diff options
| author |   Sergei Trofimovich <slyfox@gentoo.org> | 2020-02-22 09:39:04 +0000 |
|---|---|---|
| committer | Sergei Trofimovich <slyfox@gentoo.org> | 2020-02-22 09:39:04 +0000 |
| commit | ba79ef07c9aea05907210217ee8bcb705e43c8c7 (patch) | |
| tree | ef2bf9ce68aa73308d2d1c1977214318a950b8ee /sys-libs/glibc/files | |
| parent | gcc: drop USE=offline flag (diff) | |
| download | toolchain-ba79ef07c9aea05907210217ee8bcb705e43c8c7.tar.gz toolchain-ba79ef07c9aea05907210217ee8bcb705e43c8c7.tar.bz2 toolchain-ba79ef07c9aea05907210217ee8bcb705e43c8c7.zip | |
drop outdated packages
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Diffstat (limited to 'sys-libs/glibc/files')
24 files changed, 0 insertions, 3926 deletions
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c b/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c deleted file mode 100644 index 37711e8..0000000 --- a/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c +++ /dev/null @@ -1,315 +0,0 @@ -/* Copyright (C) 2004, 2005 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ - -/* Copyright (C) 2006-2008 Gentoo Foundation Inc. - * License terms as above. - * - * Hardened Gentoo SSP and FORTIFY handler - * - * An SSP failure handler that does not use functions from the rest of - * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures - * no possibility of recursion into the handler. - * - * Direct all bug reports to http://bugs.gentoo.org/ - * - * Re-written from the glibc-2.3 Hardened Gentoo SSP handler - * by Kevin F. Quinn - <kevquinn[@]gentoo.org> - * - * The following people contributed to the glibc-2.3 Hardened - * Gentoo SSP and FORTIFY handler, from which this implementation draws much: - * - * Ned Ludd - <solar[@]gentoo.org> - * Alexander Gabert - <pappy[@]gentoo.org> - * The PaX Team - <pageexec[@]freemail.hu> - * Peter S. Mazinger - <ps.m[@]gmx.net> - * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> - * Robert Connolly - <robert[@]linuxfromscratch.org> - * Cory Visi <cory[@]visi.name> - * Mike Frysinger <vapier[@]gentoo.org> - * Magnus Granberg <zorry[@]ume.nu> - */ - -#include <stdio.h> -#include <stdlib.h> -#include <errno.h> -#include <unistd.h> -#include <signal.h> - -#include <sys/types.h> - -#include <sysdep-cancel.h> -#include <sys/syscall.h> -#include <bp-checks.h> - -#include <kernel-features.h> - -#include <alloca.h> -/* from sysdeps */ -#include <socketcall.h> -/* for the stuff in bits/socket.h */ -#include <sys/socket.h> -#include <sys/un.h> - -/* Sanity check on SYSCALL macro names - force compilation - * failure if the names used here do not exist - */ -#if !defined __NR_socketcall && !defined __NR_socket -# error Cannot do syscall socket or socketcall -#endif -#if !defined __NR_socketcall && !defined __NR_connect -# error Cannot do syscall connect or socketcall -#endif -#ifndef __NR_write -# error Cannot do syscall write -#endif -#ifndef __NR_close -# error Cannot do syscall close -#endif -#ifndef __NR_getpid -# error Cannot do syscall getpid -#endif -#ifndef __NR_kill -# error Cannot do syscall kill -#endif -#ifndef __NR_exit -# error Cannot do syscall exit -#endif -#ifdef SSP_SMASH_DUMPS_CORE -# define ENABLE_SSP_SMASH_DUMPS_CORE 1 -# if !defined _KERNEL_NSIG && !defined _NSIG -# error No _NSIG or _KERNEL_NSIG for rt_sigaction -# endif -# if !defined __NR_sigaction && !defined __NR_rt_sigaction -# error Cannot do syscall sigaction or rt_sigaction -# endif -/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size - * of the _kernel_ sigset_t which is not the same as the user sigset_t. - * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for - * some reason. - */ -# ifdef _KERNEL_NSIG -# define _SSP_NSIG _KERNEL_NSIG -# else -# define _SSP_NSIG _NSIG -# endif -#else -# define _SSP_NSIG 0 -# define ENABLE_SSP_SMASH_DUMPS_CORE 0 -#endif - -/* Define DO_SIGACTION - default to newer rt signal interface but - * fallback to old as needed. - */ -#ifdef __NR_rt_sigaction -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) -#else -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(sigaction, 3, signum, act, oldact) -#endif - -/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ -#if defined(__NR_socket) && defined(__NR_connect) -# define USE_OLD_SOCKETCALL 0 -#else -# define USE_OLD_SOCKETCALL 1 -#endif - -/* stub out the __NR_'s so we can let gcc optimize away dead code */ -#ifndef __NR_socketcall -# define __NR_socketcall 0 -#endif -#ifndef __NR_socket -# define __NR_socket 0 -#endif -#ifndef __NR_connect -# define __NR_connect 0 -#endif -#define DO_SOCKET(result, domain, type, protocol) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = domain; \ - socketargs[1] = type; \ - socketargs[2] = protocol; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ - } else \ - result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ - } while (0) -#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = sockfd; \ - socketargs[1] = (unsigned long int)serv_addr; \ - socketargs[2] = addrlen; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ - } else \ - result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ - } while (0) - -#ifndef _PATH_LOG -# define _PATH_LOG "/dev/log" -#endif - -static const char path_log[] = _PATH_LOG; - -/* For building glibc with SSP switched on, define __progname to a - * constant if building for the run-time loader, to avoid pulling - * in more of libc.so into ld.so - */ -#ifdef IS_IN_rtld -static char *__progname = "<rtld>"; -#else -extern char *__progname; -#endif - -/* Common handler code, used by chk_fail - * Inlined to ensure no self-references to the handler within itself. - * Data static to avoid putting more than necessary on the stack, - * to aid core debugging. - */ -__attribute__ ((__noreturn__ , __always_inline__)) -static inline void -__hardened_gentoo_chk_fail(char func[], int damaged) -{ -#define MESSAGE_BUFSIZ 256 - static pid_t pid; - static int plen, i; - static char message[MESSAGE_BUFSIZ]; - static const char msg_ssa[] = ": buffer overflow attack"; - static const char msg_inf[] = " in function "; - static const char msg_ssd[] = "*** buffer overflow detected ***: "; - static const char msg_terminated[] = " - terminated\n"; - static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; - static const char msg_unknown[] = "<unknown>"; - static int log_socket, connect_result; - static struct sockaddr_un sock; - static unsigned long int socketargs[4]; - - /* Build socket address - */ - sock.sun_family = AF_UNIX; - i = 0; - while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { - sock.sun_path[i] = path_log[i]; - i++; - } - sock.sun_path[i] = '\0'; - - /* Try SOCK_DGRAM connection to syslog */ - connect_result = -1; - DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - if (connect_result == -1) { - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - /* Try SOCK_STREAM connection to syslog */ - DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - } - - /* Build message. Messages are generated both in the old style and new style, - * so that log watchers that are configured for the old-style message continue - * to work. - */ -#define strconcat(str) \ - {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ - {\ - message[plen+i]=str[i];\ - i++;\ - }\ - plen+=i;} - - /* R.Henderson post-gcc-4 style message */ - plen = 0; - strconcat(msg_ssd); - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Dr. Etoh pre-gcc-4 style message */ - plen = 0; - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_ssa); - strconcat(msg_inf); - if (func != NULL) - strconcat(func) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Direct reports to bugs.gentoo.org */ - plen=0; - strconcat(msg_report); - message[plen++]='\0'; - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - - /* Suicide */ - pid = INLINE_SYSCALL(getpid, 0); - - if (ENABLE_SSP_SMASH_DUMPS_CORE) { - static struct sigaction default_abort_act; - /* Remove any user-supplied handler for SIGABRT, before using it */ - default_abort_act.sa_handler = SIG_DFL; - default_abort_act.sa_sigaction = NULL; - __sigfillset(&default_abort_act.sa_mask); - default_abort_act.sa_flags = 0; - if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) - INLINE_SYSCALL(kill, 2, pid, SIGABRT); - } - - /* Note; actions cannot be added to SIGKILL */ - INLINE_SYSCALL(kill, 2, pid, SIGKILL); - - /* In case the kill didn't work, exit anyway - * The loop prevents gcc thinking this routine returns - */ - while (1) - INLINE_SYSCALL(exit, 0); -} - -__attribute__ ((__noreturn__)) -void __chk_fail(void) -{ - __hardened_gentoo_chk_fail(NULL, 0); -} - diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch deleted file mode 100644 index e75ccc7..0000000 --- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch +++ /dev/null @@ -1,30 +0,0 @@ -Prevent default-fPIE from confusing configure into thinking -PIC code is default. This causes glibc to build both PIC and -non-PIC code as normal, which on the hardened compiler generates -PIC and PIE. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> -Fixed for glibc 2.10 by Magnus Granberg <zorry@ume.nu> - ---- configure.in -+++ configure.in -@@ -2145,7 +2145,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then - libc_cv_pic_default=no - fi - rm -f conftest.*]) ---- configure -+++ configure -@@ -7698,7 +7698,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then - libc_cv_pic_default=no - fi - rm -f conftest.* diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch deleted file mode 100644 index cb6d8e3..0000000 --- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,274 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> -Fixed for 2.10 by Magnus Granberg <zorry@ume.nu> - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include <tls.h> -+#include <sysdep.h> - #ifndef SHARED - # include <dl-osinfo.h> - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - - /* Set up the stack checker's canary. */ - uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include <unistd.h> - #include <stdio.h> - #include <sys/param.h> -+#include <sysdep.h> - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - #include <errno.h> - #include <stdint.h> - #include <unistd.h> -+#include <sysdep.h> - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch deleted file mode 100644 index a1c9eef..0000000 --- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch +++ /dev/null @@ -1,168 +0,0 @@ -Add backwards compat support for gcc-3.x ssp ... older ssp versions -used __guard and __stack_smash_handler symbols while gcc-4.1 and newer -uses __stack_chk_guard and __stack_chk_fail. - ---- config.h.in -+++ config.h.in -@@ -42,6 +42,9 @@ - assembler instructions per line. Default is `;' */ - #undef ASM_LINE_SEP - -+/* Define if we want to enable support for old ssp symbols */ -+#undef ENABLE_OLD_SSP_COMPAT -+ - /* Define if not using ELF, but `.init' and `.fini' sections are available. */ - #undef HAVE_INITFINI - ---- configure -+++ configure -@@ -1378,6 +1378,9 @@ Optional Features: - --enable-kernel=VERSION compile for compatibility with kernel not older than - VERSION - --enable-all-warnings enable all useful warnings gcc can issue -+ --disable-old-ssp-compat -+ enable support for older ssp symbols -+ [default=no] - --enable-multi-arch enable single DSO with optimizations for multiple - architectures - --enable-experimental-malloc -@@ -6462,6 +6465,20 @@ fi - $as_echo "$libc_cv_ssp" >&6; } - - -+# Check whether --enable-old-ssp-compat or --disable-old-ssp-compat was given. -+if test "${enable_old_ssp_compat+set}" = set; then -+ enableval="$enable_old_ssp_compat" -+ enable_old_ssp_compat=$enableval -+else -+ enable_old_ssp_compat=no -+fi; -+if test "x$enable_old_ssp_compat" = "xyes"; then -+ cat >>confdefs.h <<\_ACEOF -+#define ENABLE_OLD_SSP_COMPAT 1 -+_ACEOF -+ -+fi -+ - { $as_echo "$as_me:$LINENO: checking for -fgnu89-inline" >&5 - $as_echo_n "checking for -fgnu89-inline... " >&6; } - if test "${libc_cv_gnu89_inline+set}" = set; then ---- configure.in -+++ configure.in -@@ -1641,6 +1641,15 @@ fi - rm -f conftest*]) - AC_SUBST(libc_cv_ssp) - -+AC_ARG_ENABLE([old-ssp-compat], -+ AC_HELP_STRING([--enable-old-ssp-compat], -+ [enable support for older ssp symbols @<:@default=no@:>@]), -+ [enable_old_ssp_compat=$enableval], -+ [enable_old_ssp_compat=no]) -+if test "x$enable_old_ssp_compat" = "xyes"; then -+ AC_DEFINE(ENABLE_OLD_SSP_COMPAT) -+fi -+ - AC_CACHE_CHECK(for -fgnu89-inline, libc_cv_gnu89_inline, [dnl - cat > conftest.c <<EOF - int foo; ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -37,6 +37,9 @@ extern void __pthread_initialize_minimal - uintptr_t __stack_chk_guard attribute_relro; - # endif - #endif -+#ifdef ENABLE_OLD_SSP_COMPAT -+uintptr_t __guard attribute_relro; -+#endif - - #ifdef HAVE_PTR_NTHREADS - /* We need atomic operations. */ -@@ -141,6 +145,9 @@ LIBC_START_MAIN (int (*main) (int, char - - /* Set up the stack checker's canary. */ - uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); -+#ifdef ENABLE_OLD_SSP_COMPAT -+ __guard = stack_chk_guard; -+#endif - # ifdef THREAD_SET_STACK_GUARD - THREAD_SET_STACK_GUARD (stack_chk_guard); - # else ---- csu/Versions -+++ csu/Versions -@@ -17,6 +17,12 @@ libc { - # New special glibc functions. - gnu_get_libc_release; gnu_get_libc_version; - } -+ GLIBC_2.3.2 { -+%ifdef ENABLE_OLD_SSP_COMPAT -+ # global objects and functions for the old propolice patch in gcc -+ __guard; -+%endif -+ } - GLIBC_PRIVATE { - %if HAVE___THREAD - # This version is for the TLS symbol, GLIBC_2.0 is the old object symbol. ---- debug/Versions -+++ debug/Versions -@@ -10,6 +10,12 @@ libc { - # These are to support some gcc features. - __cyg_profile_func_enter; __cyg_profile_func_exit; - } -+%ifdef ENABLE_OLD_SSP_COMPAT -+ GLIBC_2.3.2 { -+ # backwards ssp compat support; alias to __stack_chk_fail -+ __stack_smash_handler; -+ } -+%endif - GLIBC_2.3.4 { - __chk_fail; - __memcpy_chk; __memmove_chk; __mempcpy_chk; __memset_chk; __stpcpy_chk; ---- elf/rtld.c -+++ elf/rtld.c -@@ -89,6 +89,9 @@ INTDEF(_dl_argv) - in thread local area. */ - uintptr_t __stack_chk_guard attribute_relro; - #endif -+#ifdef ENABLE_OLD_SSP_COMPAT -+uintptr_t __guard attribute_relro; -+#endif - - /* Only exported for architectures that don't store the pointer guard - value in thread local area. */ -@@ -1817,6 +1821,9 @@ ERROR: ld.so: object '%s' cannot be load - - /* Set up the stack checker's canary. */ - uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); -+#ifdef ENABLE_OLD_SSP_COMPAT -+ __guard = stack_chk_guard; -+#endif - #ifdef THREAD_SET_STACK_GUARD - THREAD_SET_STACK_GUARD (stack_chk_guard); - #else ---- elf/Versions -+++ elf/Versions -@@ -43,6 +43,12 @@ ld { - # runtime interface to TLS - __tls_get_addr; - } -+%ifdef ENABLE_OLD_SSP_COMPAT -+ GLIBC_2.3.2 { -+ # backwards ssp compat support -+ __guard; -+ } -+%endif - GLIBC_2.4 { - # stack canary - __stack_chk_guard; ---- Versions.def -+++ Versions.def -@@ -109,6 +109,9 @@ ld { - GLIBC_2.0 - GLIBC_2.1 - GLIBC_2.3 -+%ifdef ENABLE_OLD_SSP_COMPAT -+ GLIBC_2.3.2 -+%endif - GLIBC_2.4 - GLIBC_PRIVATE - } diff --git a/sys-libs/glibc/files/2.11/glibc-2.11-hardened-pie.patch b/sys-libs/glibc/files/2.11/glibc-2.11-hardened-pie.patch deleted file mode 100644 index df7292f..0000000 --- a/sys-libs/glibc/files/2.11/glibc-2.11-hardened-pie.patch +++ /dev/null @@ -1,40 +0,0 @@ -http://bugs.gentoo.org/292139 - -2009-11-08 Magnus Granberg <zorry@ume.nu> - - * Makeconfig (+link): Set to +link-pie. - (+link-static): Change $(static-start-installed-name) to - S$(static-start-installed-name). - (+prector): Set to +prectorS. - (+postctor): Set to +postctorS. - ---- libc/Makeconfig -+++ libc/Makeconfig -@@ -447,11 +447,12 @@ - $(common-objpfx)libc% $(+postinit),$^) \ - $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) - endif -++link = $(+link-pie) - # Command for statically linking programs with the C library. - ifndef +link-static - +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -549,11 +550,10 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) --print-file-name=crtbegin.o` --+postctor = `$(CC) --print-file-name=crtend.o` --# Variants of the two previous definitions for linking PIE programs. - +prectorS = `$(CC) --print-file-name=crtbeginS.o` - +postctorS = `$(CC) --print-file-name=crtendS.o` -++prector = $(+prectorS) -++postctor = $(+postctorS) - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch b/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch deleted file mode 100644 index 3315171..0000000 --- a/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch +++ /dev/null @@ -1,39 +0,0 @@ -2010-08-11 Magnus Granberg <zorry@ume.nu> - - #332331 - * Makeconfig (+link): Set to +link-pie. - (+link-static): Change $(static-start-installed-name) to - S$(static-start-installed-name). - (+prector): Set to +prectorS. - (+postctor): Set to +postctorS. - ---- libc/Makeconfig -+++ libc/Makeconfig -@@ -447,11 +447,12 @@ - $(common-objpfx)libc% $(+postinit),$^) \ - $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) - endif -++link = $(+link-pie) - # Command for statically linking programs with the C library. - ifndef +link-static - +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -549,11 +550,10 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` --+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` --# Variants of the two previous definitions for linking PIE programs. - +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` - +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` -++prector = $(+prectorS) -++postctor = $(+postctorS) - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch b/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch deleted file mode 100644 index a850a61..0000000 --- a/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch +++ /dev/null @@ -1,39 +0,0 @@ -2012-11-11 Magnus Granberg <zorry@gentoo.org> - - #442712 - * Makeconfig (+link): Set to +link-pie. - (+link-static-before-libc): Change $(static-start-installed-name) to - S$(static-start-installed-name). - (+prector): Set to +prectorS. - (+postctor): Set to +postctorS. - ---- libc/Makeconfig -+++ libc/Makeconfig -@@ -447,11 +447,12 @@ - $(common-objpfx)libc% $(+postinit),$^) \ - $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) - endif -++link = $(+link-pie) - # Command for statically linking programs with the C library. - ifndef +link-static - +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -549,11 +550,10 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` --+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` --# Variants of the two previous definitions for linking PIE programs. - +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` - +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` -++prector = $(+prectorS) -++postctor = $(+postctorS) - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.3.5/ssp.c b/sys-libs/glibc/files/2.3.5/ssp.c deleted file mode 100644 index 99f8531..0000000 --- a/sys-libs/glibc/files/2.3.5/ssp.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Distributed under the terms of the GNU General Public License v2 - * $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/2.3.5/Attic/ssp.c,v 1.4 2009/12/14 14:44:11 vapier dead $ - * - * This is a modified version of Hiroaki Etoh's stack smashing routines - * implemented for glibc. - * - * The following people have contributed input to this code. - * Ned Ludd - <solar[@]gentoo.org> - * Alexander Gabert - <pappy[@]gentoo.org> - * The PaX Team - <pageexec[@]freemail.hu> - * Peter S. Mazinger - <ps.m[@]gmx.net> - * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> - * Robert Connolly - <robert[@]linuxfromscratch.org> - * Cory Visi <cory@visi.name> - * - */ - -#ifdef HAVE_CONFIG_H -# include <config.h> -#endif - -#ifdef __SSP__ -# error ssp.c has to be built w/ -fno-stack-protector -#endif - -#include <stdio.h> -#include <string.h> -#include <fcntl.h> -#include <unistd.h> -#include <signal.h> -#include <sys/types.h> -#include <sys/un.h> -#include <sys/syslog.h> -#include <sys/time.h> -#ifdef __SSP_USE_ERANDOM__ -# include <sys/sysctl.h> -#endif - -#ifdef __PROPOLICE_BLOCK_SEGV__ -# define SSP_SIGTYPE SIGSEGV -#elif __PROPOLICE_BLOCK_KILL__ -# define SSP_SIGTYPE SIGKILL -#else -# define SSP_SIGTYPE SIGABRT -#endif - -unsigned long __guard = 0UL; - -/* Use of __* functions from the rest of glibc here avoids - * initialisation problems for executables preloaded with - * libraries that overload the associated standard library - * functions. - */ -#ifdef __UCLIBC__ -extern int __libc_open(__const char *file, int flags, ...); -extern ssize_t __libc_read(int fd, void *buf, size_t count); -extern int __libc_close(int fd); -#else -# define __libc_open(file, flags) __open(file, flags) -# define __libc_read(fd, buf, count) __read(fd, buf, count) -# define __libc_close(fd) __close(fd) -# define __libc_write(fd, buf, count) __write(fd, buf, count) -#endif - -void __guard_setup(void) __attribute__ ((constructor)); -void __guard_setup(void) -{ - size_t size; - - if (__guard != 0UL) - return; - - /* Start with the "terminator canary". */ - __guard = 0xFF0A0D00UL; - -#ifndef __SSP_QUICK_CANARY__ -# ifdef __SSP_USE_ERANDOM__ - { - int mib[3]; - /* Random is another depth in Linux, hence an array of 3. */ - mib[0] = CTL_KERN; - mib[1] = KERN_RANDOM; - mib[2] = RANDOM_ERANDOM; - - size = sizeof(unsigned long); - if (__sysctl(mib, 3, &__guard, &size, NULL, 0) != (-1)) - if (__guard != 0UL) - return; - } -# endif /* ifdef __SSP_USE_ERANDOM__ */ - /* - * Attempt to open kernel pseudo random device if one exists before - * opening urandom to avoid system entropy depletion. - */ - { - int fd; - -# ifdef __SSP_USE_ERANDOM__ - if ((fd = __libc_open("/dev/erandom", O_RDONLY)) == (-1)) -# endif - fd = __libc_open("/dev/urandom", O_RDONLY); - if (fd != (-1)) { - size = __libc_read(fd, (char *) &__guard, sizeof(__guard)); - __libc_close(fd); - if (size == sizeof(__guard)) - return; - } - } -#endif /* ifndef __SSP_QUICK_CANARY__ */ - - /* Everything failed? Or we are using a weakened model of the - * terminator canary */ - { - struct timeval tv; - __gettimeofday(&tv, NULL); - __guard ^= tv.tv_usec ^ tv.tv_sec; - } -} - -void __stack_smash_handler(char func[], int damaged __attribute__ ((unused))); -void __stack_smash_handler(char func[], int damaged) -{ - extern char *__progname; - const char message[] = ": stack smashing attack in function "; - struct sigaction sa; - sigset_t mask; - - sigfillset(&mask); - - sigdelset(&mask, SSP_SIGTYPE); /* Block all signal handlers */ - sigprocmask(SIG_BLOCK, &mask, NULL); /* except SSP_SIGTYPE */ - - /* Print error message to stderr and syslog */ -#if 1 /* syslog() causes issues with glibc #94325 */ - __libc_write(STDERR_FILENO, __progname, strlen(__progname)); - __libc_write(STDERR_FILENO, message, strlen(message)); - __libc_write(STDERR_FILENO, func, strlen(func)); - __libc_write(STDERR_FILENO, "()\n", 3); - //_syscall3(int, _ssp_syslog, int, type, char *, bufp, int, len) - //_ssp_syslog(LOG_INFO, -#else - fprintf(stderr, "%s%s%s()\n", __progname, message, func); - syslog(LOG_INFO, "%s%s%s()", __progname, message, func); -#endif - - /* Make the default handler associated with the signal handler */ - memset(&sa, 0, sizeof(struct sigaction)); - sigfillset(&sa.sa_mask); /* Block all signals */ - sa.sa_flags = 0; - sa.sa_handler = SIG_DFL; - sigaction(SSP_SIGTYPE, &sa, NULL); - (void) kill(getpid(), SSP_SIGTYPE); - _exit(127); -} diff --git a/sys-libs/glibc/files/2.3.6/glibc-2.3.6-propolice-guard-functions.patch b/sys-libs/glibc/files/2.3.6/glibc-2.3.6-propolice-guard-functions.patch deleted file mode 100644 index 8779a2c..0000000 --- a/sys-libs/glibc/files/2.3.6/glibc-2.3.6-propolice-guard-functions.patch +++ /dev/null @@ -1,138 +0,0 @@ -The configure check for SSP was taken from glibc HEAD - -diff -ur glibc-2.3.6-orig/config.make.in glibc-2.3.6/config.make.in ---- glibc-2.3.6-orig/config.make.in 2006-01-17 14:22:02.000000000 -0500 -+++ glibc-2.3.6/config.make.in 2006-01-17 14:22:39.000000000 -0500 -@@ -62,6 +62,7 @@ - have-libaudit = @have_libaudit@ - have-cc-with-libunwind = @libc_cv_cc_with_libunwind@ - fno-unit-at-a-time = @fno_unit_at_a_time@ -+have-ssp = @libc_cv_ssp@ - bind-now = @bindnow@ - - static-libgcc = @libc_cv_gcc_static_libgcc@ -diff -ur glibc-2.3.6-orig/configure glibc-2.3.6/configure ---- glibc-2.3.6-orig/configure 2006-01-17 14:22:17.000000000 -0500 -+++ glibc-2.3.6/configure 2006-01-17 14:18:24.000000000 -0500 -@@ -313,7 +313,7 @@ - # include <unistd.h> - #endif" - --ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS with_fp with_cvs enable_check_abi oldest_abi bindnow force_install all_warnings build build_cpu build_vendor build_os host host_cpu host_vendor host_os subdirs add_ons base_machine sysnames INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA LN_S CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC OBJEXT BUILD_CC cross_compiling CPP CXX CXXFLAGS ac_ct_CXX AR OBJDUMP RANLIB ac_ct_RANLIB MIG AS LD PWD_P MAKE MSGFMT MAKEINFO SED AUTOCONF SYSINCLUDES libc_cv_gcc_static_libgcc BASH libc_cv_have_bash2 KSH libc_cv_have_ksh AWK PERL INSTALL_INFO BISON VERSIONING libc_cv_asm_protected_directive libc_cv_initfinit_array libc_cv_cc_with_libunwind libc_cv_z_nodelete libc_cv_z_nodlopen libc_cv_z_initfirst libc_cv_z_relro libc_cv_Bgroup libc_cv_libgcc_s_suffix libc_cv_as_needed ASFLAGS_config libc_cv_z_combreloc libc_cv_z_execstack libc_cv_fpie fno_unit_at_a_time libc_cv_have_initfini libc_cv_cpp_asm_debuginfo no_whole_archive exceptions LIBGD have_libaudit have_selinux EGREP sizeof_long_double libc_cv_gcc_unwind_find_fde uname_sysname uname_release uname_version old_glibc_headers libc_cv_slibdir libc_cv_localedir libc_cv_sysconfdir libc_cv_rootsbindir libc_cv_forced_unwind use_ldconfig ldd_rewrite_script gnu_ld gnu_as elf xcoff static shared pic_default profile omitfp bounded static_nss nopic_initfini DEFINES linux_doors mach_interface_list VERSION RELEASE LIBOBJS LTLIBOBJS' -+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS with_fp with_cvs enable_check_abi oldest_abi bindnow force_install all_warnings build build_cpu build_vendor build_os host host_cpu host_vendor host_os subdirs add_ons base_machine sysnames INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA LN_S CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC OBJEXT BUILD_CC cross_compiling CPP CXX CXXFLAGS ac_ct_CXX AR OBJDUMP RANLIB ac_ct_RANLIB MIG AS LD PWD_P MAKE MSGFMT MAKEINFO SED AUTOCONF SYSINCLUDES libc_cv_gcc_static_libgcc BASH libc_cv_have_bash2 KSH libc_cv_have_ksh AWK PERL INSTALL_INFO BISON VERSIONING libc_cv_asm_protected_directive libc_cv_initfinit_array libc_cv_cc_with_libunwind libc_cv_z_nodelete libc_cv_z_nodlopen libc_cv_z_initfirst libc_cv_z_relro libc_cv_Bgroup libc_cv_libgcc_s_suffix libc_cv_as_needed ASFLAGS_config libc_cv_z_combreloc libc_cv_z_execstack libc_cv_fpie fno_unit_at_a_time libc_cv_ssp libc_cv_have_initfini libc_cv_cpp_asm_debuginfo no_whole_archive exceptions LIBGD have_libaudit have_selinux EGREP sizeof_long_double libc_cv_gcc_unwind_find_fde uname_sysname uname_release uname_version old_glibc_headers libc_cv_slibdir libc_cv_localedir libc_cv_sysconfdir libc_cv_rootsbindir libc_cv_forced_unwind use_ldconfig ldd_rewrite_script gnu_ld gnu_as elf xcoff static shared pic_default profile omitfp bounded static_nss nopic_initfini DEFINES linux_doors mach_interface_list VERSION RELEASE LIBOBJS LTLIBOBJS' - ac_subst_files='' - - # Initialize some variables set by options. -@@ -5785,6 +5785,33 @@ - fi - - -+echo "$as_me:$LINENO: checking for -fstack-protector" >&5 -+echo $ECHO_N "checking for -fstack-protector... $ECHO_C" >&6 -+if test "${libc_cv_ssp+set}" = set; then -+ echo $ECHO_N "(cached) $ECHO_C" >&6 -+else -+ cat > conftest.c <<EOF -+int foo; -+main () { return 0;} -+EOF -+if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -fstack-protector -+ -o conftest conftest.c 1>&5' -+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 -+ (eval $ac_try) 2>&5 -+ ac_status=$? -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); }; } -+then -+ libc_cv_ssp=yes -+else -+ libc_cv_ssp=no -+fi -+rm -f conftest* -+fi -+echo "$as_me:$LINENO: result: $libc_cv_ssp" >&5 -+echo "${ECHO_T}$libc_cv_ssp" >&6 -+ -+ - if test $elf != yes; then - echo "$as_me:$LINENO: checking for .init and .fini sections" >&5 - echo $ECHO_N "checking for .init and .fini sections... $ECHO_C" >&6 -@@ -8504,6 +8531,7 @@ - s,@libc_cv_z_execstack@,$libc_cv_z_execstack,;t t - s,@libc_cv_fpie@,$libc_cv_fpie,;t t - s,@fno_unit_at_a_time@,$fno_unit_at_a_time,;t t -+s,@libc_cv_ssp@,$libc_cv_ssp,;t t - s,@libc_cv_have_initfini@,$libc_cv_have_initfini,;t t - s,@libc_cv_cpp_asm_debuginfo@,$libc_cv_cpp_asm_debuginfo,;t t - s,@no_whole_archive@,$no_whole_archive,;t t -diff -ur glibc-2.3.6-orig/configure.in glibc-2.3.6/configure.in ---- glibc-2.3.6-orig/configure.in 2006-01-17 14:22:17.000000000 -0500 -+++ glibc-2.3.6/configure.in 2006-01-17 14:18:24.000000000 -0500 -@@ -1500,6 +1500,21 @@ - fi - AC_SUBST(fno_unit_at_a_time) - -+AC_CACHE_CHECK(for -fstack-protector, libc_cv_ssp, [dnl -+cat > conftest.c <<EOF -+int foo; -+main () { return 0;} -+EOF -+if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -fstack-protector -+ -o conftest conftest.c 1>&AS_MESSAGE_LOG_FD]) -+then -+ libc_cv_ssp=yes -+else -+ libc_cv_ssp=no -+fi -+rm -f conftest*]) -+AC_SUBST(libc_cv_ssp) -+ - if test $elf != yes; then - AC_CACHE_CHECK(for .init and .fini sections, libc_cv_have_initfini, - [AC_TRY_COMPILE(, [asm (".section .init"); -diff -ur glibc-2.3.6-orig/sysdeps/generic/libc-start.c glibc-2.3.6/sysdeps/generic/libc-start.c ---- glibc-2.3.6-orig/sysdeps/generic/libc-start.c 2006-01-17 14:22:17.000000000 -0500 -+++ glibc-2.3.6/sysdeps/generic/libc-start.c 2006-01-17 14:18:24.000000000 -0500 -@@ -188,6 +188,9 @@ - GLRO(dl_debug_printf) ("\ntransferring control: %s\n\n", argv[0]); - #endif - -+ /* call the __guard_setup to set up the random __guard value */ -+ __guard_setup (); /* pappy@gentoo.org (pappy rules) */ -+ - #ifdef HAVE_CLEANUP_JMP_BUF - /* Memory for the cancellation buffer. */ - struct pthread_unwind_buf unwind_buf; -diff -ur glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Dist glibc-2.3.6/sysdeps/unix/sysv/linux/Dist ---- glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Dist 2006-01-17 14:22:17.000000000 -0500 -+++ glibc-2.3.6/sysdeps/unix/sysv/linux/Dist 2006-01-17 14:18:24.000000000 -0500 -@@ -1,3 +1,4 @@ -+ssp.c - bits/initspin.h - cmsg_nxthdr.c - dl-brk.c -diff -ur glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Makefile glibc-2.3.6/sysdeps/unix/sysv/linux/Makefile ---- glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Makefile 2006-01-17 14:22:17.000000000 -0500 -+++ glibc-2.3.6/sysdeps/unix/sysv/linux/Makefile 2006-01-17 14:18:24.000000000 -0500 -@@ -1,5 +1,8 @@ - ifeq ($(subdir),csu) --sysdep_routines += errno-loc -+sysdep_routines += errno-loc ssp -+ifeq (yes,$(have-ssp)) -+CFLAGS-ssp.c += -fno-stack-protector -+endif - endif - - ifeq ($(subdir),assert) -diff -ur glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Versions glibc-2.3.6/sysdeps/unix/sysv/linux/Versions ---- glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Versions 2006-01-17 14:22:17.000000000 -0500 -+++ glibc-2.3.6/sysdeps/unix/sysv/linux/Versions 2006-01-17 14:18:24.000000000 -0500 -@@ -108,6 +108,8 @@ - GLIBC_2.3.2 { - # New kernel interfaces. - epoll_create; epoll_ctl; epoll_wait; -+ # global objects and functions for the propolice patch in gcc - moved from libgcc by pappy@gentoo.org -+ __guard; __guard_setup; __stack_smash_handler; - } - GLIBC_2.3.3 { - gnu_dev_major; gnu_dev_minor; gnu_dev_makedev; diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c deleted file mode 100644 index e304440..0000000 --- a/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c +++ /dev/null @@ -1,311 +0,0 @@ -/* Copyright (C) 2005 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ - -/* Copyright (C) 2006 Gentoo Foundation Inc. - * License terms as above. - * - * Hardened Gentoo SSP handler - * - * An SSP failure handler that does not use functions from the rest of - * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures - * no possibility of recursion into the handler. - * - * Direct all bug reports to http://bugs.gentoo.org/ - * - * Re-written from the glibc-2.3 Hardened Gentoo SSP handler - * by Kevin F. Quinn - <kevquinn[@]gentoo.org> - * - * The following people contributed to the glibc-2.3 Hardened - * Gentoo SSP handler, from which this implementation draws much: - * - * Ned Ludd - <solar[@]gentoo.org> - * Alexander Gabert - <pappy[@]gentoo.org> - * The PaX Team - <pageexec[@]freemail.hu> - * Peter S. Mazinger - <ps.m[@]gmx.net> - * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> - * Robert Connolly - <robert[@]linuxfromscratch.org> - * Cory Visi <cory[@]visi.name> - * Mike Frysinger <vapier[@]gentoo.org> - */ - -#include <errno.h> -#include <stdlib.h> -#include <unistd.h> -#include <signal.h> - -#include <sys/types.h> - -#include <sysdep-cancel.h> -#include <sys/syscall.h> -#include <bp-checks.h> - -#include <kernel-features.h> - -#include <alloca.h> -/* from sysdeps */ -#include <socketcall.h> -/* for the stuff in bits/socket.h */ -#include <sys/socket.h> -#include <sys/un.h> - - -/* Sanity check on SYSCALL macro names - force compilation - * failure if the names used here do not exist - */ -#if !defined __NR_socketcall && !defined __NR_socket -# error Cannot do syscall socket or socketcall -#endif -#if !defined __NR_socketcall && !defined __NR_connect -# error Cannot do syscall connect or socketcall -#endif -#ifndef __NR_write -# error Cannot do syscall write -#endif -#ifndef __NR_close -# error Cannot do syscall close -#endif -#ifndef __NR_getpid -# error Cannot do syscall getpid -#endif -#ifndef __NR_kill -# error Cannot do syscall kill -#endif -#ifndef __NR_exit -# error Cannot do syscall exit -#endif -#ifdef SSP_SMASH_DUMPS_CORE -# if !defined _KERNEL_NSIG && !defined _NSIG -# error No _NSIG or _KERNEL_NSIG for rt_sigaction -# endif -# if !defined __NR_sigation && !defined __NR_rt_sigaction -# error Cannot do syscall sigaction or rt_sigaction -# endif -#endif - - - -/* Define DO_SOCKET/DO_CONNECT macros to deal with socketcall vs socket/connect */ -#ifdef __NR_socketcall - -# define DO_SOCKET(result,domain,type,protocol) \ - {socketargs[0] = domain; \ - socketargs[1] = type; \ - socketargs[2] = protocol; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall,2,SOCKOP_socket,socketargs);} - -# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ - {socketargs[0] = sockfd; \ - socketargs[1] = (unsigned long int)serv_addr; \ - socketargs[2] = addrlen; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall,2,SOCKOP_connect,socketargs);} - -#else - -# define DO_SOCKET(result,domain,type,protocol) \ - {result = INLINE_SYSCALL(socket,3,domain,type,protocol);} - -# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ - {result = INLINE_SYSCALL(connect,3,sockfd,serv_addr,addrlen);} - -#endif -/* __NR_socketcall */ - - -#ifndef _PATH_LOG -# define _PATH_LOG "/dev/log" -#endif - -static const char path_log[]=_PATH_LOG; - -/* For building glibc with SSP switched on, define __progname to a - * constant if building for the run-time loader, to avoid pulling - * in more of libc.so into ld.so - */ -#ifdef IS_IN_rtld -static char *__progname = "<rtld>"; -#else -extern char *__progname; -#endif - - -/* Common handler code, used by stack_chk_fail and __stack_smash_handler - * Inlined to ensure no self-references to the handler within itself. - * Data static to avoid putting more than necessary on the stack, - * to aid core debugging. - */ -static inline void -__attribute__ ((__noreturn__ , __always_inline__)) -__hardened_gentoo_stack_chk_fail (char func[], int damaged) -{ -#define MESSAGE_BUFSIZ 256 - static pid_t pid; - static int plen, i; - static char message[MESSAGE_BUFSIZ]; - static const char msg_ssa[]=": stack smashing attack"; - static const char msg_inf[]=" in function "; - static const char msg_ssd[]="*** stack smashing detected ***: "; - static const char msg_terminated[]=" - terminated\n"; - static const char msg_report[]="Report to http://bugs.gentoo.org/\n"; - static const char msg_unknown[]="<unknown>"; -#ifdef SSP_SMASH_DUMPS_CORE - static struct sigaction default_abort_act; -#endif - static int log_socket, connect_result; - static struct sockaddr_un sock; -#ifdef __NR_socketcall - static unsigned long int socketargs[4]; -#endif - - /* Build socket address - */ - sock.sun_family = AF_UNIX; - i=0; - while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) - { - sock.sun_path[i]=path_log[i]; - i++; - } - sock.sun_path[i]='\0'; - - /* Try SOCK_DGRAM connection to syslog */ - connect_result=-1; - DO_SOCKET(log_socket,AF_UNIX,SOCK_DGRAM,0); - if (log_socket != -1) - DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); - if (connect_result == -1) - { - if (log_socket != -1) - INLINE_SYSCALL(close,1,log_socket); - /* Try SOCK_STREAM connection to syslog */ - DO_SOCKET(log_socket,AF_UNIX,SOCK_STREAM,0); - if (log_socket != -1) - DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); - } - - /* Build message. Messages are generated both in the old style and new style, - * so that log watchers that are configured for the old-style message continue - * to work. - */ -#define strconcat(str) \ - {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ - {\ - message[plen+i]=str[i];\ - i++;\ - }\ - plen+=i;} - - /* R.Henderson post-gcc-4 style message */ - plen=0; - strconcat(msg_ssd); - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); - if (connect_result != -1) - INLINE_SYSCALL(write,3,log_socket,message,plen); - - /* Dr. Etoh pre-gcc-4 style message */ - plen=0; - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_ssa); - strconcat(msg_inf); - if (func!=NULL) - strconcat(func) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); - if (connect_result != -1) - INLINE_SYSCALL(write,3,log_socket,message,plen); - - /* Direct reports to bugs.gentoo.org */ - plen=0; - strconcat(msg_report); - message[plen++]='\0'; - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); - if (connect_result != -1) - INLINE_SYSCALL(write,3,log_socket,message,plen); - - if (log_socket != -1) - INLINE_SYSCALL(close,1,log_socket); - - /* Suicide */ - pid=INLINE_SYSCALL(getpid,0); -#ifdef SSP_SMASH_DUMPS_CORE - /* Remove any user-supplied handler for SIGABRT, before using it */ - default_abort_act.sa_handler = SIG_DFL; - default_abort_act.sa_sigaction = NULL; - __sigfillset(&default_abort_act.sa_mask); - default_abort_act.sa_flags = 0; - /* sigaction doesn't exist on amd64; however rt_sigaction seems to - * exist everywhere. rt_sigaction has an extra parameter - the - * size of sigset_t. - */ -# ifdef __NR_sigation - if (INLINE_SYSCALL(sigaction,3,SIGABRT,&default_abort_act,NULL) == 0) -# else - /* Although rt_sigaction expects sizeof(sigset_t) - it expects the size - * of the _kernel_ sigset_t which is not the same as the user sigset_t. - * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for - * some reason. - */ -# ifdef _KERNEL_NSIG - if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_KERNEL_NSIG/8) == 0) -# else - if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_NSIG/8) == 0) -# endif -# endif - INLINE_SYSCALL(kill,2,pid,SIGABRT); -#endif - /* Note; actions cannot be added to SIGKILL */ - INLINE_SYSCALL(kill,2,pid,SIGKILL); - - /* In case the kill didn't work, exit anyway - * The loop prevents gcc thinking this routine returns - */ - while (1) INLINE_SYSCALL(exit,0); -} - -void -__attribute__ ((__noreturn__)) - __stack_chk_fail (void) -{ - __hardened_gentoo_stack_chk_fail(NULL,0); -} - -#ifdef ENABLE_OLD_SSP_COMPAT -void -__attribute__ ((__noreturn__)) -__stack_smash_handler(char func[], int damaged) -{ - __hardened_gentoo_stack_chk_fail(func,damaged); -} -#endif - diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch deleted file mode 100644 index 253a61b..0000000 --- a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch +++ /dev/null @@ -1,29 +0,0 @@ -Prevent default-fPIE from confusing configure into thinking -PIC code is default. This causes glibc to build both PIC and -non-PIC code as normal, which on the hardened compiler generates -PIC and PIE. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- configure.in -+++ configure.in -@@ -2145,7 +2145,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then - pic_default=no - fi - rm -f conftest.*]) ---- configure -+++ configure -@@ -7698,7 +7698,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then - pic_default=no - fi - rm -f conftest.* diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch deleted file mode 100644 index 420e6fd..0000000 --- a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,283 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- csu/libc-start.c.orig 2007-01-21 11:51:06.000000000 +0100 -+++ csu/libc-start.c 2007-01-21 11:55:57.000000000 +0100 -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include <tls.h> -+#include <sysdep.h> - #ifndef SHARED - # include <dl-osinfo.h> - extern void __pthread_initialize_minimal (void) -@@ -133,6 +134,14 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP -+ if (__pthread_initialize_minimal) -+# endif -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -142,15 +151,17 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. If there is no thread library and we - handle TLS the function is defined in the libc to initialized the - TLS handling. */ --# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP -+# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP - if (__pthread_initialize_minimal) --# endif -+# endif - __pthread_initialize_minimal (); -+# endif - #endif - - # ifndef SHARED ---- csu/libc-tls.c.orig 2007-01-21 11:37:02.000000000 +0100 -+++ csu/libc-tls.c 2007-01-21 12:09:33.000000000 +0100 -@@ -23,6 +23,7 @@ - #include <unistd.h> - #include <stdio.h> - #include <sys/param.h> -+#include <sysdep.h> - - - #ifdef SHARED -@@ -30,6 +31,9 @@ - #endif - - #ifdef USE_TLS -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+# endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -142,14 +146,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - # if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - # elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - # else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c.orig 2007-01-21 11:38:27.000000000 +0100 -+++ misc/sbrk.c 2007-01-21 12:07:29.000000000 +0100 -@@ -18,6 +18,7 @@ - - #include <unistd.h> - #include <errno.h> -+#include <sysdep.h> - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c.orig 2007-01-21 11:39:16.000000000 +0100 -+++ sysdeps/unix/sysv/linux/i386/brk.c 2007-01-21 11:44:01.000000000 +0100 -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h.orig 2007-01-21 13:08:00.000000000 +0100 -+++ sysdeps/unix/sysv/linux/i386/sysdep.h 2007-01-21 13:19:10.000000000 +0100 -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch deleted file mode 100644 index 46f3de4..0000000 --- a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch +++ /dev/null @@ -1,39 +0,0 @@ -Change link commands for glibc executables to build PIEs - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- Makeconfig -+++ Makeconfig -@@ -415,10 +415,10 @@ - - # Command for linking programs with the C library. - ifndef +link --+link = $(CC) -nostdlib -nostartfiles -o $@ \ -++link = $(CC) -nostdlib -nostartfiles -fPIE -pie -o $@ \ - $(sysdep-LDFLAGS) $(config-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ - $(combreloc-LDFLAGS) $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \ -- $(addprefix $(csu-objpfx),$(start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -429,7 +429,7 @@ - ifndef +link-static - +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -528,8 +528,8 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) --print-file-name=crtbegin.o` --+postctor = `$(CC) --print-file-name=crtend.o` -++prector = `$(CC) --print-file-name=crtbeginS.o` -++postctor = `$(CC) --print-file-name=crtendS.o` - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c deleted file mode 100644 index 217bf1a..0000000 --- a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c +++ /dev/null @@ -1,321 +0,0 @@ -/* Copyright (C) 2005 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ - -/* Copyright (C) 2006-2007 Gentoo Foundation Inc. - * License terms as above. - * - * Hardened Gentoo SSP handler - * - * An SSP failure handler that does not use functions from the rest of - * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures - * no possibility of recursion into the handler. - * - * Direct all bug reports to http://bugs.gentoo.org/ - * - * Re-written from the glibc-2.3 Hardened Gentoo SSP handler - * by Kevin F. Quinn - <kevquinn[@]gentoo.org> - * - * The following people contributed to the glibc-2.3 Hardened - * Gentoo SSP handler, from which this implementation draws much: - * - * Ned Ludd - <solar[@]gentoo.org> - * Alexander Gabert - <pappy[@]gentoo.org> - * The PaX Team - <pageexec[@]freemail.hu> - * Peter S. Mazinger - <ps.m[@]gmx.net> - * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> - * Robert Connolly - <robert[@]linuxfromscratch.org> - * Cory Visi <cory[@]visi.name> - * Mike Frysinger <vapier[@]gentoo.org> - */ - -#include <errno.h> -#include <stdlib.h> -#include <unistd.h> -#include <signal.h> - -#include <sys/types.h> - -#include <sysdep-cancel.h> -#include <sys/syscall.h> -#include <bp-checks.h> - -#include <kernel-features.h> - -#include <alloca.h> -/* from sysdeps */ -#include <socketcall.h> -/* for the stuff in bits/socket.h */ -#include <sys/socket.h> -#include <sys/un.h> - - -/* Sanity check on SYSCALL macro names - force compilation - * failure if the names used here do not exist - */ -#if !defined __NR_socketcall && !defined __NR_socket -# error Cannot do syscall socket or socketcall -#endif -#if !defined __NR_socketcall && !defined __NR_connect -# error Cannot do syscall connect or socketcall -#endif -#ifndef __NR_write -# error Cannot do syscall write -#endif -#ifndef __NR_close -# error Cannot do syscall close -#endif -#ifndef __NR_getpid -# error Cannot do syscall getpid -#endif -#ifndef __NR_kill -# error Cannot do syscall kill -#endif -#ifndef __NR_exit -# error Cannot do syscall exit -#endif -#ifdef SSP_SMASH_DUMPS_CORE -# define ENABLE_SSP_SMASH_DUMPS_CORE 1 -# if !defined _KERNEL_NSIG && !defined _NSIG -# error No _NSIG or _KERNEL_NSIG for rt_sigaction -# endif -# if !defined __NR_sigaction && !defined __NR_rt_sigaction -# error Cannot do syscall sigaction or rt_sigaction -# endif -/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size - * of the _kernel_ sigset_t which is not the same as the user sigset_t. - * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for - * some reason. - */ -# ifdef _KERNEL_NSIG -# define _SSP_NSIG _KERNEL_NSIG -# else -# define _SSP_NSIG _NSIG -# endif -#else -# define _SSP_NSIG 0 -# define ENABLE_SSP_SMASH_DUMPS_CORE 0 -#endif - -/* Define DO_SIGACTION - default to newer rt signal interface but - * fallback to old as needed. - */ -#ifdef __NR_rt_sigaction -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) -#else -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(sigaction, 3, signum, act, oldact) -#endif - -/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ -#if defined(__NR_socket) && defined(__NR_connect) -# define USE_OLD_SOCKETCALL 0 -#else -# define USE_OLD_SOCKETCALL 1 -#endif -/* stub out the __NR_'s so we can let gcc optimize away dead code */ -#ifndef __NR_socketcall -# define __NR_socketcall 0 -#endif -#ifndef __NR_socket -# define __NR_socket 0 -#endif -#ifndef __NR_connect -# define __NR_connect 0 -#endif -#define DO_SOCKET(result, domain, type, protocol) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = domain; \ - socketargs[1] = type; \ - socketargs[2] = protocol; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ - } else \ - result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ - } while (0) -#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = sockfd; \ - socketargs[1] = (unsigned long int)serv_addr; \ - socketargs[2] = addrlen; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ - } else \ - result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ - } while (0) - -#ifndef _PATH_LOG -# define _PATH_LOG "/dev/log" -#endif - -static const char path_log[] = _PATH_LOG; - -/* For building glibc with SSP switched on, define __progname to a - * constant if building for the run-time loader, to avoid pulling - * in more of libc.so into ld.so - */ -#ifdef IS_IN_rtld -static char *__progname = "<rtld>"; -#else -extern char *__progname; -#endif - - -/* Common handler code, used by stack_chk_fail and __stack_smash_handler - * Inlined to ensure no self-references to the handler within itself. - * Data static to avoid putting more than necessary on the stack, - * to aid core debugging. - */ -__attribute__ ((__noreturn__ , __always_inline__)) -static inline void -__hardened_gentoo_stack_chk_fail(char func[], int damaged) -{ -#define MESSAGE_BUFSIZ 256 - static pid_t pid; - static int plen, i; - static char message[MESSAGE_BUFSIZ]; - static const char msg_ssa[] = ": stack smashing attack"; - static const char msg_inf[] = " in function "; - static const char msg_ssd[] = "*** stack smashing detected ***: "; - static const char msg_terminated[] = " - terminated\n"; - static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; - static const char msg_unknown[] = "<unknown>"; - static int log_socket, connect_result; - static struct sockaddr_un sock; - static unsigned long int socketargs[4]; - - /* Build socket address - */ - sock.sun_family = AF_UNIX; - i = 0; - while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { - sock.sun_path[i] = path_log[i]; - i++; - } - sock.sun_path[i] = '\0'; - - /* Try SOCK_DGRAM connection to syslog */ - connect_result = -1; - DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - if (connect_result == -1) { - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - /* Try SOCK_STREAM connection to syslog */ - DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - } - - /* Build message. Messages are generated both in the old style and new style, - * so that log watchers that are configured for the old-style message continue - * to work. - */ -#define strconcat(str) \ - {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ - {\ - message[plen+i]=str[i];\ - i++;\ - }\ - plen+=i;} - - /* R.Henderson post-gcc-4 style message */ - plen = 0; - strconcat(msg_ssd); - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Dr. Etoh pre-gcc-4 style message */ - plen = 0; - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_ssa); - strconcat(msg_inf); - if (func != NULL) - strconcat(func) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Direct reports to bugs.gentoo.org */ - plen=0; - strconcat(msg_report); - message[plen++]='\0'; - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - - /* Suicide */ - pid = INLINE_SYSCALL(getpid, 0); - - if (ENABLE_SSP_SMASH_DUMPS_CORE) { - static struct sigaction default_abort_act; - /* Remove any user-supplied handler for SIGABRT, before using it */ - default_abort_act.sa_handler = SIG_DFL; - default_abort_act.sa_sigaction = NULL; - __sigfillset(&default_abort_act.sa_mask); - default_abort_act.sa_flags = 0; - if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) - INLINE_SYSCALL(kill, 2, pid, SIGABRT); - } - - /* Note; actions cannot be added to SIGKILL */ - INLINE_SYSCALL(kill, 2, pid, SIGKILL); - - /* In case the kill didn't work, exit anyway - * The loop prevents gcc thinking this routine returns - */ - while (1) - INLINE_SYSCALL(exit, 0); -} - -__attribute__ ((__noreturn__)) -void __stack_chk_fail(void) -{ - __hardened_gentoo_stack_chk_fail(NULL, 0); -} - -#ifdef ENABLE_OLD_SSP_COMPAT -__attribute__ ((__noreturn__)) -void __stack_smash_handler(char func[], int damaged) -{ - __hardened_gentoo_stack_chk_fail(func, damaged); -} -#endif diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch deleted file mode 100644 index be8ca19..0000000 --- a/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,273 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include <tls.h> -+#include <sysdep.h> - #ifndef SHARED - # include <dl-osinfo.h> - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - #endif - - # ifndef SHARED ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include <unistd.h> - #include <stdio.h> - #include <sys/param.h> -+#include <sysdep.h> - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - - #include <unistd.h> - #include <errno.h> -+#include <sysdep.h> - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch deleted file mode 100644 index ecf57a9..0000000 --- a/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,273 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include <tls.h> -+#include <sysdep.h> - #ifndef SHARED - # include <dl-osinfo.h> - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - - /* Set up the stack checker's canary. */ - uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include <unistd.h> - #include <stdio.h> - #include <sys/param.h> -+#include <sysdep.h> - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - - #include <unistd.h> - #include <errno.h> -+#include <sysdep.h> - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/eblits/common.eblit b/sys-libs/glibc/files/eblits/common.eblit deleted file mode 100644 index 55619f2..0000000 --- a/sys-libs/glibc/files/eblits/common.eblit +++ /dev/null @@ -1,291 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# We need to be able to set alternative headers for -# compiling for non-native platform -# Will also become useful for testing kernel-headers without screwing up -# the whole system. -# note: intentionally undocumented. -alt_headers() { - if [[ -z ${ALT_HEADERS} ]] ; then - if is_crosscompile ; then - ALT_HEADERS="/usr/${CTARGET}/usr/include" - else - ALT_HEADERS="/usr/include" - fi - fi - echo "${ALT_HEADERS}" -} -alt_build_headers() { - if [[ -z ${ALT_BUILD_HEADERS} ]] ; then - ALT_BUILD_HEADERS=$(alt_headers) - if tc-is-cross-compiler ; then - ALT_BUILD_HEADERS=${ROOT}$(alt_headers) - if [[ ! -e ${ALT_BUILD_HEADERS}/linux/version.h ]] ; then - local header_path=$(echo '#include <linux/version.h>' | $(tc-getCPP ${CTARGET}) ${CFLAGS} 2>&1 | grep -o '[^"]*linux/version.h') - ALT_BUILD_HEADERS=${header_path%/linux/version.h} - fi - fi - fi - echo "${ALT_BUILD_HEADERS}" -} - -alt_usrlibdir() { - if is_crosscompile ; then - echo /usr/${CTARGET}/usr/$(get_libdir) - else - echo /usr/$(get_libdir) - fi -} - -setup_target_flags() { - # This largely mucks with compiler flags. None of which should matter - # when building up just the headers. - just_headers && return 0 - - case $(tc-arch) in - x86) - # -march needed for #185404 #199334 - if ! glibc_compile_test "" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then - local t=${CTARGET_OPT:-${CTARGET}} - t=${t%%-*} - filter-flags '-march=*' - export CFLAGS="-march=${t} ${CFLAGS}" - einfo "Auto adding -march=${t} to CFLAGS #185404" - fi - ;; - amd64) - # -march needed for #185404 #199334 - if ! glibc_compile_test "${CFLAGS_x86}" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then - local t=${CTARGET_OPT:-${CTARGET}} - t=${t%%-*} - filter-flags '-march=*' - export CFLAGS_x86="${CFLAGS_x86} -march=${t}" - einfo "Auto adding -march=${t} to CFLAGS_x86 #185404" - fi - ;; - ppc) - append-flags "-freorder-blocks" - ;; - sparc) - # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though. - filter-flags "-fcall-used-g7" - append-flags "-fcall-used-g6" - filter-flags "-mvis" - - GLIBCMAJOR=$(get_version_component_range 1 ${PV}) - GLIBCMINOR=$(get_version_component_range 2 ${PV}) - - # set CTARGET_OPT so glibc can use cpu-specific .S files for better performance - # - UltraSPARC T1 (niagara) support requires >= glibc 2.8 - # - UltraSPARC T2 (niagara2) support requires >= glibc 2.7 - - if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then - case ${ABI}:${CTARGET} in - sparc64:*|\ - default:sparc64*) - filter-flags -Wa,-xarch -Wa,-A - - if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then - CTARGET_OPT="sparc64v2-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9b" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" - elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then - CTARGET_OPT="sparc64v-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9b" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" - elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then - CTARGET_OPT="sparc64b-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9b" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" - else - CTARGET_OPT="sparc64-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9a" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a" - fi - ;; - *) - if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then - CTARGET_OPT="sparcv9v2-unknown-linux-gnu" - elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then - CTARGET_OPT="sparcv9v-unknown-linux-gnu" - elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then - CTARGET_OPT="sparcv9b-unknown-linux-gnu" - else - CTARGET_OPT="sparcv9-unknown-linux-gnu" - fi - ;; - esac - else - if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then - CTARGET_OPT="sparcv9v2-unknown-linux-gnu" - elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then - CTARGET_OPT="sparcv9v-unknown-linux-gnu" - elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then - CTARGET_OPT="sparcv9b-unknown-linux-gnu" - elif { is_crosscompile && want_nptl; } || is-flagq "-mcpu=ultrasparc2" || is-flagq "-mcpu=ultrasparc"; then - CTARGET_OPT="sparcv9-unknown-linux-gnu" - fi - fi - ;; - esac -} - -setup_flags() { - # Make sure host make.conf doesn't pollute us - if is_crosscompile || tc-is-cross-compiler ; then - CHOST=${CTARGET} strip-unsupported-flags - fi - - # Store our CFLAGS because it's changed depending on which CTARGET - # we are building when pulling glibc on a multilib profile - CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}} - CFLAGS=${CFLAGS_BASE} - CXXFLAGS_BASE=${CXXFLAGS_BASE-${CXXFLAGS}} - CXXFLAGS=${CXXFLAGS_BASE} - ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}} - ASFLAGS=${ASFLAGS_BASE} - - # Over-zealous CFLAGS can often cause problems. What may work for one - # person may not work for another. To avoid a large influx of bugs - # relating to failed builds, we strip most CFLAGS out to ensure as few - # problems as possible. - strip-flags - strip-unsupported-flags - filter-flags -m32 -m64 -mabi=* - - unset CBUILD_OPT CTARGET_OPT - if has_multilib_profile ; then - CTARGET_OPT=$(get_abi_CTARGET) - [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST) - fi - - setup_target_flags - - if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then - CBUILD_OPT=${CTARGET_OPT} - fi - - # Lock glibc at -O2 -- linuxthreads needs it and we want to be - # conservative here. -fno-strict-aliasing is to work around #155906 - filter-flags -O? - append-flags -O2 -fno-strict-aliasing - - # Cant build glibc itself with fortify code - append-cppflags -U_FORTIFY_SOURCE - - # building glibc with SSP is fraught with difficulty, especially - # due to __stack_chk_fail_local which would mean significant changes - # to the glibc build process. See bug #94325 #293721 - use hardened && gcc-specs-ssp && append-cflags $(test-flags-CC -fno-stack-protector) - - if use hardened && gcc-specs-pie ; then - # Force PIC macro definition for all compilations since they're all - # either -fPIC or -fPIE with the default-PIE compiler. - append-cppflags -DPIC - else - # Don't build -fPIE without the default-PIE compiler and the - # hardened-pie patch - filter-flags -fPIE - fi -} - -want_nptl() { - [[ -z ${LT_VER} ]] && return 0 - want_tls || return 1 - use nptl || return 1 - - # Only list the arches that cannot do NPTL - case $(tc-arch) in - m68k) return 1;; - sparc) - # >= v9 is needed for nptl. - [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 - ;; - esac - - return 0 -} - -want_linuxthreads() { - [[ -z ${LT_VER} ]] && return 1 - ! use nptlonly && return 0 - want_nptl || return 0 - return 1 -} - -want_tls() { - # Archs that can use TLS (Thread Local Storage) - case $(tc-arch) in - x86) - # requires i486 or better #106556 - [[ ${CTARGET} == i[4567]86* ]] && return 0 - return 1 - ;; - esac - - return 0 -} - -want__thread() { - want_tls || return 1 - - # For some reason --with-tls --with__thread is causing segfaults on sparc32. - [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 - - [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD} - - # only test gcc -- cant test linking yet - tc-has-tls -c ${CTARGET} - WANT__THREAD=$? - - return ${WANT__THREAD} -} - -use_multiarch() { - # Make sure binutils is new enough to support indirect functions #336792 - local bver=$($(tc-getLD ${CTARGET}) -v | awk '{print $NF}') nver - case $(tc-arch ${CTARGET}) in - amd64|x86) nver="2.20" ;; - sparc) nver="2.21" ;; - *) return 1 ;; - esac - version_is_at_least ${nver} ${bver} -} - -# Setup toolchain variables that had historically -# been defined in the profiles for these archs. -setup_env() { - # silly users - unset LD_RUN_PATH - - multilib_env ${CTARGET_OPT:-${CTARGET}} - if is_crosscompile || tc-is-cross-compiler ; then - if ! use multilib ; then - MULTILIB_ABIS=${DEFAULT_ABI} - else - MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}} - fi - - # If the user has CFLAGS_<CTARGET> in their make.conf, use that, - # and fall back on CFLAGS. - local VAR=CFLAGS_${CTARGET//[-.]/_} - CFLAGS=${!VAR-${CFLAGS}} - fi - - setup_flags - - export ABI=${ABI:-${DEFAULT_ABI:-default}} - - local VAR=CFLAGS_${ABI} - # We need to export CFLAGS with abi information in them because glibc's - # configure script checks CFLAGS for some targets (like mips). Keep - # around the original clean value to avoid appending multiple ABIs on - # top of each other. - : ${__GLIBC_CC:=$(tc-getCC ${CTARGET_OPT:-${CTARGET}})} - export __GLIBC_CC CC="${__GLIBC_CC} ${!VAR}" -} - -just_headers() { - is_crosscompile && use crosscompile_opts_headers-only -} diff --git a/sys-libs/glibc/files/eblits/pkg_postinst.eblit b/sys-libs/glibc/files/eblits/pkg_postinst.eblit deleted file mode 100644 index 9f256fa..0000000 --- a/sys-libs/glibc/files/eblits/pkg_postinst.eblit +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -eblit-glibc-pkg_postinst() { - # nothing to do if just installing headers - just_headers && return - - if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then - # Generate fastloading iconv module configuration file. - "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" - fi - - if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then - # Reload init ... if in a chroot or a diff init package, ignore - # errors from this step #253697 - /sbin/telinit U 2>/dev/null - - # if the host locales.gen contains no entries, we'll install everything - local locale_list="${ROOT}etc/locale.gen" - if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then - ewarn "Generating all locales; edit /etc/locale.gen to save time/space" - locale_list="${ROOT}usr/share/i18n/SUPPORTED" - fi - local x jobs - for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done - locale-gen -j ${jobs:-1} --config "${locale_list}" - fi -} diff --git a/sys-libs/glibc/files/eblits/pkg_preinst.eblit b/sys-libs/glibc/files/eblits/pkg_preinst.eblit deleted file mode 100644 index 694a7da..0000000 --- a/sys-libs/glibc/files/eblits/pkg_preinst.eblit +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -fix_lib64_symlinks() { - # the original Gentoo/AMD64 devs decided that since 64bit is the native - # bitdepth for AMD64, lib should be used for 64bit libraries. however, - # this ignores the FHS and breaks multilib horribly... especially - # since it wont even work without a lib64 symlink anyways. *rolls eyes* - # see bug 59710 for more information. - # Travis Tilley <lv@gentoo.org> (08 Aug 2004) - if [ -L ${ROOT}/lib64 ] ; then - ewarn "removing /lib64 symlink and moving lib to lib64..." - ewarn "dont hit ctrl-c until this is done" - rm ${ROOT}/lib64 - # now that lib64 is gone, nothing will run without calling ld.so - # directly. luckily the window of brokenness is almost non-existant - use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 - use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 - # all better :) - ldconfig - ln -s lib64 ${ROOT}/lib - einfo "done! :-)" - einfo "fixed broken lib64/lib symlink in ${ROOT}" - fi - if [ -L ${ROOT}/usr/lib64 ] ; then - rm ${ROOT}/usr/lib64 - mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 - ln -s lib64 ${ROOT}/usr/lib - einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" - fi - if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then - rm ${ROOT}/usr/X11R6/lib64 - mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 - ln -s lib64 ${ROOT}/usr/X11R6/lib - einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" - fi -} - -eblit-glibc-pkg_preinst() { - # nothing to do if just installing headers - just_headers && return - - # PPC64+others may want to eventually be added to this logic if they - # decide to be multilib compatible and FHS compliant. note that this - # chunk of FHS compliance only applies to 64bit archs where 32bit - # compatibility is a major concern (not IA64, for example). - - # amd64's 2005.0 is the first amd64 profile to not need this code. - # 2005.0 is setup properly, and this is executed as part of the - # 2004.3 -> 2005.0 upgrade script. - # It can be removed after 2004.3 has been purged from portage. - { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks - - # it appears that /lib/tls is sometimes not removed. See bug - # 69258 for more info. - if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then - ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." - rm -r "${ROOT}"/$(alt_libdir)/tls || die - fi - - # prepare /etc/ld.so.conf.d/ for files - mkdir -p "${ROOT}"/etc/ld.so.conf.d - - # simple test to make sure our new glibc isnt completely broken. - # make sure we don't test with statically built binaries since - # they will fail. also, skip if this glibc is a cross compiler. - [[ ${ROOT} != "/" ]] && return 0 - [[ -d ${D}/$(get_libdir) ]] || return 0 - cd / #228809 - local x striptest - for x in date env ls true uname ; do - x=$(type -p ${x}) - [[ -z ${x} ]] && continue - striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) - [[ -z ${striptest} ]] && continue - [[ ${striptest} == *"statically linked"* ]] && continue - # we enter ${D} so to avoid trouble if the path contains - # special characters; for instance if the path contains the - # colon character (:), then the linker will try to split it - # and look for the libraries in an unexpected place. This can - # lead to unsafe code execution if the generated prefix is - # within a world-writable directory - # (e.g. /var/tmp/portage:${HOSTNAME}) - pushd "${D}"/$(get_libdir) 2>/dev/null - ./ld-*.so --library-path . ${x} > /dev/null \ - || die "simple run test (${x}) failed" - popd 2>/dev/null - done -} diff --git a/sys-libs/glibc/files/eblits/pkg_setup.eblit b/sys-libs/glibc/files/eblits/pkg_setup.eblit deleted file mode 100644 index 208967c..0000000 --- a/sys-libs/glibc/files/eblits/pkg_setup.eblit +++ /dev/null @@ -1,104 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -glibc_compile_test() { - local ret save_cflags=${CFLAGS} - CFLAGS+=" $1" - shift - - pushd "${T}" >/dev/null - - rm -f glibc-test* - printf '%b' "$*" > glibc-test.c - - emake -s glibc-test - ret=$? - - popd >/dev/null - - CFLAGS=${save_cflags} - return ${ret} -} - -glibc_run_test() { - local ret - - if [[ ${EMERGE_FROM} == "binary" ]] ; then - # ignore build failures when installing a binary package #324685 - glibc_compile_test "" "$@" 2>/dev/null || return 0 - else - if ! glibc_compile_test "" "$@" ; then - ewarn "Simple build failed ... assuming this is desired #324685" - return 0 - fi - fi - - pushd "${T}" >/dev/null - - ./glibc-test - ret=$? - rm -f glibc-test* - - popd >/dev/null - - return ${ret} -} - -eblit-glibc-pkg_setup() { - # prevent native builds from downgrading ... maybe update to allow people - # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) - if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then - if has_version '>'${CATEGORY}/${PF} ; then - eerror "Sanity check to keep you from breaking your system:" - eerror " Downgrading glibc is not supported and a sure way to destruction" - die "aborting to save your system" - fi - - if ! glibc_run_test '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n' - then - eerror "Your patched vendor kernel is broken. You need to get an" - eerror "update from whoever is providing the kernel to you." - eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" - eerror "http://bugs.gentoo.org/262698" - die "keeping your system alive, say thank you" - fi - - if ! glibc_run_test '#include <unistd.h>\n#include <sys/syscall.h>\nint main(){return syscall(1000)!=-1;}\n' - then - eerror "Your old kernel is broken. You need to update it to" - eerror "a newer version as syscall(<bignum>) will break." - eerror "http://bugs.gentoo.org/279260" - die "keeping your system alive, say thank you" - fi - fi - - # users have had a chance to phase themselves, time to give em the boot - if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then - eerror "You still haven't deleted ${ROOT}/etc/locales.build." - eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." - die "lazy upgrader detected" - fi - - if [[ ${CTARGET} == i386-* ]] ; then - eerror "i386 CHOSTs are no longer supported." - eerror "Chances are you don't actually want/need i386." - eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" - die "please fix your CHOST" - fi - - if [[ -n ${LT_VER} ]] ; then - if use nptlonly && ! use nptl ; then - eerror "If you want nptlonly, add nptl to your USE too ;p" - die "nptlonly without nptl" - fi - fi - - if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then - ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." - ewarn "This will result in a 50% performance penalty when running with a 32bit" - ewarn "hypervisor, which is probably not what you want." - fi - - use hardened && ! gcc-specs-pie && \ - ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" -} diff --git a/sys-libs/glibc/files/eblits/src_compile.eblit b/sys-libs/glibc/files/eblits/src_compile.eblit deleted file mode 100644 index ea7e487..0000000 --- a/sys-libs/glibc/files/eblits/src_compile.eblit +++ /dev/null @@ -1,211 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -glibc_do_configure() { - local myconf - - einfo "Configuring GLIBC for $1" - - # set addons - pushd "${S}" > /dev/null - local ADDONS=$(echo */configure | sed \ - -e 's:/configure::g' \ - -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ - -e 's: \+$::' \ - -e 's! !,!g' \ - -e 's!^!,!' \ - -e '/^,\*$/d') - [[ -d ports ]] && ADDONS="${ADDONS},ports" - popd > /dev/null - - myconf="${myconf} $(use_enable hardened stackguard-randomization)" - if [[ $(<"${T}"/.ssp.compat) == "yes" ]] ; then - myconf="${myconf} --enable-old-ssp-compat" - else - myconf="${myconf} --disable-old-ssp-compat" - fi - - use glibc-omitfp && myconf="${myconf} --enable-omitfp" - - [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" - - if [[ $1 == "linuxthreads" ]] ; then - if want_tls ; then - myconf="${myconf} --with-tls" - - if ! want__thread || use glibc-compat20 || [[ ${LT_KER_VER} == 2.[02].* ]] ; then - myconf="${myconf} --without-__thread" - else - myconf="${myconf} --with-__thread" - fi - else - myconf="${myconf} --without-tls --without-__thread" - fi - - myconf="${myconf} --disable-sanity-checks" - myconf="${myconf} --enable-add-ons=linuxthreads${ADDONS}" - myconf="${myconf} --enable-kernel=${LT_KER_VER}" - elif [[ $1 == "nptl" ]] ; then - myconf="${myconf} --enable-add-ons=nptl${ADDONS}" - myconf="${myconf} --enable-kernel=${NPTL_KERN_VER}" - else - die "invalid pthread option" - fi - - # Since SELinux support is only required for nscd, only enable it if: - # 1. USE selinux - # 2. only for the primary ABI on multilib systems - # 3. Not a crosscompile - if ! is_crosscompile && use selinux ; then - if use multilib || has_multilib_profile ; then - if is_final_abi ; then - myconf="${myconf} --with-selinux" - else - myconf="${myconf} --without-selinux" - fi - else - myconf="${myconf} --with-selinux" - fi - else - myconf="${myconf} --without-selinux" - fi - - myconf="${myconf} - --without-cvs - --enable-bind-now - --build=${CBUILD_OPT:-${CBUILD}} - --host=${CTARGET_OPT:-${CTARGET}} - $(use_enable profile) - $(use_with gd) - --with-headers=$(alt_build_headers) - --prefix=/usr - --libdir=/usr/$(get_libdir) - --mandir=/usr/share/man - --infodir=/usr/share/info - --libexecdir=/usr/$(get_libdir)/misc/glibc - $(use_multiarch || echo --disable-multi-arch) - ${EXTRA_ECONF}" - - # There is no configure option for this and we need to export it - # since the glibc build will re-run configure on itself - export libc_cv_slibdir=/$(get_libdir) - - local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 - mkdir -p "${GBUILDDIR}" - cd "${GBUILDDIR}" - echo "${S}"/configure ${myconf} - "${S}"/configure ${myconf} || die "failed to configure glibc" - - # since we'll be punting them for cross-compilers, and they can cause - # problems (ia64+static), we'll just skip building altogether - is_crosscompile && sed -i '1ibuild-programs = no' config.make -} - -toolchain-glibc_src_compile() { - echo - local v - for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do - einfo " $(printf '%15s' ${v}:) ${!v}" - done - export CC=$(tc-getCC ${CTARGET}) - einfo " $(printf '%15s' 'Manual CC:') ${CC}" - echo - - if want_linuxthreads ; then - glibc_do_configure linuxthreads - emake || die "make for ${ABI} failed" - fi - if want_nptl ; then - # ... and then do the optional nptl build - unset LD_ASSUME_KERNEL - glibc_do_configure nptl - emake || die "make for ${ABI} failed" - fi -} - -toolchain-glibc_headers_compile() { - local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers - mkdir -p "${GBUILDDIR}" - cd "${GBUILDDIR}" - - # if we don't have a compiler yet, we cant really test it now ... - # hopefully they don't affect header geneation, so let's hope for - # the best here ... - export \ - ac_cv_header_cpuid_h=yes \ - libc_cv_386_tls=yes \ - libc_cv_asm_cfi_directives=yes \ - libc_cv_broken_visibility_attribute=no \ - libc_cv_gcc___thread=yes \ - libc_cv_mlong_double_128=yes \ - libc_cv_mlong_double_128ibm=yes \ - libc_cv_ppc_machine=yes \ - libc_cv_ppc_rel16=yes \ - libc_cv_visibility_attribute=yes \ - libc_cv_z_combreloc=yes \ - libc_cv_z_execstack=yes \ - libc_cv_z_initfirst=yes \ - libc_cv_z_nodelete=yes \ - libc_cv_z_nodlopen=yes \ - libc_cv_z_relro=yes - - # Pick out the correct location for build headers - local ports="" myconf="--disable-sanity-checks --enable-hacker-mode" - [[ -d ${S}/ports ]] && ports=",ports" - myconf="${myconf} - --enable-add-ons=nptl${ports} - --without-cvs - --enable-bind-now - --build=${CBUILD_OPT:-${CBUILD}} - --host=${CTARGET_OPT:-${CTARGET}} - --with-headers=$(alt_build_headers) - --prefix=/usr - ${EXTRA_ECONF}" - - # Nothing is compiled here which would affect the headers for the target. - # so forcing CC/CFLAGS is sane. unless you dont have `gcc`. then i - # dont care :p. - echo "${S}"/configure ${myconf} - CC=gcc \ - CFLAGS="-O1 -pipe" \ - CPPFLAGS="-U_FORTIFY_SOURCE" \ - "${S}"/configure ${myconf} || die "failed to configure glibc" -} - -eblit-glibc-src_compile() { - if is_crosscompile ; then - export \ - libc_cv_c_cleanup=yes \ - libc_cv_forced_unwind=yes - fi - - if just_headers ; then - export ABI=default - toolchain-glibc_headers_compile - return - fi - - setup_env - - if [[ -z ${OABI} ]] ; then - local abilist="" - if has_multilib_profile ; then - abilist=$(get_install_abis) - einfo "Building multilib glibc for ABIs: ${abilist}" - elif is_crosscompile || tc-is-cross-compiler ; then - abilist=${DEFAULT_ABI} - fi - if [[ -n ${abilist} ]] ; then - OABI=${ABI} - for ABI in ${abilist} ; do - export ABI - src_compile - done - ABI=${OABI} - unset OABI - return 0 - fi - fi - - toolchain-glibc_src_compile -} diff --git a/sys-libs/glibc/files/eblits/src_install.eblit b/sys-libs/glibc/files/eblits/src_install.eblit deleted file mode 100644 index ecbba79..0000000 --- a/sys-libs/glibc/files/eblits/src_install.eblit +++ /dev/null @@ -1,239 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -toolchain-glibc_src_install() { - local GBUILDDIR - if want_linuxthreads ; then - GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads - else - GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl - fi - - local install_root=${D} - is_crosscompile && install_root="${install_root}/usr/${CTARGET}" - if want_linuxthreads ; then - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads - einfo "Installing GLIBC ${ABI} with linuxthreads ..." - else # nptlonly - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl - einfo "Installing GLIBC ${ABI} with NPTL ..." - fi - emake install_root="${install_root}" install || die - - if is_crosscompile ; then - # punt all the junk not needed by a cross-compiler - cd "${D}"/usr/${CTARGET} || die - rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} - fi - - if want_linuxthreads && want_nptl ; then - einfo "Installing NPTL to $(alt_libdir)/tls/..." - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl - dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl - - local l src_lib - for l in libc libm librt libpthread libthread_db ; do - # take care of shared lib first ... - l=${l}.so - if [[ -e ${l} ]] ; then - src_lib=${l} - else - src_lib=$(eval echo */${l}) - fi - cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" - fperms a+rx $(alt_libdir)/tls/${l} - dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) - - # then grab the linker script or the symlink ... - if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then - dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} - else - sed \ - -e "s:/${l}:/tls/${l}:g" \ - -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ - "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} - fi - - # then grab the static lib ... - src_lib=${src_lib/%.so/.a} - [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} - cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" - src_lib=${src_lib/%.a/_nonshared.a} - if [[ -e ${src_lib} ]] ; then - cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" - fi - done - - # use the nptl linker instead of the linuxthreads one as the linuxthreads - # one may lack TLS support and that can be really bad for business - cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" - fi - - # We'll take care of the cache ourselves - rm -f "${D}"/etc/ld.so.cache - - # When cross-compiling for a non-multilib setup, make sure we have - # lib and a proper symlink setup - if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then - cd "${D}"$(alt_libdir)/.. - mv $(get_libdir) lib || die - ln -s lib $(get_libdir) || die - cd "${D}"$(alt_usrlibdir)/.. - mv $(get_libdir) lib || die - ln -s lib $(get_libdir) || die - fi - - ################################################################# - # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # - # Make sure we install some symlink hacks so that when we build - # a 2nd stage cross-compiler, gcc finds the target system - # headers correctly. See gcc/doc/gccinstall.info - if is_crosscompile ; then - dosym usr/include /usr/${CTARGET}/sys-include - return 0 - fi - - # Everything past this point just needs to be done once ... - is_final_abi || return 0 - - # Make sure the non-native interp can be found on multilib systems - if [[ ${SYMLINK_LIB} == "yes" ]] && has_multilib_profile ; then - case $(tc-arch) in - amd64) - [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib - dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 - ;; - ppc64) - [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib - dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 - ;; - esac - fi - - # Files for Debian-style locale updating - dodir /usr/share/i18n - sed \ - -e "/^#/d" \ - -e "/SUPPORTED-LOCALES=/d" \ - -e "s: \\\\::g" -e "s:/: :g" \ - "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ - || die "generating /usr/share/i18n/SUPPORTED failed" - cd "${WORKDIR}"/extra/locale - dosbin locale-gen || die - doman *.[0-8] - insinto /etc - doins locale.gen || die - - # Make sure all the ABI's can find the locales and so we only - # have to generate one set - local a - keepdir /usr/$(get_libdir)/locale - for a in $(get_install_abis) ; do - if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then - dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale - fi - done - - if ! has noinfo ${FEATURES} && [[ -n ${INFOPAGE_VER} ]] ; then - einfo "Installing info pages..." - - emake \ - -C "${GBUILDDIR}" \ - install_root="${install_root}" \ - info -i || die - fi - - if [[ -n ${MANPAGE_VER} ]] ; then - einfo "Installing man pages..." - - # Install linuxthreads man pages even if nptl is enabled - cd "${WORKDIR}"/man - doman *.3thr - fi - - cd "${S}" - - # Install misc network config files - insinto /etc - doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die - doins "${WORKDIR}"/extra/etc/*.conf || die - doinitd "${WORKDIR}"/extra/etc/nscd || die - - sed -i -e "s:@PIDFILE@:$(strings "${D}"/usr/sbin/nscd | grep nscd.pid):" "${D}"/etc/init.d/nscd - - echo 'LDPATH="include ld.so.conf.d/*.conf"' > "${T}"/00glibc - doenvd "${T}"/00glibc || die - - dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* - - # Prevent overwriting of the /etc/localtime symlink. We'll handle the - # creation of the "factory" symlink in pkg_postinst(). - rm -f "${D}"/etc/localtime -} - -toolchain-glibc_headers_install() { - local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers - cd "${GBUILDDIR}" - emake install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" - # Copy over headers that are not part of install-headers ... these - # are pretty much taken verbatim from crosstool, see it for more details - insinto $(alt_headers)/bits - doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" - insinto $(alt_headers)/gnu - doins "${S}"/include/gnu/stubs.h || die "doins include gnu" - # Make sure we install the sys-include symlink so that when - # we build a 2nd stage cross-compiler, gcc finds the target - # system headers correctly. See gcc/doc/gccinstall.info - dosym usr/include /usr/${CTARGET}/sys-include -} - -src_strip() { - # gdb is lame and requires some debugging information to remain in - # libpthread, so we need to strip it by hand. libthread_db makes no - # sense stripped as it is only used when debugging. - local pthread=$(has splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}") - env \ - -uRESTRICT \ - CHOST=${CTARGET} \ - STRIP_MASK="/*/{,tls/}${pthread}*" \ - prepallstrip - # if user has stripping enabled and does not have split debug turned on, - # then leave the debugging sections in libpthread. - if ! has nostrip ${FEATURES} && ! has splitdebug ${FEATURES} ; then - ${STRIP:-${CTARGET}-strip} --strip-debug "${D}"/*/libpthread-*.so - fi -} - -eblit-glibc-src_install() { - if just_headers ; then - export ABI=default - toolchain-glibc_headers_install - return - fi - - setup_env - - if [[ -z ${OABI} ]] ; then - local abilist="" - if has_multilib_profile ; then - abilist=$(get_install_abis) - einfo "Installing multilib glibc for ABIs: ${abilist}" - elif is_crosscompile || tc-is-cross-compiler ; then - abilist=${DEFAULT_ABI} - fi - if [[ -n ${abilist} ]] ; then - OABI=${ABI} - for ABI in ${abilist} ; do - export ABI - eblit-glibc-src_install - done - ABI=${OABI} - unset OABI - src_strip - return 0 - fi - fi - - toolchain-glibc_src_install - [[ -z ${OABI} ]] && src_strip -} diff --git a/sys-libs/glibc/files/eblits/src_test.eblit b/sys-libs/glibc/files/eblits/src_test.eblit deleted file mode 100644 index 3b83291..0000000 --- a/sys-libs/glibc/files/eblits/src_test.eblit +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -toolchain-glibc_src_test() { - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-$1 || die "cd build-${ABI}-${CTARGET}-$1" - unset LD_ASSUME_KERNEL - emake -j1 check && return 0 - einfo "make check failed - re-running with --keep-going to get the rest of the results" - emake -j1 -k check - ewarn "make check failed for ${ABI}-${CTARGET}-$1" - return 1 -} - -eblit-glibc-src_test() { - local ret=0 - - setup_env - - # give tests more time to complete - export TIMEOUTFACTOR=5 - - if [[ -z ${OABI} ]] && has_multilib_profile ; then - OABI=${ABI} - einfo "Testing multilib glibc for ABIs: $(get_install_abis)" - for ABI in $(get_install_abis) ; do - export ABI - einfo " Testing ${ABI} glibc" - src_test - ((ret+=$?)) - done - ABI=${OABI} - unset OABI - [[ ${ret} -ne 0 ]] \ - && die "tests failed" \ - || return 0 - fi - - want_linuxthreads && toolchain-glibc_src_test linuxthreads ; ((ret+=$?)) - want_nptl && toolchain-glibc_src_test nptl ; ((ret+=$?)) - return ${ret} -} diff --git a/sys-libs/glibc/files/eblits/src_unpack.eblit b/sys-libs/glibc/files/eblits/src_unpack.eblit deleted file mode 100644 index df0b490..0000000 --- a/sys-libs/glibc/files/eblits/src_unpack.eblit +++ /dev/null @@ -1,196 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -int_to_KV() { - local version=$1 major minor micro - major=$((version / 65536)) - minor=$(((version % 65536) / 256)) - micro=$((version % 256)) - echo ${major}.${minor}.${micro} -} - -eend_KV() { - [[ $(KV_to_int $1) -ge $(KV_to_int $2) ]] - eend $? -} - -get_kheader_version() { - printf '#include <linux/version.h>\nLINUX_VERSION_CODE\n' | \ - $(tc-getCPP ${CTARGET}) -I "$(alt_build_headers)" | \ - tail -n 1 -} - -check_nptl_support() { - # don't care about the compiler here as we arent using it - just_headers && return - - local run_kv build_kv want_kv - run_kv=$(int_to_KV $(get_KV)) - build_kv=$(int_to_KV $(get_kheader_version)) - want_kv=${NPTL_KERN_VER} - - ebegin "Checking gcc for __thread support" - if ! eend $(want__thread ; echo $?) ; then - echo - eerror "Could not find a gcc that supports the __thread directive!" - eerror "Please update your binutils/gcc and try again." - die "No __thread support in gcc!" - fi - - if ! is_crosscompile && ! tc-is-cross-compiler ; then - # Building fails on an non-supporting kernel - ebegin "Checking kernel version (${run_kv} >= ${want_kv})" - if ! eend_KV ${run_kv} ${want_kv} ; then - echo - eerror "You need a kernel of at least ${want_kv} for NPTL support!" - die "Kernel version too low!" - fi - fi - - ebegin "Checking linux-headers version (${build_kv} >= ${want_kv})" - if ! eend_KV ${build_kv} ${want_kv} ; then - echo - eerror "You need linux-headers of at least ${want_kv} for NPTL support!" - die "linux-headers version too low!" - fi -} - -unpack_pkg() { - local a=${PN} - [[ -n ${SNAP_VER} ]] && a="${a}-${RELEASE_VER}" - [[ -n $1 ]] && a="${a}-$1" - if [[ -n ${SNAP_VER} ]] ; then - a="${a}-${SNAP_VER}" - else - if [[ -n $2 ]] ; then - a="${a}-$2" - else - a="${a}-${RELEASE_VER}" - fi - fi - unpack ${a}.tar.bz2 - [[ -n $1 ]] && mv ${a} $1 -} - -toolchain-glibc_src_unpack() { - # Check NPTL support _before_ we unpack things to save some time - want_nptl && check_nptl_support - - if [[ -n ${EGIT_REPO_URIS} ]] ; then - local i d - for ((i=0; i<${#EGIT_REPO_URIS[@]}; ++i)) ; do - EGIT_REPO_URI=${EGIT_REPO_URIS[$i]} - EGIT_SOURCEDIR=${EGIT_SOURCEDIRS[$i]} - git-2_src_unpack - done - else - unpack_pkg - fi - - cd "${S}" - touch locale/C-translit.h #185476 #218003 - [[ -n ${LT_VER} ]] && unpack_pkg linuxthreads ${LT_VER} - [[ -n ${PORTS_VER} ]] && unpack_pkg ports ${PORTS_VER} - [[ -n ${LIBIDN_VER} ]] && unpack_pkg libidn - - if [[ -n ${PATCH_VER} ]] ; then - cd "${WORKDIR}" - unpack glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 - # pull out all the addons - local d - for d in extra/*/configure ; do - d=${d%/configure} - [[ -d ${S}/${d} ]] && die "${d} already exists in \${S}" - mv "${d}" "${S}" || die "moving ${d} failed" - done - fi - - # XXX: We should do the branchupdate, before extracting the manpages and - # infopages else it does not help much (mtimes change if there is a change - # to them with branchupdate) - if [[ -n ${BRANCH_UPDATE} ]] ; then - cd "${S}" - epatch "${DISTDIR}"/glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 - - # Snapshot date patch - einfo "Patching version to display snapshot date ..." - sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h - fi - - if [[ -n ${MANPAGE_VER} ]] ; then - cd "${WORKDIR}" - unpack glibc-manpages-${MANPAGE_VER}.tar.bz2 - fi - - if [[ -n ${INFOPAGE_VER} ]] ; then - cd "${S}" - unpack glibc-infopages-${INFOPAGE_VER}.tar.bz2 - fi - - # tag, glibc is it - cd "${S}" - [[ -e csu/Banner ]] && die "need new banner location" - [[ -n ${SNAP_VER} ]] && echo "Gentoo snapshot ${SNAP_VER}" >> csu/Banner - [[ -n ${BRANCH_UPDATE} ]] && echo "Gentoo branch ${BRANCH_UPDATE}" >> csu/Banner - if [[ -n ${PATCH_VER} ]] && ! use vanilla ; then - cd "${S}" - EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${RELEASE_VER}-${PATCH_VER} ..." \ - EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \ - EPATCH_SUFFIX="patch" \ - ARCH=$(tc-arch) \ - epatch "${WORKDIR}"/patches - echo "Gentoo patchset ${PATCH_VER}" >> csu/Banner - fi - - if just_headers ; then - if [[ -e ports/sysdeps/mips/preconfigure ]] ; then - # mips peeps like to screw with us. if building headers, - # we don't have a real compiler, so we can't let them - # insert -mabi on us. - sed -i '/CPPFLAGS=.*-mabi/s|.*|:|' ports/sysdeps/mips/preconfigure || die - find ports/sysdeps/mips/ -name Makefile -exec sed -i '/^CC.*-mabi=/s:-mabi=.*:-D_MIPS_SZPTR=32:' {} + - fi - fi - - epatch_user - - gnuconfig_update -} - -eblit-glibc-src_unpack() { - setup_env - - toolchain-glibc_src_unpack - - # Backwards SSP support - cd "${S}" -# For now, we force everyone to have the extra symbols -# einfon "Scanning system for __guard to see if we need SSP compat ... " -# if [[ -n $(scanelf -qyls__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then - echo "yes" > "${T}"/.ssp.compat -# else -# # ok, a quick scan didnt find it, so lets do a deep scan ... -# if [[ -n $(scanelf -qyRlps__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then -# echo "yes" > "${T}"/.ssp.compat -# else -# echo "no" > "${T}"/.ssp.compat -# fi -# fi -# cat "${T}"/.ssp.compat - - # Glibc is stupid sometimes, and doesn't realize that with a - # static C-Only gcc, -lgcc_eh doesn't exist. - # http://sources.redhat.com/ml/libc-alpha/2003-09/msg00100.html - # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html - echo 'int main(){}' > "${T}"/gcc_eh_test.c - if ! $(tc-getCC ${CTARGET}) "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then - sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh" - fi - - cd "${WORKDIR}" - find . -type f '(' -size 0 -o -name "*.orig" ')' -exec rm -f {} \; - find . -name configure -exec touch {} \; - - # Fix permissions on some of the scripts - chmod u+x "${S}"/scripts/*.sh -} |