This reverts commit 39bb800f16afd077c3e7d930450bf327a6d895db.
This change disabled a number of features so it isn't suitable for the
generic VMware templates. We need to re-trace our steps to list exactly
what tools/systems weren't accepting the linux26 type.
Missed this reference to /usr/local/portage in a recent scripts change:
174a847e36
So existing SDKs kept working but newly created SDKs would mysteriously
fail to build some things like cmake and vim. :(
Specify vim-7.4.712 and vim-core-7.4.712 in package.accept_keywords
to pickup needed upstream cross-compile fix.
https://bugs.gentoo.org/show_bug.cgi?id=473372
Fix build errors like these:
checking for tgetent()... configure: error: NOT FOUND!
You need to install a terminal library; for example ncurses.
Signed-off-by: Geoff Levand <geoff@infradead.org>
This now includes ignition-disks.service and ignition-files.service
which run their respective stages. Both of these services are required
by ignition.target which is wanted when the udev rule matches an
unbooted disk.
In addition to enabling PIE and stack protector, hardened compilers also
enable the -fstack-check option which I had previously overlooked,
conflating it with -fstack-protector which the kernel build already
handles properly. This is the second time I hit this trying to use
ccache, I forgot that -nopie was insufficent for kernel builds. Last
time around reverted in cd043688f09b22ccf245ffd11f8a22a5ff31e577.
At least this time I finally dug deep enough to find the cause instead
of setting myself up for repeating history in another 6 months. For
reference the issue is that the Go 1.3.x runtime can call clock_gettime
with a very small stack. If the vDSO library was built with
-fstack-check it will attempt to write 0 to a location beyond the end of
the very small stack, triggering SEGV:
Dump of assembler code for function __vdso_clock_gettime:
0x00007ffff7ffaa50 <+0>: push %rbp
0x00007ffff7ffaa51 <+1>: mov %rsp,%rbp
0x00007ffff7ffaa54 <+4>: push %r14
0x00007ffff7ffaa56 <+6>: push %r13
0x00007ffff7ffaa58 <+8>: push %r12
0x00007ffff7ffaa5a <+10>: push %rbx
0x00007ffff7ffaa5b <+11>: sub $0x1038,%rsp
=> 0x00007ffff7ffaa62 <+18>: orq $0x0,(%rsp)
0x00007ffff7ffaa67 <+23>: add $0x1020,%rsp
The new python script check_root uses data that portage already
maintains on what shared libraries packages need or provide instead of
re-scanning whatever ELF files that can be found. This is much more
comprehensive but there is a bit of a transition issue for folks with
long-lived SDKs: packages built with portage older than 2.2.18 do not
include this data. As such for now the check is non-fatal and provides a
command you can use to refresh locally installed packages.
The code checking for conflicts between top level directories and /usr
has also been rewritten. Both tests now are considerably faster.
Rebuilds packages that are linked against old libraries that have been
upgraded or removed from the system. Skipping this can lead to shared
library checks looking ok in the build root but then built images have
broken library dependencies.
