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/README.md +++ b/sdk_container/src/third_party/coreos-overlay/coreos/stage1_hooks/README.md @@ -1,6 +1,18 @@ -The scripts there are called when setting up the portage-stable and -coreos-overlay repos for the stage1 build. When the scripts are -invoked, they receive a path to the repository as a parameter. The -script for portage-stable should end with `-portage-stable.sh`, and -the script for coreos-overlay with '-coreos-overlay.sh`. For example -`0000-replace-ROOTPATH-coreos-overlay.sh`. +The scripts in this directory are called by the SDK bootstrapping +script when setting up the portage-stable and coreos-overlay repos for +the stage1 build. The scripts are invoked with two arguments - a path +to the stage1 repository, and a path to the current repository. The +difference between the two is that the stage1 repository is a copy of +a repository saved in the seed SDK (thus it's going to be an older +version of the repository), whereas the current repository is a +repository that will be a base of the new SDK. The idea here is that +something in the stage1 repository may be too old, thus it should be +replaced with its equivalent from the current repository. + +For more information about the bootstrap process, please see the +`bootstrap_sdk` script in [the scripts +repository](https://github.com/flatcar/scripts). + +The script for portage-stable should end with `-portage-stable.sh`, +and the script for coreos-overlay with '-coreos-overlay.sh`. For +example: `0000-replace-ROOTPATH-coreos-overlay.sh`. diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-devel/gcc/0001-constexpr.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-devel/gcc/0001-constexpr.patch deleted file mode 100644 index 938b3d6ace..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-devel/gcc/0001-constexpr.patch +++ /dev/null @@ -1,14 +0,0 @@ -The constexpr keyword is missing for a function that was invoked from -another constexpr function. Add the missing keyword. - ---- a/libstdc++-v3/src/c++17/memory_resource.cc 2022-12-09 22:33:43.000000000 -0000 -+++ b/libstdc++-v3/src/c++17/memory_resource.cc 2023-01-25 13:14:24.025359063 -0000 -@@ -603,7 +603,7 @@ - void* pointer = nullptr; - aligned_size _M_size; - -- size_t size() const noexcept -+ constexpr size_t size() const noexcept - { - if (_M_size.value == size_t(-1)) [[unlikely]] - return size_t(-1); diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-devel/gcc/README.md b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-devel/gcc/README.md deleted file mode 100644 index 9a331e1e86..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-devel/gcc/README.md +++ /dev/null @@ -1,6 +0,0 @@ -Drop `0001-constexpr.patch` when not applicable any more. It's a weird -issue, because building the same version of the compiler worked fine -before. Maybe some patch from gcc patches is at fault here. Didn't -investigate in hope that the issue is ephemeral. Some newer version of -gcc is already marked as stable for both amd64 and arm64 in Gentoo, so -this patch will most likely be dropped next week. diff --git a/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/Manifest b/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/Manifest index 5cebbd8384..a60f8dcf2a 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/Manifest @@ -1,3 +1,3 @@ -DIST Python-3.10.9.tar.xz 19612112 BLAKE2B ef2d063a9fbaf234aa4a47149cb184a0379dc403515df10249104a5092750cdaf22ad47916d34e17dd68fff1c30338c0375f4e4e3cc9bde33e0896c1c3ba655b SHA512 d66ea8adeb6dc4951e612175f8838b3092967ff275b7a3470f2d86f470036aa2221e722c3144d90bcd230b88efd53dde204213f72f703e524e4b833e2ccc68e2 -DIST Python-3.10.9.tar.xz.asc 833 BLAKE2B 8895c6cb5031b2463cc6ba3e0dc56bee40c2e99117c062f9c72f2b7adb0d5a49782b968abfc764117e8513bd12816915245677c25b1710e3dae3c9e26937c2b9 SHA512 525e166ede6836086de814c26fc880f41eaf1ed4bff6118f00342e42f7ab1c47148447ced1b565e146d3125fa06b5cd6b394a256bc61096766b26e07f18bbf10 -DIST python-gentoo-patches-3.10.9.tar.xz 12216 BLAKE2B ced4f951089c51ddaab6c62ade9d2c84f69e7e1baf2acf5247559534c7d0fb0e88dca1222f5bd2209b4e61f5aca17279b8054f269535dbc10de0786c2c5779f5 SHA512 2d01f0f3831beeba004517bb82f7d616f25f08e5c755409ecff79cd68e0a619b5bf6802fffd0e5f7f39f1d9d93e65b018b91cdeb337a5e47f1651f36bea0e96e +DIST Python-3.10.10.tar.xz 19627028 BLAKE2B 57fc6869fa05586158a170c1892d93a3036823bfafb9484b9d70bca6cdc3e76f75357622eace4bde9a4c0ca62a1bb79665e5751b41655f9f4d7e345547013ad8 SHA512 f0aee65970a68287b34c4eafcf35c6fa09c81ba234ac356db16fbbc6c36417e4ac67071e616d118f5e192d541d7f177dcab5585b9780e842f656c09e01c37ced +DIST Python-3.10.10.tar.xz.asc 833 BLAKE2B fd60e6268f7dd6676ea58bd7e80c513506ac9810c1a62ff060134207b0fd8e7b096d5f11f3cc536a1578144ff54c00bcb076d3c3f5889a69a898660dd280312b SHA512 591746d74c6123bf36c763b6e8e1de1554f02eeff30c855623ef0f12d3864d5573eb5efe96d6e142f24627c77b90738ada3456df4ad59bddcb008658f2ca8af9 +DIST python-gentoo-patches-3.10.10_p2.tar.xz 13992 BLAKE2B e18e708888dd28c8f238d4897aff79483a679396a168d8b5ff4f5e8c7f09cec5f1b13aeb327d3dc3e2149c2117c25da050987f1f1c3322b56c87245ba2d0b54d SHA512 14bc218a2f3c64ef9f42682fd1364208bcaa74f787dee39bd9566e40764c260a65fd42961be47a6e6c6227091cb2fef83e1d689302448647560689e20e07efe0 diff --git a/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/python-oem-3.10.9-r1.ebuild b/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/python-oem-3.10.10_p2.ebuild similarity index 99% rename from sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/python-oem-3.10.9-r1.ebuild rename to sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/python-oem-3.10.10_p2.ebuild index 25cd1da064..a724285250 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/python-oem-3.10.9-r1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/python-oem-3.10.10_p2.ebuild @@ -28,7 +28,7 @@ S="${WORKDIR}/${MY_P}" LICENSE="PSF-2" SLOT="${PYVER}" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" +KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" IUSE=" bluetooth build +ensurepip examples gdbm hardened libedit lto +ncurses pgo +readline +sqlite +ssl test tk valgrind +xml diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords index fc335ed0ab..d6b9a12413 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords @@ -7,20 +7,27 @@ =app-arch/zstd-1.4.9 ~amd64 ~arm64 -# Necessary to fix CVE-2023-0049, CVE-2023-0051 and CVE-2023-0054. -=app-editors/vim-9.0.1157 ~amd64 ~arm64 -=app-editors/vim-core-9.0.1157 ~amd64 ~arm64 - =coreos-devel/fero-client-0.1.1 ** +# Keep versions even for both arches +=dev-lang/python-3.10.10_p2 ~arm64 +=dev-lang/python-oem-3.10.10_p2 ~arm64 + # Accept unstable host Rust compilers =dev-lang/rust-1.67.1 ~amd64 ~arm64 =virtual/rust-1.67.1 ~amd64 ~arm64 =dev-libs/libgcrypt-1.9.4 ~amd64 ~arm64 -# Keep the version of bind-tools the same on all arches. -=net-dns/bind-tools-9.16.36 ~arm64 +# upstream stabilizes arm64 for dev-lang/cython +# stabilize dev-python/cython for amd64 to keep the version same for both arch +=dev-python/cython-0.29.33 ~amd64 + +# Required for addressing CVE-2023-0361. +=net-libs/gnutls-3.8.0 ~amd64 ~arm64 + +# Required for addressing CVE-2023-23914, CVE-2023-23915 and CVE-2023-23916. +=net-misc/curl-7.88.1-r1 ~amd64 ~arm64 # Required for addressing CVE-2022-29154 =net-misc/rsync-3.2.7-r2 ~amd64 ~arm64 diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.mask b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.mask index fada03a3d7..d1c5bff76f 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.mask +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.mask @@ -21,8 +21,3 @@ # Python 3.11 is stable in portage-stable, so avoid picking it # up. Drop this when we switch to it. >=dev-lang/python-3.11 - -# sys-devel/gcc-11.3.1_p20230120-r1 is the latest stable gcc version -# that fixes the CET build issue of glibc. There are newer versions of -# gcc that are not tested enough for CET, so mask them. ->sys-devel/gcc-11.3.1_p20230120-r1 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.8-r9.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.8-r10.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.8-r9.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.8-r10.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild index eba79a2be0..29fce7fe13 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild @@ -9,7 +9,7 @@ CROS_WORKON_REPO="https://github.com" if [[ "${PV}" == 9999 ]]; then KEYWORDS="~amd64 ~arm ~arm64 ~x86" else - CROS_WORKON_COMMIT="9082621e94ee6a1cdad9e15aa17a747d46c33c6f" # flatcar-master + CROS_WORKON_COMMIT="d4d6da73919bacc5b05a012d3d00dc8e2d669c0d" # flatcar-master KEYWORDS="amd64 arm arm64 x86" fi @@ -133,11 +133,6 @@ src_install() { doenvd "env.d/99flatcar_ldpath" - # Add /sbin:/bin into the PATH when they aren't links into /usr. - if ! use symlink-usr; then - echo ROOTPATH=/sbin:/bin > "${D}"/etc/env.d/99flatcar_bin || die - fi - # handle multilib paths. do it here because we want this behavior # regardless of the C library that you're using. we do explicitly # list paths which the native ldconfig searches, but this isn't diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/Manifest deleted file mode 100644 index b6017de329..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/Manifest +++ /dev/null @@ -1 +0,0 @@ -DIST texinfo-6.8.tar.gz 10119420 BLAKE2B df9dc1698e7bb4f7c97ba4d44b08631502e3f997b91169ae64161b69701fbb0f85c82295ef6867e716a0addfd7c5677e14079645b167bd74933a0153fee92200 SHA512 f46dfb1c0f324a9c54959a8f256f0dcb8aaa59caccb0f027a5ee39a173b6e51a31a488f9d787707e7aa8401a439b2a01a1f3022dbae24ef377a1c021c1ebeb37 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/README.md b/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/README.md deleted file mode 100644 index 12d10ae14a..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/README.md +++ /dev/null @@ -1,5 +0,0 @@ -We keep this package in overlay, because we need CCACHE_DIR for tool -build, so we need to modify the configure.ac script and run autoreconf -again. We also skip building doc, man and js for main build. - -There wasn't too much information about the reasons for the changes. diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/files/flatcar-modifications.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/files/flatcar-modifications.patch deleted file mode 100644 index f771766217..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/files/flatcar-modifications.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -ur texinfo-6.8/Makefile.am texinfo-6.8-patched/Makefile.am ---- texinfo-6.8/Makefile.am 2021-02-16 21:07:41.000000000 +0000 -+++ texinfo-6.8-patched/Makefile.am 2021-09-21 11:05:15.495497278 +0000 -@@ -62,9 +62,7 @@ - SUBDIRS += info - endif - endif -- SUBDIRS += install-info po po_document tp Pod-Simple-Texinfo texindex util \ -- doc man -- SUBDIRS += js -+ SUBDIRS += install-info po po_document tp Pod-Simple-Texinfo texindex util - endif - - distclean-local: -diff -ur texinfo-6.8/configure.ac texinfo-6.8-patched/configure.ac ---- texinfo-6.8/configure.ac 2021-07-03 09:12:42.000000000 +0000 -+++ texinfo-6.8-patched/configure.ac 2021-09-21 11:03:11.238623956 +0000 -@@ -192,7 +192,7 @@ - # env -i gives this build host configure a clean environment; - # consequently, we have to re-initialize $PATH. - env -i CC="$BUILD_CC" AR="$BUILD_AR" RANLIB="$BUILD_RANLIB" \ -- PATH="$PATH" \ -+ PATH="$PATH" CCACHE_DIR="$CCACHE_DIR" \ - tools_only=1 \ - ${confdir}/configure --build=${build} --host=${build} \ - --disable-rpath --disable-nls diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/files/texinfo-6.8-undo-gnulib-nonnul.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/files/texinfo-6.8-undo-gnulib-nonnul.patch deleted file mode 100644 index 60f2e63b7c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/files/texinfo-6.8-undo-gnulib-nonnul.patch +++ /dev/null @@ -1,186 +0,0 @@ - -Patch by Vitezslav Crhonek -Source: https://src.fedoraproject.org/rpms/texinfo/c/9b2cca4817fa4bd8d520fed05e9560fc7183dcdf?branch=rawhide - -diff -up texinfo-6.8/gnulib/lib/cdefs.h.orig texinfo-6.8/gnulib/lib/cdefs.h ---- texinfo-6.8/gnulib/lib/cdefs.h.orig 2021-03-11 19:57:53.000000000 +0100 -+++ texinfo-6.8/gnulib/lib/cdefs.h 2021-07-19 12:26:46.985176475 +0200 -@@ -321,15 +321,15 @@ - - /* The nonnull function attribute marks pointer parameters that - must not be NULL. */ --#ifndef __attribute_nonnull__ -+#ifndef __nonnull - # if __GNUC_PREREQ (3,3) || __glibc_has_attribute (__nonnull__) --# define __attribute_nonnull__(params) __attribute__ ((__nonnull__ params)) -+# define __nonnull(params) __attribute__ ((__nonnull__ params)) - # else --# define __attribute_nonnull__(params) -+# define __nonnull(params) - # endif --#endif --#ifndef __nonnull --# define __nonnull(params) __attribute_nonnull__ (params) -+#elif !defined __GLIBC__ -+# undef __nonnull -+# define __nonnull(params) _GL_ATTRIBUTE_NONNULL (params) - #endif - - /* If fortification mode, we warn about unused results of certain -diff -up texinfo-6.8/gnulib/lib/libc-config.h.orig texinfo-6.8/gnulib/lib/libc-config.h ---- texinfo-6.8/gnulib/lib/libc-config.h.orig 2021-03-11 19:57:54.000000000 +0100 -+++ texinfo-6.8/gnulib/lib/libc-config.h 2021-07-19 12:27:58.810590975 +0200 -@@ -33,9 +33,9 @@ - #include - - /* On glibc this includes and and #defines -- _FEATURES_H, __WORDSIZE, and __set_errno. On FreeBSD 11 and -- DragonFlyBSD 5.9 it includes which defines __nonnull. -- Elsewhere it is harmless. */ -+ _FEATURES_H, __WORDSIZE, and __set_errno. On FreeBSD 11 it -+ includes which defines __nonnull. Elsewhere it -+ is harmless. */ - #include - - /* From glibc . */ -diff -up texinfo-6.8/gnulib/lib/malloc/dynarray-skeleton.c.orig texinfo-6.8/gnulib/lib/malloc/dynarray-skeleton.c ---- texinfo-6.8/gnulib/lib/malloc/dynarray-skeleton.c.orig 2021-03-11 19:57:54.000000000 +0100 -+++ texinfo-6.8/gnulib/lib/malloc/dynarray-skeleton.c 2021-07-19 12:24:46.878419397 +0200 -@@ -192,7 +192,7 @@ DYNARRAY_NAME (free__array__) (struct DY - - /* Initialize a dynamic array object. This must be called before any - use of the object. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static void - DYNARRAY_NAME (init) (struct DYNARRAY_STRUCT *list) - { -@@ -202,7 +202,7 @@ DYNARRAY_NAME (init) (struct DYNARRAY_ST - } - - /* Deallocate the dynamic array and its elements. */ --__attribute_maybe_unused__ __attribute_nonnull__ ((1)) -+__attribute_maybe_unused__ __nonnull ((1)) - static void - DYNARRAY_FREE (struct DYNARRAY_STRUCT *list) - { -@@ -213,7 +213,7 @@ DYNARRAY_FREE (struct DYNARRAY_STRUCT *l - } - - /* Return true if the dynamic array is in an error state. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static inline bool - DYNARRAY_NAME (has_failed) (const struct DYNARRAY_STRUCT *list) - { -@@ -222,7 +222,7 @@ DYNARRAY_NAME (has_failed) (const struct - - /* Mark the dynamic array as failed. All elements are deallocated as - a side effect. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static void - DYNARRAY_NAME (mark_failed) (struct DYNARRAY_STRUCT *list) - { -@@ -236,7 +236,7 @@ DYNARRAY_NAME (mark_failed) (struct DYNA - - /* Return the number of elements which have been added to the dynamic - array. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static inline size_t - DYNARRAY_NAME (size) (const struct DYNARRAY_STRUCT *list) - { -@@ -245,7 +245,7 @@ DYNARRAY_NAME (size) (const struct DYNAR - - /* Return a pointer to the array element at INDEX. Terminate the - process if INDEX is out of bounds. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static inline DYNARRAY_ELEMENT * - DYNARRAY_NAME (at) (struct DYNARRAY_STRUCT *list, size_t index) - { -@@ -257,7 +257,7 @@ DYNARRAY_NAME (at) (struct DYNARRAY_STRU - /* Return a pointer to the first array element, if any. For a - zero-length array, the pointer can be NULL even though the dynamic - array has not entered the failure state. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static inline DYNARRAY_ELEMENT * - DYNARRAY_NAME (begin) (struct DYNARRAY_STRUCT *list) - { -@@ -267,7 +267,7 @@ DYNARRAY_NAME (begin) (struct DYNARRAY_S - /* Return a pointer one element past the last array element. For a - zero-length array, the pointer can be NULL even though the dynamic - array has not entered the failure state. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static inline DYNARRAY_ELEMENT * - DYNARRAY_NAME (end) (struct DYNARRAY_STRUCT *list) - { -@@ -294,7 +294,7 @@ DYNARRAY_NAME (add__) (struct DYNARRAY_S - /* Add ITEM at the end of the array, enlarging it by one element. - Mark *LIST as failed if the dynamic array allocation size cannot be - increased. */ --__attribute_nonnull__ ((1)) -+__nonnull ((1)) - static inline void - DYNARRAY_NAME (add) (struct DYNARRAY_STRUCT *list, DYNARRAY_ELEMENT item) - { -@@ -348,8 +348,7 @@ DYNARRAY_NAME (emplace__) (struct DYNARR - /* Allocate a place for a new element in *LIST and return a pointer to - it. The pointer can be NULL if the dynamic array cannot be - enlarged due to a memory allocation failure. */ --__attribute_maybe_unused__ __attribute_warn_unused_result__ --__attribute_nonnull__ ((1)) -+__attribute_maybe_unused__ __attribute_warn_unused_result__ __nonnull ((1)) - static - /* Avoid inlining with the larger initialization code. */ - #if !(defined (DYNARRAY_ELEMENT_INIT) || defined (DYNARRAY_ELEMENT_FREE)) -@@ -373,7 +372,7 @@ DYNARRAY_NAME (emplace) (struct DYNARRAY - existing size, new elements are added (which can be initialized). - Otherwise, the list is truncated, and elements are freed. Return - false on memory allocation failure (and mark *LIST as failed). */ --__attribute_maybe_unused__ __attribute_nonnull__ ((1)) -+__attribute_maybe_unused__ __nonnull ((1)) - static bool - DYNARRAY_NAME (resize) (struct DYNARRAY_STRUCT *list, size_t size) - { -@@ -418,7 +417,7 @@ DYNARRAY_NAME (resize) (struct DYNARRAY_ - } - - /* Remove the last element of LIST if it is present. */ --__attribute_maybe_unused__ __attribute_nonnull__ ((1)) -+__attribute_maybe_unused__ __nonnull ((1)) - static void - DYNARRAY_NAME (remove_last) (struct DYNARRAY_STRUCT *list) - { -@@ -435,7 +434,7 @@ DYNARRAY_NAME (remove_last) (struct DYNA - - /* Remove all elements from the list. The elements are freed, but the - list itself is not. */ --__attribute_maybe_unused__ __attribute_nonnull__ ((1)) -+__attribute_maybe_unused__ __nonnull ((1)) - static void - DYNARRAY_NAME (clear) (struct DYNARRAY_STRUCT *list) - { -@@ -453,8 +452,7 @@ DYNARRAY_NAME (clear) (struct DYNARRAY_S - stored in *RESULT if LIST refers to an empty list. On success, the - pointer in *RESULT is heap-allocated and must be deallocated using - free. */ --__attribute_maybe_unused__ __attribute_warn_unused_result__ --__attribute_nonnull__ ((1, 2)) -+__attribute_maybe_unused__ __attribute_warn_unused_result__ __nonnull ((1, 2)) - static bool - DYNARRAY_NAME (finalize) (struct DYNARRAY_STRUCT *list, - DYNARRAY_FINAL_TYPE *result) -@@ -485,8 +483,7 @@ DYNARRAY_NAME (finalize) (struct DYNARRA - have a sentinel at the end). If LENGTHP is not NULL, the array - length is written to *LENGTHP. *LIST is re-initialized and can be - reused. */ --__attribute_maybe_unused__ __attribute_warn_unused_result__ --__attribute_nonnull__ ((1)) -+__attribute_maybe_unused__ __attribute_warn_unused_result__ __nonnull ((1)) - static DYNARRAY_ELEMENT * - DYNARRAY_NAME (finalize) (struct DYNARRAY_STRUCT *list, size_t *lengthp) - { diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/metadata.xml deleted file mode 100644 index fd41c89eb3..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/metadata.xml +++ /dev/null @@ -1,18 +0,0 @@ - - - - - base-system@gentoo.org - Gentoo Base System - - - perl@gentoo.org - Gentoo Perl Project - - - Build standalone version that survives all Portage bugs - - - cpe:/a:gnu:texinfo - - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/texinfo-6.8.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/texinfo-6.8.ebuild deleted file mode 100644 index f0e7bc230b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/texinfo/texinfo-6.8.ebuild +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -# Note: if your package uses the texi2dvi utility, it must depend on the -# virtual/texi2dvi package to pull in all the right deps. The tool is not -# usable out-of-the-box because it requires the large tex packages. - -EAPI=7 - -inherit autotools flag-o-matic toolchain-funcs - -DESCRIPTION="The GNU info program and utilities" -HOMEPAGE="https://www.gnu.org/software/texinfo/" -SRC_URI="mirror://gnu/${PN}/${P}.tar.gz" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="nls +standalone static" - -RDEPEND=" - !=app-text/tetex-2* - >=sys-libs/ncurses-5.2-r2:0= - standalone? ( dev-lang/perl ) - !standalone? ( - dev-lang/perl:= - dev-perl/libintl-perl - dev-perl/Unicode-EastAsianWidth - dev-perl/Text-Unidecode - ) - nls? ( virtual/libintl )" -DEPEND="${RDEPEND}" -BDEPEND="nls? ( >=sys-devel/gettext-0.19.6 )" - -PATCHES=( - "${FILESDIR}/${P}-undo-gnulib-nonnul.patch" - "${FILESDIR}/flatcar-modifications.patch" -) - -src_prepare() { - default - - if use prefix ; then - sed -i -e '1c\#!/usr/bin/env sh' util/texi2dvi util/texi2pdf || die - touch doc/{texi2dvi,texi2pdf,pdftexi2dvi}.1 - fi - - eautoreconf -} - -src_configure() { - # Respect compiler and CPPFLAGS/CFLAGS/LDFLAGS for Perl extensions. #622576 - local -x PERL_EXT_CC="$(tc-getCC)" PERL_EXT_CPPFLAGS="${CPPFLAGS}" PERL_EXT_CFLAGS="${CFLAGS}" PERL_EXT_LDFLAGS="${LDFLAGS}" - - use static && append-ldflags -static - local myeconfargs=( $(use_enable nls) ) - - if use standalone ; then - myeconfargs+=( - --without-external-libintl-perl - --without-external-Unicode-EastAsianWidth - --without-external-Text-Unidecode - --disable-perl-xs - ) - else - myeconfargs+=( - --with-external-libintl-perl - --with-external-Unicode-EastAsianWidth - --with-external-Text-Unidecode - --enable-perl-xs - ) - fi - - econf "${myeconfargs[@]}" -} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-5.15 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-5.15 index 5b40d02f61..b626e810bd 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-5.15 +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-5.15 @@ -282,6 +282,7 @@ CONFIG_INFINIBAND_MTHCA=m CONFIG_INFINIBAND_OCRDMA=m CONFIG_INFINIBAND_SRP=m CONFIG_INFINIBAND_USER_MAD=m +CONFIG_INIT_STACK_NONE=y CONFIG_INPUT_EVDEV=m CONFIG_INPUT_MISC=y CONFIG_INPUT_MOUSEDEV=m diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.36-r5.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.36-r5.ebuild index 0163db33ee..05c1d5837f 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.36-r5.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.36-r5.ebuild @@ -466,7 +466,18 @@ setup_flags() { filter-flags '-fsanitize=*' # See end of bug #830454; we handle this via USE=cet - filter-flags '-fcf-protection=' + # + # Flatcar: When bootstrapping, we may have a situation where + # CET-enabled gcc from seed is used to build CET-disabled + # glibc. As such, gcc implicitly enables CET if no + # -fcf-protection flag is passed. For a typical package it + # should not be a problem, but for glibc it matters as it is + # dealing with CET in ld.so. So if CET is supposed to be + # disabled for glibc, be explicit about it. + filter-flags '-fcf-protection=*' + if ! use cet; then + append-flags '-fcf-protection=none' + fi } use_multiarch() {