Hanno Böck commited on 2010-10-26 21:29:15
Zeige 32 geänderte Dateien mit 5021 Einfügungen und 0 Löschungen.
... | ... |
@@ -0,0 +1,34 @@ |
1 |
+AUX 2.10/glibc-2.10-gentoo-chk_fail.c 9407 RMD160 230701dfacfe2481eb49e5384fe4ebb508bd3af2 SHA1 0e9330d57de714dd1ecd7040d3eabf4723cdee7c SHA256 7745c0f5d37b37959b43b41e39762fc35b877161bc5740d9d3e9a83021acbc0e |
|
2 |
+AUX 2.10/glibc-2.10-hardened-configure-picdefault.patch 865 RMD160 744bdbfb73f1dbced4cb33cb5aa92f3b41d3b4fb SHA1 21e0f83598f5342032a794315f0e3dac07f647da SHA256 b50b29f85d88011555bbcbe6046e6600be9344f2d78412b14aebdea515420774 |
|
3 |
+AUX 2.10/glibc-2.10-hardened-inittls-nosysenter.patch 8823 RMD160 163e53f0f4f0bd003ef1c50a4eaaa8f4a82695fe SHA1 df23c6756114e1451e6f120723af1b621037c28e SHA256 dcf78c6524c222dbee907200a8878aff727e29d43a4962b977a16d85752e5c10 |
|
4 |
+AUX 2.10/glibc-2.10-hardened-ssp-compat.patch 4802 RMD160 02bd17455d64b6661ae5f44329357dc254cdf118 SHA1 b40cf1a8f17e448861746ba39aa20afd66a47b2d SHA256 bd6f0aa8eace0a935731749e101d5fe30210f9edb65f2f5ccd425cef581ddce4 |
|
5 |
+AUX 2.11/glibc-2.11-hardened-pie.patch 1492 RMD160 dacf988364e3eeeaa2bd588420a19db373347678 SHA1 f44b4389d031bc618c83a2f196c4e2afa647a68a SHA256 74277f76ace9cb6b408ef7c1d43a3604ae0d6c1af539055aeaeb542d2bfa2a46 |
|
6 |
+AUX 2.12/glibc-2.12-hardened-pie.patch 1542 RMD160 c42e6a8eef542506c440d58395a066129cd40dec SHA1 703b4c23a6701f41cd51b629eae362e129b60de3 SHA256 9d11da52900a4cfdaa9052476029cb1b4c8004dfaef3cf446f3b728035f75fbe |
|
7 |
+AUX 2.3.3/glibc-2.3.3-localedef-fix-trampoline.patch 2329 RMD160 de6ba25b8330e6ee720355e8541235d265a461cd SHA1 cf869cbd74793cb579b42d734884f10d4cadcdde SHA256 b5cf51d1ff5479d09fbc82992f126ca4969006c90c3a2ae94ad586d4902d791b |
|
8 |
+AUX 2.5/glibc-2.5-gentoo-stack_chk_fail.c 9058 RMD160 c98d7007857aeeea00e708e7989800dad9b07ae3 SHA1 ff92b7b6cb4a364dbe81c5110da79d1ad56a72ba SHA256 067fba2a36d2630d50198c44395ef208cdf080508f1b716bd3d079f7b964e2df |
|
9 |
+AUX 2.5/glibc-2.5-hardened-configure-picdefault.patch 794 RMD160 7ab81bac4b9625043b1e7edea6fb5707696c144d SHA1 25a0b018eb44f3c9818876a12e9ec817e305d80b SHA256 0c0359f567e4ad2d3184618bf6ac7e6102b703eab6227c7e9a4ff4dcdeed2c91 |
|
10 |
+AUX 2.5/glibc-2.5-hardened-inittls-nosysenter.patch 9407 RMD160 352112bf4f2d8d58471f22f623784350baf0bc86 SHA1 ae244e9923c0a0e8be4121d593897530c0bf08e8 SHA256 2a912e82445815ae32744d990c59d8758ec74e482b856bd274c292848b9af1fd |
|
11 |
+AUX 2.5/glibc-2.5-hardened-pie.patch 1569 RMD160 8746aeb9f9c68ca153d93cf92c9df93d0fb324d6 SHA1 c2ec8d9286af38017f5bee5a8823f642c067201d SHA256 ff9cde8857c5da89faa4039e2a81748674fbeaaa49d85c378d80711d55f2b0c1 |
|
12 |
+AUX 2.6/glibc-2.6-gentoo-stack_chk_fail.c 9545 RMD160 9a21c9deb6ebca5d2245e3bb50b53ce035967a5f SHA1 11ad52117fa55bbe51b429043df49767c7f58de0 SHA256 1410ded812be80d452eada5f9d6b9bd7bdb504c14f01cc27dce3e36b6f92b92a |
|
13 |
+AUX 2.6/glibc-2.6-hardened-inittls-nosysenter.patch 8674 RMD160 f4e7df0cb25292afc13e18332569d2ca288fdf92 SHA1 7f34ef26d6607321e0ec5ad0f389cb1aedf5e0da SHA256 cf58ded8fbe9fcb3dc094521feec2588c1520ff2c632b20c69d6a210325c4fcf |
|
14 |
+AUX 2.7/glibc-2.7-hardened-inittls-nosysenter.patch 8755 RMD160 b674894f3b16f63193bb8040f8a5657dce82e1f9 SHA1 79fb3a4454b85af70dac95dd79134be3fe3a9201 SHA256 b0b1bf0746f7160b89cf281502b95c38dec9cb948d6a50a907b84fd6230a2dc3 |
|
15 |
+AUX eblits/common.eblit 9020 RMD160 82cec0d8109f420d9d2369ff6d872c8146d60ad6 SHA1 fc2eab1c0ba49c9536a3b21821dcf1ae265ac651 SHA256 c5e218a6b138b26067293bafd1595453be9ecd4b2e5322da4796330c61368ffe |
|
16 |
+AUX eblits/pkg_postinst.eblit 1159 RMD160 4b99846819bf0471d1104a8a17dd260796644f9d SHA1 4a2980fede3edebc7960d40db7cf935c7c854859 SHA256 76c403cf5c77a3a3bb7441566335f0c8da2584eaa21f05ab400e7bb00f9db810 |
|
17 |
+AUX eblits/pkg_preinst.eblit 3764 RMD160 f9a9d43e2d2d8df073be7e1b66655e651cb10740 SHA1 b987e2802201e0f44c357ffc7b92da4aa77cf377 SHA256 41baa253ea529156d628108247545235c4ec377b184e7824bd790eba1361299e |
|
18 |
+AUX eblits/pkg_setup.eblit 2814 RMD160 8352c4b9cc460b7193e17be8bca227db5b6df5ba SHA1 8de7ea78e364521b55574b16036d57e7d35a596f SHA256 b803723f75571649e10e0707a6dbe8b459eabdc149ef155558792db736faa201 |
|
19 |
+AUX eblits/src_compile-2.11.2.eblit 5849 RMD160 8881ea4b50cf177d628eb70913425db8c71e681d SHA1 31d75b03578aed3aa740a88091e2c0a7fe33786c SHA256 b1b9d25fe90b860ebaa8d78b0f6865da034040b58b044b665f4e0385052bc6d5 |
|
20 |
+AUX eblits/src_compile.eblit 5790 RMD160 d059d6ac75b6d6d60101a1c8456e11ecd1da2676 SHA1 4417abec18bce3a8eb9798a8519d868bbf3ba489 SHA256 ce8894489fd5c21dc74cc28116b77cb6d331743bbf9ecf32f4f8e368f997a74c |
|
21 |
+AUX eblits/src_install-2.11.2.eblit 8091 RMD160 aa409a8fe8cabfeeb71c89d655d345cda84a3946 SHA1 f5526f3eaa448a808cde739d7c5a75fe9bdab245 SHA256 93e1188835bdd1156b33b7b03af3822c46f6d1a1bc8338e98b8aa0f950cee868 |
|
22 |
+AUX eblits/src_install-2.6.eblit 7946 RMD160 6cc258a316b78212777ab328a3c0cb73de1616d4 SHA1 94895689b56fd712156e8ac84a2a639d8475da03 SHA256 54081c34217c230d0ff43c5df378897a37576e727fe41ee4d681767110667f3e |
|
23 |
+AUX eblits/src_install.eblit 8017 RMD160 f0f94cf49346af96d619ebc658ddb4193a9e91a3 SHA1 f10c162a048c8ef145d269feae9b741790495513 SHA256 a624b2e926bd4233c908cec39911e6df7f78f01c6380d436c1f3d05481efec41 |
|
24 |
+AUX eblits/src_test-2.11.2.eblit 1169 RMD160 d7d1f430453e5278c2f3d4ee4815faff3a47a03a SHA1 9d48060c34ef901cbe6e8d7880ea923c8e1b7f28 SHA256 95b14845a80a74abc5b5c5146f2291524d7dd66f8e1bd9d12b42a3234a065010 |
|
25 |
+AUX eblits/src_test.eblit 1172 RMD160 a70e31e655cd3e306af6a498002de85b72258566 SHA1 4aec15e6ab67279258fd23400701fd38c106a38b SHA256 e5a390761b7ec613460b8da26df3ffe2a137217261dd9f87f2b78c3fa2a12727 |
|
26 |
+AUX eblits/src_unpack.eblit 5219 RMD160 3c63f22995dd13cafce46d519b28c4ede1ee0281 SHA1 b52d277a37232cc6d09666a55a8ee4f5d5d892b4 SHA256 d70a28c4f6662786822cb2852ea86836c92ff2f8059270022431e1d02da3a9e1 |
|
27 |
+AUX glibc-sec1 2564 RMD160 84e731c7b9835c63fbf1616fa8a5d918890a0a71 SHA1 e7d3e07c2cf76001897ab2b67190561d5d0a11bb SHA256 c555ed9e42f8124be75f9cce9b647c3252a314ff9b1a28a227e49ea7f2de8fc9 |
|
28 |
+AUX glibc-sec2 7820 RMD160 838bf19b0f1611d53308422b84c3d67c4fb07478 SHA1 9dbbc4bdd99f1b599e9be90611fde6c2c134a00f SHA256 c4514239863e742bd369c92e3e427e53304349ee0dc10e3819370b46cf337817 |
|
29 |
+AUX nscd 1621 RMD160 f6d20c4c3814f70d7741f3fa2e0b53ba32c37960 SHA1 5751fe798024c2021b7b3ed3e798618e2a38244a SHA256 6165db3a2fcb251d4f3655c0461e018ce9c92a37f7f22a8fd2b75178b5435bc8 |
|
30 |
+AUX nsswitch.conf 503 RMD160 f375f92f6b41029c93382c39cef896261b140cfc SHA1 42f7f5cc3de75c69bf60d806ac8490106ea63326 SHA256 6c38b8642d5da884327ad678d0351d57be3621562253bd9711394bad87e45e2d |
|
31 |
+DIST glibc-2.11.2-patches-4.tar.bz2 113687 RMD160 bd7de7710ac9d834abd441b461b1ecc07c181010 SHA1 48bd6a30a74445544e04a08b14762fe64c4e1799 SHA256 259558d05233f5490324724f639154bd9882d8aa3cdf78bcea54f42ed0d70c94 |
|
32 |
+DIST glibc-2.11.2.tar.bz2 15675392 RMD160 15d14fb6b0b58ec3fb7781efa2f8a558fcb99a7e SHA1 23b477f4816a97e007be1e98abc1ffe2af13ba9e SHA256 c2ac76ee363eed31b2a377489fb2818139f4668b5505ad583009eb9b0e228713 |
|
33 |
+DIST glibc-ports-2.11.tar.bz2 599606 RMD160 e7262cb903b42d27bd0666fb170d2abb4c8b478f SHA1 76a0513c74b80e34f81abcaabbc538fa0f33b6a4 SHA256 38d212b1a22ed121c97f2827e7357e3e077084635ebc197246993d328b1b6589 |
|
34 |
+EBUILD glibc-2.11.2-r2.ebuild 8456 RMD160 0ef19a9d74d6adf472250147b0b3ac21ebac6514 SHA1 efb87d9b9b5b4778f1199e8f828e98fc02df25e1 SHA256 1923247322c35a6feebfd85839c5593806463f6cc6ca7c1297fa6655722ccc1e |
... | ... |
@@ -0,0 +1,315 @@ |
1 |
+/* Copyright (C) 2004, 2005 Free Software Foundation, Inc. |
|
2 |
+ This file is part of the GNU C Library. |
|
3 |
+ |
|
4 |
+ The GNU C Library is free software; you can redistribute it and/or |
|
5 |
+ modify it under the terms of the GNU Lesser General Public |
|
6 |
+ License as published by the Free Software Foundation; either |
|
7 |
+ version 2.1 of the License, or (at your option) any later version. |
|
8 |
+ |
|
9 |
+ The GNU C Library is distributed in the hope that it will be useful, |
|
10 |
+ but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|
12 |
+ Lesser General Public License for more details. |
|
13 |
+ |
|
14 |
+ You should have received a copy of the GNU Lesser General Public |
|
15 |
+ License along with the GNU C Library; if not, write to the Free |
|
16 |
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA |
|
17 |
+ 02111-1307 USA. */ |
|
18 |
+ |
|
19 |
+/* Copyright (C) 2006-2008 Gentoo Foundation Inc. |
|
20 |
+ * License terms as above. |
|
21 |
+ * |
|
22 |
+ * Hardened Gentoo SSP and FORTIFY handler |
|
23 |
+ * |
|
24 |
+ * An SSP failure handler that does not use functions from the rest of |
|
25 |
+ * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures |
|
26 |
+ * no possibility of recursion into the handler. |
|
27 |
+ * |
|
28 |
+ * Direct all bug reports to http://bugs.gentoo.org/ |
|
29 |
+ * |
|
30 |
+ * Re-written from the glibc-2.3 Hardened Gentoo SSP handler |
|
31 |
+ * by Kevin F. Quinn - <kevquinn[@]gentoo.org> |
|
32 |
+ * |
|
33 |
+ * The following people contributed to the glibc-2.3 Hardened |
|
34 |
+ * Gentoo SSP and FORTIFY handler, from which this implementation draws much: |
|
35 |
+ * |
|
36 |
+ * Ned Ludd - <solar[@]gentoo.org> |
|
37 |
+ * Alexander Gabert - <pappy[@]gentoo.org> |
|
38 |
+ * The PaX Team - <pageexec[@]freemail.hu> |
|
39 |
+ * Peter S. Mazinger - <ps.m[@]gmx.net> |
|
40 |
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> |
|
41 |
+ * Robert Connolly - <robert[@]linuxfromscratch.org> |
|
42 |
+ * Cory Visi <cory[@]visi.name> |
|
43 |
+ * Mike Frysinger <vapier[@]gentoo.org> |
|
44 |
+ * Magnus Granberg <zorry[@]ume.nu> |
|
45 |
+ */ |
|
46 |
+ |
|
47 |
+#include <stdio.h> |
|
48 |
+#include <stdlib.h> |
|
49 |
+#include <errno.h> |
|
50 |
+#include <unistd.h> |
|
51 |
+#include <signal.h> |
|
52 |
+ |
|
53 |
+#include <sys/types.h> |
|
54 |
+ |
|
55 |
+#include <sysdep-cancel.h> |
|
56 |
+#include <sys/syscall.h> |
|
57 |
+#include <bp-checks.h> |
|
58 |
+ |
|
59 |
+#include <kernel-features.h> |
|
60 |
+ |
|
61 |
+#include <alloca.h> |
|
62 |
+/* from sysdeps */ |
|
63 |
+#include <socketcall.h> |
|
64 |
+/* for the stuff in bits/socket.h */ |
|
65 |
+#include <sys/socket.h> |
|
66 |
+#include <sys/un.h> |
|
67 |
+ |
|
68 |
+/* Sanity check on SYSCALL macro names - force compilation |
|
69 |
+ * failure if the names used here do not exist |
|
70 |
+ */ |
|
71 |
+#if !defined __NR_socketcall && !defined __NR_socket |
|
72 |
+# error Cannot do syscall socket or socketcall |
|
73 |
+#endif |
|
74 |
+#if !defined __NR_socketcall && !defined __NR_connect |
|
75 |
+# error Cannot do syscall connect or socketcall |
|
76 |
+#endif |
|
77 |
+#ifndef __NR_write |
|
78 |
+# error Cannot do syscall write |
|
79 |
+#endif |
|
80 |
+#ifndef __NR_close |
|
81 |
+# error Cannot do syscall close |
|
82 |
+#endif |
|
83 |
+#ifndef __NR_getpid |
|
84 |
+# error Cannot do syscall getpid |
|
85 |
+#endif |
|
86 |
+#ifndef __NR_kill |
|
87 |
+# error Cannot do syscall kill |
|
88 |
+#endif |
|
89 |
+#ifndef __NR_exit |
|
90 |
+# error Cannot do syscall exit |
|
91 |
+#endif |
|
92 |
+#ifdef SSP_SMASH_DUMPS_CORE |
|
93 |
+# define ENABLE_SSP_SMASH_DUMPS_CORE 1 |
|
94 |
+# if !defined _KERNEL_NSIG && !defined _NSIG |
|
95 |
+# error No _NSIG or _KERNEL_NSIG for rt_sigaction |
|
96 |
+# endif |
|
97 |
+# if !defined __NR_sigaction && !defined __NR_rt_sigaction |
|
98 |
+# error Cannot do syscall sigaction or rt_sigaction |
|
99 |
+# endif |
|
100 |
+/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size |
|
101 |
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t. |
|
102 |
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for |
|
103 |
+ * some reason. |
|
104 |
+ */ |
|
105 |
+# ifdef _KERNEL_NSIG |
|
106 |
+# define _SSP_NSIG _KERNEL_NSIG |
|
107 |
+# else |
|
108 |
+# define _SSP_NSIG _NSIG |
|
109 |
+# endif |
|
110 |
+#else |
|
111 |
+# define _SSP_NSIG 0 |
|
112 |
+# define ENABLE_SSP_SMASH_DUMPS_CORE 0 |
|
113 |
+#endif |
|
114 |
+ |
|
115 |
+/* Define DO_SIGACTION - default to newer rt signal interface but |
|
116 |
+ * fallback to old as needed. |
|
117 |
+ */ |
|
118 |
+#ifdef __NR_rt_sigaction |
|
119 |
+# define DO_SIGACTION(signum, act, oldact) \ |
|
120 |
+ INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) |
|
121 |
+#else |
|
122 |
+# define DO_SIGACTION(signum, act, oldact) \ |
|
123 |
+ INLINE_SYSCALL(sigaction, 3, signum, act, oldact) |
|
124 |
+#endif |
|
125 |
+ |
|
126 |
+/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ |
|
127 |
+#if defined(__NR_socket) && defined(__NR_connect) |
|
128 |
+# define USE_OLD_SOCKETCALL 0 |
|
129 |
+#else |
|
130 |
+# define USE_OLD_SOCKETCALL 1 |
|
131 |
+#endif |
|
132 |
+ |
|
133 |
+/* stub out the __NR_'s so we can let gcc optimize away dead code */ |
|
134 |
+#ifndef __NR_socketcall |
|
135 |
+# define __NR_socketcall 0 |
|
136 |
+#endif |
|
137 |
+#ifndef __NR_socket |
|
138 |
+# define __NR_socket 0 |
|
139 |
+#endif |
|
140 |
+#ifndef __NR_connect |
|
141 |
+# define __NR_connect 0 |
|
142 |
+#endif |
|
143 |
+#define DO_SOCKET(result, domain, type, protocol) \ |
|
144 |
+ do { \ |
|
145 |
+ if (USE_OLD_SOCKETCALL) { \ |
|
146 |
+ socketargs[0] = domain; \ |
|
147 |
+ socketargs[1] = type; \ |
|
148 |
+ socketargs[2] = protocol; \ |
|
149 |
+ socketargs[3] = 0; \ |
|
150 |
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ |
|
151 |
+ } else \ |
|
152 |
+ result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ |
|
153 |
+ } while (0) |
|
154 |
+#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ |
|
155 |
+ do { \ |
|
156 |
+ if (USE_OLD_SOCKETCALL) { \ |
|
157 |
+ socketargs[0] = sockfd; \ |
|
158 |
+ socketargs[1] = (unsigned long int)serv_addr; \ |
|
159 |
+ socketargs[2] = addrlen; \ |
|
160 |
+ socketargs[3] = 0; \ |
|
161 |
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ |
|
162 |
+ } else \ |
|
163 |
+ result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ |
|
164 |
+ } while (0) |
|
165 |
+ |
|
166 |
+#ifndef _PATH_LOG |
|
167 |
+# define _PATH_LOG "/dev/log" |
|
168 |
+#endif |
|
169 |
+ |
|
170 |
+static const char path_log[] = _PATH_LOG; |
|
171 |
+ |
|
172 |
+/* For building glibc with SSP switched on, define __progname to a |
|
173 |
+ * constant if building for the run-time loader, to avoid pulling |
|
174 |
+ * in more of libc.so into ld.so |
|
175 |
+ */ |
|
176 |
+#ifdef IS_IN_rtld |
|
177 |
+static char *__progname = "<rtld>"; |
|
178 |
+#else |
|
179 |
+extern char *__progname; |
|
180 |
+#endif |
|
181 |
+ |
|
182 |
+/* Common handler code, used by chk_fail |
|
183 |
+ * Inlined to ensure no self-references to the handler within itself. |
|
184 |
+ * Data static to avoid putting more than necessary on the stack, |
|
185 |
+ * to aid core debugging. |
|
186 |
+ */ |
|
187 |
+__attribute__ ((__noreturn__ , __always_inline__)) |
|
188 |
+static inline void |
|
189 |
+__hardened_gentoo_chk_fail(char func[], int damaged) |
|
190 |
+{ |
|
191 |
+#define MESSAGE_BUFSIZ 256 |
|
192 |
+ static pid_t pid; |
|
193 |
+ static int plen, i; |
|
194 |
+ static char message[MESSAGE_BUFSIZ]; |
|
195 |
+ static const char msg_ssa[] = ": buffer overflow attack"; |
|
196 |
+ static const char msg_inf[] = " in function "; |
|
197 |
+ static const char msg_ssd[] = "*** buffer overflow detected ***: "; |
|
198 |
+ static const char msg_terminated[] = " - terminated\n"; |
|
199 |
+ static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; |
|
200 |
+ static const char msg_unknown[] = "<unknown>"; |
|
201 |
+ static int log_socket, connect_result; |
|
202 |
+ static struct sockaddr_un sock; |
|
203 |
+ static unsigned long int socketargs[4]; |
|
204 |
+ |
|
205 |
+ /* Build socket address |
|
206 |
+ */ |
|
207 |
+ sock.sun_family = AF_UNIX; |
|
208 |
+ i = 0; |
|
209 |
+ while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { |
|
210 |
+ sock.sun_path[i] = path_log[i]; |
|
211 |
+ i++; |
|
212 |
+ } |
|
213 |
+ sock.sun_path[i] = '\0'; |
|
214 |
+ |
|
215 |
+ /* Try SOCK_DGRAM connection to syslog */ |
|
216 |
+ connect_result = -1; |
|
217 |
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); |
|
218 |
+ if (log_socket != -1) |
|
219 |
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
|
220 |
+ if (connect_result == -1) { |
|
221 |
+ if (log_socket != -1) |
|
222 |
+ INLINE_SYSCALL(close, 1, log_socket); |
|
223 |
+ /* Try SOCK_STREAM connection to syslog */ |
|
224 |
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); |
|
225 |
+ if (log_socket != -1) |
|
226 |
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
|
227 |
+ } |
|
228 |
+ |
|
229 |
+ /* Build message. Messages are generated both in the old style and new style, |
|
230 |
+ * so that log watchers that are configured for the old-style message continue |
|
231 |
+ * to work. |
|
232 |
+ */ |
|
233 |
+#define strconcat(str) \ |
|
234 |
+ {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ |
|
235 |
+ {\ |
|
236 |
+ message[plen+i]=str[i];\ |
|
237 |
+ i++;\ |
|
238 |
+ }\ |
|
239 |
+ plen+=i;} |
|
240 |
+ |
|
241 |
+ /* R.Henderson post-gcc-4 style message */ |
|
242 |
+ plen = 0; |
|
243 |
+ strconcat(msg_ssd); |
|
244 |
+ if (__progname != (char *)0) |
|
245 |
+ strconcat(__progname) |
|
246 |
+ else |
|
247 |
+ strconcat(msg_unknown); |
|
248 |
+ strconcat(msg_terminated); |
|
249 |
+ |
|
250 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
251 |
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
|
252 |
+ if (connect_result != -1) |
|
253 |
+ INLINE_SYSCALL(write, 3, log_socket, message, plen); |
|
254 |
+ |
|
255 |
+ /* Dr. Etoh pre-gcc-4 style message */ |
|
256 |
+ plen = 0; |
|
257 |
+ if (__progname != (char *)0) |
|
258 |
+ strconcat(__progname) |
|
259 |
+ else |
|
260 |
+ strconcat(msg_unknown); |
|
261 |
+ strconcat(msg_ssa); |
|
262 |
+ strconcat(msg_inf); |
|
263 |
+ if (func != NULL) |
|
264 |
+ strconcat(func) |
|
265 |
+ else |
|
266 |
+ strconcat(msg_unknown); |
|
267 |
+ strconcat(msg_terminated); |
|
268 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
269 |
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
|
270 |
+ if (connect_result != -1) |
|
271 |
+ INLINE_SYSCALL(write, 3, log_socket, message, plen); |
|
272 |
+ |
|
273 |
+ /* Direct reports to bugs.gentoo.org */ |
|
274 |
+ plen=0; |
|
275 |
+ strconcat(msg_report); |
|
276 |
+ message[plen++]='\0'; |
|
277 |
+ |
|
278 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
279 |
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
|
280 |
+ if (connect_result != -1) |
|
281 |
+ INLINE_SYSCALL(write, 3, log_socket, message, plen); |
|
282 |
+ |
|
283 |
+ if (log_socket != -1) |
|
284 |
+ INLINE_SYSCALL(close, 1, log_socket); |
|
285 |
+ |
|
286 |
+ /* Suicide */ |
|
287 |
+ pid = INLINE_SYSCALL(getpid, 0); |
|
288 |
+ |
|
289 |
+ if (ENABLE_SSP_SMASH_DUMPS_CORE) { |
|
290 |
+ static struct sigaction default_abort_act; |
|
291 |
+ /* Remove any user-supplied handler for SIGABRT, before using it */ |
|
292 |
+ default_abort_act.sa_handler = SIG_DFL; |
|
293 |
+ default_abort_act.sa_sigaction = NULL; |
|
294 |
+ __sigfillset(&default_abort_act.sa_mask); |
|
295 |
+ default_abort_act.sa_flags = 0; |
|
296 |
+ if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) |
|
297 |
+ INLINE_SYSCALL(kill, 2, pid, SIGABRT); |
|
298 |
+ } |
|
299 |
+ |
|
300 |
+ /* Note; actions cannot be added to SIGKILL */ |
|
301 |
+ INLINE_SYSCALL(kill, 2, pid, SIGKILL); |
|
302 |
+ |
|
303 |
+ /* In case the kill didn't work, exit anyway |
|
304 |
+ * The loop prevents gcc thinking this routine returns |
|
305 |
+ */ |
|
306 |
+ while (1) |
|
307 |
+ INLINE_SYSCALL(exit, 0); |
|
308 |
+} |
|
309 |
+ |
|
310 |
+__attribute__ ((__noreturn__)) |
|
311 |
+void __chk_fail(void) |
|
312 |
+{ |
|
313 |
+ __hardened_gentoo_chk_fail(NULL, 0); |
|
314 |
+} |
|
315 |
+ |
... | ... |
@@ -0,0 +1,30 @@ |
1 |
+Prevent default-fPIE from confusing configure into thinking |
|
2 |
+PIC code is default. This causes glibc to build both PIC and |
|
3 |
+non-PIC code as normal, which on the hardened compiler generates |
|
4 |
+PIC and PIE. |
|
5 |
+ |
|
6 |
+Patch by Kevin F. Quinn <kevquinn@gentoo.org> |
|
7 |
+Fixed for glibc 2.10 by Magnus Granberg <zorry@ume.nu> |
|
8 |
+ |
|
9 |
+--- configure.in |
|
10 |
++++ configure.in |
|
11 |
+@@ -2145,7 +2145,7 @@ |
|
12 |
+ # error PIC is default. |
|
13 |
+ #endif |
|
14 |
+ EOF |
|
15 |
+-if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then |
|
16 |
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then |
|
17 |
+ libc_cv_pic_default=no |
|
18 |
+ fi |
|
19 |
+ rm -f conftest.*]) |
|
20 |
+--- configure |
|
21 |
++++ configure |
|
22 |
+@@ -7698,7 +7698,7 @@ |
|
23 |
+ # error PIC is default. |
|
24 |
+ #endif |
|
25 |
+ EOF |
|
26 |
+-if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then |
|
27 |
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then |
|
28 |
+ libc_cv_pic_default=no |
|
29 |
+ fi |
|
30 |
+ rm -f conftest.* |
... | ... |
@@ -0,0 +1,274 @@ |
1 |
+When building glibc PIE (which is not something upstream support), |
|
2 |
+several modifications are necessary to the glibc build process. |
|
3 |
+ |
|
4 |
+First, any syscalls in PIEs must be of the PIC variant, otherwise |
|
5 |
+textrels ensue. Then, any syscalls made before the initialisation |
|
6 |
+of the TLS will fail on i386, as the sysenter variant on i386 uses |
|
7 |
+the TLS, giving rise to a chicken-and-egg situation. This patch |
|
8 |
+defines a PIC syscall variant that doesn't use sysenter, even when the sysenter |
|
9 |
+version is normally used, and uses the non-sysenter version for the brk |
|
10 |
+syscall that is performed by the TLS initialisation. Further, the TLS |
|
11 |
+initialisation is moved in this case prior to the initialisation of |
|
12 |
+dl_osversion, as that requires further syscalls. |
|
13 |
+ |
|
14 |
+csu/libc-start.c: Move initial TLS initialization to before the |
|
15 |
+initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined |
|
16 |
+ |
|
17 |
+csu/libc-tls.c: Use the no-sysenter version of sbrk when |
|
18 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
19 |
+ |
|
20 |
+misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter |
|
21 |
+version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
22 |
+ |
|
23 |
+misc/brk.c: Define a no-sysenter version of brk if |
|
24 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
25 |
+ |
|
26 |
+sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER |
|
27 |
+Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. |
|
28 |
+ |
|
29 |
+Patch by Kevin F. Quinn <kevquinn@gentoo.org> |
|
30 |
+Fixed for 2.10 by Magnus Granberg <zorry@ume.nu> |
|
31 |
+ |
|
32 |
+--- csu/libc-start.c |
|
33 |
++++ csu/libc-start.c |
|
34 |
+@@ -28,6 +28,7 @@ |
|
35 |
+ extern int __libc_multiple_libcs; |
|
36 |
+ |
|
37 |
+ #include <tls.h> |
|
38 |
++#include <sysdep.h> |
|
39 |
+ #ifndef SHARED |
|
40 |
+ # include <dl-osinfo.h> |
|
41 |
+ extern void __pthread_initialize_minimal (void); |
|
42 |
+@@ -129,6 +130,11 @@ |
|
43 |
+ # endif |
|
44 |
+ _dl_aux_init (auxvec); |
|
45 |
+ # endif |
|
46 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
47 |
++ /* Do the initial TLS initialization before _dl_osversion, |
|
48 |
++ since the latter uses the uname syscall. */ |
|
49 |
++ __pthread_initialize_minimal (); |
|
50 |
++# endif |
|
51 |
+ # ifdef DL_SYSDEP_OSCHECK |
|
52 |
+ if (!__libc_multiple_libcs) |
|
53 |
+ { |
|
54 |
+@@ -138,10 +144,12 @@ |
|
55 |
+ } |
|
56 |
+ # endif |
|
57 |
+ |
|
58 |
++# ifndef INTERNAL_SYSCALL_NOSYSENTER |
|
59 |
+ /* Initialize the thread library at least a bit since the libgcc |
|
60 |
+ functions are using thread functions if these are available and |
|
61 |
+ we need to setup errno. */ |
|
62 |
+ __pthread_initialize_minimal (); |
|
63 |
++# endif |
|
64 |
+ |
|
65 |
+ /* Set up the stack checker's canary. */ |
|
66 |
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); |
|
67 |
+--- csu/libc-tls.c |
|
68 |
++++ csu/libc-tls.c |
|
69 |
+@@ -23,6 +23,7 @@ |
|
70 |
+ #include <unistd.h> |
|
71 |
+ #include <stdio.h> |
|
72 |
+ #include <sys/param.h> |
|
73 |
++#include <sysdep.h> |
|
74 |
+ |
|
75 |
+ |
|
76 |
+ #ifdef SHARED |
|
77 |
+@@ -29,6 +30,9 @@ |
|
78 |
+ #error makefile bug, this file is for static only |
|
79 |
+ #endif |
|
80 |
+ |
|
81 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
82 |
++extern void *__sbrk_nosysenter (intptr_t __delta); |
|
83 |
++#endif |
|
84 |
+ extern ElfW(Phdr) *_dl_phdr; |
|
85 |
+ extern size_t _dl_phnum; |
|
86 |
+ |
|
87 |
+@@ -141,14 +145,26 @@ |
|
88 |
+ |
|
89 |
+ The initialized value of _dl_tls_static_size is provided by dl-open.c |
|
90 |
+ to request some surplus that permits dynamic loading of modules with |
|
91 |
+- IE-model TLS. */ |
|
92 |
++ IE-model TLS. |
|
93 |
++ |
|
94 |
++ Where the normal sbrk would use a syscall that needs the TLS (i386) |
|
95 |
++ use the special non-sysenter version instead. */ |
|
96 |
+ #if TLS_TCB_AT_TP |
|
97 |
+ tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); |
|
98 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
99 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); |
|
100 |
++# else |
|
101 |
+ tlsblock = __sbrk (tcb_offset + tcbsize + max_align); |
|
102 |
++# endif |
|
103 |
+ #elif TLS_DTV_AT_TP |
|
104 |
+ tcb_offset = roundup (tcbsize, align ?: 1); |
|
105 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
106 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align |
|
107 |
++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
108 |
++# else |
|
109 |
+ tlsblock = __sbrk (tcb_offset + memsz + max_align |
|
110 |
+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
111 |
++# endif |
|
112 |
+ tlsblock += TLS_PRE_TCB_SIZE; |
|
113 |
+ #else |
|
114 |
+ /* In case a model with a different layout for the TCB and DTV |
|
115 |
+--- misc/sbrk.c |
|
116 |
++++ misc/sbrk.c |
|
117 |
+@@ -18,6 +18,7 @@ |
|
118 |
+ #include <errno.h> |
|
119 |
+ #include <stdint.h> |
|
120 |
+ #include <unistd.h> |
|
121 |
++#include <sysdep.h> |
|
122 |
+ |
|
123 |
+ /* Defined in brk.c. */ |
|
124 |
+ extern void *__curbrk; |
|
125 |
+@@ -29,6 +30,35 @@ |
|
126 |
+ /* Extend the process's data space by INCREMENT. |
|
127 |
+ If INCREMENT is negative, shrink data space by - INCREMENT. |
|
128 |
+ Return start of new space allocated, or -1 for errors. */ |
|
129 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
130 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
131 |
++ if the SYSENTER version requires the TLS (which it does on i386). |
|
132 |
++ Obviously using the TLS before it is initialised is broken. */ |
|
133 |
++extern int __brk_nosysenter (void *addr); |
|
134 |
++void * |
|
135 |
++__sbrk_nosysenter (intptr_t increment) |
|
136 |
++{ |
|
137 |
++ void *oldbrk; |
|
138 |
++ |
|
139 |
++ /* If this is not part of the dynamic library or the library is used |
|
140 |
++ via dynamic loading in a statically linked program update |
|
141 |
++ __curbrk from the kernel's brk value. That way two separate |
|
142 |
++ instances of __brk and __sbrk can share the heap, returning |
|
143 |
++ interleaved pieces of it. */ |
|
144 |
++ if (__curbrk == NULL || __libc_multiple_libcs) |
|
145 |
++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ |
|
146 |
++ return (void *) -1; |
|
147 |
++ |
|
148 |
++ if (increment == 0) |
|
149 |
++ return __curbrk; |
|
150 |
++ |
|
151 |
++ oldbrk = __curbrk; |
|
152 |
++ if (__brk_nosysenter (oldbrk + increment) < 0) |
|
153 |
++ return (void *) -1; |
|
154 |
++ |
|
155 |
++ return oldbrk; |
|
156 |
++} |
|
157 |
++#endif |
|
158 |
+ void * |
|
159 |
+ __sbrk (intptr_t increment) |
|
160 |
+ { |
|
161 |
+--- sysdeps/unix/sysv/linux/i386/brk.c |
|
162 |
++++ sysdeps/unix/sysv/linux/i386/brk.c |
|
163 |
+@@ -31,6 +31,30 @@ |
|
164 |
+ linker. */ |
|
165 |
+ weak_alias (__curbrk, ___brk_addr) |
|
166 |
+ |
|
167 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
168 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
169 |
++ * if the SYSENTER version requires the TLS (which it does on i386). |
|
170 |
++ * Obviously using the TLS before it is initialised is broken. */ |
|
171 |
++int |
|
172 |
++__brk_nosysenter (void *addr) |
|
173 |
++{ |
|
174 |
++ void *__unbounded newbrk; |
|
175 |
++ |
|
176 |
++ INTERNAL_SYSCALL_DECL (err); |
|
177 |
++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, |
|
178 |
++ __ptrvalue (addr)); |
|
179 |
++ |
|
180 |
++ __curbrk = newbrk; |
|
181 |
++ |
|
182 |
++ if (newbrk < addr) |
|
183 |
++ { |
|
184 |
++ __set_errno (ENOMEM); |
|
185 |
++ return -1; |
|
186 |
++ } |
|
187 |
++ |
|
188 |
++ return 0; |
|
189 |
++} |
|
190 |
++#endif |
|
191 |
+ int |
|
192 |
+ __brk (void *addr) |
|
193 |
+ { |
|
194 |
+--- sysdeps/unix/sysv/linux/i386/sysdep.h |
|
195 |
++++ sysdeps/unix/sysv/linux/i386/sysdep.h |
|
196 |
+@@ -187,7 +187,7 @@ |
|
197 |
+ /* The original calling convention for system calls on Linux/i386 is |
|
198 |
+ to use int $0x80. */ |
|
199 |
+ #ifdef I386_USE_SYSENTER |
|
200 |
+-# ifdef SHARED |
|
201 |
++# if defined SHARED || defined __PIC__ |
|
202 |
+ # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET |
|
203 |
+ # else |
|
204 |
+ # define ENTER_KERNEL call *_dl_sysinfo |
|
205 |
+@@ -358,7 +358,7 @@ |
|
206 |
+ possible to use more than four parameters. */ |
|
207 |
+ #undef INTERNAL_SYSCALL |
|
208 |
+ #ifdef I386_USE_SYSENTER |
|
209 |
+-# ifdef SHARED |
|
210 |
++# if defined SHARED || defined __PIC__ |
|
211 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
212 |
+ ({ \ |
|
213 |
+ register unsigned int resultvar; \ |
|
214 |
+@@ -384,6 +384,18 @@ |
|
215 |
+ : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ |
|
216 |
+ ASMFMT_##nr(args) : "memory", "cc"); \ |
|
217 |
+ (int) resultvar; }) |
|
218 |
++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ |
|
219 |
++ ({ \ |
|
220 |
++ register unsigned int resultvar; \ |
|
221 |
++ EXTRAVAR_##nr \ |
|
222 |
++ asm volatile ( \ |
|
223 |
++ LOADARGS_NOSYSENTER_##nr \ |
|
224 |
++ "movl %1, %%eax\n\t" \ |
|
225 |
++ "int $0x80\n\t" \ |
|
226 |
++ RESTOREARGS_NOSYSENTER_##nr \ |
|
227 |
++ : "=a" (resultvar) \ |
|
228 |
++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ |
|
229 |
++ (int) resultvar; }) |
|
230 |
+ # else |
|
231 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
232 |
+ ({ \ |
|
233 |
+@@ -447,12 +459,20 @@ |
|
234 |
+ |
|
235 |
+ #define LOADARGS_0 |
|
236 |
+ #ifdef __PIC__ |
|
237 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
238 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
239 |
+ # define LOADARGS_1 \ |
|
240 |
+ "bpushl .L__X'%k3, %k3\n\t" |
|
241 |
+ # define LOADARGS_5 \ |
|
242 |
+ "movl %%ebx, %4\n\t" \ |
|
243 |
+ "movl %3, %%ebx\n\t" |
|
244 |
++# define LOADARGS_NOSYSENTER_1 \ |
|
245 |
++ "bpushl .L__X'%k2, %k2\n\t" |
|
246 |
++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 |
|
247 |
++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 |
|
248 |
++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 |
|
249 |
++# define LOADARGS_NOSYSENTER_5 \ |
|
250 |
++ "movl %%ebx, %3\n\t" \ |
|
251 |
++ "movl %2, %%ebx\n\t" |
|
252 |
+ # else |
|
253 |
+ # define LOADARGS_1 \ |
|
254 |
+ "bpushl .L__X'%k2, %k2\n\t" |
|
255 |
+@@ -474,11 +495,18 @@ |
|
256 |
+ |
|
257 |
+ #define RESTOREARGS_0 |
|
258 |
+ #ifdef __PIC__ |
|
259 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
260 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
261 |
+ # define RESTOREARGS_1 \ |
|
262 |
+ "bpopl .L__X'%k3, %k3\n\t" |
|
263 |
+ # define RESTOREARGS_5 \ |
|
264 |
+ "movl %4, %%ebx" |
|
265 |
++# define RESTOREARGS_NOSYSENTER_1 \ |
|
266 |
++ "bpopl .L__X'%k2, %k2\n\t" |
|
267 |
++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 |
|
268 |
++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 |
|
269 |
++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 |
|
270 |
++# define RESTOREARGS_NOSYSENTER_5 \ |
|
271 |
++ "movl %3, %%ebx" |
|
272 |
+ # else |
|
273 |
+ # define RESTOREARGS_1 \ |
|
274 |
+ "bpopl .L__X'%k2, %k2\n\t" |
... | ... |
@@ -0,0 +1,168 @@ |
1 |
+Add backwards compat support for gcc-3.x ssp ... older ssp versions |
|
2 |
+used __guard and __stack_smash_handler symbols while gcc-4.1 and newer |
|
3 |
+uses __stack_chk_guard and __stack_chk_fail. |
|
4 |
+ |
|
5 |
+--- config.h.in |
|
6 |
++++ config.h.in |
|
7 |
+@@ -42,6 +42,9 @@ |
|
8 |
+ assembler instructions per line. Default is `;' */ |
|
9 |
+ #undef ASM_LINE_SEP |
|
10 |
+ |
|
11 |
++/* Define if we want to enable support for old ssp symbols */ |
|
12 |
++#undef ENABLE_OLD_SSP_COMPAT |
|
13 |
++ |
|
14 |
+ /* Define if not using ELF, but `.init' and `.fini' sections are available. */ |
|
15 |
+ #undef HAVE_INITFINI |
|
16 |
+ |
|
17 |
+--- configure |
|
18 |
++++ configure |
|
19 |
+@@ -1378,6 +1378,9 @@ Optional Features: |
|
20 |
+ --enable-kernel=VERSION compile for compatibility with kernel not older than |
|
21 |
+ VERSION |
|
22 |
+ --enable-all-warnings enable all useful warnings gcc can issue |
|
23 |
++ --disable-old-ssp-compat |
|
24 |
++ enable support for older ssp symbols |
|
25 |
++ [default=no] |
|
26 |
+ --enable-multi-arch enable single DSO with optimizations for multiple |
|
27 |
+ architectures |
|
28 |
+ --enable-experimental-malloc |
|
29 |
+@@ -6462,6 +6465,20 @@ fi |
|
30 |
+ $as_echo "$libc_cv_ssp" >&6; } |
|
31 |
+ |
|
32 |
+ |
|
33 |
++# Check whether --enable-old-ssp-compat or --disable-old-ssp-compat was given. |
|
34 |
++if test "${enable_old_ssp_compat+set}" = set; then |
|
35 |
++ enableval="$enable_old_ssp_compat" |
|
36 |
++ enable_old_ssp_compat=$enableval |
|
37 |
++else |
|
38 |
++ enable_old_ssp_compat=no |
|
39 |
++fi; |
|
40 |
++if test "x$enable_old_ssp_compat" = "xyes"; then |
|
41 |
++ cat >>confdefs.h <<\_ACEOF |
|
42 |
++#define ENABLE_OLD_SSP_COMPAT 1 |
|
43 |
++_ACEOF |
|
44 |
++ |
|
45 |
++fi |
|
46 |
++ |
|
47 |
+ { $as_echo "$as_me:$LINENO: checking for -fgnu89-inline" >&5 |
|
48 |
+ $as_echo_n "checking for -fgnu89-inline... " >&6; } |
|
49 |
+ if test "${libc_cv_gnu89_inline+set}" = set; then |
|
50 |
+--- configure.in |
|
51 |
++++ configure.in |
|
52 |
+@@ -1641,6 +1641,15 @@ fi |
|
53 |
+ rm -f conftest*]) |
|
54 |
+ AC_SUBST(libc_cv_ssp) |
|
55 |
+ |
|
56 |
++AC_ARG_ENABLE([old-ssp-compat], |
|
57 |
++ AC_HELP_STRING([--enable-old-ssp-compat], |
|
58 |
++ [enable support for older ssp symbols @<:@default=no@:>@]), |
|
59 |
++ [enable_old_ssp_compat=$enableval], |
|
60 |
++ [enable_old_ssp_compat=no]) |
|
61 |
++if test "x$enable_old_ssp_compat" = "xyes"; then |
|
62 |
++ AC_DEFINE(ENABLE_OLD_SSP_COMPAT) |
|
63 |
++fi |
|
64 |
++ |
|
65 |
+ AC_CACHE_CHECK(for -fgnu89-inline, libc_cv_gnu89_inline, [dnl |
|
66 |
+ cat > conftest.c <<EOF |
|
67 |
+ int foo; |
|
68 |
+--- csu/libc-start.c |
|
69 |
++++ csu/libc-start.c |
|
70 |
+@@ -37,6 +37,9 @@ extern void __pthread_initialize_minimal |
|
71 |
+ uintptr_t __stack_chk_guard attribute_relro; |
|
72 |
+ # endif |
|
73 |
+ #endif |
|
74 |
++#ifdef ENABLE_OLD_SSP_COMPAT |
|
75 |
++uintptr_t __guard attribute_relro; |
|
76 |
++#endif |
|
77 |
+ |
|
78 |
+ #ifdef HAVE_PTR_NTHREADS |
|
79 |
+ /* We need atomic operations. */ |
|
80 |
+@@ -141,6 +145,9 @@ LIBC_START_MAIN (int (*main) (int, char |
|
81 |
+ |
|
82 |
+ /* Set up the stack checker's canary. */ |
|
83 |
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); |
|
84 |
++#ifdef ENABLE_OLD_SSP_COMPAT |
|
85 |
++ __guard = stack_chk_guard; |
|
86 |
++#endif |
|
87 |
+ # ifdef THREAD_SET_STACK_GUARD |
|
88 |
+ THREAD_SET_STACK_GUARD (stack_chk_guard); |
|
89 |
+ # else |
|
90 |
+--- csu/Versions |
|
91 |
++++ csu/Versions |
|
92 |
+@@ -17,6 +17,12 @@ libc { |
|
93 |
+ # New special glibc functions. |
|
94 |
+ gnu_get_libc_release; gnu_get_libc_version; |
|
95 |
+ } |
|
96 |
++ GLIBC_2.3.2 { |
|
97 |
++%ifdef ENABLE_OLD_SSP_COMPAT |
|
98 |
++ # global objects and functions for the old propolice patch in gcc |
|
99 |
++ __guard; |
|
100 |
++%endif |
|
101 |
++ } |
|
102 |
+ GLIBC_PRIVATE { |
|
103 |
+ %if HAVE___THREAD |
|
104 |
+ # This version is for the TLS symbol, GLIBC_2.0 is the old object symbol. |
|
105 |
+--- debug/Versions |
|
106 |
++++ debug/Versions |
|
107 |
+@@ -10,6 +10,12 @@ libc { |
|
108 |
+ # These are to support some gcc features. |
|
109 |
+ __cyg_profile_func_enter; __cyg_profile_func_exit; |
|
110 |
+ } |
|
111 |
++%ifdef ENABLE_OLD_SSP_COMPAT |
|
112 |
++ GLIBC_2.3.2 { |
|
113 |
++ # backwards ssp compat support; alias to __stack_chk_fail |
|
114 |
++ __stack_smash_handler; |
|
115 |
++ } |
|
116 |
++%endif |
|
117 |
+ GLIBC_2.3.4 { |
|
118 |
+ __chk_fail; |
|
119 |
+ __memcpy_chk; __memmove_chk; __mempcpy_chk; __memset_chk; __stpcpy_chk; |
|
120 |
+--- elf/rtld.c |
|
121 |
++++ elf/rtld.c |
|
122 |
+@@ -89,6 +89,9 @@ INTDEF(_dl_argv) |
|
123 |
+ in thread local area. */ |
|
124 |
+ uintptr_t __stack_chk_guard attribute_relro; |
|
125 |
+ #endif |
|
126 |
++#ifdef ENABLE_OLD_SSP_COMPAT |
|
127 |
++uintptr_t __guard attribute_relro; |
|
128 |
++#endif |
|
129 |
+ |
|
130 |
+ /* Only exported for architectures that don't store the pointer guard |
|
131 |
+ value in thread local area. */ |
|
132 |
+@@ -1817,6 +1821,9 @@ ERROR: ld.so: object '%s' cannot be load |
|
133 |
+ |
|
134 |
+ /* Set up the stack checker's canary. */ |
|
135 |
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); |
|
136 |
++#ifdef ENABLE_OLD_SSP_COMPAT |
|
137 |
++ __guard = stack_chk_guard; |
|
138 |
++#endif |
|
139 |
+ #ifdef THREAD_SET_STACK_GUARD |
|
140 |
+ THREAD_SET_STACK_GUARD (stack_chk_guard); |
|
141 |
+ #else |
|
142 |
+--- elf/Versions |
|
143 |
++++ elf/Versions |
|
144 |
+@@ -43,6 +43,12 @@ ld { |
|
145 |
+ # runtime interface to TLS |
|
146 |
+ __tls_get_addr; |
|
147 |
+ } |
|
148 |
++%ifdef ENABLE_OLD_SSP_COMPAT |
|
149 |
++ GLIBC_2.3.2 { |
|
150 |
++ # backwards ssp compat support |
|
151 |
++ __guard; |
|
152 |
++ } |
|
153 |
++%endif |
|
154 |
+ GLIBC_2.4 { |
|
155 |
+ # stack canary |
|
156 |
+ __stack_chk_guard; |
|
157 |
+--- Versions.def |
|
158 |
++++ Versions.def |
|
159 |
+@@ -109,6 +109,9 @@ ld { |
|
160 |
+ GLIBC_2.0 |
|
161 |
+ GLIBC_2.1 |
|
162 |
+ GLIBC_2.3 |
|
163 |
++%ifdef ENABLE_OLD_SSP_COMPAT |
|
164 |
++ GLIBC_2.3.2 |
|
165 |
++%endif |
|
166 |
+ GLIBC_2.4 |
|
167 |
+ GLIBC_PRIVATE |
|
168 |
+ } |
... | ... |
@@ -0,0 +1,40 @@ |
1 |
+http://bugs.gentoo.org/292139 |
|
2 |
+ |
|
3 |
+2009-11-08 Magnus Granberg <zorry@ume.nu> |
|
4 |
+ |
|
5 |
+ * Makeconfig (+link): Set to +link-pie. |
|
6 |
+ (+link-static): Change $(static-start-installed-name) to |
|
7 |
+ S$(static-start-installed-name). |
|
8 |
+ (+prector): Set to +prectorS. |
|
9 |
+ (+postctor): Set to +postctorS. |
|
10 |
+ |
|
11 |
+--- libc/Makeconfig |
|
12 |
++++ libc/Makeconfig |
|
13 |
+@@ -447,11 +447,12 @@ |
|
14 |
+ $(common-objpfx)libc% $(+postinit),$^) \ |
|
15 |
+ $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) |
|
16 |
+ endif |
|
17 |
+++link = $(+link-pie) |
|
18 |
+ # Command for statically linking programs with the C library. |
|
19 |
+ ifndef +link-static |
|
20 |
+ +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ |
|
21 |
+ $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ |
|
22 |
+- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ |
|
23 |
++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ |
|
24 |
+ $(+preinit) $(+prector) \ |
|
25 |
+ $(filter-out $(addprefix $(csu-objpfx),start.o \ |
|
26 |
+ $(start-installed-name))\ |
|
27 |
+@@ -549,11 +550,10 @@ |
|
28 |
+ ifeq ($(elf),yes) |
|
29 |
+ +preinit = $(addprefix $(csu-objpfx),crti.o) |
|
30 |
+ +postinit = $(addprefix $(csu-objpfx),crtn.o) |
|
31 |
+-+prector = `$(CC) --print-file-name=crtbegin.o` |
|
32 |
+-+postctor = `$(CC) --print-file-name=crtend.o` |
|
33 |
+-# Variants of the two previous definitions for linking PIE programs. |
|
34 |
+ +prectorS = `$(CC) --print-file-name=crtbeginS.o` |
|
35 |
+ +postctorS = `$(CC) --print-file-name=crtendS.o` |
|
36 |
+++prector = $(+prectorS) |
|
37 |
+++postctor = $(+postctorS) |
|
38 |
+ +interp = $(addprefix $(elf-objpfx),interp.os) |
|
39 |
+ endif |
|
40 |
+ csu-objpfx = $(common-objpfx)csu/ |
... | ... |
@@ -0,0 +1,39 @@ |
1 |
+2010-08-11 Magnus Granberg <zorry@ume.nu> |
|
2 |
+ |
|
3 |
+ #332331 |
|
4 |
+ * Makeconfig (+link): Set to +link-pie. |
|
5 |
+ (+link-static): Change $(static-start-installed-name) to |
|
6 |
+ S$(static-start-installed-name). |
|
7 |
+ (+prector): Set to +prectorS. |
|
8 |
+ (+postctor): Set to +postctorS. |
|
9 |
+ |
|
10 |
+--- libc/Makeconfig |
|
11 |
++++ libc/Makeconfig |
|
12 |
+@@ -447,11 +447,12 @@ |
|
13 |
+ $(common-objpfx)libc% $(+postinit),$^) \ |
|
14 |
+ $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) |
|
15 |
+ endif |
|
16 |
+++link = $(+link-pie) |
|
17 |
+ # Command for statically linking programs with the C library. |
|
18 |
+ ifndef +link-static |
|
19 |
+ +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ |
|
20 |
+ $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ |
|
21 |
+- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ |
|
22 |
++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ |
|
23 |
+ $(+preinit) $(+prector) \ |
|
24 |
+ $(filter-out $(addprefix $(csu-objpfx),start.o \ |
|
25 |
+ $(start-installed-name))\ |
|
26 |
+@@ -549,11 +550,10 @@ |
|
27 |
+ ifeq ($(elf),yes) |
|
28 |
+ +preinit = $(addprefix $(csu-objpfx),crti.o) |
|
29 |
+ +postinit = $(addprefix $(csu-objpfx),crtn.o) |
|
30 |
+-+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` |
|
31 |
+-+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` |
|
32 |
+-# Variants of the two previous definitions for linking PIE programs. |
|
33 |
+ +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` |
|
34 |
+ +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` |
|
35 |
+++prector = $(+prectorS) |
|
36 |
+++postctor = $(+postctorS) |
|
37 |
+ +interp = $(addprefix $(elf-objpfx),interp.os) |
|
38 |
+ endif |
|
39 |
+ csu-objpfx = $(common-objpfx)csu/ |
... | ... |
@@ -0,0 +1,68 @@ |
1 |
+#! /bin/sh -e |
|
2 |
+ |
|
3 |
+# DP: Description: Fix localedef segfault when run under exec-shield, |
|
4 |
+# PaX or similar. (#231438, #198099) |
|
5 |
+# DP: Dpatch Author: James Troup <james@nocrew.org> |
|
6 |
+# DP: Patch Author: (probably) Jakub Jelinek <jakub@redhat.com> |
|
7 |
+# DP: Upstream status: Unknown |
|
8 |
+# DP: Status Details: Unknown |
|
9 |
+# DP: Date: 2004-03-16 |
|
10 |
+ |
|
11 |
+if [ $# -ne 2 ]; then |
|
12 |
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" |
|
13 |
+ exit 1 |
|
14 |
+fi |
|
15 |
+case "$1" in |
|
16 |
+ -patch) patch -d "$2" -f --no-backup-if-mismatch -p1 < $0;; |
|
17 |
+ -unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p1 < $0;; |
|
18 |
+ *) |
|
19 |
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" |
|
20 |
+ exit 1 |
|
21 |
+esac |
|
22 |
+exit 0 |
|
23 |
+ |
|
24 |
+--- glibc-2.3.3-net/locale/programs/3level.h 16 Jun 2003 07:19:09 -0000 1.1.1.5 |
|
25 |
++++ glibc-2.3.3-redhat/locale/programs/3level.h 16 Jun 2003 09:32:40 -0000 1.4 |
|
26 |
+@@ -204,6 +204,42 @@ CONCAT(TABLE,_iterate) (struct TABLE *t, |
|
27 |
+ } |
|
28 |
+ } |
|
29 |
+ } |
|
30 |
++ |
|
31 |
++/* GCC ATM seems to do a poor job with pointers to nested functions passed |
|
32 |
++ to inlined functions. Help it a little bit with this hack. */ |
|
33 |
++#define wchead_table_iterate(tp, fn) \ |
|
34 |
++do \ |
|
35 |
++ { \ |
|
36 |
++ struct wchead_table *t = (tp); \ |
|
37 |
++ uint32_t index1; \ |
|
38 |
++ for (index1 = 0; index1 < t->level1_size; index1++) \ |
|
39 |
++ { \ |
|
40 |
++ uint32_t lookup1 = t->level1[index1]; \ |
|
41 |
++ if (lookup1 != ((uint32_t) ~0)) \ |
|
42 |
++ { \ |
|
43 |
++ uint32_t lookup1_shifted = lookup1 << t->q; \ |
|
44 |
++ uint32_t index2; \ |
|
45 |
++ for (index2 = 0; index2 < (1 << t->q); index2++) \ |
|
46 |
++ { \ |
|
47 |
++ uint32_t lookup2 = t->level2[index2 + lookup1_shifted]; \ |
|
48 |
++ if (lookup2 != ((uint32_t) ~0)) \ |
|
49 |
++ { \ |
|
50 |
++ uint32_t lookup2_shifted = lookup2 << t->p; \ |
|
51 |
++ uint32_t index3; \ |
|
52 |
++ for (index3 = 0; index3 < (1 << t->p); index3++) \ |
|
53 |
++ { \ |
|
54 |
++ struct element_t *lookup3 \ |
|
55 |
++ = t->level3[index3 + lookup2_shifted]; \ |
|
56 |
++ if (lookup3 != NULL) \ |
|
57 |
++ fn ((((index1 << t->q) + index2) << t->p) + index3, \ |
|
58 |
++ lookup3); \ |
|
59 |
++ } \ |
|
60 |
++ } \ |
|
61 |
++ } \ |
|
62 |
++ } \ |
|
63 |
++ } \ |
|
64 |
++ } while (0) |
|
65 |
++ |
|
66 |
+ #endif |
|
67 |
+ |
|
68 |
+ #ifndef NO_FINALIZE |
... | ... |
@@ -0,0 +1,311 @@ |
1 |
+/* Copyright (C) 2005 Free Software Foundation, Inc. |
|
2 |
+ This file is part of the GNU C Library. |
|
3 |
+ |
|
4 |
+ The GNU C Library is free software; you can redistribute it and/or |
|
5 |
+ modify it under the terms of the GNU Lesser General Public |
|
6 |
+ License as published by the Free Software Foundation; either |
|
7 |
+ version 2.1 of the License, or (at your option) any later version. |
|
8 |
+ |
|
9 |
+ The GNU C Library is distributed in the hope that it will be useful, |
|
10 |
+ but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|
12 |
+ Lesser General Public License for more details. |
|
13 |
+ |
|
14 |
+ You should have received a copy of the GNU Lesser General Public |
|
15 |
+ License along with the GNU C Library; if not, write to the Free |
|
16 |
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA |
|
17 |
+ 02111-1307 USA. */ |
|
18 |
+ |
|
19 |
+/* Copyright (C) 2006 Gentoo Foundation Inc. |
|
20 |
+ * License terms as above. |
|
21 |
+ * |
|
22 |
+ * Hardened Gentoo SSP handler |
|
23 |
+ * |
|
24 |
+ * An SSP failure handler that does not use functions from the rest of |
|
25 |
+ * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures |
|
26 |
+ * no possibility of recursion into the handler. |
|
27 |
+ * |
|
28 |
+ * Direct all bug reports to http://bugs.gentoo.org/ |
|
29 |
+ * |
|
30 |
+ * Re-written from the glibc-2.3 Hardened Gentoo SSP handler |
|
31 |
+ * by Kevin F. Quinn - <kevquinn[@]gentoo.org> |
|
32 |
+ * |
|
33 |
+ * The following people contributed to the glibc-2.3 Hardened |
|
34 |
+ * Gentoo SSP handler, from which this implementation draws much: |
|
35 |
+ * |
|
36 |
+ * Ned Ludd - <solar[@]gentoo.org> |
|
37 |
+ * Alexander Gabert - <pappy[@]gentoo.org> |
|
38 |
+ * The PaX Team - <pageexec[@]freemail.hu> |
|
39 |
+ * Peter S. Mazinger - <ps.m[@]gmx.net> |
|
40 |
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> |
|
41 |
+ * Robert Connolly - <robert[@]linuxfromscratch.org> |
|
42 |
+ * Cory Visi <cory[@]visi.name> |
|
43 |
+ * Mike Frysinger <vapier[@]gentoo.org> |
|
44 |
+ */ |
|
45 |
+ |
|
46 |
+#include <errno.h> |
|
47 |
+#include <stdlib.h> |
|
48 |
+#include <unistd.h> |
|
49 |
+#include <signal.h> |
|
50 |
+ |
|
51 |
+#include <sys/types.h> |
|
52 |
+ |
|
53 |
+#include <sysdep-cancel.h> |
|
54 |
+#include <sys/syscall.h> |
|
55 |
+#include <bp-checks.h> |
|
56 |
+ |
|
57 |
+#include <kernel-features.h> |
|
58 |
+ |
|
59 |
+#include <alloca.h> |
|
60 |
+/* from sysdeps */ |
|
61 |
+#include <socketcall.h> |
|
62 |
+/* for the stuff in bits/socket.h */ |
|
63 |
+#include <sys/socket.h> |
|
64 |
+#include <sys/un.h> |
|
65 |
+ |
|
66 |
+ |
|
67 |
+/* Sanity check on SYSCALL macro names - force compilation |
|
68 |
+ * failure if the names used here do not exist |
|
69 |
+ */ |
|
70 |
+#if !defined __NR_socketcall && !defined __NR_socket |
|
71 |
+# error Cannot do syscall socket or socketcall |
|
72 |
+#endif |
|
73 |
+#if !defined __NR_socketcall && !defined __NR_connect |
|
74 |
+# error Cannot do syscall connect or socketcall |
|
75 |
+#endif |
|
76 |
+#ifndef __NR_write |
|
77 |
+# error Cannot do syscall write |
|
78 |
+#endif |
|
79 |
+#ifndef __NR_close |
|
80 |
+# error Cannot do syscall close |
|
81 |
+#endif |
|
82 |
+#ifndef __NR_getpid |
|
83 |
+# error Cannot do syscall getpid |
|
84 |
+#endif |
|
85 |
+#ifndef __NR_kill |
|
86 |
+# error Cannot do syscall kill |
|
87 |
+#endif |
|
88 |
+#ifndef __NR_exit |
|
89 |
+# error Cannot do syscall exit |
|
90 |
+#endif |
|
91 |
+#ifdef SSP_SMASH_DUMPS_CORE |
|
92 |
+# if !defined _KERNEL_NSIG && !defined _NSIG |
|
93 |
+# error No _NSIG or _KERNEL_NSIG for rt_sigaction |
|
94 |
+# endif |
|
95 |
+# if !defined __NR_sigation && !defined __NR_rt_sigaction |
|
96 |
+# error Cannot do syscall sigaction or rt_sigaction |
|
97 |
+# endif |
|
98 |
+#endif |
|
99 |
+ |
|
100 |
+ |
|
101 |
+ |
|
102 |
+/* Define DO_SOCKET/DO_CONNECT macros to deal with socketcall vs socket/connect */ |
|
103 |
+#ifdef __NR_socketcall |
|
104 |
+ |
|
105 |
+# define DO_SOCKET(result,domain,type,protocol) \ |
|
106 |
+ {socketargs[0] = domain; \ |
|
107 |
+ socketargs[1] = type; \ |
|
108 |
+ socketargs[2] = protocol; \ |
|
109 |
+ socketargs[3] = 0; \ |
|
110 |
+ result = INLINE_SYSCALL(socketcall,2,SOCKOP_socket,socketargs);} |
|
111 |
+ |
|
112 |
+# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ |
|
113 |
+ {socketargs[0] = sockfd; \ |
|
114 |
+ socketargs[1] = (unsigned long int)serv_addr; \ |
|
115 |
+ socketargs[2] = addrlen; \ |
|
116 |
+ socketargs[3] = 0; \ |
|
117 |
+ result = INLINE_SYSCALL(socketcall,2,SOCKOP_connect,socketargs);} |
|
118 |
+ |
|
119 |
+#else |
|
120 |
+ |
|
121 |
+# define DO_SOCKET(result,domain,type,protocol) \ |
|
122 |
+ {result = INLINE_SYSCALL(socket,3,domain,type,protocol);} |
|
123 |
+ |
|
124 |
+# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ |
|
125 |
+ {result = INLINE_SYSCALL(connect,3,sockfd,serv_addr,addrlen);} |
|
126 |
+ |
|
127 |
+#endif |
|
128 |
+/* __NR_socketcall */ |
|
129 |
+ |
|
130 |
+ |
|
131 |
+#ifndef _PATH_LOG |
|
132 |
+# define _PATH_LOG "/dev/log" |
|
133 |
+#endif |
|
134 |
+ |
|
135 |
+static const char path_log[]=_PATH_LOG; |
|
136 |
+ |
|
137 |
+/* For building glibc with SSP switched on, define __progname to a |
|
138 |
+ * constant if building for the run-time loader, to avoid pulling |
|
139 |
+ * in more of libc.so into ld.so |
|
140 |
+ */ |
|
141 |
+#ifdef IS_IN_rtld |
|
142 |
+static char *__progname = "<rtld>"; |
|
143 |
+#else |
|
144 |
+extern char *__progname; |
|
145 |
+#endif |
|
146 |
+ |
|
147 |
+ |
|
148 |
+/* Common handler code, used by stack_chk_fail and __stack_smash_handler |
|
149 |
+ * Inlined to ensure no self-references to the handler within itself. |
|
150 |
+ * Data static to avoid putting more than necessary on the stack, |
|
151 |
+ * to aid core debugging. |
|
152 |
+ */ |
|
153 |
+static inline void |
|
154 |
+__attribute__ ((__noreturn__ , __always_inline__)) |
|
155 |
+__hardened_gentoo_stack_chk_fail (char func[], int damaged) |
|
156 |
+{ |
|
157 |
+#define MESSAGE_BUFSIZ 256 |
|
158 |
+ static pid_t pid; |
|
159 |
+ static int plen, i; |
|
160 |
+ static char message[MESSAGE_BUFSIZ]; |
|
161 |
+ static const char msg_ssa[]=": stack smashing attack"; |
|
162 |
+ static const char msg_inf[]=" in function "; |
|
163 |
+ static const char msg_ssd[]="*** stack smashing detected ***: "; |
|
164 |
+ static const char msg_terminated[]=" - terminated\n"; |
|
165 |
+ static const char msg_report[]="Report to http://bugs.gentoo.org/\n"; |
|
166 |
+ static const char msg_unknown[]="<unknown>"; |
|
167 |
+#ifdef SSP_SMASH_DUMPS_CORE |
|
168 |
+ static struct sigaction default_abort_act; |
|
169 |
+#endif |
|
170 |
+ static int log_socket, connect_result; |
|
171 |
+ static struct sockaddr_un sock; |
|
172 |
+#ifdef __NR_socketcall |
|
173 |
+ static unsigned long int socketargs[4]; |
|
174 |
+#endif |
|
175 |
+ |
|
176 |
+ /* Build socket address |
|
177 |
+ */ |
|
178 |
+ sock.sun_family = AF_UNIX; |
|
179 |
+ i=0; |
|
180 |
+ while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) |
|
181 |
+ { |
|
182 |
+ sock.sun_path[i]=path_log[i]; |
|
183 |
+ i++; |
|
184 |
+ } |
|
185 |
+ sock.sun_path[i]='\0'; |
|
186 |
+ |
|
187 |
+ /* Try SOCK_DGRAM connection to syslog */ |
|
188 |
+ connect_result=-1; |
|
189 |
+ DO_SOCKET(log_socket,AF_UNIX,SOCK_DGRAM,0); |
|
190 |
+ if (log_socket != -1) |
|
191 |
+ DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); |
|
192 |
+ if (connect_result == -1) |
|
193 |
+ { |
|
194 |
+ if (log_socket != -1) |
|
195 |
+ INLINE_SYSCALL(close,1,log_socket); |
|
196 |
+ /* Try SOCK_STREAM connection to syslog */ |
|
197 |
+ DO_SOCKET(log_socket,AF_UNIX,SOCK_STREAM,0); |
|
198 |
+ if (log_socket != -1) |
|
199 |
+ DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); |
|
200 |
+ } |
|
201 |
+ |
|
202 |
+ /* Build message. Messages are generated both in the old style and new style, |
|
203 |
+ * so that log watchers that are configured for the old-style message continue |
|
204 |
+ * to work. |
|
205 |
+ */ |
|
206 |
+#define strconcat(str) \ |
|
207 |
+ {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ |
|
208 |
+ {\ |
|
209 |
+ message[plen+i]=str[i];\ |
|
210 |
+ i++;\ |
|
211 |
+ }\ |
|
212 |
+ plen+=i;} |
|
213 |
+ |
|
214 |
+ /* R.Henderson post-gcc-4 style message */ |
|
215 |
+ plen=0; |
|
216 |
+ strconcat(msg_ssd); |
|
217 |
+ if (__progname != (char *)0) |
|
218 |
+ strconcat(__progname) |
|
219 |
+ else |
|
220 |
+ strconcat(msg_unknown); |
|
221 |
+ strconcat(msg_terminated); |
|
222 |
+ |
|
223 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
224 |
+ INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); |
|
225 |
+ if (connect_result != -1) |
|
226 |
+ INLINE_SYSCALL(write,3,log_socket,message,plen); |
|
227 |
+ |
|
228 |
+ /* Dr. Etoh pre-gcc-4 style message */ |
|
229 |
+ plen=0; |
|
230 |
+ if (__progname != (char *)0) |
|
231 |
+ strconcat(__progname) |
|
232 |
+ else |
|
233 |
+ strconcat(msg_unknown); |
|
234 |
+ strconcat(msg_ssa); |
|
235 |
+ strconcat(msg_inf); |
|
236 |
+ if (func!=NULL) |
|
237 |
+ strconcat(func) |
|
238 |
+ else |
|
239 |
+ strconcat(msg_unknown); |
|
240 |
+ strconcat(msg_terminated); |
|
241 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
242 |
+ INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); |
|
243 |
+ if (connect_result != -1) |
|
244 |
+ INLINE_SYSCALL(write,3,log_socket,message,plen); |
|
245 |
+ |
|
246 |
+ /* Direct reports to bugs.gentoo.org */ |
|
247 |
+ plen=0; |
|
248 |
+ strconcat(msg_report); |
|
249 |
+ message[plen++]='\0'; |
|
250 |
+ |
|
251 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
252 |
+ INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); |
|
253 |
+ if (connect_result != -1) |
|
254 |
+ INLINE_SYSCALL(write,3,log_socket,message,plen); |
|
255 |
+ |
|
256 |
+ if (log_socket != -1) |
|
257 |
+ INLINE_SYSCALL(close,1,log_socket); |
|
258 |
+ |
|
259 |
+ /* Suicide */ |
|
260 |
+ pid=INLINE_SYSCALL(getpid,0); |
|
261 |
+#ifdef SSP_SMASH_DUMPS_CORE |
|
262 |
+ /* Remove any user-supplied handler for SIGABRT, before using it */ |
|
263 |
+ default_abort_act.sa_handler = SIG_DFL; |
|
264 |
+ default_abort_act.sa_sigaction = NULL; |
|
265 |
+ __sigfillset(&default_abort_act.sa_mask); |
|
266 |
+ default_abort_act.sa_flags = 0; |
|
267 |
+ /* sigaction doesn't exist on amd64; however rt_sigaction seems to |
|
268 |
+ * exist everywhere. rt_sigaction has an extra parameter - the |
|
269 |
+ * size of sigset_t. |
|
270 |
+ */ |
|
271 |
+# ifdef __NR_sigation |
|
272 |
+ if (INLINE_SYSCALL(sigaction,3,SIGABRT,&default_abort_act,NULL) == 0) |
|
273 |
+# else |
|
274 |
+ /* Although rt_sigaction expects sizeof(sigset_t) - it expects the size |
|
275 |
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t. |
|
276 |
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for |
|
277 |
+ * some reason. |
|
278 |
+ */ |
|
279 |
+# ifdef _KERNEL_NSIG |
|
280 |
+ if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_KERNEL_NSIG/8) == 0) |
|
281 |
+# else |
|
282 |
+ if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_NSIG/8) == 0) |
|
283 |
+# endif |
|
284 |
+# endif |
|
285 |
+ INLINE_SYSCALL(kill,2,pid,SIGABRT); |
|
286 |
+#endif |
|
287 |
+ /* Note; actions cannot be added to SIGKILL */ |
|
288 |
+ INLINE_SYSCALL(kill,2,pid,SIGKILL); |
|
289 |
+ |
|
290 |
+ /* In case the kill didn't work, exit anyway |
|
291 |
+ * The loop prevents gcc thinking this routine returns |
|
292 |
+ */ |
|
293 |
+ while (1) INLINE_SYSCALL(exit,0); |
|
294 |
+} |
|
295 |
+ |
|
296 |
+void |
|
297 |
+__attribute__ ((__noreturn__)) |
|
298 |
+ __stack_chk_fail (void) |
|
299 |
+{ |
|
300 |
+ __hardened_gentoo_stack_chk_fail(NULL,0); |
|
301 |
+} |
|
302 |
+ |
|
303 |
+#ifdef ENABLE_OLD_SSP_COMPAT |
|
304 |
+void |
|
305 |
+__attribute__ ((__noreturn__)) |
|
306 |
+__stack_smash_handler(char func[], int damaged) |
|
307 |
+{ |
|
308 |
+ __hardened_gentoo_stack_chk_fail(func,damaged); |
|
309 |
+} |
|
310 |
+#endif |
|
311 |
+ |
... | ... |
@@ -0,0 +1,29 @@ |
1 |
+Prevent default-fPIE from confusing configure into thinking |
|
2 |
+PIC code is default. This causes glibc to build both PIC and |
|
3 |
+non-PIC code as normal, which on the hardened compiler generates |
|
4 |
+PIC and PIE. |
|
5 |
+ |
|
6 |
+Patch by Kevin F. Quinn <kevquinn@gentoo.org> |
|
7 |
+ |
|
8 |
+--- configure.in |
|
9 |
++++ configure.in |
|
10 |
+@@ -2145,7 +2145,7 @@ |
|
11 |
+ # error PIC is default. |
|
12 |
+ #endif |
|
13 |
+ EOF |
|
14 |
+-if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then |
|
15 |
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then |
|
16 |
+ pic_default=no |
|
17 |
+ fi |
|
18 |
+ rm -f conftest.*]) |
|
19 |
+--- configure |
|
20 |
++++ configure |
|
21 |
+@@ -7698,7 +7698,7 @@ |
|
22 |
+ # error PIC is default. |
|
23 |
+ #endif |
|
24 |
+ EOF |
|
25 |
+-if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then |
|
26 |
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then |
|
27 |
+ pic_default=no |
|
28 |
+ fi |
|
29 |
+ rm -f conftest.* |
... | ... |
@@ -0,0 +1,283 @@ |
1 |
+When building glibc PIE (which is not something upstream support), |
|
2 |
+several modifications are necessary to the glibc build process. |
|
3 |
+ |
|
4 |
+First, any syscalls in PIEs must be of the PIC variant, otherwise |
|
5 |
+textrels ensue. Then, any syscalls made before the initialisation |
|
6 |
+of the TLS will fail on i386, as the sysenter variant on i386 uses |
|
7 |
+the TLS, giving rise to a chicken-and-egg situation. This patch |
|
8 |
+defines a PIC syscall variant that doesn't use sysenter, even when the sysenter |
|
9 |
+version is normally used, and uses the non-sysenter version for the brk |
|
10 |
+syscall that is performed by the TLS initialisation. Further, the TLS |
|
11 |
+initialisation is moved in this case prior to the initialisation of |
|
12 |
+dl_osversion, as that requires further syscalls. |
|
13 |
+ |
|
14 |
+csu/libc-start.c: Move initial TLS initialization to before the |
|
15 |
+initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined |
|
16 |
+ |
|
17 |
+csu/libc-tls.c: Use the no-sysenter version of sbrk when |
|
18 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
19 |
+ |
|
20 |
+misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter |
|
21 |
+version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
22 |
+ |
|
23 |
+misc/brk.c: Define a no-sysenter version of brk if |
|
24 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
25 |
+ |
|
26 |
+sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER |
|
27 |
+Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. |
|
28 |
+ |
|
29 |
+Patch by Kevin F. Quinn <kevquinn@gentoo.org> |
|
30 |
+ |
|
31 |
+--- csu/libc-start.c.orig 2007-01-21 11:51:06.000000000 +0100 |
|
32 |
++++ csu/libc-start.c 2007-01-21 11:55:57.000000000 +0100 |
|
33 |
+@@ -28,6 +28,7 @@ |
|
34 |
+ extern int __libc_multiple_libcs; |
|
35 |
+ |
|
36 |
+ #include <tls.h> |
|
37 |
++#include <sysdep.h> |
|
38 |
+ #ifndef SHARED |
|
39 |
+ # include <dl-osinfo.h> |
|
40 |
+ extern void __pthread_initialize_minimal (void) |
|
41 |
+@@ -133,6 +134,14 @@ |
|
42 |
+ # endif |
|
43 |
+ _dl_aux_init (auxvec); |
|
44 |
+ # endif |
|
45 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
46 |
++ /* Do the initial TLS initialization before _dl_osversion, |
|
47 |
++ since the latter uses the uname syscall. */ |
|
48 |
++# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP |
|
49 |
++ if (__pthread_initialize_minimal) |
|
50 |
++# endif |
|
51 |
++ __pthread_initialize_minimal (); |
|
52 |
++# endif |
|
53 |
+ # ifdef DL_SYSDEP_OSCHECK |
|
54 |
+ if (!__libc_multiple_libcs) |
|
55 |
+ { |
|
56 |
+@@ -142,15 +151,17 @@ |
|
57 |
+ } |
|
58 |
+ # endif |
|
59 |
+ |
|
60 |
++# ifndef INTERNAL_SYSCALL_NOSYSENTER |
|
61 |
+ /* Initialize the thread library at least a bit since the libgcc |
|
62 |
+ functions are using thread functions if these are available and |
|
63 |
+ we need to setup errno. If there is no thread library and we |
|
64 |
+ handle TLS the function is defined in the libc to initialized the |
|
65 |
+ TLS handling. */ |
|
66 |
+-# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP |
|
67 |
++# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP |
|
68 |
+ if (__pthread_initialize_minimal) |
|
69 |
+-# endif |
|
70 |
++# endif |
|
71 |
+ __pthread_initialize_minimal (); |
|
72 |
++# endif |
|
73 |
+ #endif |
|
74 |
+ |
|
75 |
+ # ifndef SHARED |
|
76 |
+--- csu/libc-tls.c.orig 2007-01-21 11:37:02.000000000 +0100 |
|
77 |
++++ csu/libc-tls.c 2007-01-21 12:09:33.000000000 +0100 |
|
78 |
+@@ -23,6 +23,7 @@ |
|
79 |
+ #include <unistd.h> |
|
80 |
+ #include <stdio.h> |
|
81 |
+ #include <sys/param.h> |
|
82 |
++#include <sysdep.h> |
|
83 |
+ |
|
84 |
+ |
|
85 |
+ #ifdef SHARED |
|
86 |
+@@ -30,6 +31,9 @@ |
|
87 |
+ #endif |
|
88 |
+ |
|
89 |
+ #ifdef USE_TLS |
|
90 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
91 |
++extern void *__sbrk_nosysenter (intptr_t __delta); |
|
92 |
++# endif |
|
93 |
+ extern ElfW(Phdr) *_dl_phdr; |
|
94 |
+ extern size_t _dl_phnum; |
|
95 |
+ |
|
96 |
+@@ -142,14 +146,26 @@ |
|
97 |
+ |
|
98 |
+ The initialized value of _dl_tls_static_size is provided by dl-open.c |
|
99 |
+ to request some surplus that permits dynamic loading of modules with |
|
100 |
+- IE-model TLS. */ |
|
101 |
++ IE-model TLS. |
|
102 |
++ |
|
103 |
++ Where the normal sbrk would use a syscall that needs the TLS (i386) |
|
104 |
++ use the special non-sysenter version instead. */ |
|
105 |
+ # if TLS_TCB_AT_TP |
|
106 |
+ tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); |
|
107 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
108 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); |
|
109 |
++# else |
|
110 |
+ tlsblock = __sbrk (tcb_offset + tcbsize + max_align); |
|
111 |
++# endif |
|
112 |
+ # elif TLS_DTV_AT_TP |
|
113 |
+ tcb_offset = roundup (tcbsize, align ?: 1); |
|
114 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
115 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align |
|
116 |
++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
117 |
++# else |
|
118 |
+ tlsblock = __sbrk (tcb_offset + memsz + max_align |
|
119 |
+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
120 |
++# endif |
|
121 |
+ tlsblock += TLS_PRE_TCB_SIZE; |
|
122 |
+ # else |
|
123 |
+ /* In case a model with a different layout for the TCB and DTV |
|
124 |
+--- misc/sbrk.c.orig 2007-01-21 11:38:27.000000000 +0100 |
|
125 |
++++ misc/sbrk.c 2007-01-21 12:07:29.000000000 +0100 |
|
126 |
+@@ -18,6 +18,7 @@ |
|
127 |
+ |
|
128 |
+ #include <unistd.h> |
|
129 |
+ #include <errno.h> |
|
130 |
++#include <sysdep.h> |
|
131 |
+ |
|
132 |
+ /* Defined in brk.c. */ |
|
133 |
+ extern void *__curbrk; |
|
134 |
+@@ -29,6 +30,35 @@ |
|
135 |
+ /* Extend the process's data space by INCREMENT. |
|
136 |
+ If INCREMENT is negative, shrink data space by - INCREMENT. |
|
137 |
+ Return start of new space allocated, or -1 for errors. */ |
|
138 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
139 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
140 |
++ if the SYSENTER version requires the TLS (which it does on i386). |
|
141 |
++ Obviously using the TLS before it is initialised is broken. */ |
|
142 |
++extern int __brk_nosysenter (void *addr); |
|
143 |
++void * |
|
144 |
++__sbrk_nosysenter (intptr_t increment) |
|
145 |
++{ |
|
146 |
++ void *oldbrk; |
|
147 |
++ |
|
148 |
++ /* If this is not part of the dynamic library or the library is used |
|
149 |
++ via dynamic loading in a statically linked program update |
|
150 |
++ __curbrk from the kernel's brk value. That way two separate |
|
151 |
++ instances of __brk and __sbrk can share the heap, returning |
|
152 |
++ interleaved pieces of it. */ |
|
153 |
++ if (__curbrk == NULL || __libc_multiple_libcs) |
|
154 |
++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ |
|
155 |
++ return (void *) -1; |
|
156 |
++ |
|
157 |
++ if (increment == 0) |
|
158 |
++ return __curbrk; |
|
159 |
++ |
|
160 |
++ oldbrk = __curbrk; |
|
161 |
++ if (__brk_nosysenter (oldbrk + increment) < 0) |
|
162 |
++ return (void *) -1; |
|
163 |
++ |
|
164 |
++ return oldbrk; |
|
165 |
++} |
|
166 |
++#endif |
|
167 |
+ void * |
|
168 |
+ __sbrk (intptr_t increment) |
|
169 |
+ { |
|
170 |
+--- sysdeps/unix/sysv/linux/i386/brk.c.orig 2007-01-21 11:39:16.000000000 +0100 |
|
171 |
++++ sysdeps/unix/sysv/linux/i386/brk.c 2007-01-21 11:44:01.000000000 +0100 |
|
172 |
+@@ -31,6 +31,30 @@ |
|
173 |
+ linker. */ |
|
174 |
+ weak_alias (__curbrk, ___brk_addr) |
|
175 |
+ |
|
176 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
177 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
178 |
++ * if the SYSENTER version requires the TLS (which it does on i386). |
|
179 |
++ * Obviously using the TLS before it is initialised is broken. */ |
|
180 |
++int |
|
181 |
++__brk_nosysenter (void *addr) |
|
182 |
++{ |
|
183 |
++ void *__unbounded newbrk; |
|
184 |
++ |
|
185 |
++ INTERNAL_SYSCALL_DECL (err); |
|
186 |
++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, |
|
187 |
++ __ptrvalue (addr)); |
|
188 |
++ |
|
189 |
++ __curbrk = newbrk; |
|
190 |
++ |
|
191 |
++ if (newbrk < addr) |
|
192 |
++ { |
|
193 |
++ __set_errno (ENOMEM); |
|
194 |
++ return -1; |
|
195 |
++ } |
|
196 |
++ |
|
197 |
++ return 0; |
|
198 |
++} |
|
199 |
++#endif |
|
200 |
+ int |
|
201 |
+ __brk (void *addr) |
|
202 |
+ { |
|
203 |
+--- sysdeps/unix/sysv/linux/i386/sysdep.h.orig 2007-01-21 13:08:00.000000000 +0100 |
|
204 |
++++ sysdeps/unix/sysv/linux/i386/sysdep.h 2007-01-21 13:19:10.000000000 +0100 |
|
205 |
+@@ -187,7 +187,7 @@ |
|
206 |
+ /* The original calling convention for system calls on Linux/i386 is |
|
207 |
+ to use int $0x80. */ |
|
208 |
+ #ifdef I386_USE_SYSENTER |
|
209 |
+-# ifdef SHARED |
|
210 |
++# if defined SHARED || defined __PIC__ |
|
211 |
+ # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET |
|
212 |
+ # else |
|
213 |
+ # define ENTER_KERNEL call *_dl_sysinfo |
|
214 |
+@@ -358,7 +358,7 @@ |
|
215 |
+ possible to use more than four parameters. */ |
|
216 |
+ #undef INTERNAL_SYSCALL |
|
217 |
+ #ifdef I386_USE_SYSENTER |
|
218 |
+-# ifdef SHARED |
|
219 |
++# if defined SHARED || defined __PIC__ |
|
220 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
221 |
+ ({ \ |
|
222 |
+ register unsigned int resultvar; \ |
|
223 |
+@@ -384,6 +384,18 @@ |
|
224 |
+ : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ |
|
225 |
+ ASMFMT_##nr(args) : "memory", "cc"); \ |
|
226 |
+ (int) resultvar; }) |
|
227 |
++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ |
|
228 |
++ ({ \ |
|
229 |
++ register unsigned int resultvar; \ |
|
230 |
++ EXTRAVAR_##nr \ |
|
231 |
++ asm volatile ( \ |
|
232 |
++ LOADARGS_NOSYSENTER_##nr \ |
|
233 |
++ "movl %1, %%eax\n\t" \ |
|
234 |
++ "int $0x80\n\t" \ |
|
235 |
++ RESTOREARGS_NOSYSENTER_##nr \ |
|
236 |
++ : "=a" (resultvar) \ |
|
237 |
++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ |
|
238 |
++ (int) resultvar; }) |
|
239 |
+ # else |
|
240 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
241 |
+ ({ \ |
|
242 |
+@@ -447,12 +459,20 @@ |
|
243 |
+ |
|
244 |
+ #define LOADARGS_0 |
|
245 |
+ #ifdef __PIC__ |
|
246 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
247 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
248 |
+ # define LOADARGS_1 \ |
|
249 |
+ "bpushl .L__X'%k3, %k3\n\t" |
|
250 |
+ # define LOADARGS_5 \ |
|
251 |
+ "movl %%ebx, %4\n\t" \ |
|
252 |
+ "movl %3, %%ebx\n\t" |
|
253 |
++# define LOADARGS_NOSYSENTER_1 \ |
|
254 |
++ "bpushl .L__X'%k2, %k2\n\t" |
|
255 |
++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 |
|
256 |
++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 |
|
257 |
++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 |
|
258 |
++# define LOADARGS_NOSYSENTER_5 \ |
|
259 |
++ "movl %%ebx, %3\n\t" \ |
|
260 |
++ "movl %2, %%ebx\n\t" |
|
261 |
+ # else |
|
262 |
+ # define LOADARGS_1 \ |
|
263 |
+ "bpushl .L__X'%k2, %k2\n\t" |
|
264 |
+@@ -474,11 +495,18 @@ |
|
265 |
+ |
|
266 |
+ #define RESTOREARGS_0 |
|
267 |
+ #ifdef __PIC__ |
|
268 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
269 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
270 |
+ # define RESTOREARGS_1 \ |
|
271 |
+ "bpopl .L__X'%k3, %k3\n\t" |
|
272 |
+ # define RESTOREARGS_5 \ |
|
273 |
+ "movl %4, %%ebx" |
|
274 |
++# define RESTOREARGS_NOSYSENTER_1 \ |
|
275 |
++ "bpopl .L__X'%k2, %k2\n\t" |
|
276 |
++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 |
|
277 |
++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 |
|
278 |
++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 |
|
279 |
++# define RESTOREARGS_NOSYSENTER_5 \ |
|
280 |
++ "movl %3, %%ebx" |
|
281 |
+ # else |
|
282 |
+ # define RESTOREARGS_1 \ |
|
283 |
+ "bpopl .L__X'%k2, %k2\n\t" |
... | ... |
@@ -0,0 +1,39 @@ |
1 |
+Change link commands for glibc executables to build PIEs |
|
2 |
+ |
|
3 |
+Patch by Kevin F. Quinn <kevquinn@gentoo.org> |
|
4 |
+ |
|
5 |
+--- Makeconfig |
|
6 |
++++ Makeconfig |
|
7 |
+@@ -415,10 +415,10 @@ |
|
8 |
+ |
|
9 |
+ # Command for linking programs with the C library. |
|
10 |
+ ifndef +link |
|
11 |
+-+link = $(CC) -nostdlib -nostartfiles -o $@ \ |
|
12 |
+++link = $(CC) -nostdlib -nostartfiles -fPIE -pie -o $@ \ |
|
13 |
+ $(sysdep-LDFLAGS) $(config-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ |
|
14 |
+ $(combreloc-LDFLAGS) $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \ |
|
15 |
+- $(addprefix $(csu-objpfx),$(start-installed-name)) \ |
|
16 |
++ $(addprefix $(csu-objpfx),S$(start-installed-name)) \ |
|
17 |
+ $(+preinit) $(+prector) \ |
|
18 |
+ $(filter-out $(addprefix $(csu-objpfx),start.o \ |
|
19 |
+ $(start-installed-name))\ |
|
20 |
+@@ -429,7 +429,7 @@ |
|
21 |
+ ifndef +link-static |
|
22 |
+ +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ |
|
23 |
+ $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ |
|
24 |
+- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ |
|
25 |
++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ |
|
26 |
+ $(+preinit) $(+prector) \ |
|
27 |
+ $(filter-out $(addprefix $(csu-objpfx),start.o \ |
|
28 |
+ $(start-installed-name))\ |
|
29 |
+@@ -528,8 +528,8 @@ |
|
30 |
+ ifeq ($(elf),yes) |
|
31 |
+ +preinit = $(addprefix $(csu-objpfx),crti.o) |
|
32 |
+ +postinit = $(addprefix $(csu-objpfx),crtn.o) |
|
33 |
+-+prector = `$(CC) --print-file-name=crtbegin.o` |
|
34 |
+-+postctor = `$(CC) --print-file-name=crtend.o` |
|
35 |
+++prector = `$(CC) --print-file-name=crtbeginS.o` |
|
36 |
+++postctor = `$(CC) --print-file-name=crtendS.o` |
|
37 |
+ +interp = $(addprefix $(elf-objpfx),interp.os) |
|
38 |
+ endif |
|
39 |
+ csu-objpfx = $(common-objpfx)csu/ |
... | ... |
@@ -0,0 +1,321 @@ |
1 |
+/* Copyright (C) 2005 Free Software Foundation, Inc. |
|
2 |
+ This file is part of the GNU C Library. |
|
3 |
+ |
|
4 |
+ The GNU C Library is free software; you can redistribute it and/or |
|
5 |
+ modify it under the terms of the GNU Lesser General Public |
|
6 |
+ License as published by the Free Software Foundation; either |
|
7 |
+ version 2.1 of the License, or (at your option) any later version. |
|
8 |
+ |
|
9 |
+ The GNU C Library is distributed in the hope that it will be useful, |
|
10 |
+ but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|
12 |
+ Lesser General Public License for more details. |
|
13 |
+ |
|
14 |
+ You should have received a copy of the GNU Lesser General Public |
|
15 |
+ License along with the GNU C Library; if not, write to the Free |
|
16 |
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA |
|
17 |
+ 02111-1307 USA. */ |
|
18 |
+ |
|
19 |
+/* Copyright (C) 2006-2007 Gentoo Foundation Inc. |
|
20 |
+ * License terms as above. |
|
21 |
+ * |
|
22 |
+ * Hardened Gentoo SSP handler |
|
23 |
+ * |
|
24 |
+ * An SSP failure handler that does not use functions from the rest of |
|
25 |
+ * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures |
|
26 |
+ * no possibility of recursion into the handler. |
|
27 |
+ * |
|
28 |
+ * Direct all bug reports to http://bugs.gentoo.org/ |
|
29 |
+ * |
|
30 |
+ * Re-written from the glibc-2.3 Hardened Gentoo SSP handler |
|
31 |
+ * by Kevin F. Quinn - <kevquinn[@]gentoo.org> |
|
32 |
+ * |
|
33 |
+ * The following people contributed to the glibc-2.3 Hardened |
|
34 |
+ * Gentoo SSP handler, from which this implementation draws much: |
|
35 |
+ * |
|
36 |
+ * Ned Ludd - <solar[@]gentoo.org> |
|
37 |
+ * Alexander Gabert - <pappy[@]gentoo.org> |
|
38 |
+ * The PaX Team - <pageexec[@]freemail.hu> |
|
39 |
+ * Peter S. Mazinger - <ps.m[@]gmx.net> |
|
40 |
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> |
|
41 |
+ * Robert Connolly - <robert[@]linuxfromscratch.org> |
|
42 |
+ * Cory Visi <cory[@]visi.name> |
|
43 |
+ * Mike Frysinger <vapier[@]gentoo.org> |
|
44 |
+ */ |
|
45 |
+ |
|
46 |
+#include <errno.h> |
|
47 |
+#include <stdlib.h> |
|
48 |
+#include <unistd.h> |
|
49 |
+#include <signal.h> |
|
50 |
+ |
|
51 |
+#include <sys/types.h> |
|
52 |
+ |
|
53 |
+#include <sysdep-cancel.h> |
|
54 |
+#include <sys/syscall.h> |
|
55 |
+#include <bp-checks.h> |
|
56 |
+ |
|
57 |
+#include <kernel-features.h> |
|
58 |
+ |
|
59 |
+#include <alloca.h> |
|
60 |
+/* from sysdeps */ |
|
61 |
+#include <socketcall.h> |
|
62 |
+/* for the stuff in bits/socket.h */ |
|
63 |
+#include <sys/socket.h> |
|
64 |
+#include <sys/un.h> |
|
65 |
+ |
|
66 |
+ |
|
67 |
+/* Sanity check on SYSCALL macro names - force compilation |
|
68 |
+ * failure if the names used here do not exist |
|
69 |
+ */ |
|
70 |
+#if !defined __NR_socketcall && !defined __NR_socket |
|
71 |
+# error Cannot do syscall socket or socketcall |
|
72 |
+#endif |
|
73 |
+#if !defined __NR_socketcall && !defined __NR_connect |
|
74 |
+# error Cannot do syscall connect or socketcall |
|
75 |
+#endif |
|
76 |
+#ifndef __NR_write |
|
77 |
+# error Cannot do syscall write |
|
78 |
+#endif |
|
79 |
+#ifndef __NR_close |
|
80 |
+# error Cannot do syscall close |
|
81 |
+#endif |
|
82 |
+#ifndef __NR_getpid |
|
83 |
+# error Cannot do syscall getpid |
|
84 |
+#endif |
|
85 |
+#ifndef __NR_kill |
|
86 |
+# error Cannot do syscall kill |
|
87 |
+#endif |
|
88 |
+#ifndef __NR_exit |
|
89 |
+# error Cannot do syscall exit |
|
90 |
+#endif |
|
91 |
+#ifdef SSP_SMASH_DUMPS_CORE |
|
92 |
+# define ENABLE_SSP_SMASH_DUMPS_CORE 1 |
|
93 |
+# if !defined _KERNEL_NSIG && !defined _NSIG |
|
94 |
+# error No _NSIG or _KERNEL_NSIG for rt_sigaction |
|
95 |
+# endif |
|
96 |
+# if !defined __NR_sigaction && !defined __NR_rt_sigaction |
|
97 |
+# error Cannot do syscall sigaction or rt_sigaction |
|
98 |
+# endif |
|
99 |
+/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size |
|
100 |
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t. |
|
101 |
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for |
|
102 |
+ * some reason. |
|
103 |
+ */ |
|
104 |
+# ifdef _KERNEL_NSIG |
|
105 |
+# define _SSP_NSIG _KERNEL_NSIG |
|
106 |
+# else |
|
107 |
+# define _SSP_NSIG _NSIG |
|
108 |
+# endif |
|
109 |
+#else |
|
110 |
+# define _SSP_NSIG 0 |
|
111 |
+# define ENABLE_SSP_SMASH_DUMPS_CORE 0 |
|
112 |
+#endif |
|
113 |
+ |
|
114 |
+/* Define DO_SIGACTION - default to newer rt signal interface but |
|
115 |
+ * fallback to old as needed. |
|
116 |
+ */ |
|
117 |
+#ifdef __NR_rt_sigaction |
|
118 |
+# define DO_SIGACTION(signum, act, oldact) \ |
|
119 |
+ INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) |
|
120 |
+#else |
|
121 |
+# define DO_SIGACTION(signum, act, oldact) \ |
|
122 |
+ INLINE_SYSCALL(sigaction, 3, signum, act, oldact) |
|
123 |
+#endif |
|
124 |
+ |
|
125 |
+/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ |
|
126 |
+#if defined(__NR_socket) && defined(__NR_connect) |
|
127 |
+# define USE_OLD_SOCKETCALL 0 |
|
128 |
+#else |
|
129 |
+# define USE_OLD_SOCKETCALL 1 |
|
130 |
+#endif |
|
131 |
+/* stub out the __NR_'s so we can let gcc optimize away dead code */ |
|
132 |
+#ifndef __NR_socketcall |
|
133 |
+# define __NR_socketcall 0 |
|
134 |
+#endif |
|
135 |
+#ifndef __NR_socket |
|
136 |
+# define __NR_socket 0 |
|
137 |
+#endif |
|
138 |
+#ifndef __NR_connect |
|
139 |
+# define __NR_connect 0 |
|
140 |
+#endif |
|
141 |
+#define DO_SOCKET(result, domain, type, protocol) \ |
|
142 |
+ do { \ |
|
143 |
+ if (USE_OLD_SOCKETCALL) { \ |
|
144 |
+ socketargs[0] = domain; \ |
|
145 |
+ socketargs[1] = type; \ |
|
146 |
+ socketargs[2] = protocol; \ |
|
147 |
+ socketargs[3] = 0; \ |
|
148 |
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ |
|
149 |
+ } else \ |
|
150 |
+ result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ |
|
151 |
+ } while (0) |
|
152 |
+#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ |
|
153 |
+ do { \ |
|
154 |
+ if (USE_OLD_SOCKETCALL) { \ |
|
155 |
+ socketargs[0] = sockfd; \ |
|
156 |
+ socketargs[1] = (unsigned long int)serv_addr; \ |
|
157 |
+ socketargs[2] = addrlen; \ |
|
158 |
+ socketargs[3] = 0; \ |
|
159 |
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ |
|
160 |
+ } else \ |
|
161 |
+ result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ |
|
162 |
+ } while (0) |
|
163 |
+ |
|
164 |
+#ifndef _PATH_LOG |
|
165 |
+# define _PATH_LOG "/dev/log" |
|
166 |
+#endif |
|
167 |
+ |
|
168 |
+static const char path_log[] = _PATH_LOG; |
|
169 |
+ |
|
170 |
+/* For building glibc with SSP switched on, define __progname to a |
|
171 |
+ * constant if building for the run-time loader, to avoid pulling |
|
172 |
+ * in more of libc.so into ld.so |
|
173 |
+ */ |
|
174 |
+#ifdef IS_IN_rtld |
|
175 |
+static char *__progname = "<rtld>"; |
|
176 |
+#else |
|
177 |
+extern char *__progname; |
|
178 |
+#endif |
|
179 |
+ |
|
180 |
+ |
|
181 |
+/* Common handler code, used by stack_chk_fail and __stack_smash_handler |
|
182 |
+ * Inlined to ensure no self-references to the handler within itself. |
|
183 |
+ * Data static to avoid putting more than necessary on the stack, |
|
184 |
+ * to aid core debugging. |
|
185 |
+ */ |
|
186 |
+__attribute__ ((__noreturn__ , __always_inline__)) |
|
187 |
+static inline void |
|
188 |
+__hardened_gentoo_stack_chk_fail(char func[], int damaged) |
|
189 |
+{ |
|
190 |
+#define MESSAGE_BUFSIZ 256 |
|
191 |
+ static pid_t pid; |
|
192 |
+ static int plen, i; |
|
193 |
+ static char message[MESSAGE_BUFSIZ]; |
|
194 |
+ static const char msg_ssa[] = ": stack smashing attack"; |
|
195 |
+ static const char msg_inf[] = " in function "; |
|
196 |
+ static const char msg_ssd[] = "*** stack smashing detected ***: "; |
|
197 |
+ static const char msg_terminated[] = " - terminated\n"; |
|
198 |
+ static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; |
|
199 |
+ static const char msg_unknown[] = "<unknown>"; |
|
200 |
+ static int log_socket, connect_result; |
|
201 |
+ static struct sockaddr_un sock; |
|
202 |
+ static unsigned long int socketargs[4]; |
|
203 |
+ |
|
204 |
+ /* Build socket address |
|
205 |
+ */ |
|
206 |
+ sock.sun_family = AF_UNIX; |
|
207 |
+ i = 0; |
|
208 |
+ while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { |
|
209 |
+ sock.sun_path[i] = path_log[i]; |
|
210 |
+ i++; |
|
211 |
+ } |
|
212 |
+ sock.sun_path[i] = '\0'; |
|
213 |
+ |
|
214 |
+ /* Try SOCK_DGRAM connection to syslog */ |
|
215 |
+ connect_result = -1; |
|
216 |
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); |
|
217 |
+ if (log_socket != -1) |
|
218 |
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
|
219 |
+ if (connect_result == -1) { |
|
220 |
+ if (log_socket != -1) |
|
221 |
+ INLINE_SYSCALL(close, 1, log_socket); |
|
222 |
+ /* Try SOCK_STREAM connection to syslog */ |
|
223 |
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); |
|
224 |
+ if (log_socket != -1) |
|
225 |
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
|
226 |
+ } |
|
227 |
+ |
|
228 |
+ /* Build message. Messages are generated both in the old style and new style, |
|
229 |
+ * so that log watchers that are configured for the old-style message continue |
|
230 |
+ * to work. |
|
231 |
+ */ |
|
232 |
+#define strconcat(str) \ |
|
233 |
+ {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ |
|
234 |
+ {\ |
|
235 |
+ message[plen+i]=str[i];\ |
|
236 |
+ i++;\ |
|
237 |
+ }\ |
|
238 |
+ plen+=i;} |
|
239 |
+ |
|
240 |
+ /* R.Henderson post-gcc-4 style message */ |
|
241 |
+ plen = 0; |
|
242 |
+ strconcat(msg_ssd); |
|
243 |
+ if (__progname != (char *)0) |
|
244 |
+ strconcat(__progname) |
|
245 |
+ else |
|
246 |
+ strconcat(msg_unknown); |
|
247 |
+ strconcat(msg_terminated); |
|
248 |
+ |
|
249 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
250 |
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
|
251 |
+ if (connect_result != -1) |
|
252 |
+ INLINE_SYSCALL(write, 3, log_socket, message, plen); |
|
253 |
+ |
|
254 |
+ /* Dr. Etoh pre-gcc-4 style message */ |
|
255 |
+ plen = 0; |
|
256 |
+ if (__progname != (char *)0) |
|
257 |
+ strconcat(__progname) |
|
258 |
+ else |
|
259 |
+ strconcat(msg_unknown); |
|
260 |
+ strconcat(msg_ssa); |
|
261 |
+ strconcat(msg_inf); |
|
262 |
+ if (func != NULL) |
|
263 |
+ strconcat(func) |
|
264 |
+ else |
|
265 |
+ strconcat(msg_unknown); |
|
266 |
+ strconcat(msg_terminated); |
|
267 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
268 |
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
|
269 |
+ if (connect_result != -1) |
|
270 |
+ INLINE_SYSCALL(write, 3, log_socket, message, plen); |
|
271 |
+ |
|
272 |
+ /* Direct reports to bugs.gentoo.org */ |
|
273 |
+ plen=0; |
|
274 |
+ strconcat(msg_report); |
|
275 |
+ message[plen++]='\0'; |
|
276 |
+ |
|
277 |
+ /* Write out error message to STDERR, to syslog if open */ |
|
278 |
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
|
279 |
+ if (connect_result != -1) |
|
280 |
+ INLINE_SYSCALL(write, 3, log_socket, message, plen); |
|
281 |
+ |
|
282 |
+ if (log_socket != -1) |
|
283 |
+ INLINE_SYSCALL(close, 1, log_socket); |
|
284 |
+ |
|
285 |
+ /* Suicide */ |
|
286 |
+ pid = INLINE_SYSCALL(getpid, 0); |
|
287 |
+ |
|
288 |
+ if (ENABLE_SSP_SMASH_DUMPS_CORE) { |
|
289 |
+ static struct sigaction default_abort_act; |
|
290 |
+ /* Remove any user-supplied handler for SIGABRT, before using it */ |
|
291 |
+ default_abort_act.sa_handler = SIG_DFL; |
|
292 |
+ default_abort_act.sa_sigaction = NULL; |
|
293 |
+ __sigfillset(&default_abort_act.sa_mask); |
|
294 |
+ default_abort_act.sa_flags = 0; |
|
295 |
+ if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) |
|
296 |
+ INLINE_SYSCALL(kill, 2, pid, SIGABRT); |
|
297 |
+ } |
|
298 |
+ |
|
299 |
+ /* Note; actions cannot be added to SIGKILL */ |
|
300 |
+ INLINE_SYSCALL(kill, 2, pid, SIGKILL); |
|
301 |
+ |
|
302 |
+ /* In case the kill didn't work, exit anyway |
|
303 |
+ * The loop prevents gcc thinking this routine returns |
|
304 |
+ */ |
|
305 |
+ while (1) |
|
306 |
+ INLINE_SYSCALL(exit, 0); |
|
307 |
+} |
|
308 |
+ |
|
309 |
+__attribute__ ((__noreturn__)) |
|
310 |
+void __stack_chk_fail(void) |
|
311 |
+{ |
|
312 |
+ __hardened_gentoo_stack_chk_fail(NULL, 0); |
|
313 |
+} |
|
314 |
+ |
|
315 |
+#ifdef ENABLE_OLD_SSP_COMPAT |
|
316 |
+__attribute__ ((__noreturn__)) |
|
317 |
+void __stack_smash_handler(char func[], int damaged) |
|
318 |
+{ |
|
319 |
+ __hardened_gentoo_stack_chk_fail(func, damaged); |
|
320 |
+} |
|
321 |
+#endif |
... | ... |
@@ -0,0 +1,273 @@ |
1 |
+When building glibc PIE (which is not something upstream support), |
|
2 |
+several modifications are necessary to the glibc build process. |
|
3 |
+ |
|
4 |
+First, any syscalls in PIEs must be of the PIC variant, otherwise |
|
5 |
+textrels ensue. Then, any syscalls made before the initialisation |
|
6 |
+of the TLS will fail on i386, as the sysenter variant on i386 uses |
|
7 |
+the TLS, giving rise to a chicken-and-egg situation. This patch |
|
8 |
+defines a PIC syscall variant that doesn't use sysenter, even when the sysenter |
|
9 |
+version is normally used, and uses the non-sysenter version for the brk |
|
10 |
+syscall that is performed by the TLS initialisation. Further, the TLS |
|
11 |
+initialisation is moved in this case prior to the initialisation of |
|
12 |
+dl_osversion, as that requires further syscalls. |
|
13 |
+ |
|
14 |
+csu/libc-start.c: Move initial TLS initialization to before the |
|
15 |
+initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined |
|
16 |
+ |
|
17 |
+csu/libc-tls.c: Use the no-sysenter version of sbrk when |
|
18 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
19 |
+ |
|
20 |
+misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter |
|
21 |
+version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
22 |
+ |
|
23 |
+misc/brk.c: Define a no-sysenter version of brk if |
|
24 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
25 |
+ |
|
26 |
+sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER |
|
27 |
+Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. |
|
28 |
+ |
|
29 |
+Patch by Kevin F. Quinn <kevquinn@gentoo.org> |
|
30 |
+ |
|
31 |
+--- csu/libc-start.c |
|
32 |
++++ csu/libc-start.c |
|
33 |
+@@ -28,6 +28,7 @@ |
|
34 |
+ extern int __libc_multiple_libcs; |
|
35 |
+ |
|
36 |
+ #include <tls.h> |
|
37 |
++#include <sysdep.h> |
|
38 |
+ #ifndef SHARED |
|
39 |
+ # include <dl-osinfo.h> |
|
40 |
+ extern void __pthread_initialize_minimal (void); |
|
41 |
+@@ -129,6 +130,11 @@ |
|
42 |
+ # endif |
|
43 |
+ _dl_aux_init (auxvec); |
|
44 |
+ # endif |
|
45 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
46 |
++ /* Do the initial TLS initialization before _dl_osversion, |
|
47 |
++ since the latter uses the uname syscall. */ |
|
48 |
++ __pthread_initialize_minimal (); |
|
49 |
++# endif |
|
50 |
+ # ifdef DL_SYSDEP_OSCHECK |
|
51 |
+ if (!__libc_multiple_libcs) |
|
52 |
+ { |
|
53 |
+@@ -138,10 +144,12 @@ |
|
54 |
+ } |
|
55 |
+ # endif |
|
56 |
+ |
|
57 |
++# ifndef INTERNAL_SYSCALL_NOSYSENTER |
|
58 |
+ /* Initialize the thread library at least a bit since the libgcc |
|
59 |
+ functions are using thread functions if these are available and |
|
60 |
+ we need to setup errno. */ |
|
61 |
+ __pthread_initialize_minimal (); |
|
62 |
++# endif |
|
63 |
+ #endif |
|
64 |
+ |
|
65 |
+ # ifndef SHARED |
|
66 |
+--- csu/libc-tls.c |
|
67 |
++++ csu/libc-tls.c |
|
68 |
+@@ -23,6 +23,7 @@ |
|
69 |
+ #include <unistd.h> |
|
70 |
+ #include <stdio.h> |
|
71 |
+ #include <sys/param.h> |
|
72 |
++#include <sysdep.h> |
|
73 |
+ |
|
74 |
+ |
|
75 |
+ #ifdef SHARED |
|
76 |
+@@ -29,6 +30,9 @@ |
|
77 |
+ #error makefile bug, this file is for static only |
|
78 |
+ #endif |
|
79 |
+ |
|
80 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
81 |
++extern void *__sbrk_nosysenter (intptr_t __delta); |
|
82 |
++#endif |
|
83 |
+ extern ElfW(Phdr) *_dl_phdr; |
|
84 |
+ extern size_t _dl_phnum; |
|
85 |
+ |
|
86 |
+@@ -141,14 +145,26 @@ |
|
87 |
+ |
|
88 |
+ The initialized value of _dl_tls_static_size is provided by dl-open.c |
|
89 |
+ to request some surplus that permits dynamic loading of modules with |
|
90 |
+- IE-model TLS. */ |
|
91 |
++ IE-model TLS. |
|
92 |
++ |
|
93 |
++ Where the normal sbrk would use a syscall that needs the TLS (i386) |
|
94 |
++ use the special non-sysenter version instead. */ |
|
95 |
+ #if TLS_TCB_AT_TP |
|
96 |
+ tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); |
|
97 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
98 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); |
|
99 |
++# else |
|
100 |
+ tlsblock = __sbrk (tcb_offset + tcbsize + max_align); |
|
101 |
++# endif |
|
102 |
+ #elif TLS_DTV_AT_TP |
|
103 |
+ tcb_offset = roundup (tcbsize, align ?: 1); |
|
104 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
105 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align |
|
106 |
++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
107 |
++# else |
|
108 |
+ tlsblock = __sbrk (tcb_offset + memsz + max_align |
|
109 |
+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
110 |
++# endif |
|
111 |
+ tlsblock += TLS_PRE_TCB_SIZE; |
|
112 |
+ #else |
|
113 |
+ /* In case a model with a different layout for the TCB and DTV |
|
114 |
+--- misc/sbrk.c |
|
115 |
++++ misc/sbrk.c |
|
116 |
+@@ -18,6 +18,7 @@ |
|
117 |
+ |
|
118 |
+ #include <unistd.h> |
|
119 |
+ #include <errno.h> |
|
120 |
++#include <sysdep.h> |
|
121 |
+ |
|
122 |
+ /* Defined in brk.c. */ |
|
123 |
+ extern void *__curbrk; |
|
124 |
+@@ -29,6 +30,35 @@ |
|
125 |
+ /* Extend the process's data space by INCREMENT. |
|
126 |
+ If INCREMENT is negative, shrink data space by - INCREMENT. |
|
127 |
+ Return start of new space allocated, or -1 for errors. */ |
|
128 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
129 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
130 |
++ if the SYSENTER version requires the TLS (which it does on i386). |
|
131 |
++ Obviously using the TLS before it is initialised is broken. */ |
|
132 |
++extern int __brk_nosysenter (void *addr); |
|
133 |
++void * |
|
134 |
++__sbrk_nosysenter (intptr_t increment) |
|
135 |
++{ |
|
136 |
++ void *oldbrk; |
|
137 |
++ |
|
138 |
++ /* If this is not part of the dynamic library or the library is used |
|
139 |
++ via dynamic loading in a statically linked program update |
|
140 |
++ __curbrk from the kernel's brk value. That way two separate |
|
141 |
++ instances of __brk and __sbrk can share the heap, returning |
|
142 |
++ interleaved pieces of it. */ |
|
143 |
++ if (__curbrk == NULL || __libc_multiple_libcs) |
|
144 |
++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ |
|
145 |
++ return (void *) -1; |
|
146 |
++ |
|
147 |
++ if (increment == 0) |
|
148 |
++ return __curbrk; |
|
149 |
++ |
|
150 |
++ oldbrk = __curbrk; |
|
151 |
++ if (__brk_nosysenter (oldbrk + increment) < 0) |
|
152 |
++ return (void *) -1; |
|
153 |
++ |
|
154 |
++ return oldbrk; |
|
155 |
++} |
|
156 |
++#endif |
|
157 |
+ void * |
|
158 |
+ __sbrk (intptr_t increment) |
|
159 |
+ { |
|
160 |
+--- sysdeps/unix/sysv/linux/i386/brk.c |
|
161 |
++++ sysdeps/unix/sysv/linux/i386/brk.c |
|
162 |
+@@ -31,6 +31,30 @@ |
|
163 |
+ linker. */ |
|
164 |
+ weak_alias (__curbrk, ___brk_addr) |
|
165 |
+ |
|
166 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
167 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
168 |
++ * if the SYSENTER version requires the TLS (which it does on i386). |
|
169 |
++ * Obviously using the TLS before it is initialised is broken. */ |
|
170 |
++int |
|
171 |
++__brk_nosysenter (void *addr) |
|
172 |
++{ |
|
173 |
++ void *__unbounded newbrk; |
|
174 |
++ |
|
175 |
++ INTERNAL_SYSCALL_DECL (err); |
|
176 |
++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, |
|
177 |
++ __ptrvalue (addr)); |
|
178 |
++ |
|
179 |
++ __curbrk = newbrk; |
|
180 |
++ |
|
181 |
++ if (newbrk < addr) |
|
182 |
++ { |
|
183 |
++ __set_errno (ENOMEM); |
|
184 |
++ return -1; |
|
185 |
++ } |
|
186 |
++ |
|
187 |
++ return 0; |
|
188 |
++} |
|
189 |
++#endif |
|
190 |
+ int |
|
191 |
+ __brk (void *addr) |
|
192 |
+ { |
|
193 |
+--- sysdeps/unix/sysv/linux/i386/sysdep.h |
|
194 |
++++ sysdeps/unix/sysv/linux/i386/sysdep.h |
|
195 |
+@@ -187,7 +187,7 @@ |
|
196 |
+ /* The original calling convention for system calls on Linux/i386 is |
|
197 |
+ to use int $0x80. */ |
|
198 |
+ #ifdef I386_USE_SYSENTER |
|
199 |
+-# ifdef SHARED |
|
200 |
++# if defined SHARED || defined __PIC__ |
|
201 |
+ # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET |
|
202 |
+ # else |
|
203 |
+ # define ENTER_KERNEL call *_dl_sysinfo |
|
204 |
+@@ -358,7 +358,7 @@ |
|
205 |
+ possible to use more than four parameters. */ |
|
206 |
+ #undef INTERNAL_SYSCALL |
|
207 |
+ #ifdef I386_USE_SYSENTER |
|
208 |
+-# ifdef SHARED |
|
209 |
++# if defined SHARED || defined __PIC__ |
|
210 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
211 |
+ ({ \ |
|
212 |
+ register unsigned int resultvar; \ |
|
213 |
+@@ -384,6 +384,18 @@ |
|
214 |
+ : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ |
|
215 |
+ ASMFMT_##nr(args) : "memory", "cc"); \ |
|
216 |
+ (int) resultvar; }) |
|
217 |
++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ |
|
218 |
++ ({ \ |
|
219 |
++ register unsigned int resultvar; \ |
|
220 |
++ EXTRAVAR_##nr \ |
|
221 |
++ asm volatile ( \ |
|
222 |
++ LOADARGS_NOSYSENTER_##nr \ |
|
223 |
++ "movl %1, %%eax\n\t" \ |
|
224 |
++ "int $0x80\n\t" \ |
|
225 |
++ RESTOREARGS_NOSYSENTER_##nr \ |
|
226 |
++ : "=a" (resultvar) \ |
|
227 |
++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ |
|
228 |
++ (int) resultvar; }) |
|
229 |
+ # else |
|
230 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
231 |
+ ({ \ |
|
232 |
+@@ -447,12 +459,20 @@ |
|
233 |
+ |
|
234 |
+ #define LOADARGS_0 |
|
235 |
+ #ifdef __PIC__ |
|
236 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
237 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
238 |
+ # define LOADARGS_1 \ |
|
239 |
+ "bpushl .L__X'%k3, %k3\n\t" |
|
240 |
+ # define LOADARGS_5 \ |
|
241 |
+ "movl %%ebx, %4\n\t" \ |
|
242 |
+ "movl %3, %%ebx\n\t" |
|
243 |
++# define LOADARGS_NOSYSENTER_1 \ |
|
244 |
++ "bpushl .L__X'%k2, %k2\n\t" |
|
245 |
++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 |
|
246 |
++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 |
|
247 |
++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 |
|
248 |
++# define LOADARGS_NOSYSENTER_5 \ |
|
249 |
++ "movl %%ebx, %3\n\t" \ |
|
250 |
++ "movl %2, %%ebx\n\t" |
|
251 |
+ # else |
|
252 |
+ # define LOADARGS_1 \ |
|
253 |
+ "bpushl .L__X'%k2, %k2\n\t" |
|
254 |
+@@ -474,11 +495,18 @@ |
|
255 |
+ |
|
256 |
+ #define RESTOREARGS_0 |
|
257 |
+ #ifdef __PIC__ |
|
258 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
259 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
260 |
+ # define RESTOREARGS_1 \ |
|
261 |
+ "bpopl .L__X'%k3, %k3\n\t" |
|
262 |
+ # define RESTOREARGS_5 \ |
|
263 |
+ "movl %4, %%ebx" |
|
264 |
++# define RESTOREARGS_NOSYSENTER_1 \ |
|
265 |
++ "bpopl .L__X'%k2, %k2\n\t" |
|
266 |
++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 |
|
267 |
++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 |
|
268 |
++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 |
|
269 |
++# define RESTOREARGS_NOSYSENTER_5 \ |
|
270 |
++ "movl %3, %%ebx" |
|
271 |
+ # else |
|
272 |
+ # define RESTOREARGS_1 \ |
|
273 |
+ "bpopl .L__X'%k2, %k2\n\t" |
... | ... |
@@ -0,0 +1,273 @@ |
1 |
+When building glibc PIE (which is not something upstream support), |
|
2 |
+several modifications are necessary to the glibc build process. |
|
3 |
+ |
|
4 |
+First, any syscalls in PIEs must be of the PIC variant, otherwise |
|
5 |
+textrels ensue. Then, any syscalls made before the initialisation |
|
6 |
+of the TLS will fail on i386, as the sysenter variant on i386 uses |
|
7 |
+the TLS, giving rise to a chicken-and-egg situation. This patch |
|
8 |
+defines a PIC syscall variant that doesn't use sysenter, even when the sysenter |
|
9 |
+version is normally used, and uses the non-sysenter version for the brk |
|
10 |
+syscall that is performed by the TLS initialisation. Further, the TLS |
|
11 |
+initialisation is moved in this case prior to the initialisation of |
|
12 |
+dl_osversion, as that requires further syscalls. |
|
13 |
+ |
|
14 |
+csu/libc-start.c: Move initial TLS initialization to before the |
|
15 |
+initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined |
|
16 |
+ |
|
17 |
+csu/libc-tls.c: Use the no-sysenter version of sbrk when |
|
18 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
19 |
+ |
|
20 |
+misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter |
|
21 |
+version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
22 |
+ |
|
23 |
+misc/brk.c: Define a no-sysenter version of brk if |
|
24 |
+INTERNAL_SYSCALL_NOSYSENTER is defined. |
|
25 |
+ |
|
26 |
+sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER |
|
27 |
+Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. |
|
28 |
+ |
|
29 |
+Patch by Kevin F. Quinn <kevquinn@gentoo.org> |
|
30 |
+ |
|
31 |
+--- csu/libc-start.c |
|
32 |
++++ csu/libc-start.c |
|
33 |
+@@ -28,6 +28,7 @@ |
|
34 |
+ extern int __libc_multiple_libcs; |
|
35 |
+ |
|
36 |
+ #include <tls.h> |
|
37 |
++#include <sysdep.h> |
|
38 |
+ #ifndef SHARED |
|
39 |
+ # include <dl-osinfo.h> |
|
40 |
+ extern void __pthread_initialize_minimal (void); |
|
41 |
+@@ -129,6 +130,11 @@ |
|
42 |
+ # endif |
|
43 |
+ _dl_aux_init (auxvec); |
|
44 |
+ # endif |
|
45 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
46 |
++ /* Do the initial TLS initialization before _dl_osversion, |
|
47 |
++ since the latter uses the uname syscall. */ |
|
48 |
++ __pthread_initialize_minimal (); |
|
49 |
++# endif |
|
50 |
+ # ifdef DL_SYSDEP_OSCHECK |
|
51 |
+ if (!__libc_multiple_libcs) |
|
52 |
+ { |
|
53 |
+@@ -138,10 +144,12 @@ |
|
54 |
+ } |
|
55 |
+ # endif |
|
56 |
+ |
|
57 |
++# ifndef INTERNAL_SYSCALL_NOSYSENTER |
|
58 |
+ /* Initialize the thread library at least a bit since the libgcc |
|
59 |
+ functions are using thread functions if these are available and |
|
60 |
+ we need to setup errno. */ |
|
61 |
+ __pthread_initialize_minimal (); |
|
62 |
++# endif |
|
63 |
+ |
|
64 |
+ /* Set up the stack checker's canary. */ |
|
65 |
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); |
|
66 |
+--- csu/libc-tls.c |
|
67 |
++++ csu/libc-tls.c |
|
68 |
+@@ -23,6 +23,7 @@ |
|
69 |
+ #include <unistd.h> |
|
70 |
+ #include <stdio.h> |
|
71 |
+ #include <sys/param.h> |
|
72 |
++#include <sysdep.h> |
|
73 |
+ |
|
74 |
+ |
|
75 |
+ #ifdef SHARED |
|
76 |
+@@ -29,6 +30,9 @@ |
|
77 |
+ #error makefile bug, this file is for static only |
|
78 |
+ #endif |
|
79 |
+ |
|
80 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
81 |
++extern void *__sbrk_nosysenter (intptr_t __delta); |
|
82 |
++#endif |
|
83 |
+ extern ElfW(Phdr) *_dl_phdr; |
|
84 |
+ extern size_t _dl_phnum; |
|
85 |
+ |
|
86 |
+@@ -141,14 +145,26 @@ |
|
87 |
+ |
|
88 |
+ The initialized value of _dl_tls_static_size is provided by dl-open.c |
|
89 |
+ to request some surplus that permits dynamic loading of modules with |
|
90 |
+- IE-model TLS. */ |
|
91 |
++ IE-model TLS. |
|
92 |
++ |
|
93 |
++ Where the normal sbrk would use a syscall that needs the TLS (i386) |
|
94 |
++ use the special non-sysenter version instead. */ |
|
95 |
+ #if TLS_TCB_AT_TP |
|
96 |
+ tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); |
|
97 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
98 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); |
|
99 |
++# else |
|
100 |
+ tlsblock = __sbrk (tcb_offset + tcbsize + max_align); |
|
101 |
++# endif |
|
102 |
+ #elif TLS_DTV_AT_TP |
|
103 |
+ tcb_offset = roundup (tcbsize, align ?: 1); |
|
104 |
++# ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
105 |
++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align |
|
106 |
++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
107 |
++# else |
|
108 |
+ tlsblock = __sbrk (tcb_offset + memsz + max_align |
|
109 |
+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
|
110 |
++# endif |
|
111 |
+ tlsblock += TLS_PRE_TCB_SIZE; |
|
112 |
+ #else |
|
113 |
+ /* In case a model with a different layout for the TCB and DTV |
|
114 |
+--- misc/sbrk.c |
|
115 |
++++ misc/sbrk.c |
|
116 |
+@@ -18,6 +18,7 @@ |
|
117 |
+ |
|
118 |
+ #include <unistd.h> |
|
119 |
+ #include <errno.h> |
|
120 |
++#include <sysdep.h> |
|
121 |
+ |
|
122 |
+ /* Defined in brk.c. */ |
|
123 |
+ extern void *__curbrk; |
|
124 |
+@@ -29,6 +30,35 @@ |
|
125 |
+ /* Extend the process's data space by INCREMENT. |
|
126 |
+ If INCREMENT is negative, shrink data space by - INCREMENT. |
|
127 |
+ Return start of new space allocated, or -1 for errors. */ |
|
128 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
129 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
130 |
++ if the SYSENTER version requires the TLS (which it does on i386). |
|
131 |
++ Obviously using the TLS before it is initialised is broken. */ |
|
132 |
++extern int __brk_nosysenter (void *addr); |
|
133 |
++void * |
|
134 |
++__sbrk_nosysenter (intptr_t increment) |
|
135 |
++{ |
|
136 |
++ void *oldbrk; |
|
137 |
++ |
|
138 |
++ /* If this is not part of the dynamic library or the library is used |
|
139 |
++ via dynamic loading in a statically linked program update |
|
140 |
++ __curbrk from the kernel's brk value. That way two separate |
|
141 |
++ instances of __brk and __sbrk can share the heap, returning |
|
142 |
++ interleaved pieces of it. */ |
|
143 |
++ if (__curbrk == NULL || __libc_multiple_libcs) |
|
144 |
++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ |
|
145 |
++ return (void *) -1; |
|
146 |
++ |
|
147 |
++ if (increment == 0) |
|
148 |
++ return __curbrk; |
|
149 |
++ |
|
150 |
++ oldbrk = __curbrk; |
|
151 |
++ if (__brk_nosysenter (oldbrk + increment) < 0) |
|
152 |
++ return (void *) -1; |
|
153 |
++ |
|
154 |
++ return oldbrk; |
|
155 |
++} |
|
156 |
++#endif |
|
157 |
+ void * |
|
158 |
+ __sbrk (intptr_t increment) |
|
159 |
+ { |
|
160 |
+--- sysdeps/unix/sysv/linux/i386/brk.c |
|
161 |
++++ sysdeps/unix/sysv/linux/i386/brk.c |
|
162 |
+@@ -31,6 +31,30 @@ |
|
163 |
+ linker. */ |
|
164 |
+ weak_alias (__curbrk, ___brk_addr) |
|
165 |
+ |
|
166 |
++#ifdef INTERNAL_SYSCALL_NOSYSENTER |
|
167 |
++/* This version is used by csu/libc-tls.c whem initialising the TLS |
|
168 |
++ * if the SYSENTER version requires the TLS (which it does on i386). |
|
169 |
++ * Obviously using the TLS before it is initialised is broken. */ |
|
170 |
++int |
|
171 |
++__brk_nosysenter (void *addr) |
|
172 |
++{ |
|
173 |
++ void *__unbounded newbrk; |
|
174 |
++ |
|
175 |
++ INTERNAL_SYSCALL_DECL (err); |
|
176 |
++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, |
|
177 |
++ __ptrvalue (addr)); |
|
178 |
++ |
|
179 |
++ __curbrk = newbrk; |
|
180 |
++ |
|
181 |
++ if (newbrk < addr) |
|
182 |
++ { |
|
183 |
++ __set_errno (ENOMEM); |
|
184 |
++ return -1; |
|
185 |
++ } |
|
186 |
++ |
|
187 |
++ return 0; |
|
188 |
++} |
|
189 |
++#endif |
|
190 |
+ int |
|
191 |
+ __brk (void *addr) |
|
192 |
+ { |
|
193 |
+--- sysdeps/unix/sysv/linux/i386/sysdep.h |
|
194 |
++++ sysdeps/unix/sysv/linux/i386/sysdep.h |
|
195 |
+@@ -187,7 +187,7 @@ |
|
196 |
+ /* The original calling convention for system calls on Linux/i386 is |
|
197 |
+ to use int $0x80. */ |
|
198 |
+ #ifdef I386_USE_SYSENTER |
|
199 |
+-# ifdef SHARED |
|
200 |
++# if defined SHARED || defined __PIC__ |
|
201 |
+ # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET |
|
202 |
+ # else |
|
203 |
+ # define ENTER_KERNEL call *_dl_sysinfo |
|
204 |
+@@ -358,7 +358,7 @@ |
|
205 |
+ possible to use more than four parameters. */ |
|
206 |
+ #undef INTERNAL_SYSCALL |
|
207 |
+ #ifdef I386_USE_SYSENTER |
|
208 |
+-# ifdef SHARED |
|
209 |
++# if defined SHARED || defined __PIC__ |
|
210 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
211 |
+ ({ \ |
|
212 |
+ register unsigned int resultvar; \ |
|
213 |
+@@ -384,6 +384,18 @@ |
|
214 |
+ : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ |
|
215 |
+ ASMFMT_##nr(args) : "memory", "cc"); \ |
|
216 |
+ (int) resultvar; }) |
|
217 |
++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ |
|
218 |
++ ({ \ |
|
219 |
++ register unsigned int resultvar; \ |
|
220 |
++ EXTRAVAR_##nr \ |
|
221 |
++ asm volatile ( \ |
|
222 |
++ LOADARGS_NOSYSENTER_##nr \ |
|
223 |
++ "movl %1, %%eax\n\t" \ |
|
224 |
++ "int $0x80\n\t" \ |
|
225 |
++ RESTOREARGS_NOSYSENTER_##nr \ |
|
226 |
++ : "=a" (resultvar) \ |
|
227 |
++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ |
|
228 |
++ (int) resultvar; }) |
|
229 |
+ # else |
|
230 |
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
|
231 |
+ ({ \ |
|
232 |
+@@ -447,12 +459,20 @@ |
|
233 |
+ |
|
234 |
+ #define LOADARGS_0 |
|
235 |
+ #ifdef __PIC__ |
|
236 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
237 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
238 |
+ # define LOADARGS_1 \ |
|
239 |
+ "bpushl .L__X'%k3, %k3\n\t" |
|
240 |
+ # define LOADARGS_5 \ |
|
241 |
+ "movl %%ebx, %4\n\t" \ |
|
242 |
+ "movl %3, %%ebx\n\t" |
|
243 |
++# define LOADARGS_NOSYSENTER_1 \ |
|
244 |
++ "bpushl .L__X'%k2, %k2\n\t" |
|
245 |
++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 |
|
246 |
++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 |
|
247 |
++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 |
|
248 |
++# define LOADARGS_NOSYSENTER_5 \ |
|
249 |
++ "movl %%ebx, %3\n\t" \ |
|
250 |
++ "movl %2, %%ebx\n\t" |
|
251 |
+ # else |
|
252 |
+ # define LOADARGS_1 \ |
|
253 |
+ "bpushl .L__X'%k2, %k2\n\t" |
|
254 |
+@@ -474,11 +495,18 @@ |
|
255 |
+ |
|
256 |
+ #define RESTOREARGS_0 |
|
257 |
+ #ifdef __PIC__ |
|
258 |
+-# if defined I386_USE_SYSENTER && defined SHARED |
|
259 |
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
|
260 |
+ # define RESTOREARGS_1 \ |
|
261 |
+ "bpopl .L__X'%k3, %k3\n\t" |
|
262 |
+ # define RESTOREARGS_5 \ |
|
263 |
+ "movl %4, %%ebx" |
|
264 |
++# define RESTOREARGS_NOSYSENTER_1 \ |
|
265 |
++ "bpopl .L__X'%k2, %k2\n\t" |
|
266 |
++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 |
|
267 |
++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 |
|
268 |
++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 |
|
269 |
++# define RESTOREARGS_NOSYSENTER_5 \ |
|
270 |
++ "movl %3, %%ebx" |
|
271 |
+ # else |
|
272 |
+ # define RESTOREARGS_1 \ |
|
273 |
+ "bpopl .L__X'%k2, %k2\n\t" |
... | ... |
@@ -0,0 +1,298 @@ |
1 |
+# Copyright 1999-2010 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/common.eblit,v 1.12 2010/09/30 06:29:21 vapier Exp $ |
|
4 |
+ |
|
5 |
+# We need to be able to set alternative headers for |
|
6 |
+# compiling for non-native platform |
|
7 |
+# Will also become useful for testing kernel-headers without screwing up |
|
8 |
+# the whole system. |
|
9 |
+# note: intentionally undocumented. |
|
10 |
+alt_headers() { |
|
11 |
+ if [[ -z ${ALT_HEADERS} ]] ; then |
|
12 |
+ if is_crosscompile ; then |
|
13 |
+ ALT_HEADERS="/usr/${CTARGET}/usr/include" |
|
14 |
+ else |
|
15 |
+ ALT_HEADERS="/usr/include" |
|
16 |
+ fi |
|
17 |
+ fi |
|
18 |
+ echo "${ALT_HEADERS}" |
|
19 |
+} |
|
20 |
+alt_build_headers() { |
|
21 |
+ if [[ -z ${ALT_BUILD_HEADERS} ]] ; then |
|
22 |
+ ALT_BUILD_HEADERS=$(alt_headers) |
|
23 |
+ if tc-is-cross-compiler ; then |
|
24 |
+ ALT_BUILD_HEADERS=${ROOT}$(alt_headers) |
|
25 |
+ if [[ ! -e ${ALT_BUILD_HEADERS}/linux/version.h ]] ; then |
|
26 |
+ local header_path=$(echo '#include <linux/version.h>' | $(tc-getCPP ${CTARGET}) ${CFLAGS} 2>&1 | grep -o '[^"]*linux/version.h') |
|
27 |
+ ALT_BUILD_HEADERS=${header_path%/linux/version.h} |
|
28 |
+ fi |
|
29 |
+ fi |
|
30 |
+ fi |
|
31 |
+ echo "${ALT_BUILD_HEADERS}" |
|
32 |
+} |
|
33 |
+ |
|
34 |
+alt_usrlibdir() { |
|
35 |
+ if is_crosscompile ; then |
|
36 |
+ echo /usr/${CTARGET}/usr/$(get_libdir) |
|
37 |
+ else |
|
38 |
+ echo /usr/$(get_libdir) |
|
39 |
+ fi |
|
40 |
+} |
|
41 |
+ |
|
42 |
+setup_flags() { |
|
43 |
+ # Make sure host make.conf doesn't pollute us |
|
44 |
+ if is_crosscompile || tc-is-cross-compiler ; then |
|
45 |
+ CHOST=${CTARGET} strip-unsupported-flags |
|
46 |
+ fi |
|
47 |
+ |
|
48 |
+ # Store our CFLAGS because it's changed depending on which CTARGET |
|
49 |
+ # we are building when pulling glibc on a multilib profile |
|
50 |
+ CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}} |
|
51 |
+ CFLAGS=${CFLAGS_BASE} |
|
52 |
+ CXXFLAGS_BASE=${CXXFLAGS_BASE-${CXXFLAGS}} |
|
53 |
+ CXXFLAGS=${CXXFLAGS_BASE} |
|
54 |
+ ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}} |
|
55 |
+ ASFLAGS=${ASFLAGS_BASE} |
|
56 |
+ |
|
57 |
+ # Over-zealous CFLAGS can often cause problems. What may work for one |
|
58 |
+ # person may not work for another. To avoid a large influx of bugs |
|
59 |
+ # relating to failed builds, we strip most CFLAGS out to ensure as few |
|
60 |
+ # problems as possible. |
|
61 |
+ strip-flags |
|
62 |
+ strip-unsupported-flags |
|
63 |
+ filter-flags -m32 -m64 -mabi=* |
|
64 |
+ |
|
65 |
+ unset CBUILD_OPT CTARGET_OPT |
|
66 |
+ if has_multilib_profile ; then |
|
67 |
+ CTARGET_OPT=$(get_abi_CTARGET) |
|
68 |
+ [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST) |
|
69 |
+ fi |
|
70 |
+ |
|
71 |
+ case $(tc-arch) in |
|
72 |
+ x86) |
|
73 |
+ # -march needed for #185404 |
|
74 |
+ local t=${CTARGET_OPT:-${CTARGET}} |
|
75 |
+ t=${t%%-*} |
|
76 |
+ if ! echo "" | $(tc-getCC) ${CFLAGS} -E -dD - | grep -qs __${t}__ ; then |
|
77 |
+ filter-flags '-march=*' |
|
78 |
+ export CFLAGS="-march=${t} ${CFLAGS}" |
|
79 |
+ fi |
|
80 |
+ ;; |
|
81 |
+ amd64) |
|
82 |
+ # Punt this when amd64's 2004.3 is removed |
|
83 |
+ CFLAGS_x86="-m32" |
|
84 |
+ |
|
85 |
+ # -march needed for #185404 |
|
86 |
+ local t=${CTARGET_OPT:-${CTARGET}} |
|
87 |
+ t=${t%%-*} |
|
88 |
+ if ! echo "" | $(tc-getCC) ${CFLAGS} ${CFLAGS_x86} -m32 -E -dD - | grep -qs __${t}__ ; then |
|
89 |
+ filter-flags '-march=*' |
|
90 |
+ export CFLAGS_x86="${CFLAGS_x86} -march=${t}" |
|
91 |
+ fi |
|
92 |
+ ;; |
|
93 |
+ ppc) |
|
94 |
+ append-flags "-freorder-blocks" |
|
95 |
+ ;; |
|
96 |
+ sparc) |
|
97 |
+ # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though. |
|
98 |
+ filter-flags "-fcall-used-g7" |
|
99 |
+ append-flags "-fcall-used-g6" |
|
100 |
+ filter-flags "-mvis" |
|
101 |
+ |
|
102 |
+ GLIBCMAJOR=$(get_version_component_range 1 ${PV}) |
|
103 |
+ GLIBCMINOR=$(get_version_component_range 2 ${PV}) |
|
104 |
+ |
|
105 |
+ # set CTARGET_OPT so glibc can use cpu-specific .S files for better performance |
|
106 |
+ # - UltraSPARC T1 (niagara) support requires >= glibc 2.8 |
|
107 |
+ # - UltraSPARC T2 (niagara2) support requires >= glibc 2.7 |
|
108 |
+ |
|
109 |
+ if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then |
|
110 |
+ case ${ABI} in |
|
111 |
+ sparc64) |
|
112 |
+ filter-flags -Wa,-xarch -Wa,-A |
|
113 |
+ |
|
114 |
+ if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then |
|
115 |
+ CTARGET_OPT="sparc64v2-unknown-linux-gnu" |
|
116 |
+ append-flags "-Wa,-xarch=v9b" |
|
117 |
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" |
|
118 |
+ elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then |
|
119 |
+ CTARGET_OPT="sparc64v-unknown-linux-gnu" |
|
120 |
+ append-flags "-Wa,-xarch=v9b" |
|
121 |
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" |
|
122 |
+ elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then |
|
123 |
+ CTARGET_OPT="sparc64b-unknown-linux-gnu" |
|
124 |
+ append-flags "-Wa,-xarch=v9b" |
|
125 |
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" |
|
126 |
+ else |
|
127 |
+ CTARGET_OPT="sparc64-unknown-linux-gnu" |
|
128 |
+ append-flags "-Wa,-xarch=v9a" |
|
129 |
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a" |
|
130 |
+ fi |
|
131 |
+ ;; |
|
132 |
+ *) |
|
133 |
+ if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then |
|
134 |
+ CTARGET_OPT="sparcv9v2-unknown-linux-gnu" |
|
135 |
+ elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then |
|
136 |
+ CTARGET_OPT="sparcv9v-unknown-linux-gnu" |
|
137 |
+ elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then |
|
138 |
+ CTARGET_OPT="sparcv9b-unknown-linux-gnu" |
|
139 |
+ else |
|
140 |
+ CTARGET_OPT="sparcv9-unknown-linux-gnu" |
|
141 |
+ fi |
|
142 |
+ ;; |
|
143 |
+ esac |
|
144 |
+ else |
|
145 |
+ if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then |
|
146 |
+ CTARGET_OPT="sparcv9v2-unknown-linux-gnu" |
|
147 |
+ elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then |
|
148 |
+ CTARGET_OPT="sparcv9v-unknown-linux-gnu" |
|
149 |
+ elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then |
|
150 |
+ CTARGET_OPT="sparcv9b-unknown-linux-gnu" |
|
151 |
+ elif { is_crosscompile && want_nptl; } || is-flagq "-mcpu=ultrasparc2" || is-flagq "-mcpu=ultrasparc"; then |
|
152 |
+ CTARGET_OPT="sparcv9-unknown-linux-gnu" |
|
153 |
+ fi |
|
154 |
+ fi |
|
155 |
+ ;; |
|
156 |
+ esac |
|
157 |
+ |
|
158 |
+ if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then |
|
159 |
+ CBUILD_OPT=${CTARGET_OPT} |
|
160 |
+ fi |
|
161 |
+ |
|
162 |
+ # Lock glibc at -O2 -- linuxthreads needs it and we want to be |
|
163 |
+ # conservative here. -fno-strict-aliasing is to work around #155906 |
|
164 |
+ filter-flags -O? |
|
165 |
+ append-flags -O2 -fno-strict-aliasing |
|
166 |
+ |
|
167 |
+ # Cant build glibc itself with fortify code |
|
168 |
+ append-cppflags -U_FORTIFY_SOURCE |
|
169 |
+ |
|
170 |
+ # building glibc with SSP is fraught with difficulty, especially |
|
171 |
+ # due to __stack_chk_fail_local which would mean significant changes |
|
172 |
+ # to the glibc build process. See bug #94325 #293721 |
|
173 |
+ use hardened && gcc-specs-ssp && append-cflags $(test-flags-CC -fno-stack-protector) |
|
174 |
+ |
|
175 |
+ if use hardened && gcc-specs-pie ; then |
|
176 |
+ # Force PIC macro definition for all compilations since they're all |
|
177 |
+ # either -fPIC or -fPIE with the default-PIE compiler. |
|
178 |
+ append-cppflags -DPIC |
|
179 |
+ else |
|
180 |
+ # Don't build -fPIE without the default-PIE compiler and the |
|
181 |
+ # hardened-pie patch |
|
182 |
+ filter-flags -fPIE |
|
183 |
+ fi |
|
184 |
+} |
|
185 |
+ |
|
186 |
+want_nptl() { |
|
187 |
+ [[ -z ${LT_VER} ]] && return 0 |
|
188 |
+ want_tls || return 1 |
|
189 |
+ use nptl || return 1 |
|
190 |
+ |
|
191 |
+ # Only list the arches that cannot do NPTL |
|
192 |
+ case $(tc-arch) in |
|
193 |
+ m68k) return 1;; |
|
194 |
+ sparc) |
|
195 |
+ # >= v9 is needed for nptl. |
|
196 |
+ [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 |
|
197 |
+ ;; |
|
198 |
+ esac |
|
199 |
+ |
|
200 |
+ return 0 |
|
201 |
+} |
|
202 |
+ |
|
203 |
+want_linuxthreads() { |
|
204 |
+ [[ -z ${LT_VER} ]] && return 1 |
|
205 |
+ ! use nptlonly && return 0 |
|
206 |
+ want_nptl || return 0 |
|
207 |
+ return 1 |
|
208 |
+} |
|
209 |
+ |
|
210 |
+want_tls() { |
|
211 |
+ # Archs that can use TLS (Thread Local Storage) |
|
212 |
+ case $(tc-arch) in |
|
213 |
+ sparc) |
|
214 |
+ # 2.3.6 should have tls support on sparc64 |
|
215 |
+ # when using newer binutils |
|
216 |
+ case ${CTARGET/-*} in |
|
217 |
+ sparc64*) return 1 ;; |
|
218 |
+ *) return 0 ;; |
|
219 |
+ esac |
|
220 |
+ ;; |
|
221 |
+ x86) |
|
222 |
+ # requires i486 or better #106556 |
|
223 |
+ [[ ${CTARGET} == i[4567]86* ]] && return 0 |
|
224 |
+ return 1 |
|
225 |
+ ;; |
|
226 |
+ esac |
|
227 |
+ |
|
228 |
+ return 0 |
|
229 |
+} |
|
230 |
+ |
|
231 |
+want__thread() { |
|
232 |
+ want_tls || return 1 |
|
233 |
+ |
|
234 |
+ # For some reason --with-tls --with__thread is causing segfaults on sparc32. |
|
235 |
+ [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 |
|
236 |
+ |
|
237 |
+ [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD} |
|
238 |
+ |
|
239 |
+ # only test gcc -- cant test linking yet |
|
240 |
+ tc-has-tls -c ${CTARGET} |
|
241 |
+ WANT__THREAD=$? |
|
242 |
+ |
|
243 |
+ return ${WANT__THREAD} |
|
244 |
+} |
|
245 |
+ |
|
246 |
+use_multilib() { |
|
247 |
+ case ${CTARGET} in |
|
248 |
+ sparc*|mips64*|x86_64*|powerpc64*|s390x*) |
|
249 |
+ has_multilib_profile || use multilib ;; |
|
250 |
+ *) false ;; |
|
251 |
+ esac |
|
252 |
+} |
|
253 |
+ |
|
254 |
+use_multiarch() { |
|
255 |
+ # Make sure binutils is new enough to support indirect functions #336792 |
|
256 |
+ local bver=$($(tc-getLD ${CTARGET}) -v | awk '{print $NF}') nver |
|
257 |
+ case $(tc-arch ${CTARGET}) in |
|
258 |
+ amd64|x86) nver="2.20" ;; |
|
259 |
+ sparc) nver="2.21" ;; |
|
260 |
+ *) return 1 ;; |
|
261 |
+ esac |
|
262 |
+ version_is_at_least ${nver} ${bver} |
|
263 |
+} |
|
264 |
+ |
|
265 |
+# Setup toolchain variables that would be defined in the profiles for these archs. |
|
266 |
+setup_env() { |
|
267 |
+ # silly users |
|
268 |
+ unset LD_RUN_PATH |
|
269 |
+ |
|
270 |
+ if is_crosscompile || tc-is-cross-compiler ; then |
|
271 |
+ multilib_env ${CTARGET} |
|
272 |
+ if ! use multilib ; then |
|
273 |
+ MULTILIB_ABIS=${DEFAULT_ABI} |
|
274 |
+ else |
|
275 |
+ MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}} |
|
276 |
+ fi |
|
277 |
+ |
|
278 |
+ # If the user has CFLAGS_<CTARGET> in their make.conf, use that, |
|
279 |
+ # and fall back on CFLAGS. |
|
280 |
+ local VAR=CFLAGS_${CTARGET//[-.]/_} |
|
281 |
+ CFLAGS=${!VAR-${CFLAGS}} |
|
282 |
+ fi |
|
283 |
+ |
|
284 |
+ setup_flags |
|
285 |
+ |
|
286 |
+ export ABI=${ABI:-${DEFAULT_ABI:-default}} |
|
287 |
+ |
|
288 |
+ if is_crosscompile || tc-is-cross-compiler ; then |
|
289 |
+ local VAR=CFLAGS_${ABI} |
|
290 |
+ # We need to export CFLAGS with abi information in them because |
|
291 |
+ # glibc's configure script checks CFLAGS for some targets (like mips) |
|
292 |
+ export CFLAGS="${!VAR} ${CFLAGS}" |
|
293 |
+ fi |
|
294 |
+} |
|
295 |
+ |
|
296 |
+just_headers() { |
|
297 |
+ is_crosscompile && use crosscompile_opts_headers-only |
|
298 |
+} |
... | ... |
@@ -0,0 +1,29 @@ |
1 |
+# Copyright 1999-2009 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_postinst.eblit,v 1.1 2009/03/01 21:06:22 vapier Exp $ |
|
4 |
+ |
|
5 |
+eblit-glibc-pkg_postinst() { |
|
6 |
+ # nothing to do if just installing headers |
|
7 |
+ just_headers && return |
|
8 |
+ |
|
9 |
+ if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then |
|
10 |
+ # Generate fastloading iconv module configuration file. |
|
11 |
+ "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" |
|
12 |
+ fi |
|
13 |
+ |
|
14 |
+ if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then |
|
15 |
+ # Reload init ... if in a chroot or a diff init package, ignore |
|
16 |
+ # errors from this step #253697 |
|
17 |
+ /sbin/telinit U 2>/dev/null |
|
18 |
+ |
|
19 |
+ # if the host locales.gen contains no entries, we'll install everything |
|
20 |
+ local locale_list="${ROOT}etc/locale.gen" |
|
21 |
+ if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then |
|
22 |
+ ewarn "Generating all locales; edit /etc/locale.gen to save time/space" |
|
23 |
+ locale_list="${ROOT}usr/share/i18n/SUPPORTED" |
|
24 |
+ fi |
|
25 |
+ local x jobs |
|
26 |
+ for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done |
|
27 |
+ locale-gen -j ${jobs:-1} --config "${locale_list}" |
|
28 |
+ fi |
|
29 |
+} |
... | ... |
@@ -0,0 +1,90 @@ |
1 |
+# Copyright 1999-2010 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_preinst.eblit,v 1.3 2010/10/08 15:33:13 flameeyes Exp $ |
|
4 |
+ |
|
5 |
+fix_lib64_symlinks() { |
|
6 |
+ # the original Gentoo/AMD64 devs decided that since 64bit is the native |
|
7 |
+ # bitdepth for AMD64, lib should be used for 64bit libraries. however, |
|
8 |
+ # this ignores the FHS and breaks multilib horribly... especially |
|
9 |
+ # since it wont even work without a lib64 symlink anyways. *rolls eyes* |
|
10 |
+ # see bug 59710 for more information. |
|
11 |
+ # Travis Tilley <lv@gentoo.org> (08 Aug 2004) |
|
12 |
+ if [ -L ${ROOT}/lib64 ] ; then |
|
13 |
+ ewarn "removing /lib64 symlink and moving lib to lib64..." |
|
14 |
+ ewarn "dont hit ctrl-c until this is done" |
|
15 |
+ rm ${ROOT}/lib64 |
|
16 |
+ # now that lib64 is gone, nothing will run without calling ld.so |
|
17 |
+ # directly. luckily the window of brokenness is almost non-existant |
|
18 |
+ use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 |
|
19 |
+ use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 |
|
20 |
+ # all better :) |
|
21 |
+ ldconfig |
|
22 |
+ ln -s lib64 ${ROOT}/lib |
|
23 |
+ einfo "done! :-)" |
|
24 |
+ einfo "fixed broken lib64/lib symlink in ${ROOT}" |
|
25 |
+ fi |
|
26 |
+ if [ -L ${ROOT}/usr/lib64 ] ; then |
|
27 |
+ rm ${ROOT}/usr/lib64 |
|
28 |
+ mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 |
|
29 |
+ ln -s lib64 ${ROOT}/usr/lib |
|
30 |
+ einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" |
|
31 |
+ fi |
|
32 |
+ if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then |
|
33 |
+ rm ${ROOT}/usr/X11R6/lib64 |
|
34 |
+ mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 |
|
35 |
+ ln -s lib64 ${ROOT}/usr/X11R6/lib |
|
36 |
+ einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" |
|
37 |
+ fi |
|
38 |
+} |
|
39 |
+ |
|
40 |
+eblit-glibc-pkg_preinst() { |
|
41 |
+ # nothing to do if just installing headers |
|
42 |
+ just_headers && return |
|
43 |
+ |
|
44 |
+ # PPC64+others may want to eventually be added to this logic if they |
|
45 |
+ # decide to be multilib compatible and FHS compliant. note that this |
|
46 |
+ # chunk of FHS compliance only applies to 64bit archs where 32bit |
|
47 |
+ # compatibility is a major concern (not IA64, for example). |
|
48 |
+ |
|
49 |
+ # amd64's 2005.0 is the first amd64 profile to not need this code. |
|
50 |
+ # 2005.0 is setup properly, and this is executed as part of the |
|
51 |
+ # 2004.3 -> 2005.0 upgrade script. |
|
52 |
+ # It can be removed after 2004.3 has been purged from portage. |
|
53 |
+ { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks |
|
54 |
+ |
|
55 |
+ # it appears that /lib/tls is sometimes not removed. See bug |
|
56 |
+ # 69258 for more info. |
|
57 |
+ if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then |
|
58 |
+ ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." |
|
59 |
+ rm -r "${ROOT}"/$(alt_libdir)/tls || die |
|
60 |
+ fi |
|
61 |
+ |
|
62 |
+ # prepare /etc/ld.so.conf.d/ for files |
|
63 |
+ mkdir -p "${ROOT}"/etc/ld.so.conf.d |
|
64 |
+ |
|
65 |
+ # simple test to make sure our new glibc isnt completely broken. |
|
66 |
+ # make sure we don't test with statically built binaries since |
|
67 |
+ # they will fail. also, skip if this glibc is a cross compiler. |
|
68 |
+ [[ ${ROOT} != "/" ]] && return 0 |
|
69 |
+ [[ -d ${D}/$(get_libdir) ]] || return 0 |
|
70 |
+ cd / #228809 |
|
71 |
+ local x striptest |
|
72 |
+ for x in date env ls true uname ; do |
|
73 |
+ x=$(type -p ${x}) |
|
74 |
+ [[ -z ${x} ]] && continue |
|
75 |
+ striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) |
|
76 |
+ [[ -z ${striptest} ]] && continue |
|
77 |
+ [[ ${striptest} == *"statically linked"* ]] && continue |
|
78 |
+ # we enter ${D} so to avoid trouble if the path contains |
|
79 |
+ # special characters; for instance if the path contains the |
|
80 |
+ # colon character (:), then the linker will try to split it |
|
81 |
+ # and look for the libraries in an unexpected place. This can |
|
82 |
+ # lead to unsafe code execution if the generated prefix is |
|
83 |
+ # within a world-writable directory |
|
84 |
+ # (e.g. /var/tmp/portage:${HOSTNAME}) |
|
85 |
+ pushd "${D}"/$(get_libdir) 2>/dev/null |
|
86 |
+ ./ld-*.so --library-path . ${x} > /dev/null \ |
|
87 |
+ || die "simple run test (${x}) failed" |
|
88 |
+ popd 2>/dev/null |
|
89 |
+ done |
|
90 |
+} |
... | ... |
@@ -0,0 +1,67 @@ |
1 |
+# Copyright 1999-2009 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_setup.eblit,v 1.4 2009/08/21 05:46:04 vapier Exp $ |
|
4 |
+ |
|
5 |
+eblit-glibc-pkg_setup() { |
|
6 |
+ # prevent native builds from downgrading ... maybe update to allow people |
|
7 |
+ # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) |
|
8 |
+ if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then |
|
9 |
+ if has_version '>'${CATEGORY}/${PF} ; then |
|
10 |
+ eerror "Sanity check to keep you from breaking your system:" |
|
11 |
+ eerror " Downgrading glibc is not supported and a sure way to destruction" |
|
12 |
+ die "aborting to save your system" |
|
13 |
+ fi |
|
14 |
+ |
|
15 |
+ # Check for broken kernels #262698 |
|
16 |
+ cd "${T}" |
|
17 |
+ printf '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n' > kern-clo-test.c |
|
18 |
+ emake kern-clo-test || die |
|
19 |
+ if ! ./kern-clo-test ; then |
|
20 |
+ eerror "Your patched vendor kernel is broken. You need to get an" |
|
21 |
+ eerror "update from whoever is providing the kernel to you." |
|
22 |
+ eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" |
|
23 |
+ die "keeping your system alive, say thank you" |
|
24 |
+ fi |
|
25 |
+ |
|
26 |
+ # Check for broken kernels #279260 |
|
27 |
+ cd "${T}" |
|
28 |
+ printf '#include <unistd.h>\n#include <sys/syscall.h>\nint main(){return syscall(1000)!=-1;}\n' > kern-enosys-test.c |
|
29 |
+ emake kern-enosys-test || die |
|
30 |
+ if ! ./kern-enosys-test ; then |
|
31 |
+ eerror "Your old kernel is broken. You need to update it to" |
|
32 |
+ eerror "a newer version as syscall(<bignum>) will break." |
|
33 |
+ eerror "http://bugs.gentoo.org/279260" |
|
34 |
+ die "keeping your system alive, say thank you" |
|
35 |
+ fi |
|
36 |
+ fi |
|
37 |
+ |
|
38 |
+ # users have had a chance to phase themselves, time to give em the boot |
|
39 |
+ if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then |
|
40 |
+ eerror "You still haven't deleted ${ROOT}/etc/locales.build." |
|
41 |
+ eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." |
|
42 |
+ die "lazy upgrader detected" |
|
43 |
+ fi |
|
44 |
+ |
|
45 |
+ if [[ ${CTARGET} == i386-* ]] ; then |
|
46 |
+ eerror "i386 CHOSTs are no longer supported." |
|
47 |
+ eerror "Chances are you don't actually want/need i386." |
|
48 |
+ eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" |
|
49 |
+ die "please fix your CHOST" |
|
50 |
+ fi |
|
51 |
+ |
|
52 |
+ if [[ -n ${LT_VER} ]] ; then |
|
53 |
+ if use nptlonly && ! use nptl ; then |
|
54 |
+ eerror "If you want nptlonly, add nptl to your USE too ;p" |
|
55 |
+ die "nptlonly without nptl" |
|
56 |
+ fi |
|
57 |
+ fi |
|
58 |
+ |
|
59 |
+ if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then |
|
60 |
+ ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." |
|
61 |
+ ewarn "This will result in a 50% performance penalty when running with a 32bit" |
|
62 |
+ ewarn "hypervisor, which is probably not what you want." |
|
63 |
+ fi |
|
64 |
+ |
|
65 |
+ use hardened && ! gcc-specs-pie && \ |
|
66 |
+ ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" |
|
67 |
+} |
... | ... |
@@ -0,0 +1,208 @@ |
1 |
+# Copyright 1999-2007 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_compile-2.11.2.eblit,v 1.1 2010/08/10 08:08:05 vapier Exp $ |
|
4 |
+ |
|
5 |
+glibc_do_configure() { |
|
6 |
+ local myconf |
|
7 |
+ |
|
8 |
+ # set addons |
|
9 |
+ pushd "${S}" > /dev/null |
|
10 |
+ local ADDONS=$(echo */configure | sed \ |
|
11 |
+ -e 's:/configure::g' \ |
|
12 |
+ -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ |
|
13 |
+ -e 's: \+$::' \ |
|
14 |
+ -e 's! !,!g' \ |
|
15 |
+ -e 's!^!,!' \ |
|
16 |
+ -e '/^,\*$/d') |
|
17 |
+ [[ -d ports ]] && ADDONS="${ADDONS},ports" |
|
18 |
+ popd > /dev/null |
|
19 |
+ |
|
20 |
+ use nls || myconf="${myconf} --disable-nls" |
|
21 |
+ myconf="${myconf} $(use_enable hardened stackguard-randomization)" |
|
22 |
+ if [[ $(<"${T}"/.ssp.compat) == "yes" ]] ; then |
|
23 |
+ myconf="${myconf} --enable-old-ssp-compat" |
|
24 |
+ else |
|
25 |
+ myconf="${myconf} --disable-old-ssp-compat" |
|
26 |
+ fi |
|
27 |
+ |
|
28 |
+ use glibc-omitfp && myconf="${myconf} --enable-omitfp" |
|
29 |
+ |
|
30 |
+ [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" |
|
31 |
+ |
|
32 |
+ if [[ $1 == "linuxthreads" ]] ; then |
|
33 |
+ if want_tls ; then |
|
34 |
+ myconf="${myconf} --with-tls" |
|
35 |
+ |
|
36 |
+ if ! want__thread || use glibc-compat20 || [[ ${LT_KER_VER} == 2.[02].* ]] ; then |
|
37 |
+ myconf="${myconf} --without-__thread" |
|
38 |
+ else |
|
39 |
+ myconf="${myconf} --with-__thread" |
|
40 |
+ fi |
|
41 |
+ else |
|
42 |
+ myconf="${myconf} --without-tls --without-__thread" |
|
43 |
+ fi |
|
44 |
+ |
|
45 |
+ myconf="${myconf} --disable-sanity-checks" |
|
46 |
+ myconf="${myconf} --enable-add-ons=linuxthreads${ADDONS}" |
|
47 |
+ myconf="${myconf} --enable-kernel=${LT_KER_VER}" |
|
48 |
+ elif [[ $1 == "nptl" ]] ; then |
|
49 |
+ myconf="${myconf} --enable-add-ons=nptl${ADDONS}" |
|
50 |
+ myconf="${myconf} --enable-kernel=${NPTL_KERN_VER}" |
|
51 |
+ else |
|
52 |
+ die "invalid pthread option" |
|
53 |
+ fi |
|
54 |
+ |
|
55 |
+ # Since SELinux support is only required for nscd, only enable it if: |
|
56 |
+ # 1. USE selinux |
|
57 |
+ # 2. only for the primary ABI on multilib systems |
|
58 |
+ # 3. Not a crosscompile |
|
59 |
+ if ! is_crosscompile && use selinux ; then |
|
60 |
+ if use multilib || has_multilib_profile ; then |
|
61 |
+ if is_final_abi ; then |
|
62 |
+ myconf="${myconf} --with-selinux" |
|
63 |
+ else |
|
64 |
+ myconf="${myconf} --without-selinux" |
|
65 |
+ fi |
|
66 |
+ else |
|
67 |
+ myconf="${myconf} --with-selinux" |
|
68 |
+ fi |
|
69 |
+ else |
|
70 |
+ myconf="${myconf} --without-selinux" |
|
71 |
+ fi |
|
72 |
+ |
|
73 |
+ myconf="${myconf} |
|
74 |
+ --without-cvs |
|
75 |
+ --enable-bind-now |
|
76 |
+ --build=${CBUILD_OPT:-${CBUILD}} |
|
77 |
+ --host=${CTARGET_OPT:-${CTARGET}} |
|
78 |
+ $(use_enable profile) |
|
79 |
+ $(use_with gd) |
|
80 |
+ --with-headers=$(alt_build_headers) |
|
81 |
+ --prefix=/usr |
|
82 |
+ --libdir=/usr/$(get_libdir) |
|
83 |
+ --mandir=/usr/share/man |
|
84 |
+ --infodir=/usr/share/info |
|
85 |
+ --libexecdir=/usr/$(get_libdir)/misc/glibc |
|
86 |
+ ${EXTRA_ECONF}" |
|
87 |
+ |
|
88 |
+ # There is no configure option for this and we need to export it |
|
89 |
+ # since the glibc build will re-run configure on itself |
|
90 |
+ export libc_cv_slibdir=/$(get_libdir) |
|
91 |
+ |
|
92 |
+ has_version app-admin/eselect-compiler || export CC=$(tc-getCC ${CTARGET}) |
|
93 |
+ |
|
94 |
+ local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 |
|
95 |
+ mkdir -p "${GBUILDDIR}" |
|
96 |
+ cd "${GBUILDDIR}" |
|
97 |
+ einfo "Configuring GLIBC for $1 with: ${myconf// /\n\t\t}" |
|
98 |
+ "${S}"/configure ${myconf} || die "failed to configure glibc" |
|
99 |
+ |
|
100 |
+ # since we'll be punting them for cross-compilers, and they can cause |
|
101 |
+ # problems (ia64+static), we'll just skip building altogether |
|
102 |
+ is_crosscompile && sed -i '1ibuild-programs = no' config.make |
|
103 |
+} |
|
104 |
+ |
|
105 |
+toolchain-glibc_src_compile() { |
|
106 |
+ echo |
|
107 |
+ local v |
|
108 |
+ for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do |
|
109 |
+ einfo " $(printf '%15s' ${v}:) ${!v}" |
|
110 |
+ done |
|
111 |
+ echo |
|
112 |
+ |
|
113 |
+ if want_linuxthreads ; then |
|
114 |
+ glibc_do_configure linuxthreads |
|
115 |
+ einfo "Building GLIBC with linuxthreads..." |
|
116 |
+ make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" |
|
117 |
+ fi |
|
118 |
+ if want_nptl ; then |
|
119 |
+ # ... and then do the optional nptl build |
|
120 |
+ unset LD_ASSUME_KERNEL |
|
121 |
+ glibc_do_configure nptl |
|
122 |
+ einfo "Building GLIBC with NPTL..." |
|
123 |
+ make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" |
|
124 |
+ fi |
|
125 |
+} |
|
126 |
+ |
|
127 |
+toolchain-glibc_headers_compile() { |
|
128 |
+ local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers |
|
129 |
+ mkdir -p "${GBUILDDIR}" |
|
130 |
+ cd "${GBUILDDIR}" |
|
131 |
+ |
|
132 |
+ # if we don't have a compiler yet, we cant really test it now ... |
|
133 |
+ # hopefully they don't affect header geneation, so let's hope for |
|
134 |
+ # the best here ... |
|
135 |
+ export \ |
|
136 |
+ libc_cv_386_tls=yes \ |
|
137 |
+ libc_cv_asm_cfi_directives=yes \ |
|
138 |
+ libc_cv_broken_visibility_attribute=no \ |
|
139 |
+ libc_cv_gcc___thread=yes \ |
|
140 |
+ libc_cv_mlong_double_128=yes \ |
|
141 |
+ libc_cv_mlong_double_128ibm=yes \ |
|
142 |
+ libc_cv_ppc_machine=yes \ |
|
143 |
+ libc_cv_visibility_attribute=yes \ |
|
144 |
+ libc_cv_z_combreloc=yes \ |
|
145 |
+ libc_cv_z_execstack=yes \ |
|
146 |
+ libc_cv_z_initfirst=yes \ |
|
147 |
+ libc_cv_z_nodelete=yes \ |
|
148 |
+ libc_cv_z_nodlopen=yes \ |
|
149 |
+ libc_cv_z_relro=yes |
|
150 |
+ |
|
151 |
+ # Pick out the correct location for build headers |
|
152 |
+ local ports="" myconf="--disable-sanity-checks --enable-hacker-mode" |
|
153 |
+ [[ -d ${S}/ports ]] && ports=",ports" |
|
154 |
+ myconf="${myconf} |
|
155 |
+ --enable-add-ons=nptl${ports} |
|
156 |
+ --without-cvs |
|
157 |
+ --enable-bind-now |
|
158 |
+ --build=${CBUILD_OPT:-${CBUILD}} |
|
159 |
+ --host=${CTARGET_OPT:-${CTARGET}} |
|
160 |
+ --with-headers=$(alt_build_headers) |
|
161 |
+ --prefix=/usr |
|
162 |
+ ${EXTRA_ECONF}" |
|
163 |
+ |
|
164 |
+ # Nothing is compiled here which would affect the headers for the target. |
|
165 |
+ # so forcing CC/CFLAGS is sane. unless you dont have `gcc`. then i |
|
166 |
+ # dont care :p. |
|
167 |
+ einfo "Configuring GLIBC headers with: ${myconf// /\n\t\t}" |
|
168 |
+ CC=gcc \ |
|
169 |
+ CFLAGS="-O1 -pipe" \ |
|
170 |
+ "${S}"/configure ${myconf} || die "failed to configure glibc" |
|
171 |
+} |
|
172 |
+ |
|
173 |
+eblit-glibc-src_compile() { |
|
174 |
+ if is_crosscompile ; then |
|
175 |
+ export \ |
|
176 |
+ libc_cv_c_cleanup=yes \ |
|
177 |
+ libc_cv_forced_unwind=yes |
|
178 |
+ fi |
|
179 |
+ |
|
180 |
+ if just_headers ; then |
|
181 |
+ toolchain-glibc_headers_compile |
|
182 |
+ return |
|
183 |
+ fi |
|
184 |
+ |
|
185 |
+ setup_env |
|
186 |
+ |
|
187 |
+ if [[ -z ${OABI} ]] ; then |
|
188 |
+ local abilist="" |
|
189 |
+ if has_multilib_profile ; then |
|
190 |
+ abilist=$(get_install_abis) |
|
191 |
+ einfo "Building multilib glibc for ABIs: ${abilist}" |
|
192 |
+ elif is_crosscompile || tc-is-cross-compiler ; then |
|
193 |
+ abilist=${DEFAULT_ABI} |
|
194 |
+ fi |
|
195 |
+ if [[ -n ${abilist} ]] ; then |
|
196 |
+ OABI=${ABI} |
|
197 |
+ for ABI in ${abilist} ; do |
|
198 |
+ export ABI |
|
199 |
+ src_compile |
|
200 |
+ done |
|
201 |
+ ABI=${OABI} |
|
202 |
+ unset OABI |
|
203 |
+ return 0 |
|
204 |
+ fi |
|
205 |
+ fi |
|
206 |
+ |
|
207 |
+ toolchain-glibc_src_compile |
|
208 |
+} |
... | ... |
@@ -0,0 +1,210 @@ |
1 |
+# Copyright 1999-2010 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_compile.eblit,v 1.15 2010/09/30 06:29:21 vapier Exp $ |
|
4 |
+ |
|
5 |
+glibc_do_configure() { |
|
6 |
+ local myconf |
|
7 |
+ |
|
8 |
+ einfo "Configuring GLIBC for $1" |
|
9 |
+ |
|
10 |
+ # set addons |
|
11 |
+ pushd "${S}" > /dev/null |
|
12 |
+ local ADDONS=$(echo */configure | sed \ |
|
13 |
+ -e 's:/configure::g' \ |
|
14 |
+ -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ |
|
15 |
+ -e 's: \+$::' \ |
|
16 |
+ -e 's! !,!g' \ |
|
17 |
+ -e 's!^!,!' \ |
|
18 |
+ -e '/^,\*$/d') |
|
19 |
+ [[ -d ports ]] && ADDONS="${ADDONS},ports" |
|
20 |
+ popd > /dev/null |
|
21 |
+ |
|
22 |
+ use nls || myconf="${myconf} --disable-nls" |
|
23 |
+ myconf="${myconf} $(use_enable hardened stackguard-randomization)" |
|
24 |
+ if [[ $(<"${T}"/.ssp.compat) == "yes" ]] ; then |
|
25 |
+ myconf="${myconf} --enable-old-ssp-compat" |
|
26 |
+ else |
|
27 |
+ myconf="${myconf} --disable-old-ssp-compat" |
|
28 |
+ fi |
|
29 |
+ |
|
30 |
+ use glibc-omitfp && myconf="${myconf} --enable-omitfp" |
|
31 |
+ |
|
32 |
+ [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" |
|
33 |
+ |
|
34 |
+ if [[ $1 == "linuxthreads" ]] ; then |
|
35 |
+ if want_tls ; then |
|
36 |
+ myconf="${myconf} --with-tls" |
|
37 |
+ |
|
38 |
+ if ! want__thread || use glibc-compat20 || [[ ${LT_KER_VER} == 2.[02].* ]] ; then |
|
39 |
+ myconf="${myconf} --without-__thread" |
|
40 |
+ else |
|
41 |
+ myconf="${myconf} --with-__thread" |
|
42 |
+ fi |
|
43 |
+ else |
|
44 |
+ myconf="${myconf} --without-tls --without-__thread" |
|
45 |
+ fi |
|
46 |
+ |
|
47 |
+ myconf="${myconf} --disable-sanity-checks" |
|
48 |
+ myconf="${myconf} --enable-add-ons=linuxthreads${ADDONS}" |
|
49 |
+ myconf="${myconf} --enable-kernel=${LT_KER_VER}" |
|
50 |
+ elif [[ $1 == "nptl" ]] ; then |
|
51 |
+ myconf="${myconf} --enable-add-ons=nptl${ADDONS}" |
|
52 |
+ myconf="${myconf} --enable-kernel=${NPTL_KERN_VER}" |
|
53 |
+ else |
|
54 |
+ die "invalid pthread option" |
|
55 |
+ fi |
|
56 |
+ |
|
57 |
+ # Since SELinux support is only required for nscd, only enable it if: |
|
58 |
+ # 1. USE selinux |
|
59 |
+ # 2. only for the primary ABI on multilib systems |
|
60 |
+ # 3. Not a crosscompile |
|
61 |
+ if ! is_crosscompile && use selinux ; then |
|
62 |
+ if use multilib || has_multilib_profile ; then |
|
63 |
+ if is_final_abi ; then |
|
64 |
+ myconf="${myconf} --with-selinux" |
|
65 |
+ else |
|
66 |
+ myconf="${myconf} --without-selinux" |
|
67 |
+ fi |
|
68 |
+ else |
|
69 |
+ myconf="${myconf} --with-selinux" |
|
70 |
+ fi |
|
71 |
+ else |
|
72 |
+ myconf="${myconf} --without-selinux" |
|
73 |
+ fi |
|
74 |
+ |
|
75 |
+ myconf="${myconf} |
|
76 |
+ --without-cvs |
|
77 |
+ --enable-bind-now |
|
78 |
+ --build=${CBUILD_OPT:-${CBUILD}} |
|
79 |
+ --host=${CTARGET_OPT:-${CTARGET}} |
|
80 |
+ $(use_enable profile) |
|
81 |
+ $(use_with gd) |
|
82 |
+ --with-headers=$(alt_build_headers) |
|
83 |
+ --prefix=/usr |
|
84 |
+ --libdir=/usr/$(get_libdir) |
|
85 |
+ --mandir=/usr/share/man |
|
86 |
+ --infodir=/usr/share/info |
|
87 |
+ --libexecdir=/usr/$(get_libdir)/misc/glibc |
|
88 |
+ $(use_multiarch || echo --disable-multi-arch) |
|
89 |
+ ${EXTRA_ECONF}" |
|
90 |
+ |
|
91 |
+ # There is no configure option for this and we need to export it |
|
92 |
+ # since the glibc build will re-run configure on itself |
|
93 |
+ export libc_cv_slibdir=/$(get_libdir) |
|
94 |
+ |
|
95 |
+ local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 |
|
96 |
+ mkdir -p "${GBUILDDIR}" |
|
97 |
+ cd "${GBUILDDIR}" |
|
98 |
+ echo "${S}"/configure ${myconf} |
|
99 |
+ "${S}"/configure ${myconf} || die "failed to configure glibc" |
|
100 |
+ |
|
101 |
+ # since we'll be punting them for cross-compilers, and they can cause |
|
102 |
+ # problems (ia64+static), we'll just skip building altogether |
|
103 |
+ is_crosscompile && sed -i '1ibuild-programs = no' config.make |
|
104 |
+} |
|
105 |
+ |
|
106 |
+toolchain-glibc_src_compile() { |
|
107 |
+ echo |
|
108 |
+ local v |
|
109 |
+ for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do |
|
110 |
+ einfo " $(printf '%15s' ${v}:) ${!v}" |
|
111 |
+ done |
|
112 |
+ export CC=$(tc-getCC ${CTARGET}) |
|
113 |
+ einfo " $(printf '%15s' 'Manual CC:') ${CC}" |
|
114 |
+ echo |
|
115 |
+ |
|
116 |
+ if want_linuxthreads ; then |
|
117 |
+ glibc_do_configure linuxthreads |
|
118 |
+ emake || die "make for ${ABI} failed" |
|
119 |
+ fi |
|
120 |
+ if want_nptl ; then |
|
121 |
+ # ... and then do the optional nptl build |
|
122 |
+ unset LD_ASSUME_KERNEL |
|
123 |
+ glibc_do_configure nptl |
|
124 |
+ emake || die "make for ${ABI} failed" |
|
125 |
+ fi |
|
126 |
+} |
|
127 |
+ |
|
128 |
+toolchain-glibc_headers_compile() { |
|
129 |
+ local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers |
|
130 |
+ mkdir -p "${GBUILDDIR}" |
|
131 |
+ cd "${GBUILDDIR}" |
|
132 |
+ |
|
133 |
+ # if we don't have a compiler yet, we cant really test it now ... |
|
134 |
+ # hopefully they don't affect header geneation, so let's hope for |
|
135 |
+ # the best here ... |
|
136 |
+ export \ |
|
137 |
+ libc_cv_386_tls=yes \ |
|
138 |
+ libc_cv_asm_cfi_directives=yes \ |
|
139 |
+ libc_cv_broken_visibility_attribute=no \ |
|
140 |
+ libc_cv_gcc___thread=yes \ |
|
141 |
+ libc_cv_mlong_double_128=yes \ |
|
142 |
+ libc_cv_mlong_double_128ibm=yes \ |
|
143 |
+ libc_cv_ppc_machine=yes \ |
|
144 |
+ libc_cv_ppc_rel16=yes \ |
|
145 |
+ libc_cv_visibility_attribute=yes \ |
|
146 |
+ libc_cv_z_combreloc=yes \ |
|
147 |
+ libc_cv_z_execstack=yes \ |
|
148 |
+ libc_cv_z_initfirst=yes \ |
|
149 |
+ libc_cv_z_nodelete=yes \ |
|
150 |
+ libc_cv_z_nodlopen=yes \ |
|
151 |
+ libc_cv_z_relro=yes |
|
152 |
+ |
|
153 |
+ # Pick out the correct location for build headers |
|
154 |
+ local ports="" myconf="--disable-sanity-checks --enable-hacker-mode" |
|
155 |
+ [[ -d ${S}/ports ]] && ports=",ports" |
|
156 |
+ myconf="${myconf} |
|
157 |
+ --enable-add-ons=nptl${ports} |
|
158 |
+ --without-cvs |
|
159 |
+ --enable-bind-now |
|
160 |
+ --build=${CBUILD_OPT:-${CBUILD}} |
|
161 |
+ --host=${CTARGET_OPT:-${CTARGET}} |
|
162 |
+ --with-headers=$(alt_build_headers) |
|
163 |
+ --prefix=/usr |
|
164 |
+ ${EXTRA_ECONF}" |
|
165 |
+ |
|
166 |
+ # Nothing is compiled here which would affect the headers for the target. |
|
167 |
+ # so forcing CC/CFLAGS is sane. unless you dont have `gcc`. then i |
|
168 |
+ # dont care :p. |
|
169 |
+ einfo "Configuring GLIBC headers with: ${myconf// /\n\t\t}" |
|
170 |
+ CC=gcc \ |
|
171 |
+ CFLAGS="-O1 -pipe" \ |
|
172 |
+ "${S}"/configure ${myconf} || die "failed to configure glibc" |
|
173 |
+} |
|
174 |
+ |
|
175 |
+eblit-glibc-src_compile() { |
|
176 |
+ if is_crosscompile ; then |
|
177 |
+ export \ |
|
178 |
+ libc_cv_c_cleanup=yes \ |
|
179 |
+ libc_cv_forced_unwind=yes |
|
180 |
+ fi |
|
181 |
+ |
|
182 |
+ if just_headers ; then |
|
183 |
+ toolchain-glibc_headers_compile |
|
184 |
+ return |
|
185 |
+ fi |
|
186 |
+ |
|
187 |
+ setup_env |
|
188 |
+ |
|
189 |
+ if [[ -z ${OABI} ]] ; then |
|
190 |
+ local abilist="" |
|
191 |
+ if has_multilib_profile ; then |
|
192 |
+ abilist=$(get_install_abis) |
|
193 |
+ einfo "Building multilib glibc for ABIs: ${abilist}" |
|
194 |
+ elif is_crosscompile || tc-is-cross-compiler ; then |
|
195 |
+ abilist=${DEFAULT_ABI} |
|
196 |
+ fi |
|
197 |
+ if [[ -n ${abilist} ]] ; then |
|
198 |
+ OABI=${ABI} |
|
199 |
+ for ABI in ${abilist} ; do |
|
200 |
+ export ABI |
|
201 |
+ src_compile |
|
202 |
+ done |
|
203 |
+ ABI=${OABI} |
|
204 |
+ unset OABI |
|
205 |
+ return 0 |
|
206 |
+ fi |
|
207 |
+ fi |
|
208 |
+ |
|
209 |
+ toolchain-glibc_src_compile |
|
210 |
+} |
... | ... |
@@ -0,0 +1,252 @@ |
1 |
+# Copyright 1999-2007 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_install-2.11.2.eblit,v 1.1 2010/08/10 08:08:05 vapier Exp $ |
|
4 |
+ |
|
5 |
+toolchain-glibc_src_install() { |
|
6 |
+ local GBUILDDIR |
|
7 |
+ if want_linuxthreads ; then |
|
8 |
+ GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads |
|
9 |
+ else |
|
10 |
+ GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl |
|
11 |
+ fi |
|
12 |
+ |
|
13 |
+ local install_root=${D} |
|
14 |
+ is_crosscompile && install_root="${install_root}/usr/${CTARGET}" |
|
15 |
+ if want_linuxthreads ; then |
|
16 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads |
|
17 |
+ einfo "Installing GLIBC ${ABI} with linuxthreads ..." |
|
18 |
+ else # nptlonly |
|
19 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl |
|
20 |
+ einfo "Installing GLIBC ${ABI} with NPTL ..." |
|
21 |
+ fi |
|
22 |
+ make PARALLELMFLAGS="${MAKEOPTS}" \ |
|
23 |
+ install_root="${install_root}" \ |
|
24 |
+ install || die |
|
25 |
+ |
|
26 |
+ if is_crosscompile ; then |
|
27 |
+ # punt all the junk not needed by a cross-compiler |
|
28 |
+ cd "${D}"/usr/${CTARGET} || die |
|
29 |
+ rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} |
|
30 |
+ fi |
|
31 |
+ |
|
32 |
+ if want_linuxthreads && want_nptl ; then |
|
33 |
+ einfo "Installing NPTL to $(alt_libdir)/tls/..." |
|
34 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl |
|
35 |
+ dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl |
|
36 |
+ |
|
37 |
+ local l src_lib |
|
38 |
+ for l in libc libm librt libpthread libthread_db ; do |
|
39 |
+ # take care of shared lib first ... |
|
40 |
+ l=${l}.so |
|
41 |
+ if [[ -e ${l} ]] ; then |
|
42 |
+ src_lib=${l} |
|
43 |
+ else |
|
44 |
+ src_lib=$(eval echo */${l}) |
|
45 |
+ fi |
|
46 |
+ cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" |
|
47 |
+ fperms a+rx $(alt_libdir)/tls/${l} |
|
48 |
+ dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) |
|
49 |
+ |
|
50 |
+ # then grab the linker script or the symlink ... |
|
51 |
+ if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then |
|
52 |
+ dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} |
|
53 |
+ else |
|
54 |
+ sed \ |
|
55 |
+ -e "s:/${l}:/tls/${l}:g" \ |
|
56 |
+ -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ |
|
57 |
+ "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} |
|
58 |
+ fi |
|
59 |
+ |
|
60 |
+ # then grab the static lib ... |
|
61 |
+ src_lib=${src_lib/%.so/.a} |
|
62 |
+ [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} |
|
63 |
+ cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" |
|
64 |
+ src_lib=${src_lib/%.a/_nonshared.a} |
|
65 |
+ if [[ -e ${src_lib} ]] ; then |
|
66 |
+ cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" |
|
67 |
+ fi |
|
68 |
+ done |
|
69 |
+ |
|
70 |
+ # use the nptl linker instead of the linuxthreads one as the linuxthreads |
|
71 |
+ # one may lack TLS support and that can be really bad for business |
|
72 |
+ cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" |
|
73 |
+ fi |
|
74 |
+ |
|
75 |
+ # We'll take care of the cache ourselves |
|
76 |
+ rm -f "${D}"/etc/ld.so.cache |
|
77 |
+ |
|
78 |
+ # Some things want this, notably ash. |
|
79 |
+ dosym libbsd-compat.a $(alt_usrlibdir)/libbsd.a |
|
80 |
+ |
|
81 |
+ # Handle includes for different ABIs if glibc itself doesn't do it |
|
82 |
+ # XXX: curr glibc should finally handle all of them correctly |
|
83 |
+ #case $(tc-arch) in |
|
84 |
+ # amd64|mips|ppc|s390) ;; |
|
85 |
+ # *) prep_ml_includes $(alt_headers) ;; |
|
86 |
+ #esac |
|
87 |
+ |
|
88 |
+ # When cross-compiling for a non-multilib setup, make sure we have |
|
89 |
+ # lib and a proper symlink setup |
|
90 |
+ if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then |
|
91 |
+ cd "${D}"$(alt_libdir)/.. |
|
92 |
+ mv $(get_libdir) lib || die |
|
93 |
+ ln -s lib $(get_libdir) || die |
|
94 |
+ cd "${D}"$(alt_usrlibdir)/.. |
|
95 |
+ mv $(get_libdir) lib || die |
|
96 |
+ ln -s lib $(get_libdir) || die |
|
97 |
+ fi |
|
98 |
+ |
|
99 |
+ ################################################################# |
|
100 |
+ # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # |
|
101 |
+ # Make sure we install some symlink hacks so that when we build |
|
102 |
+ # a 2nd stage cross-compiler, gcc finds the target system |
|
103 |
+ # headers correctly. See gcc/doc/gccinstall.info |
|
104 |
+ if is_crosscompile ; then |
|
105 |
+ dosym usr/include /usr/${CTARGET}/sys-include |
|
106 |
+ return 0 |
|
107 |
+ fi |
|
108 |
+ |
|
109 |
+ # Everything past this point just needs to be done once ... |
|
110 |
+ is_final_abi || return 0 |
|
111 |
+ |
|
112 |
+ # Make sure the non-native interp can be found on multilib systems |
|
113 |
+ if has_multilib_profile ; then |
|
114 |
+ case $(tc-arch) in |
|
115 |
+ amd64) |
|
116 |
+ [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib |
|
117 |
+ dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 |
|
118 |
+ ;; |
|
119 |
+ ppc64) |
|
120 |
+ [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib |
|
121 |
+ dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 |
|
122 |
+ ;; |
|
123 |
+ esac |
|
124 |
+ fi |
|
125 |
+ |
|
126 |
+ # Files for Debian-style locale updating |
|
127 |
+ dodir /usr/share/i18n |
|
128 |
+ sed \ |
|
129 |
+ -e "/^#/d" \ |
|
130 |
+ -e "/SUPPORTED-LOCALES=/d" \ |
|
131 |
+ -e "s: \\\\::g" -e "s:/: :g" \ |
|
132 |
+ "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ |
|
133 |
+ || die "generating /usr/share/i18n/SUPPORTED failed" |
|
134 |
+ cd "${WORKDIR}"/extra/locale |
|
135 |
+ dosbin locale-gen || die |
|
136 |
+ doman *.[0-8] |
|
137 |
+ insinto /etc |
|
138 |
+ doins locale.gen || die |
|
139 |
+ |
|
140 |
+ # Make sure all the ABI's can find the locales and so we only |
|
141 |
+ # have to generate one set |
|
142 |
+ local a |
|
143 |
+ keepdir /usr/$(get_libdir)/locale |
|
144 |
+ for a in $(get_install_abis) ; do |
|
145 |
+ if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then |
|
146 |
+ dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale |
|
147 |
+ fi |
|
148 |
+ done |
|
149 |
+ |
|
150 |
+ if ! has noinfo ${FEATURES} && [[ -n ${INFOPAGE_VER} ]] ; then |
|
151 |
+ einfo "Installing info pages..." |
|
152 |
+ |
|
153 |
+ make \ |
|
154 |
+ -C "${GBUILDDIR}" \ |
|
155 |
+ PARALLELMFLAGS="${MAKEOPTS}" \ |
|
156 |
+ install_root="${install_root}" \ |
|
157 |
+ info -i || die |
|
158 |
+ fi |
|
159 |
+ |
|
160 |
+ if [[ -n ${MANPAGE_VER} ]] ; then |
|
161 |
+ einfo "Installing man pages..." |
|
162 |
+ |
|
163 |
+ # Install linuxthreads man pages even if nptl is enabled |
|
164 |
+ cd "${WORKDIR}"/man |
|
165 |
+ doman *.3thr |
|
166 |
+ fi |
|
167 |
+ |
|
168 |
+ cd "${S}" |
|
169 |
+ |
|
170 |
+ # Install misc network config files |
|
171 |
+ insinto /etc |
|
172 |
+ doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die |
|
173 |
+ doins "${WORKDIR}"/extra/etc/*.conf || die |
|
174 |
+ doinitd "${WORKDIR}"/extra/etc/nscd || die |
|
175 |
+ |
|
176 |
+ sed -i -e "s:@PIDFILE@:$(strings "${D}"/usr/sbin/nscd | grep nscd.pid):" "${D}"/etc/init.d/nscd |
|
177 |
+ |
|
178 |
+ echo 'LDPATH="include ld.so.conf.d/*.conf"' > "${T}"/00glibc |
|
179 |
+ doenvd "${T}"/00glibc || die |
|
180 |
+ |
|
181 |
+ dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* |
|
182 |
+ |
|
183 |
+ # Prevent overwriting of the /etc/localtime symlink. We'll handle the |
|
184 |
+ # creation of the "factory" symlink in pkg_postinst(). |
|
185 |
+ rm -f "${D}"/etc/localtime |
|
186 |
+} |
|
187 |
+ |
|
188 |
+toolchain-glibc_headers_install() { |
|
189 |
+ local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers |
|
190 |
+ cd "${GBUILDDIR}" |
|
191 |
+ make install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" |
|
192 |
+ # Copy over headers that are not part of install-headers ... these |
|
193 |
+ # are pretty much taken verbatim from crosstool, see it for more details |
|
194 |
+ insinto $(alt_headers)/bits |
|
195 |
+ doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" |
|
196 |
+ insinto $(alt_headers)/gnu |
|
197 |
+ doins "${S}"/include/gnu/stubs.h || die "doins include gnu" |
|
198 |
+ # Make sure we install the sys-include symlink so that when |
|
199 |
+ # we build a 2nd stage cross-compiler, gcc finds the target |
|
200 |
+ # system headers correctly. See gcc/doc/gccinstall.info |
|
201 |
+ dosym usr/include /usr/${CTARGET}/sys-include |
|
202 |
+} |
|
203 |
+ |
|
204 |
+src_strip() { |
|
205 |
+ # gdb is lame and requires some debugging information to remain in |
|
206 |
+ # libpthread, so we need to strip it by hand. libthread_db makes no |
|
207 |
+ # sense stripped as it is only used when debugging. |
|
208 |
+ local pthread=$(hasq splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}") |
|
209 |
+ env \ |
|
210 |
+ -uRESTRICT \ |
|
211 |
+ CHOST=${CTARGET} \ |
|
212 |
+ STRIP_MASK="/*/{,tls/}${pthread}*" \ |
|
213 |
+ prepallstrip |
|
214 |
+ # if user has stripping enabled and does not have split debug turned on, |
|
215 |
+ # then leave the debugging sections in libpthread. |
|
216 |
+ if ! hasq nostrip ${FEATURES} && ! hasq splitdebug ${FEATURES} ; then |
|
217 |
+ ${STRIP:-${CTARGET}-strip} --strip-debug "${D}"/*/libpthread-*.so |
|
218 |
+ fi |
|
219 |
+} |
|
220 |
+ |
|
221 |
+eblit-glibc-src_install() { |
|
222 |
+ if just_headers ; then |
|
223 |
+ toolchain-glibc_headers_install |
|
224 |
+ return |
|
225 |
+ fi |
|
226 |
+ |
|
227 |
+ setup_env |
|
228 |
+ |
|
229 |
+ if [[ -z ${OABI} ]] ; then |
|
230 |
+ local abilist="" |
|
231 |
+ if has_multilib_profile ; then |
|
232 |
+ abilist=$(get_install_abis) |
|
233 |
+ einfo "Installing multilib glibc for ABIs: ${abilist}" |
|
234 |
+ elif is_crosscompile || tc-is-cross-compiler ; then |
|
235 |
+ abilist=${DEFAULT_ABI} |
|
236 |
+ fi |
|
237 |
+ if [[ -n ${abilist} ]] ; then |
|
238 |
+ OABI=${ABI} |
|
239 |
+ for ABI in ${abilist} ; do |
|
240 |
+ export ABI |
|
241 |
+ eblit-glibc-src_install |
|
242 |
+ done |
|
243 |
+ ABI=${OABI} |
|
244 |
+ unset OABI |
|
245 |
+ src_strip |
|
246 |
+ return 0 |
|
247 |
+ fi |
|
248 |
+ fi |
|
249 |
+ |
|
250 |
+ toolchain-glibc_src_install |
|
251 |
+ [[ -z ${OABI} ]] && src_strip |
|
252 |
+} |
... | ... |
@@ -0,0 +1,250 @@ |
1 |
+# Copyright 1999-2007 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_install-2.6.eblit,v 1.2 2008/06/29 16:39:23 vapier Exp $ |
|
4 |
+ |
|
5 |
+toolchain-glibc_src_install() { |
|
6 |
+ # These should not be set, else the |
|
7 |
+ # zoneinfo do not always get installed ... |
|
8 |
+ unset LANGUAGE LANG LC_ALL |
|
9 |
+ |
|
10 |
+ local GBUILDDIR |
|
11 |
+ if want_linuxthreads ; then |
|
12 |
+ GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads |
|
13 |
+ else |
|
14 |
+ GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl |
|
15 |
+ fi |
|
16 |
+ |
|
17 |
+ local install_root=${D} |
|
18 |
+ is_crosscompile && install_root="${install_root}/usr/${CTARGET}" |
|
19 |
+ if want_linuxthreads ; then |
|
20 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads |
|
21 |
+ einfo "Installing GLIBC ${ABI} with linuxthreads ..." |
|
22 |
+ make PARALLELMFLAGS="${MAKEOPTS}" \ |
|
23 |
+ install_root="${install_root}" \ |
|
24 |
+ install || die |
|
25 |
+ else # nptlonly |
|
26 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl |
|
27 |
+ einfo "Installing GLIBC ${ABI} with NPTL ..." |
|
28 |
+ make PARALLELMFLAGS="${MAKEOPTS}" \ |
|
29 |
+ install_root="${install_root}" \ |
|
30 |
+ install || die |
|
31 |
+ fi |
|
32 |
+ |
|
33 |
+ if is_crosscompile ; then |
|
34 |
+ # punt all the junk not needed by a cross-compiler |
|
35 |
+ cd "${D}"/usr/${CTARGET} || die |
|
36 |
+ rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} |
|
37 |
+ fi |
|
38 |
+ |
|
39 |
+ if want_linuxthreads && want_nptl ; then |
|
40 |
+ einfo "Installing NPTL to $(alt_libdir)/tls/..." |
|
41 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl |
|
42 |
+ dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl |
|
43 |
+ |
|
44 |
+ local l src_lib |
|
45 |
+ for l in libc libm librt libpthread libthread_db ; do |
|
46 |
+ # take care of shared lib first ... |
|
47 |
+ l=${l}.so |
|
48 |
+ if [[ -e ${l} ]] ; then |
|
49 |
+ src_lib=${l} |
|
50 |
+ else |
|
51 |
+ src_lib=$(eval echo */${l}) |
|
52 |
+ fi |
|
53 |
+ cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" |
|
54 |
+ fperms a+rx $(alt_libdir)/tls/${l} |
|
55 |
+ dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) |
|
56 |
+ |
|
57 |
+ # then grab the linker script or the symlink ... |
|
58 |
+ if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then |
|
59 |
+ dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} |
|
60 |
+ else |
|
61 |
+ sed \ |
|
62 |
+ -e "s:/${l}:/tls/${l}:g" \ |
|
63 |
+ -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ |
|
64 |
+ "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} |
|
65 |
+ fi |
|
66 |
+ |
|
67 |
+ # then grab the static lib ... |
|
68 |
+ src_lib=${src_lib/%.so/.a} |
|
69 |
+ [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} |
|
70 |
+ cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" |
|
71 |
+ src_lib=${src_lib/%.a/_nonshared.a} |
|
72 |
+ if [[ -e ${src_lib} ]] ; then |
|
73 |
+ cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" |
|
74 |
+ fi |
|
75 |
+ done |
|
76 |
+ |
|
77 |
+ # use the nptl linker instead of the linuxthreads one as the linuxthreads |
|
78 |
+ # one may lack TLS support and that can be really bad for business |
|
79 |
+ cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" |
|
80 |
+ fi |
|
81 |
+ |
|
82 |
+ # We'll take care of the cache ourselves |
|
83 |
+ rm -f "${D}"/etc/ld.so.cache |
|
84 |
+ |
|
85 |
+ # Some things want this, notably ash. |
|
86 |
+ dosym libbsd-compat.a $(alt_usrlibdir)/libbsd.a |
|
87 |
+ |
|
88 |
+ # Handle includes for different ABIs |
|
89 |
+ prep_ml_includes $(alt_headers) |
|
90 |
+ |
|
91 |
+ # When cross-compiling for a non-multilib setup, make sure we have |
|
92 |
+ # lib and a proper symlink setup |
|
93 |
+ if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then |
|
94 |
+ cd "${D}"$(alt_libdir)/.. |
|
95 |
+ mv $(get_libdir) lib || die |
|
96 |
+ ln -s lib $(get_libdir) || die |
|
97 |
+ cd "${D}"$(alt_usrlibdir)/.. |
|
98 |
+ mv $(get_libdir) lib || die |
|
99 |
+ ln -s lib $(get_libdir) || die |
|
100 |
+ fi |
|
101 |
+ |
|
102 |
+ ################################################################# |
|
103 |
+ # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # |
|
104 |
+ # Make sure we install some symlink hacks so that when we build |
|
105 |
+ # a 2nd stage cross-compiler, gcc finds the target system |
|
106 |
+ # headers correctly. See gcc/doc/gccinstall.info |
|
107 |
+ if is_crosscompile ; then |
|
108 |
+ dosym usr/include /usr/${CTARGET}/sys-include |
|
109 |
+ return 0 |
|
110 |
+ fi |
|
111 |
+ |
|
112 |
+ # Everything past this point just needs to be done once ... |
|
113 |
+ is_final_abi || return 0 |
|
114 |
+ |
|
115 |
+ # Make sure the non-native interp can be found on multilib systems |
|
116 |
+ if has_multilib_profile ; then |
|
117 |
+ case $(tc-arch) in |
|
118 |
+ amd64) |
|
119 |
+ [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib |
|
120 |
+ dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 |
|
121 |
+ ;; |
|
122 |
+ ppc64) |
|
123 |
+ [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib |
|
124 |
+ dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 |
|
125 |
+ ;; |
|
126 |
+ esac |
|
127 |
+ fi |
|
128 |
+ |
|
129 |
+ # Files for Debian-style locale updating |
|
130 |
+ dodir /usr/share/i18n |
|
131 |
+ sed \ |
|
132 |
+ -e "/^#/d" \ |
|
133 |
+ -e "/SUPPORTED-LOCALES=/d" \ |
|
134 |
+ -e "s: \\\\::g" -e "s:/: :g" \ |
|
135 |
+ "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ |
|
136 |
+ || die "generating /usr/share/i18n/SUPPORTED failed" |
|
137 |
+ cd "${WORKDIR}"/extra/locale |
|
138 |
+ dosbin locale-gen || die |
|
139 |
+ doman *.[0-8] |
|
140 |
+ insinto /etc |
|
141 |
+ doins locale.gen || die |
|
142 |
+ |
|
143 |
+ # Make sure all the ABI's can find the locales and so we only |
|
144 |
+ # have to generate one set |
|
145 |
+ local a |
|
146 |
+ keepdir /usr/$(get_libdir)/locale |
|
147 |
+ for a in $(get_install_abis) ; do |
|
148 |
+ if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then |
|
149 |
+ dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale |
|
150 |
+ fi |
|
151 |
+ done |
|
152 |
+ |
|
153 |
+ if ! has noinfo ${FEATURES} && [[ -n ${INFOPAGE_VER} ]] ; then |
|
154 |
+ einfo "Installing info pages..." |
|
155 |
+ |
|
156 |
+ make \ |
|
157 |
+ -C "${GBUILDDIR}" \ |
|
158 |
+ PARALLELMFLAGS="${MAKEOPTS}" \ |
|
159 |
+ install_root="${install_root}" \ |
|
160 |
+ info -i || die |
|
161 |
+ fi |
|
162 |
+ |
|
163 |
+ if [[ -n ${MANPAGE_VER} ]] ; then |
|
164 |
+ einfo "Installing man pages..." |
|
165 |
+ |
|
166 |
+ # Install linuxthreads man pages even if nptl is enabled |
|
167 |
+ cd "${WORKDIR}"/man |
|
168 |
+ doman *.3thr |
|
169 |
+ fi |
|
170 |
+ |
|
171 |
+ cd "${S}" |
|
172 |
+ |
|
173 |
+ # Install misc network config files |
|
174 |
+ insinto /etc |
|
175 |
+ doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die |
|
176 |
+ doins "${WORKDIR}"/extra/etc/*.conf || die |
|
177 |
+ doinitd "${WORKDIR}"/extra/etc/nscd || die |
|
178 |
+ |
|
179 |
+ dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* |
|
180 |
+ |
|
181 |
+ # Prevent overwriting of the /etc/localtime symlink. We'll handle the |
|
182 |
+ # creation of the "factory" symlink in pkg_postinst(). |
|
183 |
+ rm -f "${D}"/etc/localtime |
|
184 |
+} |
|
185 |
+ |
|
186 |
+toolchain-glibc_headers_install() { |
|
187 |
+ local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers |
|
188 |
+ cd "${GBUILDDIR}" |
|
189 |
+ make install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" |
|
190 |
+ # Copy over headers that are not part of install-headers ... these |
|
191 |
+ # are pretty much taken verbatim from crosstool, see it for more details |
|
192 |
+ insinto $(alt_headers)/bits |
|
193 |
+ doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" |
|
194 |
+ insinto $(alt_headers)/gnu |
|
195 |
+ doins "${S}"/include/gnu/stubs.h || die "doins include gnu" |
|
196 |
+ # Make sure we install the sys-include symlink so that when |
|
197 |
+ # we build a 2nd stage cross-compiler, gcc finds the target |
|
198 |
+ # system headers correctly. See gcc/doc/gccinstall.info |
|
199 |
+ dosym usr/include /usr/${CTARGET}/sys-include |
|
200 |
+} |
|
201 |
+ |
|
202 |
+src_strip() { |
|
203 |
+ # gdb is lame and requires some debugging information to remain in |
|
204 |
+ # libpthread, so we need to strip it by hand. libthread_db makes no |
|
205 |
+ # sense stripped as it is only used when debugging. |
|
206 |
+ local pthread=$(hasq splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}") |
|
207 |
+ env \ |
|
208 |
+ -uRESTRICT \ |
|
209 |
+ CHOST=${CTARGET} \ |
|
210 |
+ STRIP_MASK="/*/{,tls/}${pthread}*" \ |
|
211 |
+ prepallstrip |
|
212 |
+ # if user has stripping enabled and does not have split debug turned on, |
|
213 |
+ # then leave the debugging sections in libpthread. |
|
214 |
+ if ! hasq nostrip ${FEATURES} && ! hasq splitdebug ${FEATURES} ; then |
|
215 |
+ ${STRIP:-${CTARGET}-strip} --strip-debug "${D}"/*/libpthread-*.so |
|
216 |
+ fi |
|
217 |
+} |
|
218 |
+ |
|
219 |
+eblit-glibc-src_install() { |
|
220 |
+ if just_headers ; then |
|
221 |
+ toolchain-glibc_headers_install |
|
222 |
+ return |
|
223 |
+ fi |
|
224 |
+ |
|
225 |
+ setup_env |
|
226 |
+ |
|
227 |
+ if [[ -z ${OABI} ]] ; then |
|
228 |
+ local abilist="" |
|
229 |
+ if has_multilib_profile ; then |
|
230 |
+ abilist=$(get_install_abis) |
|
231 |
+ einfo "Installing multilib glibc for ABIs: ${abilist}" |
|
232 |
+ elif is_crosscompile || tc-is-cross-compiler ; then |
|
233 |
+ abilist=${DEFAULT_ABI} |
|
234 |
+ fi |
|
235 |
+ if [[ -n ${abilist} ]] ; then |
|
236 |
+ OABI=${ABI} |
|
237 |
+ for ABI in ${abilist} ; do |
|
238 |
+ export ABI |
|
239 |
+ eblit-glibc-src_install |
|
240 |
+ done |
|
241 |
+ ABI=${OABI} |
|
242 |
+ unset OABI |
|
243 |
+ src_strip |
|
244 |
+ return 0 |
|
245 |
+ fi |
|
246 |
+ fi |
|
247 |
+ |
|
248 |
+ toolchain-glibc_src_install |
|
249 |
+ [[ -z ${OABI} ]] && src_strip |
|
250 |
+} |
... | ... |
@@ -0,0 +1,249 @@ |
1 |
+# Copyright 1999-2010 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_install.eblit,v 1.10 2010/08/10 08:08:05 vapier Exp $ |
|
4 |
+ |
|
5 |
+toolchain-glibc_src_install() { |
|
6 |
+ local GBUILDDIR |
|
7 |
+ if want_linuxthreads ; then |
|
8 |
+ GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads |
|
9 |
+ else |
|
10 |
+ GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl |
|
11 |
+ fi |
|
12 |
+ |
|
13 |
+ local install_root=${D} |
|
14 |
+ is_crosscompile && install_root="${install_root}/usr/${CTARGET}" |
|
15 |
+ if want_linuxthreads ; then |
|
16 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads |
|
17 |
+ einfo "Installing GLIBC ${ABI} with linuxthreads ..." |
|
18 |
+ else # nptlonly |
|
19 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl |
|
20 |
+ einfo "Installing GLIBC ${ABI} with NPTL ..." |
|
21 |
+ fi |
|
22 |
+ emake install_root="${install_root}" install || die |
|
23 |
+ |
|
24 |
+ if is_crosscompile ; then |
|
25 |
+ # punt all the junk not needed by a cross-compiler |
|
26 |
+ cd "${D}"/usr/${CTARGET} || die |
|
27 |
+ rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} |
|
28 |
+ fi |
|
29 |
+ |
|
30 |
+ if want_linuxthreads && want_nptl ; then |
|
31 |
+ einfo "Installing NPTL to $(alt_libdir)/tls/..." |
|
32 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl |
|
33 |
+ dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl |
|
34 |
+ |
|
35 |
+ local l src_lib |
|
36 |
+ for l in libc libm librt libpthread libthread_db ; do |
|
37 |
+ # take care of shared lib first ... |
|
38 |
+ l=${l}.so |
|
39 |
+ if [[ -e ${l} ]] ; then |
|
40 |
+ src_lib=${l} |
|
41 |
+ else |
|
42 |
+ src_lib=$(eval echo */${l}) |
|
43 |
+ fi |
|
44 |
+ cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" |
|
45 |
+ fperms a+rx $(alt_libdir)/tls/${l} |
|
46 |
+ dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) |
|
47 |
+ |
|
48 |
+ # then grab the linker script or the symlink ... |
|
49 |
+ if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then |
|
50 |
+ dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} |
|
51 |
+ else |
|
52 |
+ sed \ |
|
53 |
+ -e "s:/${l}:/tls/${l}:g" \ |
|
54 |
+ -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ |
|
55 |
+ "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} |
|
56 |
+ fi |
|
57 |
+ |
|
58 |
+ # then grab the static lib ... |
|
59 |
+ src_lib=${src_lib/%.so/.a} |
|
60 |
+ [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} |
|
61 |
+ cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" |
|
62 |
+ src_lib=${src_lib/%.a/_nonshared.a} |
|
63 |
+ if [[ -e ${src_lib} ]] ; then |
|
64 |
+ cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" |
|
65 |
+ fi |
|
66 |
+ done |
|
67 |
+ |
|
68 |
+ # use the nptl linker instead of the linuxthreads one as the linuxthreads |
|
69 |
+ # one may lack TLS support and that can be really bad for business |
|
70 |
+ cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" |
|
71 |
+ fi |
|
72 |
+ |
|
73 |
+ # We'll take care of the cache ourselves |
|
74 |
+ rm -f "${D}"/etc/ld.so.cache |
|
75 |
+ |
|
76 |
+ # Some things want this, notably ash. |
|
77 |
+ dosym libbsd-compat.a $(alt_usrlibdir)/libbsd.a |
|
78 |
+ |
|
79 |
+ # Handle includes for different ABIs if glibc itself doesn't do it |
|
80 |
+ # XXX: curr glibc should finally handle all of them correctly |
|
81 |
+ #case $(tc-arch) in |
|
82 |
+ # amd64|mips|ppc|s390) ;; |
|
83 |
+ # *) prep_ml_includes $(alt_headers) ;; |
|
84 |
+ #esac |
|
85 |
+ |
|
86 |
+ # When cross-compiling for a non-multilib setup, make sure we have |
|
87 |
+ # lib and a proper symlink setup |
|
88 |
+ if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then |
|
89 |
+ cd "${D}"$(alt_libdir)/.. |
|
90 |
+ mv $(get_libdir) lib || die |
|
91 |
+ ln -s lib $(get_libdir) || die |
|
92 |
+ cd "${D}"$(alt_usrlibdir)/.. |
|
93 |
+ mv $(get_libdir) lib || die |
|
94 |
+ ln -s lib $(get_libdir) || die |
|
95 |
+ fi |
|
96 |
+ |
|
97 |
+ ################################################################# |
|
98 |
+ # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # |
|
99 |
+ # Make sure we install some symlink hacks so that when we build |
|
100 |
+ # a 2nd stage cross-compiler, gcc finds the target system |
|
101 |
+ # headers correctly. See gcc/doc/gccinstall.info |
|
102 |
+ if is_crosscompile ; then |
|
103 |
+ dosym usr/include /usr/${CTARGET}/sys-include |
|
104 |
+ return 0 |
|
105 |
+ fi |
|
106 |
+ |
|
107 |
+ # Everything past this point just needs to be done once ... |
|
108 |
+ is_final_abi || return 0 |
|
109 |
+ |
|
110 |
+ # Make sure the non-native interp can be found on multilib systems |
|
111 |
+ if has_multilib_profile ; then |
|
112 |
+ case $(tc-arch) in |
|
113 |
+ amd64) |
|
114 |
+ [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib |
|
115 |
+ dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 |
|
116 |
+ ;; |
|
117 |
+ ppc64) |
|
118 |
+ [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib |
|
119 |
+ dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 |
|
120 |
+ ;; |
|
121 |
+ esac |
|
122 |
+ fi |
|
123 |
+ |
|
124 |
+ # Files for Debian-style locale updating |
|
125 |
+ dodir /usr/share/i18n |
|
126 |
+ sed \ |
|
127 |
+ -e "/^#/d" \ |
|
128 |
+ -e "/SUPPORTED-LOCALES=/d" \ |
|
129 |
+ -e "s: \\\\::g" -e "s:/: :g" \ |
|
130 |
+ "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ |
|
131 |
+ || die "generating /usr/share/i18n/SUPPORTED failed" |
|
132 |
+ cd "${WORKDIR}"/extra/locale |
|
133 |
+ dosbin locale-gen || die |
|
134 |
+ doman *.[0-8] |
|
135 |
+ insinto /etc |
|
136 |
+ doins locale.gen || die |
|
137 |
+ |
|
138 |
+ # Make sure all the ABI's can find the locales and so we only |
|
139 |
+ # have to generate one set |
|
140 |
+ local a |
|
141 |
+ keepdir /usr/$(get_libdir)/locale |
|
142 |
+ for a in $(get_install_abis) ; do |
|
143 |
+ if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then |
|
144 |
+ dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale |
|
145 |
+ fi |
|
146 |
+ done |
|
147 |
+ |
|
148 |
+ if ! has noinfo ${FEATURES} && [[ -n ${INFOPAGE_VER} ]] ; then |
|
149 |
+ einfo "Installing info pages..." |
|
150 |
+ |
|
151 |
+ emake \ |
|
152 |
+ -C "${GBUILDDIR}" \ |
|
153 |
+ install_root="${install_root}" \ |
|
154 |
+ info -i || die |
|
155 |
+ fi |
|
156 |
+ |
|
157 |
+ if [[ -n ${MANPAGE_VER} ]] ; then |
|
158 |
+ einfo "Installing man pages..." |
|
159 |
+ |
|
160 |
+ # Install linuxthreads man pages even if nptl is enabled |
|
161 |
+ cd "${WORKDIR}"/man |
|
162 |
+ doman *.3thr |
|
163 |
+ fi |
|
164 |
+ |
|
165 |
+ cd "${S}" |
|
166 |
+ |
|
167 |
+ # Install misc network config files |
|
168 |
+ insinto /etc |
|
169 |
+ doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die |
|
170 |
+ doins "${WORKDIR}"/extra/etc/*.conf || die |
|
171 |
+ doinitd "${WORKDIR}"/extra/etc/nscd || die |
|
172 |
+ |
|
173 |
+ sed -i -e "s:@PIDFILE@:$(strings "${D}"/usr/sbin/nscd | grep nscd.pid):" "${D}"/etc/init.d/nscd |
|
174 |
+ |
|
175 |
+ echo 'LDPATH="include ld.so.conf.d/*.conf"' > "${T}"/00glibc |
|
176 |
+ doenvd "${T}"/00glibc || die |
|
177 |
+ |
|
178 |
+ dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* |
|
179 |
+ |
|
180 |
+ # Prevent overwriting of the /etc/localtime symlink. We'll handle the |
|
181 |
+ # creation of the "factory" symlink in pkg_postinst(). |
|
182 |
+ rm -f "${D}"/etc/localtime |
|
183 |
+} |
|
184 |
+ |
|
185 |
+toolchain-glibc_headers_install() { |
|
186 |
+ local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers |
|
187 |
+ cd "${GBUILDDIR}" |
|
188 |
+ emake install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" |
|
189 |
+ # Copy over headers that are not part of install-headers ... these |
|
190 |
+ # are pretty much taken verbatim from crosstool, see it for more details |
|
191 |
+ insinto $(alt_headers)/bits |
|
192 |
+ doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" |
|
193 |
+ insinto $(alt_headers)/gnu |
|
194 |
+ doins "${S}"/include/gnu/stubs.h || die "doins include gnu" |
|
195 |
+ # Make sure we install the sys-include symlink so that when |
|
196 |
+ # we build a 2nd stage cross-compiler, gcc finds the target |
|
197 |
+ # system headers correctly. See gcc/doc/gccinstall.info |
|
198 |
+ dosym usr/include /usr/${CTARGET}/sys-include |
|
199 |
+} |
|
200 |
+ |
|
201 |
+src_strip() { |
|
202 |
+ # gdb is lame and requires some debugging information to remain in |
|
203 |
+ # libpthread, so we need to strip it by hand. libthread_db makes no |
|
204 |
+ # sense stripped as it is only used when debugging. |
|
205 |
+ local pthread=$(hasq splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}") |
|
206 |
+ env \ |
|
207 |
+ -uRESTRICT \ |
|
208 |
+ CHOST=${CTARGET} \ |
|
209 |
+ STRIP_MASK="/*/{,tls/}${pthread}*" \ |
|
210 |
+ prepallstrip |
|
211 |
+ # if user has stripping enabled and does not have split debug turned on, |
|
212 |
+ # then leave the debugging sections in libpthread. |
|
213 |
+ if ! hasq nostrip ${FEATURES} && ! hasq splitdebug ${FEATURES} ; then |
|
214 |
+ ${STRIP:-${CTARGET}-strip} --strip-debug "${D}"/*/libpthread-*.so |
|
215 |
+ fi |
|
216 |
+} |
|
217 |
+ |
|
218 |
+eblit-glibc-src_install() { |
|
219 |
+ if just_headers ; then |
|
220 |
+ toolchain-glibc_headers_install |
|
221 |
+ return |
|
222 |
+ fi |
|
223 |
+ |
|
224 |
+ setup_env |
|
225 |
+ |
|
226 |
+ if [[ -z ${OABI} ]] ; then |
|
227 |
+ local abilist="" |
|
228 |
+ if has_multilib_profile ; then |
|
229 |
+ abilist=$(get_install_abis) |
|
230 |
+ einfo "Installing multilib glibc for ABIs: ${abilist}" |
|
231 |
+ elif is_crosscompile || tc-is-cross-compiler ; then |
|
232 |
+ abilist=${DEFAULT_ABI} |
|
233 |
+ fi |
|
234 |
+ if [[ -n ${abilist} ]] ; then |
|
235 |
+ OABI=${ABI} |
|
236 |
+ for ABI in ${abilist} ; do |
|
237 |
+ export ABI |
|
238 |
+ eblit-glibc-src_install |
|
239 |
+ done |
|
240 |
+ ABI=${OABI} |
|
241 |
+ unset OABI |
|
242 |
+ src_strip |
|
243 |
+ return 0 |
|
244 |
+ fi |
|
245 |
+ fi |
|
246 |
+ |
|
247 |
+ toolchain-glibc_src_install |
|
248 |
+ [[ -z ${OABI} ]] && src_strip |
|
249 |
+} |
... | ... |
@@ -0,0 +1,42 @@ |
1 |
+# Copyright 1999-2007 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_test-2.11.2.eblit,v 1.1 2010/08/10 08:08:05 vapier Exp $ |
|
4 |
+ |
|
5 |
+toolchain-glibc_src_test() { |
|
6 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-$1 || die "cd build-${ABI}-${CTARGET}-$1" |
|
7 |
+ unset LD_ASSUME_KERNEL |
|
8 |
+ make check && return 0 |
|
9 |
+ einfo "make check failed - re-running with --keep-going to get the rest of the results" |
|
10 |
+ make -k check |
|
11 |
+ ewarn "make check failed for ${ABI}-${CTARGET}-$1" |
|
12 |
+ return 1 |
|
13 |
+} |
|
14 |
+ |
|
15 |
+eblit-glibc-src_test() { |
|
16 |
+ local ret=0 |
|
17 |
+ |
|
18 |
+ setup_env |
|
19 |
+ |
|
20 |
+ # give tests more time to complete |
|
21 |
+ export TIMEOUTFACTOR=5 |
|
22 |
+ |
|
23 |
+ if [[ -z ${OABI} ]] && has_multilib_profile ; then |
|
24 |
+ OABI=${ABI} |
|
25 |
+ einfo "Testing multilib glibc for ABIs: $(get_install_abis)" |
|
26 |
+ for ABI in $(get_install_abis) ; do |
|
27 |
+ export ABI |
|
28 |
+ einfo " Testing ${ABI} glibc" |
|
29 |
+ src_test |
|
30 |
+ ((ret+=$?)) |
|
31 |
+ done |
|
32 |
+ ABI=${OABI} |
|
33 |
+ unset OABI |
|
34 |
+ [[ ${ret} -ne 0 ]] \ |
|
35 |
+ && die "tests failed" \ |
|
36 |
+ || return 0 |
|
37 |
+ fi |
|
38 |
+ |
|
39 |
+ want_linuxthreads && toolchain-glibc_src_test linuxthreads ; ((ret+=$?)) |
|
40 |
+ want_nptl && toolchain-glibc_src_test nptl ; ((ret+=$?)) |
|
41 |
+ return ${ret} |
|
42 |
+} |
... | ... |
@@ -0,0 +1,42 @@ |
1 |
+# Copyright 1999-2010 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_test.eblit,v 1.4 2010/08/10 08:08:05 vapier Exp $ |
|
4 |
+ |
|
5 |
+toolchain-glibc_src_test() { |
|
6 |
+ cd "${WORKDIR}"/build-${ABI}-${CTARGET}-$1 || die "cd build-${ABI}-${CTARGET}-$1" |
|
7 |
+ unset LD_ASSUME_KERNEL |
|
8 |
+ emake -j1 check && return 0 |
|
9 |
+ einfo "make check failed - re-running with --keep-going to get the rest of the results" |
|
10 |
+ emake -j1 -k check |
|
11 |
+ ewarn "make check failed for ${ABI}-${CTARGET}-$1" |
|
12 |
+ return 1 |
|
13 |
+} |
|
14 |
+ |
|
15 |
+eblit-glibc-src_test() { |
|
16 |
+ local ret=0 |
|
17 |
+ |
|
18 |
+ setup_env |
|
19 |
+ |
|
20 |
+ # give tests more time to complete |
|
21 |
+ export TIMEOUTFACTOR=5 |
|
22 |
+ |
|
23 |
+ if [[ -z ${OABI} ]] && has_multilib_profile ; then |
|
24 |
+ OABI=${ABI} |
|
25 |
+ einfo "Testing multilib glibc for ABIs: $(get_install_abis)" |
|
26 |
+ for ABI in $(get_install_abis) ; do |
|
27 |
+ export ABI |
|
28 |
+ einfo " Testing ${ABI} glibc" |
|
29 |
+ src_test |
|
30 |
+ ((ret+=$?)) |
|
31 |
+ done |
|
32 |
+ ABI=${OABI} |
|
33 |
+ unset OABI |
|
34 |
+ [[ ${ret} -ne 0 ]] \ |
|
35 |
+ && die "tests failed" \ |
|
36 |
+ || return 0 |
|
37 |
+ fi |
|
38 |
+ |
|
39 |
+ want_linuxthreads && toolchain-glibc_src_test linuxthreads ; ((ret+=$?)) |
|
40 |
+ want_nptl && toolchain-glibc_src_test nptl ; ((ret+=$?)) |
|
41 |
+ return ${ret} |
|
42 |
+} |
... | ... |
@@ -0,0 +1,178 @@ |
1 |
+# Copyright 1999-2009 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_unpack.eblit,v 1.11 2010/06/08 04:59:56 vapier Exp $ |
|
4 |
+ |
|
5 |
+int_to_KV() { |
|
6 |
+ local version=$1 major minor micro |
|
7 |
+ major=$((version / 65536)) |
|
8 |
+ minor=$(((version % 65536) / 256)) |
|
9 |
+ micro=$((version % 256)) |
|
10 |
+ echo ${major}.${minor}.${micro} |
|
11 |
+} |
|
12 |
+ |
|
13 |
+eend_KV() { |
|
14 |
+ [[ $(KV_to_int $1) -ge $(KV_to_int $2) ]] |
|
15 |
+ eend $? |
|
16 |
+} |
|
17 |
+ |
|
18 |
+get_kheader_version() { |
|
19 |
+ printf '#include <linux/version.h>\nLINUX_VERSION_CODE\n' | \ |
|
20 |
+ $(tc-getCPP ${CTARGET}) -I "$(alt_build_headers)" | \ |
|
21 |
+ tail -n 1 |
|
22 |
+} |
|
23 |
+ |
|
24 |
+check_nptl_support() { |
|
25 |
+ # don't care about the compiler here as we arent using it |
|
26 |
+ just_headers && return |
|
27 |
+ |
|
28 |
+ local run_kv build_kv want_kv |
|
29 |
+ run_kv=$(int_to_KV $(get_KV)) |
|
30 |
+ build_kv=$(int_to_KV $(get_kheader_version)) |
|
31 |
+ want_kv=${NPTL_KERN_VER} |
|
32 |
+ |
|
33 |
+ ebegin "Checking gcc for __thread support" |
|
34 |
+ if ! eend $(want__thread ; echo $?) ; then |
|
35 |
+ echo |
|
36 |
+ eerror "Could not find a gcc that supports the __thread directive!" |
|
37 |
+ eerror "Please update your binutils/gcc and try again." |
|
38 |
+ die "No __thread support in gcc!" |
|
39 |
+ fi |
|
40 |
+ |
|
41 |
+ if ! is_crosscompile && ! tc-is-cross-compiler ; then |
|
42 |
+ # Building fails on an non-supporting kernel |
|
43 |
+ ebegin "Checking kernel version (${run_kv} >= ${want_kv})" |
|
44 |
+ if ! eend_KV ${run_kv} ${want_kv} ; then |
|
45 |
+ echo |
|
46 |
+ eerror "You need a kernel of at least ${want_kv} for NPTL support!" |
|
47 |
+ die "Kernel version too low!" |
|
48 |
+ fi |
|
49 |
+ fi |
|
50 |
+ |
|
51 |
+ ebegin "Checking linux-headers version (${build_kv} >= ${want_kv})" |
|
52 |
+ if ! eend_KV ${build_kv} ${want_kv} ; then |
|
53 |
+ echo |
|
54 |
+ eerror "You need linux-headers of at least ${want_kv} for NPTL support!" |
|
55 |
+ die "linux-headers version too low!" |
|
56 |
+ fi |
|
57 |
+} |
|
58 |
+ |
|
59 |
+unpack_pkg() { |
|
60 |
+ local a=${PN} |
|
61 |
+ [[ -n ${SNAP_VER} ]] && a="${a}-${RELEASE_VER}" |
|
62 |
+ [[ -n $1 ]] && a="${a}-$1" |
|
63 |
+ if [[ -n ${SNAP_VER} ]] ; then |
|
64 |
+ a="${a}-${SNAP_VER}" |
|
65 |
+ else |
|
66 |
+ if [[ -n $2 ]] ; then |
|
67 |
+ a="${a}-$2" |
|
68 |
+ else |
|
69 |
+ a="${a}-${RELEASE_VER}" |
|
70 |
+ fi |
|
71 |
+ fi |
|
72 |
+ unpack ${a}.tar.bz2 |
|
73 |
+ [[ -n $1 ]] && mv ${a} $1 |
|
74 |
+} |
|
75 |
+ |
|
76 |
+toolchain-glibc_src_unpack() { |
|
77 |
+ # Check NPTL support _before_ we unpack things to save some time |
|
78 |
+ want_nptl && check_nptl_support |
|
79 |
+ |
|
80 |
+ unpack_pkg |
|
81 |
+ |
|
82 |
+ cd "${S}" |
|
83 |
+ touch locale/C-translit.h #185476 #218003 |
|
84 |
+ [[ -n ${LT_VER} ]] && unpack_pkg linuxthreads ${LT_VER} |
|
85 |
+ [[ -n ${PORTS_VER} ]] && unpack_pkg ports ${PORTS_VER} |
|
86 |
+ [[ -n ${LIBIDN_VER} ]] && unpack_pkg libidn |
|
87 |
+ |
|
88 |
+ if [[ -n ${PATCH_VER} ]] ; then |
|
89 |
+ cd "${WORKDIR}" |
|
90 |
+ unpack glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 |
|
91 |
+ # pull out all the addons |
|
92 |
+ local d |
|
93 |
+ for d in extra/*/configure ; do |
|
94 |
+ d=${d%/configure} |
|
95 |
+ [[ -d ${S}/${d} ]] && die "${d} already exists in \${S}" |
|
96 |
+ mv "${d}" "${S}" || die "moving ${d} failed" |
|
97 |
+ done |
|
98 |
+ fi |
|
99 |
+ |
|
100 |
+ # XXX: We should do the branchupdate, before extracting the manpages and |
|
101 |
+ # infopages else it does not help much (mtimes change if there is a change |
|
102 |
+ # to them with branchupdate) |
|
103 |
+ if [[ -n ${BRANCH_UPDATE} ]] ; then |
|
104 |
+ cd "${S}" |
|
105 |
+ epatch "${DISTDIR}"/glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 |
|
106 |
+ |
|
107 |
+ # Snapshot date patch |
|
108 |
+ einfo "Patching version to display snapshot date ..." |
|
109 |
+ sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h |
|
110 |
+ fi |
|
111 |
+ |
|
112 |
+ if [[ -n ${MANPAGE_VER} ]] ; then |
|
113 |
+ cd "${WORKDIR}" |
|
114 |
+ unpack glibc-manpages-${MANPAGE_VER}.tar.bz2 |
|
115 |
+ fi |
|
116 |
+ |
|
117 |
+ if [[ -n ${INFOPAGE_VER} ]] ; then |
|
118 |
+ cd "${S}" |
|
119 |
+ unpack glibc-infopages-${INFOPAGE_VER}.tar.bz2 |
|
120 |
+ fi |
|
121 |
+ |
|
122 |
+ # tag, glibc is it |
|
123 |
+ cd "${S}" |
|
124 |
+ [[ -e csu/Banner ]] && die "need new banner location" |
|
125 |
+ [[ -n ${SNAP_VER} ]] && echo "Gentoo snapshot ${SNAP_VER}" >> csu/Banner |
|
126 |
+ [[ -n ${BRANCH_UPDATE} ]] && echo "Gentoo branch ${BRANCH_UPDATE}" >> csu/Banner |
|
127 |
+ if [[ -n ${PATCH_VER} ]] && ! use vanilla ; then |
|
128 |
+ cd "${S}" |
|
129 |
+ EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${RELEASE_VER}-${PATCH_VER} ..." \ |
|
130 |
+ EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \ |
|
131 |
+ EPATCH_SUFFIX="patch" \ |
|
132 |
+ ARCH=$(tc-arch) \ |
|
133 |
+ epatch "${WORKDIR}"/patches |
|
134 |
+ echo "Gentoo patchset ${PATCH_VER}" >> csu/Banner |
|
135 |
+ fi |
|
136 |
+ |
|
137 |
+ epatch_user |
|
138 |
+ |
|
139 |
+ gnuconfig_update |
|
140 |
+} |
|
141 |
+ |
|
142 |
+eblit-glibc-src_unpack() { |
|
143 |
+ setup_env |
|
144 |
+ |
|
145 |
+ toolchain-glibc_src_unpack |
|
146 |
+ |
|
147 |
+ # Backwards SSP support |
|
148 |
+ cd "${S}" |
|
149 |
+# For now, we force everyone to have the extra symbols |
|
150 |
+# einfon "Scanning system for __guard to see if we need SSP compat ... " |
|
151 |
+# if [[ -n $(scanelf -qyls__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then |
|
152 |
+ echo "yes" > "${T}"/.ssp.compat |
|
153 |
+# else |
|
154 |
+# # ok, a quick scan didnt find it, so lets do a deep scan ... |
|
155 |
+# if [[ -n $(scanelf -qyRlps__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then |
|
156 |
+# echo "yes" > "${T}"/.ssp.compat |
|
157 |
+# else |
|
158 |
+# echo "no" > "${T}"/.ssp.compat |
|
159 |
+# fi |
|
160 |
+# fi |
|
161 |
+# cat "${T}"/.ssp.compat |
|
162 |
+ |
|
163 |
+ # Glibc is stupid sometimes, and doesn't realize that with a |
|
164 |
+ # static C-Only gcc, -lgcc_eh doesn't exist. |
|
165 |
+ # http://sources.redhat.com/ml/libc-alpha/2003-09/msg00100.html |
|
166 |
+ # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html |
|
167 |
+ echo 'int main(){}' > "${T}"/gcc_eh_test.c |
|
168 |
+ if ! $(tc-getCC ${CTARGET}) "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then |
|
169 |
+ sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh" |
|
170 |
+ fi |
|
171 |
+ |
|
172 |
+ cd "${WORKDIR}" |
|
173 |
+ find . -type f '(' -size 0 -o -name "*.orig" ')' -exec rm -f {} \; |
|
174 |
+ find . -name configure -exec touch {} \; |
|
175 |
+ |
|
176 |
+ # Fix permissions on some of the scripts |
|
177 |
+ chmod u+x "${S}"/scripts/*.sh |
|
178 |
+} |
... | ... |
@@ -0,0 +1,73 @@ |
1 |
+diff --git a/elf/dl-load.c b/elf/dl-load.c |
|
2 |
+index a7162eb..776f7e4 100644 |
|
3 |
+--- a/elf/dl-load.c |
|
4 |
++++ b/elf/dl-load.c |
|
5 |
+@@ -169,8 +169,7 @@ local_strdup (const char *s) |
|
6 |
+ |
|
7 |
+ |
|
8 |
+ static size_t |
|
9 |
+-is_dst (const char *start, const char *name, const char *str, |
|
10 |
+- int is_path, int secure) |
|
11 |
++is_dst (const char *start, const char *name, const char *str, int is_path) |
|
12 |
+ { |
|
13 |
+ size_t len; |
|
14 |
+ bool is_curly = false; |
|
15 |
+@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str, |
|
16 |
+ && (!is_path || name[len] != ':')) |
|
17 |
+ return 0; |
|
18 |
+ |
|
19 |
+- if (__builtin_expect (secure, 0) |
|
20 |
+- && ((name[len] != '\0' && (!is_path || name[len] != ':')) |
|
21 |
+- || (name != start + 1 && (!is_path || name[-2] != ':')))) |
|
22 |
+- return 0; |
|
23 |
+- |
|
24 |
+ return len; |
|
25 |
+ } |
|
26 |
+ |
|
27 |
+@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path) |
|
28 |
+ { |
|
29 |
+ size_t len; |
|
30 |
+ |
|
31 |
+- /* $ORIGIN is not expanded for SUID/GUID programs (except if it |
|
32 |
+- is $ORIGIN alone) and it must always appear first in path. */ |
|
33 |
++ /* $ORIGIN is not expanded for SUID/GUID programs. */ |
|
34 |
+ ++name; |
|
35 |
+- if ((len = is_dst (start, name, "ORIGIN", is_path, |
|
36 |
+- INTUSE(__libc_enable_secure))) != 0 |
|
37 |
+- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0 |
|
38 |
+- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0) |
|
39 |
++ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0 |
|
40 |
++ && !INTUSE(__libc_enable_secure)) |
|
41 |
++ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0 |
|
42 |
++ || (len = is_dst (start, name, "LIB", is_path)) != 0) |
|
43 |
+ ++cnt; |
|
44 |
+ |
|
45 |
+ name = strchr (name + len, '$'); |
|
46 |
+@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result, |
|
47 |
+ size_t len; |
|
48 |
+ |
|
49 |
+ ++name; |
|
50 |
+- if ((len = is_dst (start, name, "ORIGIN", is_path, |
|
51 |
+- INTUSE(__libc_enable_secure))) != 0) |
|
52 |
++ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0) |
|
53 |
+ { |
|
54 |
++ /* Ignore this path element in SUID/SGID programs. */ |
|
55 |
++ if (INTUSE(__libc_enable_secure)) |
|
56 |
++ repl = (const char *) -1; |
|
57 |
++ else |
|
58 |
+ #ifndef SHARED |
|
59 |
+ if (l == NULL) |
|
60 |
+ repl = _dl_get_origin (); |
|
61 |
+@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result, |
|
62 |
+ #endif |
|
63 |
+ repl = l->l_origin; |
|
64 |
+ } |
|
65 |
+- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0) |
|
66 |
++ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0) |
|
67 |
+ repl = GLRO(dl_platform); |
|
68 |
+- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0) |
|
69 |
++ else if ((len = is_dst (start, name, "LIB", is_path)) != 0) |
|
70 |
+ repl = DL_DST_LIB; |
|
71 |
+ |
|
72 |
+ if (repl != NULL && repl != (const char *) -1) |
|
73 |
+ |
... | ... |
@@ -0,0 +1,201 @@ |
1 |
+diff --git a/elf/dl-deps.c b/elf/dl-deps.c |
|
2 |
+index e5b9cdf..1cab2d1 100644 |
|
3 |
+--- a/elf/dl-deps.c |
|
4 |
++++ b/elf/dl-deps.c |
|
5 |
+@@ -62,7 +62,7 @@ openaux (void *a) |
|
6 |
+ { |
|
7 |
+ struct openaux_args *args = (struct openaux_args *) a; |
|
8 |
+ |
|
9 |
+- args->aux = _dl_map_object (args->map, args->name, 0, |
|
10 |
++ args->aux = _dl_map_object (args->map, args->name, |
|
11 |
+ (args->map->l_type == lt_executable |
|
12 |
+ ? lt_library : args->map->l_type), |
|
13 |
+ args->trace_mode, args->open_mode, |
|
14 |
+diff --git a/elf/dl-load.c b/elf/dl-load.c |
|
15 |
+index 776f7e4..9ab3520 100644 |
|
16 |
+--- a/elf/dl-load.c |
|
17 |
++++ b/elf/dl-load.c |
|
18 |
+@@ -1808,7 +1808,7 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader, |
|
19 |
+ if MAY_FREE_DIRS is true. */ |
|
20 |
+ |
|
21 |
+ static int |
|
22 |
+-open_path (const char *name, size_t namelen, int preloaded, |
|
23 |
++open_path (const char *name, size_t namelen, int secure, |
|
24 |
+ struct r_search_path_struct *sps, char **realname, |
|
25 |
+ struct filebuf *fbp, struct link_map *loader, int whatcode, |
|
26 |
+ bool *found_other_class) |
|
27 |
+@@ -1890,7 +1890,7 @@ open_path (const char *name, size_t namelen, int preloaded, |
|
28 |
+ /* Remember whether we found any existing directory. */ |
|
29 |
+ here_any |= this_dir->status[cnt] != nonexisting; |
|
30 |
+ |
|
31 |
+- if (fd != -1 && __builtin_expect (preloaded, 0) |
|
32 |
++ if (fd != -1 && __builtin_expect (secure, 0) |
|
33 |
+ && INTUSE(__libc_enable_secure)) |
|
34 |
+ { |
|
35 |
+ /* This is an extra security effort to make sure nobody can |
|
36 |
+@@ -1959,7 +1959,7 @@ open_path (const char *name, size_t namelen, int preloaded, |
|
37 |
+ |
|
38 |
+ struct link_map * |
|
39 |
+ internal_function |
|
40 |
+-_dl_map_object (struct link_map *loader, const char *name, int preloaded, |
|
41 |
++_dl_map_object (struct link_map *loader, const char *name, |
|
42 |
+ int type, int trace_mode, int mode, Lmid_t nsid) |
|
43 |
+ { |
|
44 |
+ int fd; |
|
45 |
+@@ -2063,7 +2063,8 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded, |
|
46 |
+ for (l = loader; l; l = l->l_loader) |
|
47 |
+ if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) |
|
48 |
+ { |
|
49 |
+- fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs, |
|
50 |
++ fd = open_path (name, namelen, mode & __RTLD_SECURE, |
|
51 |
++ &l->l_rpath_dirs, |
|
52 |
+ &realname, &fb, loader, LA_SER_RUNPATH, |
|
53 |
+ &found_other_class); |
|
54 |
+ if (fd != -1) |
|
55 |
+@@ -2078,14 +2079,15 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded, |
|
56 |
+ && main_map != NULL && main_map->l_type != lt_loaded |
|
57 |
+ && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH, |
|
58 |
+ "RPATH")) |
|
59 |
+- fd = open_path (name, namelen, preloaded, &main_map->l_rpath_dirs, |
|
60 |
++ fd = open_path (name, namelen, mode & __RTLD_SECURE, |
|
61 |
++ &main_map->l_rpath_dirs, |
|
62 |
+ &realname, &fb, loader ?: main_map, LA_SER_RUNPATH, |
|
63 |
+ &found_other_class); |
|
64 |
+ } |
|
65 |
+ |
|
66 |
+ /* Try the LD_LIBRARY_PATH environment variable. */ |
|
67 |
+ if (fd == -1 && env_path_list.dirs != (void *) -1) |
|
68 |
+- fd = open_path (name, namelen, preloaded, &env_path_list, |
|
69 |
++ fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list, |
|
70 |
+ &realname, &fb, |
|
71 |
+ loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded, |
|
72 |
+ LA_SER_LIBPATH, &found_other_class); |
|
73 |
+@@ -2094,12 +2096,12 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded, |
|
74 |
+ if (fd == -1 && loader != NULL |
|
75 |
+ && cache_rpath (loader, &loader->l_runpath_dirs, |
|
76 |
+ DT_RUNPATH, "RUNPATH")) |
|
77 |
+- fd = open_path (name, namelen, preloaded, |
|
78 |
++ fd = open_path (name, namelen, mode & __RTLD_SECURE, |
|
79 |
+ &loader->l_runpath_dirs, &realname, &fb, loader, |
|
80 |
+ LA_SER_RUNPATH, &found_other_class); |
|
81 |
+ |
|
82 |
+ if (fd == -1 |
|
83 |
+- && (__builtin_expect (! preloaded, 1) |
|
84 |
++ && (__builtin_expect (! (mode & __RTLD_SECURE), 1) |
|
85 |
+ || ! INTUSE(__libc_enable_secure))) |
|
86 |
+ { |
|
87 |
+ /* Check the list of libraries in the file /etc/ld.so.cache, |
|
88 |
+@@ -2165,7 +2167,7 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded, |
|
89 |
+ && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL |
|
90 |
+ || __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1)) |
|
91 |
+ && rtld_search_dirs.dirs != (void *) -1) |
|
92 |
+- fd = open_path (name, namelen, preloaded, &rtld_search_dirs, |
|
93 |
++ fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs, |
|
94 |
+ &realname, &fb, l, LA_SER_DEFAULT, &found_other_class); |
|
95 |
+ |
|
96 |
+ /* Add another newline when we are tracing the library loading. */ |
|
97 |
+diff --git a/elf/dl-open.c b/elf/dl-open.c |
|
98 |
+index c394b3f..cf8e8cc 100644 |
|
99 |
+--- a/elf/dl-open.c |
|
100 |
++++ b/elf/dl-open.c |
|
101 |
+@@ -223,7 +223,7 @@ dl_open_worker (void *a) |
|
102 |
+ |
|
103 |
+ /* Load the named object. */ |
|
104 |
+ struct link_map *new; |
|
105 |
+- args->map = new = _dl_map_object (call_map, file, 0, lt_loaded, 0, |
|
106 |
++ args->map = new = _dl_map_object (call_map, file, lt_loaded, 0, |
|
107 |
+ mode | __RTLD_CALLMAP, args->nsid); |
|
108 |
+ |
|
109 |
+ /* If the pointer returned is NULL this means the RTLD_NOLOAD flag is |
|
110 |
+diff --git a/elf/rtld.c b/elf/rtld.c |
|
111 |
+index 201c9cf..4a8cee8 100644 |
|
112 |
+--- a/elf/rtld.c |
|
113 |
++++ b/elf/rtld.c |
|
114 |
+@@ -587,7 +587,6 @@ struct map_args |
|
115 |
+ /* Argument to map_doit. */ |
|
116 |
+ char *str; |
|
117 |
+ struct link_map *loader; |
|
118 |
+- int is_preloaded; |
|
119 |
+ int mode; |
|
120 |
+ /* Return value of map_doit. */ |
|
121 |
+ struct link_map *map; |
|
122 |
+@@ -625,16 +624,17 @@ static void |
|
123 |
+ map_doit (void *a) |
|
124 |
+ { |
|
125 |
+ struct map_args *args = (struct map_args *) a; |
|
126 |
+- args->map = _dl_map_object (args->loader, args->str, |
|
127 |
+- args->is_preloaded, lt_library, 0, args->mode, |
|
128 |
+- LM_ID_BASE); |
|
129 |
++ args->map = _dl_map_object (args->loader, args->str, lt_library, 0, |
|
130 |
++ args->mode, LM_ID_BASE); |
|
131 |
+ } |
|
132 |
+ |
|
133 |
+ static void |
|
134 |
+ dlmopen_doit (void *a) |
|
135 |
+ { |
|
136 |
+ struct dlmopen_args *args = (struct dlmopen_args *) a; |
|
137 |
+- args->map = _dl_open (args->fname, RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT, |
|
138 |
++ args->map = _dl_open (args->fname, |
|
139 |
++ (RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT |
|
140 |
++ | __RTLD_SECURE), |
|
141 |
+ dl_main, LM_ID_NEWLM, _dl_argc, INTUSE(_dl_argv), |
|
142 |
+ __environ); |
|
143 |
+ } |
|
144 |
+@@ -804,8 +804,7 @@ do_preload (char *fname, struct link_map *main_map, const char *where) |
|
145 |
+ |
|
146 |
+ args.str = fname; |
|
147 |
+ args.loader = main_map; |
|
148 |
+- args.is_preloaded = 1; |
|
149 |
+- args.mode = 0; |
|
150 |
++ args.mode = __RTLD_SECURE; |
|
151 |
+ |
|
152 |
+ unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded; |
|
153 |
+ |
|
154 |
+@@ -1050,7 +1049,6 @@ of this helper program; chances are you did not intend to run this program.\n\ |
|
155 |
+ |
|
156 |
+ args.str = rtld_progname; |
|
157 |
+ args.loader = NULL; |
|
158 |
+- args.is_preloaded = 0; |
|
159 |
+ args.mode = __RTLD_OPENEXEC; |
|
160 |
+ (void) _dl_catch_error (&objname, &err_str, &malloced, map_doit, |
|
161 |
+ &args); |
|
162 |
+@@ -1062,7 +1060,7 @@ of this helper program; chances are you did not intend to run this program.\n\ |
|
163 |
+ else |
|
164 |
+ { |
|
165 |
+ HP_TIMING_NOW (start); |
|
166 |
+- _dl_map_object (NULL, rtld_progname, 0, lt_library, 0, |
|
167 |
++ _dl_map_object (NULL, rtld_progname, lt_library, 0, |
|
168 |
+ __RTLD_OPENEXEC, LM_ID_BASE); |
|
169 |
+ HP_TIMING_NOW (stop); |
|
170 |
+ |
|
171 |
+diff --git a/include/dlfcn.h b/include/dlfcn.h |
|
172 |
+index a67426d..af92483 100644 |
|
173 |
+--- a/include/dlfcn.h |
|
174 |
++++ b/include/dlfcn.h |
|
175 |
+@@ -9,6 +9,7 @@ |
|
176 |
+ #define __RTLD_OPENEXEC 0x20000000 |
|
177 |
+ #define __RTLD_CALLMAP 0x10000000 |
|
178 |
+ #define __RTLD_AUDIT 0x08000000 |
|
179 |
++#define __RTLD_SECURE 0x04000000 /* Apply additional security checks. */ |
|
180 |
+ |
|
181 |
+ #define __LM_ID_CALLER -2 |
|
182 |
+ |
|
183 |
+diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h |
|
184 |
+index fcc943b..fa4b6b2 100644 |
|
185 |
+--- a/sysdeps/generic/ldsodefs.h |
|
186 |
++++ b/sysdeps/generic/ldsodefs.h |
|
187 |
+@@ -824,11 +824,9 @@ extern void _dl_receive_error (receiver_fct fct, void (*operate) (void *), |
|
188 |
+ |
|
189 |
+ /* Open the shared object NAME and map in its segments. |
|
190 |
+ LOADER's DT_RPATH is used in searching for NAME. |
|
191 |
+- If the object is already opened, returns its existing map. |
|
192 |
+- For preloaded shared objects PRELOADED is set to a non-zero |
|
193 |
+- value to allow additional security checks. */ |
|
194 |
++ If the object is already opened, returns its existing map. */ |
|
195 |
+ extern struct link_map *_dl_map_object (struct link_map *loader, |
|
196 |
+- const char *name, int preloaded, |
|
197 |
++ const char *name, |
|
198 |
+ int type, int trace_mode, int mode, |
|
199 |
+ Lmid_t nsid) |
|
200 |
+ internal_function attribute_hidden; |
|
201 |
+ |
... | ... |
@@ -0,0 +1,64 @@ |
1 |
+#!/sbin/runscript |
|
2 |
+# Copyright 1999-2005 Gentoo Foundation |
|
3 |
+# Distributed under the terms of the GNU General Public License v2 |
|
4 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nscd,v 1.7 2007/02/23 12:09:39 uberlord Exp $ |
|
5 |
+ |
|
6 |
+depend() { |
|
7 |
+ use dns ldap net slapd |
|
8 |
+} |
|
9 |
+ |
|
10 |
+checkconfig() { |
|
11 |
+ if [ ! -d /var/run/nscd ] ; then |
|
12 |
+ mkdir -p /var/run/nscd |
|
13 |
+ chmod 755 /var/run/nscd |
|
14 |
+ fi |
|
15 |
+ if [ -z "${NSCD_PERMS_OK}" ] && [ "$(stat -c %a /var/run/nscd)" != "755" ] ; then |
|
16 |
+ echo "" |
|
17 |
+ ewarn "nscd run dir is not world readable, you should reset the perms:" |
|
18 |
+ ewarn "chmod 755 /var/run/nscd" |
|
19 |
+ ewarn "chmod a+rw /var/run/nscd/socket" |
|
20 |
+ echo "" |
|
21 |
+ ewarn "To disable this warning, set 'NSCD_PERMS_OK' in /etc/conf.d/nscd" |
|
22 |
+ echo "" |
|
23 |
+ fi |
|
24 |
+} |
|
25 |
+ |
|
26 |
+start() { |
|
27 |
+ checkconfig |
|
28 |
+ |
|
29 |
+ ebegin "Starting Name Service Cache Daemon" |
|
30 |
+ local secure=`while read curline ; do |
|
31 |
+ table=${curline%:*} |
|
32 |
+ entries=${curline##$table:} |
|
33 |
+ table=${table%%[^a-z]*} |
|
34 |
+ case $table in |
|
35 |
+ passwd*|group*|hosts) |
|
36 |
+ for entry in $entries ; do |
|
37 |
+ case $entry in |
|
38 |
+ nisplus*) |
|
39 |
+ /usr/sbin/nscd_nischeck $table || \ |
|
40 |
+ /echo "-S $table,yes" |
|
41 |
+ ;; |
|
42 |
+ esac |
|
43 |
+ done |
|
44 |
+ ;; |
|
45 |
+ esac |
|
46 |
+ done < /etc/nsswitch.conf` |
|
47 |
+ local pidfile="$(strings /usr/sbin/nscd | grep nscd.pid)" |
|
48 |
+ mkdir -p "$(dirname ${pidfile})" |
|
49 |
+ save_options pidfile "${pidfile}" |
|
50 |
+ start-stop-daemon --start --quiet \ |
|
51 |
+ --exec /usr/sbin/nscd --pidfile "${pidfile}" \ |
|
52 |
+ -- $secure |
|
53 |
+ eend $? |
|
54 |
+} |
|
55 |
+ |
|
56 |
+stop() { |
|
57 |
+ local pidfile="$(get_options pidfile)" |
|
58 |
+ [ -n "${pidfile}" ] && pidfile="--pidfile ${pidfile}" |
|
59 |
+ ebegin "Shutting down Name Service Cache Daemon" |
|
60 |
+ start-stop-daemon --stop --quiet --exec /usr/sbin/nscd ${pidfile} |
|
61 |
+ eend $? |
|
62 |
+} |
|
63 |
+ |
|
64 |
+# vim:ts=4 |
... | ... |
@@ -0,0 +1,24 @@ |
1 |
+# /etc/nsswitch.conf: |
|
2 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nsswitch.conf,v 1.1 2005/05/17 00:52:41 vapier Exp $ |
|
3 |
+ |
|
4 |
+passwd: compat |
|
5 |
+shadow: compat |
|
6 |
+group: compat |
|
7 |
+ |
|
8 |
+# passwd: db files nis |
|
9 |
+# shadow: db files nis |
|
10 |
+# group: db files nis |
|
11 |
+ |
|
12 |
+hosts: files dns |
|
13 |
+networks: files dns |
|
14 |
+ |
|
15 |
+services: db files |
|
16 |
+protocols: db files |
|
17 |
+rpc: db files |
|
18 |
+ethers: db files |
|
19 |
+netmasks: files |
|
20 |
+netgroup: files |
|
21 |
+bootparams: files |
|
22 |
+ |
|
23 |
+automount: files |
|
24 |
+aliases: files |
... | ... |
@@ -0,0 +1,247 @@ |
1 |
+# Copyright 1999-2010 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.11.2-r1.ebuild,v 1.2 2010/10/25 03:05:00 jer Exp $ |
|
4 |
+ |
|
5 |
+inherit eutils versionator libtool toolchain-funcs flag-o-matic gnuconfig multilib |
|
6 |
+ |
|
7 |
+DESCRIPTION="GNU libc6 (also called glibc2) C library" |
|
8 |
+HOMEPAGE="http://www.gnu.org/software/libc/libc.html" |
|
9 |
+ |
|
10 |
+LICENSE="LGPL-2" |
|
11 |
+KEYWORDS="~alpha amd64 ~arm hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
|
12 |
+RESTRICT="strip" # strip ourself #46186 |
|
13 |
+EMULTILIB_PKG="true" |
|
14 |
+ |
|
15 |
+# Configuration variables |
|
16 |
+if [[ ${PV} == *_p* ]] ; then |
|
17 |
+RELEASE_VER=${PV%_p*} |
|
18 |
+BRANCH_UPDATE="" |
|
19 |
+SNAP_VER=${PV#*_p} |
|
20 |
+else |
|
21 |
+RELEASE_VER=${PV} |
|
22 |
+BRANCH_UPDATE="" |
|
23 |
+SNAP_VER="" |
|
24 |
+fi |
|
25 |
+MANPAGE_VER="" # pregenerated manpages |
|
26 |
+INFOPAGE_VER="" # pregenerated infopages |
|
27 |
+LIBIDN_VER="" # it's integrated into the main tarball now |
|
28 |
+PATCH_VER="4" # Gentoo patchset |
|
29 |
+PORTS_VER=${RELEASE_VER%.?} # version of glibc ports addon |
|
30 |
+LT_VER="" # version of linuxthreads addon |
|
31 |
+NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires |
|
32 |
+#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires |
|
33 |
+ |
|
34 |
+IUSE="debug gd glibc-omitfp hardened multilib nls selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}" |
|
35 |
+S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} |
|
36 |
+ |
|
37 |
+# Here's how the cross-compile logic breaks down ... |
|
38 |
+# CTARGET - machine that will target the binaries |
|
39 |
+# CHOST - machine that will host the binaries |
|
40 |
+# CBUILD - machine that will build the binaries |
|
41 |
+# If CTARGET != CHOST, it means you want a libc for cross-compiling. |
|
42 |
+# If CHOST != CBUILD, it means you want to cross-compile the libc. |
|
43 |
+# CBUILD = CHOST = CTARGET - native build/install |
|
44 |
+# CBUILD != (CHOST = CTARGET) - cross-compile a native build |
|
45 |
+# (CBUILD = CHOST) != CTARGET - libc for cross-compiler |
|
46 |
+# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler |
|
47 |
+# For install paths: |
|
48 |
+# CHOST = CTARGET - install into / |
|
49 |
+# CHOST != CTARGET - install into /usr/CTARGET/ |
|
50 |
+ |
|
51 |
+export CBUILD=${CBUILD:-${CHOST}} |
|
52 |
+export CTARGET=${CTARGET:-${CHOST}} |
|
53 |
+if [[ ${CTARGET} == ${CHOST} ]] ; then |
|
54 |
+ if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then |
|
55 |
+ export CTARGET=${CATEGORY/cross-} |
|
56 |
+ fi |
|
57 |
+fi |
|
58 |
+ |
|
59 |
+[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} |
|
60 |
+ |
|
61 |
+is_crosscompile() { |
|
62 |
+ [[ ${CHOST} != ${CTARGET} ]] |
|
63 |
+} |
|
64 |
+alt_libdir() { |
|
65 |
+ if is_crosscompile ; then |
|
66 |
+ echo /usr/${CTARGET}/$(get_libdir) |
|
67 |
+ else |
|
68 |
+ echo /$(get_libdir) |
|
69 |
+ fi |
|
70 |
+} |
|
71 |
+ |
|
72 |
+if is_crosscompile ; then |
|
73 |
+ SLOT="${CTARGET}-2.2" |
|
74 |
+else |
|
75 |
+ # Why SLOT 2.2 you ask yourself while sippin your tea ? |
|
76 |
+ # Everyone knows 2.2 > 0, duh. |
|
77 |
+ SLOT="2.2" |
|
78 |
+ PROVIDE="virtual/libc" |
|
79 |
+fi |
|
80 |
+ |
|
81 |
+# General: We need a new-enough binutils for as-needed |
|
82 |
+# arch: we need to make sure our binutils/gcc supports TLS |
|
83 |
+DEPEND=">=sys-devel/gcc-3.4.4 |
|
84 |
+ arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) |
|
85 |
+ x86? ( >=sys-devel/gcc-4.3 ) |
|
86 |
+ amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) |
|
87 |
+ ppc? ( >=sys-devel/gcc-4.1.0 ) |
|
88 |
+ ppc64? ( >=sys-devel/gcc-4.1.0 ) |
|
89 |
+ >=sys-devel/binutils-2.15.94 |
|
90 |
+ ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} |
|
91 |
+ >=sys-devel/gcc-config-1.3.12 |
|
92 |
+ >=app-misc/pax-utils-0.1.10 |
|
93 |
+ virtual/os-headers |
|
94 |
+ nls? ( sys-devel/gettext ) |
|
95 |
+ >=sys-apps/sandbox-1.2.18.1-r2 |
|
96 |
+ !<sys-apps/portage-2.1.2 |
|
97 |
+ selinux? ( sys-libs/libselinux )" |
|
98 |
+RDEPEND="!sys-kernel/ps3-sources |
|
99 |
+ nls? ( sys-devel/gettext ) |
|
100 |
+ selinux? ( sys-libs/libselinux )" |
|
101 |
+ |
|
102 |
+if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then |
|
103 |
+ DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" |
|
104 |
+ [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" |
|
105 |
+else |
|
106 |
+ DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" |
|
107 |
+ RDEPEND="${RDEPEND} |
|
108 |
+ vanilla? ( !sys-libs/timezone-data ) |
|
109 |
+ !vanilla? ( sys-libs/timezone-data )" |
|
110 |
+fi |
|
111 |
+ |
|
112 |
+SRC_URI=$( |
|
113 |
+ upstream_uris() { |
|
114 |
+ echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 |
|
115 |
+ } |
|
116 |
+ gentoo_uris() { |
|
117 |
+ local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" |
|
118 |
+ devspace=${devspace//HTTP/http://dev.gentoo.org/} |
|
119 |
+ echo mirror://gentoo/$1 ${devspace//URI/$1} |
|
120 |
+ } |
|
121 |
+ |
|
122 |
+ TARNAME=${PN} |
|
123 |
+ if [[ -n ${SNAP_VER} ]] ; then |
|
124 |
+ TARNAME="${PN}-${RELEASE_VER}" |
|
125 |
+ [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} |
|
126 |
+ upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 |
|
127 |
+ else |
|
128 |
+ upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 |
|
129 |
+ fi |
|
130 |
+ [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 |
|
131 |
+ [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 |
|
132 |
+ [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 |
|
133 |
+ [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 |
|
134 |
+ [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 |
|
135 |
+ [[ -n ${MANPAGE_VER} ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2 |
|
136 |
+ [[ -n ${INFOPAGE_VER} ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2 |
|
137 |
+) |
|
138 |
+ |
|
139 |
+# eblit-include [--skip] <function> [version] |
|
140 |
+eblit-include() { |
|
141 |
+ local skipable=false |
|
142 |
+ [[ $1 == "--skip" ]] && skipable=true && shift |
|
143 |
+ [[ $1 == pkg_* ]] && skipable=true |
|
144 |
+ |
|
145 |
+ local e v func=$1 ver=$2 |
|
146 |
+ [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" |
|
147 |
+ for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do |
|
148 |
+ e="${FILESDIR}/eblits/${func}${v}.eblit" |
|
149 |
+ if [[ -e ${e} ]] ; then |
|
150 |
+ source "${e}" |
|
151 |
+ return 0 |
|
152 |
+ fi |
|
153 |
+ done |
|
154 |
+ ${skipable} && return 0 |
|
155 |
+ die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" |
|
156 |
+} |
|
157 |
+ |
|
158 |
+# eblit-run-maybe <function> |
|
159 |
+# run the specified function if it is defined |
|
160 |
+eblit-run-maybe() { |
|
161 |
+ [[ $(type -t "$@") == "function" ]] && "$@" |
|
162 |
+} |
|
163 |
+ |
|
164 |
+# eblit-run <function> [version] |
|
165 |
+# aka: src_unpack() { eblit-run src_unpack ; } |
|
166 |
+eblit-run() { |
|
167 |
+ eblit-include --skip common "${*:2}" |
|
168 |
+ eblit-include "$@" |
|
169 |
+ eblit-run-maybe eblit-$1-pre |
|
170 |
+ eblit-${PN}-$1 |
|
171 |
+ eblit-run-maybe eblit-$1-post |
|
172 |
+} |
|
173 |
+ |
|
174 |
+src_unpack() { eblit-run src_unpack ; |
|
175 |
+ cd "${S}" |
|
176 |
+ epatch "${FILESDIR}/glibc-sec1" |
|
177 |
+ epatch "${FILESDIR}/glibc-sec2" |
|
178 |
+} |
|
179 |
+src_compile() { eblit-run src_compile ; } |
|
180 |
+src_test() { eblit-run src_test ; } |
|
181 |
+src_install() { eblit-run src_install ; } |
|
182 |
+ |
|
183 |
+# FILESDIR might not be available during binpkg install |
|
184 |
+for x in setup {pre,post}inst ; do |
|
185 |
+ e="${FILESDIR}/eblits/pkg_${x}.eblit" |
|
186 |
+ if [[ -e ${e} ]] ; then |
|
187 |
+ . "${e}" |
|
188 |
+ eval "pkg_${x}() { eblit-run pkg_${x} ; }" |
|
189 |
+ fi |
|
190 |
+done |
|
191 |
+ |
|
192 |
+eblit-src_unpack-post() { |
|
193 |
+ if use hardened ; then |
|
194 |
+ cd "${S}" |
|
195 |
+ einfo "Patching to get working PIE binaries on PIE (hardened) platforms" |
|
196 |
+ gcc-specs-pie && epatch "${FILESDIR}"/2.11/glibc-2.11-hardened-pie.patch |
|
197 |
+ epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch |
|
198 |
+ epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch |
|
199 |
+ |
|
200 |
+ einfo "Patching Glibc to support older SSP __guard" |
|
201 |
+ epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-ssp-compat.patch |
|
202 |
+ |
|
203 |
+ einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" |
|
204 |
+ cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ |
|
205 |
+ debug/stack_chk_fail.c || die |
|
206 |
+ cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ |
|
207 |
+ debug/chk_fail.c || die |
|
208 |
+ |
|
209 |
+ if use debug ; then |
|
210 |
+ # When using Hardened Gentoo stack handler, have smashes dump core for |
|
211 |
+ # analysis - debug only, as core could be an information leak |
|
212 |
+ # (paranoia). |
|
213 |
+ sed -i \ |
|
214 |
+ -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ |
|
215 |
+ debug/Makefile \ |
|
216 |
+ || die "Failed to modify debug/Makefile for debug stack handler" |
|
217 |
+ sed -i \ |
|
218 |
+ -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ |
|
219 |
+ debug/Makefile \ |
|
220 |
+ || die "Failed to modify debug/Makefile for debug fortify handler" |
|
221 |
+ fi |
|
222 |
+ |
|
223 |
+ # Build nscd with ssp-all |
|
224 |
+ sed -i \ |
|
225 |
+ -e 's:-fstack-protector$:-fstack-protector-all:' \ |
|
226 |
+ nscd/Makefile \ |
|
227 |
+ || die "Failed to ensure nscd builds with ssp-all" |
|
228 |
+ fi |
|
229 |
+} |
|
230 |
+ |
|
231 |
+maint_pkg_create() { |
|
232 |
+ local base="/usr/local/src/gnu/glibc/glibc-${PV:0:1}_${PV:2:1}" |
|
233 |
+ cd ${base} |
|
234 |
+ local stamp=$(date +%Y%m%d) |
|
235 |
+ local d |
|
236 |
+ for d in libc ports ; do |
|
237 |
+ #(cd ${d} && cvs up) |
|
238 |
+ case ${d} in |
|
239 |
+ libc) tarball="${P}";; |
|
240 |
+ ports) tarball="${PN}-ports-${PV}";; |
|
241 |
+ esac |
|
242 |
+ rm -f ${tarball}* |
|
243 |
+ ln -sf ${d} ${tarball} |
|
244 |
+ tar hcf - ${tarball} --exclude-vcs | lzma > "${T}"/${tarball}.tar.lzma |
|
245 |
+ du -b "${T}"/${tarball}.tar.lzma |
|
246 |
+ done |
|
247 |
+} |
|
0 | 248 |