archlinuxarm/PKGBUILDs
1
0
Fork 0
mirror of https://github.com/archlinuxarm/PKGBUILDs.git synced 2024-11-18 22:54:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updated toolchain to gcc 4.5.2/glibc 2.13

Browse source
This commit is contained in:
Kevin Mihelich 2011-02-04 20:42:15 -05:00
parent 3d6c9250e6
commit 783d25b272
16 changed files with 187 additions and 533 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

86
core/binutils/PKGBUILD
View file

@ -1,72 +1,84 @@
# $Id: PKGBUILD 72655 2010-03-19 03:19:22Z allan $ # $Id: PKGBUILD 106767 2011-01-19 00:42:04Z allan $
# Maintainer: Allan McRae <allan@archlinux.org> # Maintainer: Allan McRae <allan@archlinux.org>
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
noautobuild=1 # prevent plugbuild from autobuilding this package
plugrel=1
# toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc # toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
# - Added a CONFIGFLAG for arm, defining our build host
plugrel=1
noautobuild=1
pkgname=binutils pkgname=binutils
pkgver=2.20.1 pkgver=2.21
pkgrel=1 pkgrel=3
_date=20100318 _date=20101216
pkgdesc="A set of programs to assemble and manipulate binary and object files" pkgdesc="A set of programs to assemble and manipulate binary and object files"
arch=('i686' 'x86_64') arch=('i686' 'x86_64')
url="http://www.gnu.org/software/binutils/" url="http://www.gnu.org/software/binutils/"
license=('GPL') license=('GPL')
groups=('base') groups=('base')
depends=('glibc>=2.11.1-2' 'zlib') depends=('glibc>=2.13' 'zlib')
makedepends=('dejagnu')
options=('!libtool' '!distcc' '!ccache') options=('!libtool' '!distcc' '!ccache')
install=binutils.install install=binutils.install
source=(ftp://ftp.archlinux.org/other/${pkgname}/${pkgname}-${pkgver}_${_date}.tar.bz2) source=(ftp://ftp.archlinux.org/other/${pkgname}/${pkgname}-${pkgver}_${_date}.tar.bz2)
md5sums=('c153213a20a5075bd98d7f12fbd38a51') md5sums=('96a95d028ee86ca4347576c51d1ea1d4')
mksource() { mksource() {
mkdir ${pkgname}-${_date} mkdir ${pkgname}-${_date}
cd ${pkgname}-${_date} cd ${pkgname}-${_date}
export _TAG=binutils-2_20-branch export _TAG=binutils-2_21-branch
export 'CVSROOT=:pserver:anoncvs@sourceware.org:/cvs/src' export 'CVSROOT=:pserver:anoncvs@sourceware.org:/cvs/src'
cvs -z9 co -r $_TAG binutils || return 1 cvs -z9 co -r $_TAG binutils || return 1
cd src && tar -cvjf ../../binutils-${pkgver}_${_date}.tar.bz2 * mv src binutils
tar -cvjf ../binutils-${pkgver}_${_date}.tar.bz2 binutils/*
} }
build() { build() {
cd ${srcdir} cd ${srcdir}
mkdir build && cd build mkdir binutils-build && cd binutils-build
CC="gcc -L`pwd`/bfd/.libs/" [[ $CARCH == "x86_64" ]] && CONFIGFLAG="--enable-64-bit-bfd --disable-multilib"
if [ "${CARCH}" = "x86_64" ]; then [[ $CARCH == "arm" ]] && CONFIGFLAG="--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi"
../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-64-bit-bfd --disable-multilib
else ${srcdir}/binutils/configure --prefix=/usr \
../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi --enable-ld=default --enable-gold \
fi --enable-plugins --enable-threads \
# fix man files install path --enable-shared $CONFIGFLAG
sed -i -e "s:mandir \= \/usr\/share:mandir \= ${pkgdir}\/usr\/share:" ${srcdir}/build/Makefile || return 1
# fix info files install path
sed -i -e "s:infodir \= \/usr\/share:infodir \= ${pkgdir}\/usr\/share:" ${srcdir}/build/Makefile || return 1
# This checks the host environment and makes sure all the necessary tools are available to compile Binutils. # This checks the host environment and makes sure all the necessary tools are available to compile Binutils.
make configure-host || return 1 make configure-host
make tooldir=${pkgdir}/usr || return 1 make tooldir=${pkgdir}/usr
# do not abort on errors - manually check log files
make -k -j1 check || true
}
package() {
cd ${srcdir}/binutils-build
make prefix=${pkgdir}/usr tooldir=${pkgdir}/usr install make prefix=${pkgdir}/usr tooldir=${pkgdir}/usr install
install -m644 ${srcdir}/include/libiberty.h ${pkgdir}/usr/include
if [ "${CARCH}" = "x86_64" ]; then # Add some useful headers
# Rebuild libiberty.a with -fPIC install -m644 ${srcdir}/binutils/include/libiberty.h ${pkgdir}/usr/include
make -C libiberty clean install -m644 ${srcdir}/binutils/include/demangle.h ${pkgdir}/usr/include
make CFLAGS="$CFLAGS -fPIC" -C libiberty
install -m644 libiberty/libiberty.a ${pkgdir}/usr/lib
# Rebuild libbfd.a with -fPIC
make -C bfd clean
make CFLAGS="$CFLAGS -fPIC" -C bfd
install -m644 bfd/libbfd.a ${pkgdir}/usr/lib
fi
# Rebuild libiberty.a with -fPIC
make -C libiberty clean
make CFLAGS="$CFLAGS -fPIC" -C libiberty
install -m644 libiberty/libiberty.a ${pkgdir}/usr/lib
# Rebuild libbfd.a with -fPIC
make -C bfd clean
# hidden visability prevent 3rd party shared libraries exporting bfd non-stable API
make CFLAGS="$CFLAGS -fPIC -fvisibility=hidden" -C bfd
install -m644 bfd/libbfd.a ${pkgdir}/usr/lib
# Remove Windows/Novell specific man pages
rm -f ${pkgdir}/usr/share/man/man1/{dlltool,nlmconv,windres,windmc}* rm -f ${pkgdir}/usr/share/man/man1/{dlltool,nlmconv,windres,windmc}*
# Remove these symlinks, with binutils prereleases they are not ABI stable. # Remove these symlinks, they are not ABI stable.
# Programs should compile static to the .a file. # Programs should compile static to the .a file.
rm -f ${pkgdir}/usr/lib/lib{bfd,opcodes}.so rm -f ${pkgdir}/usr/lib/lib{bfd,opcodes}.so
echo "INPUT ( /usr/lib/libbfd.a -liberty -lz )" >${pkgdir}/usr/lib/libbfd.so echo "INPUT ( /usr/lib/libbfd.a -liberty -lz )" >${pkgdir}/usr/lib/libbfd.so

2
core/binutils/binutils.install
View file

@ -1,4 +1,4 @@
infodir=/usr/share/info infodir=usr/share/info
filelist=(as.info bfd.info binutils.info configure.info gprof.info ld.info standards.info) filelist=(as.info bfd.info binutils.info configure.info gprof.info ld.info standards.info)
post_upgrade() { post_upgrade() {

19
core/cloog-ppl/PKGBUILD
View file

@ -1,13 +1,15 @@
# $Id: PKGBUILD 87235 2010-08-11 12:10:19Z allan $ # $Id: PKGBUILD 104416 2011-01-02 12:23:31Z allan $
# Maintainer: Allan McRae <allan@archlinux.org> # Maintainer: Allan McRae <allan@archlinux.org>
# Contributor: ezzetabi <ezzetabi at gawab dot com> # Contributor: ezzetabi <ezzetabi at gawab dot com>
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
noautobuild=1 # prevent plugbuild from autobuilding this package # PlugApps: Kevin Mihelich <kevin@plugapps.com>
# - no changes, here just to maintain this version
plugrel=1 plugrel=1
noautobuild=1
pkgname=cloog-ppl pkgname=cloog-ppl
pkgver=0.15.9 pkgver=0.15.10
pkgrel=2 pkgrel=2
pkgdesc="Library that generates loops for scanning polyhedra" pkgdesc="Library that generates loops for scanning polyhedra"
arch=('i686' 'x86_64') arch=('i686' 'x86_64')
@ -16,15 +18,13 @@ license=('GPL')
depends=('ppl>=0.11') depends=('ppl>=0.11')
options=('!libtool') options=('!libtool')
source=(ftp://gcc.gnu.org/pub/gcc/infrastructure/${pkgname}-${pkgver}.tar.gz) source=(ftp://gcc.gnu.org/pub/gcc/infrastructure/${pkgname}-${pkgver}.tar.gz)
md5sums=('806e001d1b1a6b130069ff6274900af5') md5sums=('04aa756179b6d850d9ffa50f61b91895')
build() { build() {
cd $srcdir/$pkgname-$pkgver cd $srcdir/$pkgname-$pkgver
# "Add" ppl-0.11 compatibility ./autogen.sh
sed -i "/ppl_minor_version=/s#10#11#" configure ./configure --prefix=/usr --includedir=/usr/include/cloog-ppl \
./configure --prefix=/usr --infodir=/usr/share/info \
--with-bits=gmp --with-ppl=/usr --with-bits=gmp --with-ppl=/usr
make make
make check make check
@ -33,4 +33,5 @@ build() {
package() { package() {
cd $srcdir/$pkgname-$pkgver cd $srcdir/$pkgname-$pkgver
make DESTDIR=$pkgdir/ install make DESTDIR=$pkgdir/ install
mv $pkgdir/usr/bin/cloog{,-ppl}
} }

90
core/gcc/PKGBUILD
View file

@ -1,35 +1,39 @@
# $Id: PKGBUILD 87242 2010-08-11 12:46:24Z allan $ # $Id: PKGBUILD 106770 2011-01-19 00:45:20Z allan $
# Maintainer: Jan de Groot <jgc@archlinux.org>
# Maintainer: Allan McRae <allan@archlinux.org> # Maintainer: Allan McRae <allan@archlinux.org>
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
noautobuild=1 # prevent plugbuild from autobuilding this package
plugrel=1
# toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc # toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc
# NOTE: libtool requires rebuilt with each new gcc version # NOTE: libtool requires rebuilt with each new gcc version
# PlugApps: Kevin Mihelich
# - removed ada, disabled checks at end of build, removed gnat (ada stuff) from gcc packaging, removed ada package
# - CHOST in makepkg.conf must be set to arm-unknown-linux-gnueabi, or plan to fail
# - disabled make check at the end of build(), too much stress, kills plugs :(
plugrel=1
noautobuild=1
pkgname=('gcc' 'gcc-libs' 'gcc-fortran' 'gcc-objc') pkgname=('gcc' 'gcc-libs' 'gcc-fortran' 'gcc-objc')
pkgver=4.5.1 pkgver=4.5.2
pkgrel=1 pkgrel=5
#_snapshot=4.5-20100610 #_snapshot=4.5.2-RC-20101208
_libstdcppmanver=20100719 # Note: check source directory name when updating this _libstdcppmanver=4.5.2 # Note: check source directory name when updating this
pkgdesc="The GNU Compiler Collection" pkgdesc="The GNU Compiler Collection"
arch=('arm') arch=('i686' 'x86_64')
license=('GPL' 'LGPL' 'custom') license=('GPL' 'LGPL' 'custom')
url="http://gcc.gnu.org" url="http://gcc.gnu.org"
makedepends=('binutils>=2.20.1' 'libmpc>=0.8.2-2' 'cloog-ppl>=0.15.9-2' 'elfutils') makedepends=('binutils>=2.21' 'libmpc' 'cloog-ppl>=0.15.9-2' 'elfutils' 'dejagnu')
options=('!libtool' '!emptydirs') options=('!libtool' '!emptydirs')
source=(ftp://gcc.gnu.org/pub/gcc/releases/gcc-${pkgver}/gcc-{core,g++,fortran,objc}-${pkgver}.tar.bz2 source=(ftp://gcc.gnu.org/pub/gcc/releases/gcc-${pkgver}/gcc-{core,g++,fortran,objc,testsuite}-${pkgver}.tar.bz2
#ftp://gcc.gnu.org/pub/gcc/snapshots/${_snapshot}/gcc-{core,g++,fortran,objc}-${_snapshot}.tar.bz2 #ftp://gcc.gnu.org/pub/gcc/snapshots/${_snapshot}/gcc-{core,g++,fortran,objc,ada,testsuite}-${_snapshot}.tar.bz2
ftp://gcc.gnu.org/pub/gcc/libstdc++/doxygen/libstdc++-api.${_libstdcppmanver}.man.tar.bz2 ftp://gcc.gnu.org/pub/gcc/libstdc++/doxygen/libstdc++-api-${_libstdcppmanver}.man.tar.bz2
gcc_pure64.patch gcc_pure64.patch
gcc-hash-style-both.patch) gcc-hash-style-both.patch)
md5sums=('dc8959e31b01a65ce10d269614815054' md5sums=('aa9e36bec080452372bfba793428ee82'
'b294953ff0bb2f20c7acb2bf005d832a' '9821f1c61e43755866861485ff364e90'
'7567c2f8df8a8bf61b48fe414b88de65' '8cc545fda70085c78076d79e0e23962a'
'3c11b7037896e967eddf8178af2ddd98' '3561c6585e9062105cc3591a8c39d7dc'
'226ae0c6364cfe2c1f7ac88d06088d5a' '29ae615438aba0bd3384b94bac54c235'
'2776eab5ebb7f9cc62dd2199a3a24382'
'4030ee1c08dd1e843c0225b772360e76' '4030ee1c08dd1e843c0225b772360e76'
'6fd395bacbd7b6e47c7b74854b478363') '6fd395bacbd7b6e47c7b74854b478363')
@ -41,11 +45,6 @@ else
fi fi
build() { build() {
if ! locale -a | grep ^de_DE > /dev/null; then
echo "You need the de_DE locale to build gcc."
return 1
fi
cd ${_basedir} cd ${_basedir}
# "Add" ppl-0.11 compatibility # "Add" ppl-0.11 compatibility
@ -58,33 +57,45 @@ build() {
sed -i 's@\./fixinc\.sh@-c true@' gcc/Makefile.in sed -i 's@\./fixinc\.sh@-c true@' gcc/Makefile.in
if [ "${CARCH}" = "x86_64" ]; then if [ "${CARCH}" = "x86_64" ]; then
patch -Np1 -i ../gcc_pure64.patch patch -Np1 -i ${srcdir}/gcc_pure64.patch
fi fi
patch -Np0 -i ${srcdir}/gcc-hash-style-both.patch patch -Np0 -i ${srcdir}/gcc-hash-style-both.patch
echo ${pkgver} > gcc/BASE-VER echo ${pkgver} > gcc/BASE-VER
mkdir build && cd build cd ${srcdir}
../configure --prefix=/usr --enable-languages=c,c++,fortran,objc,obj-c++ \ mkdir gcc-build && cd gcc-build
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi \ ${_basedir}/configure --prefix=/usr \
--enable-languages=c,c++,fortran,objc,obj-c++ \
--enable-shared --enable-threads=posix --enable-__cxa_atexit \ --enable-shared --enable-threads=posix --enable-__cxa_atexit \
--enable-clocale=gnu --enable-gnu-unique-object \ --enable-clocale=gnu --enable-gnu-unique-object \
--enable-lto --enable-plugin \ --enable-lto --enable-plugin \
--enable-gold --with-plugin-ld=ld.gold \
--disable-multilib --disable-libstdcxx-pch \ --disable-multilib --disable-libstdcxx-pch \
--with-system-zlib --with-ppl --with-cloog \ --with-system-zlib --with-ppl \
--with-cloog --with-cloog-include=/usr/include/cloog-ppl \
--libdir=/usr/lib --libexecdir=/usr/lib \ --libdir=/usr/lib --libexecdir=/usr/lib \
--mandir=/usr/share/man --infodir=/usr/share/info --mandir=/usr/share/man --infodir=/usr/share/info \
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi
make make
# increase stack size to prevent test failures
# http://gcc.gnu.org/bugzilla/show_bug.cgi?id=31827
ulimit -s 32768
# do not abort on error as some are "expected"
#make -k check || true
#${_basedir}/contrib/test_summary
} }
package_gcc-libs() package_gcc-libs()
{ {
pkgdesc="Runtime libraries shipped by GCC for C and C++ languages" pkgdesc="Runtime libraries shipped by GCC"
groups=('base') groups=('base')
depends=('glibc>=2.11.1-2') depends=('glibc>=2.11.1-2')
install=gcc-libs.install install=gcc-libs.install
cd ${_basedir}/build cd gcc-build
make -j1 -C $CHOST/libgcc DESTDIR=${pkgdir} install-shared make -j1 -C $CHOST/libgcc DESTDIR=${pkgdir} install-shared
for lib in libmudflap libgomp libssp libstdc++-v3/src; do for lib in libmudflap libgomp libssp libstdc++-v3/src; do
make -j1 -C $CHOST/$lib DESTDIR=${pkgdir} install-toolexeclibLTLIBRARIES make -j1 -C $CHOST/$lib DESTDIR=${pkgdir} install-toolexeclibLTLIBRARIES
@ -108,15 +119,16 @@ package_gcc-libs()
package_gcc() package_gcc()
{ {
pkgdesc="The GNU Compiler Collection - C and C++ frontends"
depends=('binutils>=2.20.1' 'libmpc>=0.8.1-2' 'cloog-ppl>=0.15.9-2' 'elfutils') depends=('binutils>=2.20.1' 'libmpc>=0.8.1-2' 'cloog-ppl>=0.15.9-2' 'elfutils')
groups=('base-devel') groups=('base-devel')
install=gcc.install install=gcc.install
cd ${_basedir}/build cd gcc-build
# much, much easier to install the lot and clean-up the mess # much, much easier to install the lot and clean-up the mess
make -j1 DESTDIR=${pkgdir} install make -j1 DESTDIR=${pkgdir} install
rm -f $pkgdir/usr/bin/*gfortran rm -f $pkgdir/usr/bin/{*gfortran}
rm -f $pkgdir/usr/lib/gcc/$CHOST/${pkgver}/{finclude,include/objc}/* rm -f $pkgdir/usr/lib/gcc/$CHOST/${pkgver}/{finclude,include/objc}/*
rm -f $pkgdir/usr/lib/gcc/$CHOST/${pkgver}/{cc1obj{,plus},f951,libgfortranbegin.a} rm -f $pkgdir/usr/lib/gcc/$CHOST/${pkgver}/{cc1obj{,plus},f951,libgfortranbegin.a}
rm -f $pkgdir/usr/lib/{*.so*,lib{gfortran,objc}.a} rm -f $pkgdir/usr/lib/{*.so*,lib{gfortran,objc}.a}
@ -163,8 +175,6 @@ EOF
install -dm755 ${pkgdir}/usr/share/man/man3 install -dm755 ${pkgdir}/usr/share/man/man3
install -m644 ${srcdir}/libstdc++-api-${_libstdcppmanver}.man/man3/* \ install -m644 ${srcdir}/libstdc++-api-${_libstdcppmanver}.man/man3/* \
${pkgdir}/usr/share/man/man3/ ${pkgdir}/usr/share/man/man3/
# deal with conflicts...
rm -f ${pkgdir}/usr/share/man/man3/{ctime,queue,random,regex,string}.3
# Install Runtime Library Exception # Install Runtime Library Exception
install -Dm644 ${_basedir}/COPYING.RUNTIME \ install -Dm644 ${_basedir}/COPYING.RUNTIME \
@ -177,7 +187,7 @@ package_gcc-fortran()
depends=("gcc=$pkgver-$pkgrel") depends=("gcc=$pkgver-$pkgrel")
install=gcc-fortran.install install=gcc-fortran.install
cd ${_basedir}/build cd gcc-build
make -j1 DESTDIR=$pkgdir install-target-libgfortran make -j1 DESTDIR=$pkgdir install-target-libgfortran
make -j1 -C $CHOST/libgomp DESTDIR=$pkgdir install-nodist_fincludeHEADERS make -j1 -C $CHOST/libgomp DESTDIR=$pkgdir install-nodist_fincludeHEADERS
make -j1 -C gcc DESTDIR=$pkgdir fortran.install-{common,man,info} make -j1 -C gcc DESTDIR=$pkgdir fortran.install-{common,man,info}
@ -196,7 +206,7 @@ package_gcc-objc()
pkgdesc="Objective-C front-end for GCC" pkgdesc="Objective-C front-end for GCC"
depends=("gcc=$pkgver-$pkgrel") depends=("gcc=$pkgver-$pkgrel")
cd ${_basedir}/build cd gcc-build
make -j1 DESTDIR=$pkgdir install-target-libobjc make -j1 DESTDIR=$pkgdir install-target-libobjc
install -dm755 $pkgdir/usr/lib/gcc/$CHOST/$pkgver/ install -dm755 $pkgdir/usr/lib/gcc/$CHOST/$pkgver/
install -m755 gcc/cc1obj{,plus} $pkgdir/usr/lib/gcc/$CHOST/$pkgver/ install -m755 gcc/cc1obj{,plus} $pkgdir/usr/lib/gcc/$CHOST/$pkgver/
@ -208,3 +218,5 @@ package_gcc-objc()
install -Dm644 ${_basedir}/COPYING.RUNTIME \ install -Dm644 ${_basedir}/COPYING.RUNTIME \
${pkgdir}/usr/share/licenses/gcc-objc/RUNTIME.LIBRARY.EXCEPTION ${pkgdir}/usr/share/licenses/gcc-objc/RUNTIME.LIBRARY.EXCEPTION
} }

2
core/gcc/gcc-ada.install
View file

@ -1,4 +1,4 @@
infodir=/usr/share/info infodir=usr/share/info
filelist=(gnat-style.info gnat_rm.info gnat_ugn.info) filelist=(gnat-style.info gnat_rm.info gnat_ugn.info)
post_install() { post_install() {

2
core/gcc/gcc-fortran.install
View file

@ -1,4 +1,4 @@
infodir=/usr/share/info infodir=usr/share/info
file="gfortran.info" file="gfortran.info"
post_install() { post_install() {

2
core/gcc/gcc-libs.install
View file

@ -1,4 +1,4 @@
infodir=/usr/share/info infodir=usr/share/info
file="libgomp.info" file="libgomp.info"
post_upgrade() { post_upgrade() {

2
core/gcc/gcc.install
View file

@ -1,4 +1,4 @@
infodir=/usr/share/info infodir=usr/share/info
filelist=(cpp.info cppinternals.info gcc.info gccinstall.info gccint.info) filelist=(cpp.info cppinternals.info gcc.info gccinstall.info gccint.info)
post_install() { post_install() {

96
core/glibc/PKGBUILD
View file

@ -1,26 +1,28 @@
# $Id: PKGBUILD 97014 2010-10-26 01:24:43Z allan $ # $Id: PKGBUILD 106764 2011-01-19 00:37:38Z allan $
# Maintainer: Jan de Groot <jgc@archlinux.org>
# Maintainer: Allan McRae <allan@archlinux.org> # Maintainer: Allan McRae <allan@archlinux.org>
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
noautobuild=1 # prevent plugbuild from autobuilding this package
plugrel=1
# toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc # toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc
# NOTE: valgrind requires rebuilt with each new glibc version # NOTE: valgrind requires rebuilt with each new glibc version
# PlugApps: Kevin Mihelich <kevin@mihelich>
# - Added source file for glibc-ports-2.13, needed for building on ARM
# - Symlink glibc-ports-2.13 source dir to ports dir in glibc directory
# - Changed configure to enable ports add-on, specify our build host type
plugrel=1
noautobuild=1
pkgname=glibc pkgname=glibc
pkgver=2.12.1 pkgver=2.13
pkgrel=4 pkgrel=1
_glibcdate=20101025 _glibcdate=20110117
pkgdesc="GNU C Library" pkgdesc="GNU C Library"
arch=('i686' 'x86_64') arch=('i686' 'x86_64')
url="http://www.gnu.org/software/libc" url="http://www.gnu.org/software/libc"
license=('GPL' 'LGPL') license=('GPL' 'LGPL')
groups=('base') groups=('base')
depends=('linux-api-headers>=2.6.34' 'tzdata') depends=('linux-api-headers>=2.6.37' 'tzdata')
makedepends=('gcc>=4.4') makedepends=('gcc>=4.4')
replaces=('glibc-xen')
backup=(etc/locale.gen backup=(etc/locale.gen
etc/nscd.conf) etc/nscd.conf)
options=('!strip') options=('!strip')
@ -30,26 +32,18 @@ source=(ftp://ftp.archlinux.org/other/glibc/${pkgname}-${pkgver}_${_glibcdate}.t
glibc-2.10-dont-build-timezone.patch glibc-2.10-dont-build-timezone.patch
glibc-2.10-bz4781.patch glibc-2.10-bz4781.patch
glibc-__i686.patch glibc-__i686.patch
glibc-2.12.1-make-3.82-compatibility.patch
glibc-2.12.1-static-shared-getpagesize.patch glibc-2.12.1-static-shared-getpagesize.patch
glibc-2.12.1-but-I-am-an-i686.patch glibc-2.12.2-ignore-origin-of-privileged-program.patch
glibc-2.12.1-fix-IPTOS_CLASS-definition.patch
glibc-2.12.1-never-expand-origin-when-privileged.patch
glibc-2.12.1-require-suid-on-audit.patch
nscd nscd
locale.gen.txt locale.gen.txt
locale-gen) locale-gen)
md5sums=('b12192eff7306f2a6e919641b847e7cf' md5sums=('b7b17d9c6b5b71b5e5322e04ca63c190'
'd3311554368849da08dc16f6c535f097' '8ceda1d0006820cda04a9087aabc5eca'
'4dadb9203b69a3210d53514bb46f41c3' '4dadb9203b69a3210d53514bb46f41c3'
'0c5540efc51c0b93996c51b57a8540ae' '0c5540efc51c0b93996c51b57a8540ae'
'40cd342e21f71f5e49e32622b25acc52' '40cd342e21f71f5e49e32622b25acc52'
'1deecaa78c0909f7175732da2af796b5'
'a3ac6f318d680347bb6e2805d42b73b2' 'a3ac6f318d680347bb6e2805d42b73b2'
'de17165e3fa721c4e056dacfc9ee1e52' 'b042647ea7d6f22ad319e12e796bd13e'
'fdc0908c9971fcf9b32e1185954b6eeb'
'e154dbe21d4e24968ab257ffd9c106f2'
'bbc99319ad78fe9eb1ac217efc770ac6'
'b587ee3a70c9b3713099295609afde49' 'b587ee3a70c9b3713099295609afde49'
'07ac979b6ab5eeb778d55f041529d623' '07ac979b6ab5eeb778d55f041529d623'
'476e9113489f93b348b21e144b6a8fcf') '476e9113489f93b348b21e144b6a8fcf')
@ -57,7 +51,9 @@ md5sums=('b12192eff7306f2a6e919641b847e7cf'
mksource() { mksource() {
git clone git://sourceware.org/git/glibc.git git clone git://sourceware.org/git/glibc.git
pushd glibc pushd glibc
git checkout -b glibc-2.12-arch origin/release/2.12/master # glibc-2.13 has been tagged but not branched yet
git checkout -b glibc-2.13-arch origin/master || return 1
#git checkout -b glibc-2.13-arch origin/release/2.13/master || return 1
popd popd
tar -cvJf glibc-${pkgver}_${_glibcdate}.tar.xz glibc/* tar -cvJf glibc-${pkgver}_${_glibcdate}.tar.xz glibc/*
} }
@ -76,31 +72,23 @@ build() {
# http://sourceware.org/ml/libc-alpha/2009-07/msg00072.html # http://sourceware.org/ml/libc-alpha/2009-07/msg00072.html
patch -Np1 -i ${srcdir}/glibc-__i686.patch patch -Np1 -i ${srcdir}/glibc-__i686.patch
# http://sourceware.org/git/?p=glibc.git;a=patch;h=32cf4069
patch -Np1 -i ${srcdir}/glibc-2.12.1-make-3.82-compatibility.patch
# http://sourceware.org/bugzilla/show_bug.cgi?id=11929 # http://sourceware.org/bugzilla/show_bug.cgi?id=11929
# using Fedora "fix" as patch in that bug report causes breakages... # using Fedora "fix" as patch in that bug report causes breakages...
patch -Np1 -i ${srcdir}/glibc-2.12.1-static-shared-getpagesize.patch patch -Np1 -i ${srcdir}/glibc-2.12.1-static-shared-getpagesize.patch
# fedora "fix" for excess linker optimization on i686
# proper fix will be in binutils-2.21
patch -Np1 -i ${srcdir}/glibc-2.12.1-but-I-am-an-i686.patch
# http://www.exploit-db.com/exploits/15274/ # http://www.exploit-db.com/exploits/15274/
# http://sourceware.org/git/?p=glibc.git;a=patch;h=2232b90f (only fedora branch...) # http://sourceware.org/git/?p=glibc.git;a=patch;h=d14e6b09 (only fedora branch...)
patch -Np1 -i ${srcdir}/glibc-2.12.1-never-expand-origin-when-privileged.patch patch -Np1 -i ${srcdir}/glibc-2.12.2-ignore-origin-of-privileged-program.patch
# http://www.exploit-db.com/exploits/15304/ # http://sourceware.org/bugzilla/show_bug.cgi?id=12403
# http://sourceware.org/git/?p=glibc.git;a=patch;h=8e9f92e9 if [[ $CARCH == "x86_64" ]]; then
patch -Np1 -i ${srcdir}/glibc-2.12.1-require-suid-on-audit.patch sed -i '/__ASSUME_PRIVATE_FUTEX/d' $srcdir/glibc/sysdeps/unix/sysv/linux/kernel-features.h
fi
# http://sources.redhat.com/git/?p=glibc.git;a=patch;h=15bac72b
patch -Np1 -i ${srcdir}/glibc-2.12.1-fix-IPTOS_CLASS-definition.patch
install -dm755 ${pkgdir}/etc install -dm755 ${pkgdir}/etc
touch ${pkgdir}/etc/ld.so.conf touch ${pkgdir}/etc/ld.so.conf
cd ${srcdir}
mkdir glibc-build mkdir glibc-build
cd glibc-build cd glibc-build
@ -111,25 +99,28 @@ build() {
echo "slibdir=/lib" >> configparms echo "slibdir=/lib" >> configparms
../configure --prefix=/usr \ ${srcdir}/glibc/configure --prefix=/usr \
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi \ --libdir=/usr/lib --libexecdir=/usr/lib \
--enable-add-ons=nptl,libidn,ports --without-cvs \ --with-headers=/usr/include \
--enable-kernel=2.6.36 --disable-profile \ --enable-add-ons=nptl,libidn,ports \
--with-headers=/usr/include --libexecdir=/usr/lib \ --enable-kernel=2.6.27 \
--enable-bind-now --with-tls --with-__thread \ --with-tls --with-__thread \
--libdir=/usr/lib --without-gd --disable-multi-arch --enable-bind-now --without-gd \
--without-cvs --disable-profile \
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi
make make
# --disable-multi-arch \
# some errors are expected - manually check log files
make -k check || true
} }
package() { package() {
cd ${srcdir}/glibc/glibc-build cd ${srcdir}/glibc-build
make install_root=${pkgdir} install make install_root=${pkgdir} install
# provided by kernel-headers rm ${pkgdir}/etc/ld.so.{cache,conf}
rm ${pkgdir}/usr/include/scsi/scsi.h
rm ${pkgdir}/etc/ld.so.conf
install -dm755 ${pkgdir}/etc/rc.d install -dm755 ${pkgdir}/etc/rc.d
install -dm755 ${pkgdir}/usr/sbin install -dm755 ${pkgdir}/usr/sbin
@ -137,6 +128,7 @@ package() {
install -m644 ${srcdir}/glibc/nscd/nscd.conf ${pkgdir}/etc/nscd.conf install -m644 ${srcdir}/glibc/nscd/nscd.conf ${pkgdir}/etc/nscd.conf
install -m755 ${srcdir}/nscd ${pkgdir}/etc/rc.d/nscd install -m755 ${srcdir}/nscd ${pkgdir}/etc/rc.d/nscd
install -m755 ${srcdir}/locale-gen ${pkgdir}/usr/sbin install -m755 ${srcdir}/locale-gen ${pkgdir}/usr/sbin
install -m644 ${srcdir}/glibc/posix/gai.conf ${pkgdir}/etc/gai.conf
sed -i -e 's/^\tserver-user/#\tserver-user/' ${pkgdir}/etc/nscd.conf sed -i -e 's/^\tserver-user/#\tserver-user/' ${pkgdir}/etc/nscd.conf
@ -151,7 +143,7 @@ package() {
if [[ ${CARCH} = "x86_64" ]]; then if [[ ${CARCH} = "x86_64" ]]; then
# fix for the linker # fix for the linker
sed -i '/RTLDLIST/s%lib64%lib%' ${pkgdir}/usr/bin/ldd sed -i '/RTLDLIST/s%lib64%lib%' ${pkgdir}/usr/bin/ldd
#Comply with multilib binaries, they look for the linker in /lib64 # Comply with multilib binaries, they look for the linker in /lib64
mkdir ${pkgdir}/lib64 mkdir ${pkgdir}/lib64
cd ${pkgdir}/lib64 cd ${pkgdir}/lib64
ln -v -s ../lib/ld* . ln -v -s ../lib/ld* .

22
core/glibc/glibc-2.12.1-but-I-am-an-i686.patch
View file

@ -1,22 +0,0 @@
--- glibc-2.12-62-gb08c89d/sysdeps/i386/i686/Makefile
+++ glibc-2.12.90-6/sysdeps/i386/i686/Makefile
@@ -9,19 +9,3 @@ stack-align-test-flags += -msse
ifeq ($(subdir),string)
sysdep_routines += cacheinfo
endif
-
-ifeq (yes,$(config-asflags-i686))
-CFLAGS-.o += -Wa,-mtune=i686
-CFLAGS-.os += -Wa,-mtune=i686
-CFLAGS-.op += -Wa,-mtune=i686
-CFLAGS-.og += -Wa,-mtune=i686
-CFLAGS-.ob += -Wa,-mtune=i686
-CFLAGS-.oS += -Wa,-mtune=i686
-
-ASFLAGS-.o += -Wa,-mtune=i686
-ASFLAGS-.os += -Wa,-mtune=i686
-ASFLAGS-.op += -Wa,-mtune=i686
-ASFLAGS-.og += -Wa,-mtune=i686
-ASFLAGS-.ob += -Wa,-mtune=i686
-ASFLAGS-.oS += -Wa,-mtune=i686
-endif

34
core/glibc/glibc-2.12.1-fix-IPTOS_CLASS-definition.patch
View file

@ -1,34 +0,0 @@
From 15bac72bac03faeb3b725b1d208c62160f0c3ad7 Mon Sep 17 00:00:00 2001
From: Ulrich Drepper <drepper@redhat.com>
Date: Wed, 11 Aug 2010 07:44:03 -0700
Subject: [PATCH] Fix IPTOS_CLASS definition.
---
ChangeLog | 4 ++++
NEWS | 4 ++--
sysdeps/generic/netinet/ip.h | 5 ++---
3 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/sysdeps/generic/netinet/ip.h b/sysdeps/generic/netinet/ip.h
index a837b98..4955fee 100644
--- a/sysdeps/generic/netinet/ip.h
+++ b/sysdeps/generic/netinet/ip.h
@@ -1,5 +1,4 @@
-/* Copyright (C) 1991,92,93,95,96,97,98,99,2000,2009 Free Software
- Foundation, Inc.
+/* Copyright (C) 1991-1993,1995-2000,2009,2010 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -194,7 +193,7 @@ struct ip_timestamp
*/
#define IPTOS_CLASS_MASK 0xe0
-#define IPTOS_CLASS(class) ((tos) & IPTOS_CLASS_MASK)
+#define IPTOS_CLASS(class) ((class) & IPTOS_CLASS_MASK)
#define IPTOS_CLASS_CS0 0x00
#define IPTOS_CLASS_CS1 0x20
#define IPTOS_CLASS_CS2 0x40
--
1.7.2

29
core/glibc/glibc-2.12.1-make-3.82-compatibility.patch
View file

@ -1,29 +0,0 @@
From 32cf40699346d37fabfa887bbd95e95004799ae1 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@redhat.com>
Date: Mon, 6 Sep 2010 14:55:59 +0200
Subject: [PATCH 1/1] Don't mix pattern rules with normal rules
---
ChangeLog | 4 ++++
manual/Makefile | 5 ++++-
2 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/manual/Makefile b/manual/Makefile
index c5866eb..b1f5fa7 100644
--- a/manual/Makefile
+++ b/manual/Makefile
@@ -232,7 +232,10 @@ ifdef objpfx
.PHONY: stubs
stubs: $(objpfx)stubs
endif
-$(objpfx)stubs ../po/manual.pot $(objpfx)stamp%:
+$(objpfx)stubs ../po/manual.pot:
+ $(make-target-directory)
+ touch $@
+$(objpfx)stamp%:
$(make-target-directory)
touch $@
--
1.7.2

85
core/glibc/glibc-2.12.1-never-expand-origin-when-privileged.patch
View file

@ -1,85 +0,0 @@
From 2232b90f0bd3a41b4d63cac98a5b60abbfaccd46 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@redhat.com>
Date: Mon, 18 Oct 2010 11:46:00 +0200
Subject: [PATCH] Never expand $ORIGIN in privileged programs
---
ChangeLog | 6 ++++++
elf/dl-load.c | 30 +++++++++++++-----------------
2 files changed, 19 insertions(+), 17 deletions(-)
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 0adddf5..1cc6f25 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -169,8 +169,7 @@ local_strdup (const char *s)
static size_t
-is_dst (const char *start, const char *name, const char *str,
- int is_path, int secure)
+is_dst (const char *start, const char *name, const char *str, int is_path)
{
size_t len;
bool is_curly = false;
@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
&& (!is_path || name[len] != ':'))
return 0;
- if (__builtin_expect (secure, 0)
- && ((name[len] != '\0' && (!is_path || name[len] != ':'))
- || (name != start + 1 && (!is_path || name[-2] != ':'))))
- return 0;
-
return len;
}
@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
{
size_t len;
- /* $ORIGIN is not expanded for SUID/GUID programs (except if it
- is $ORIGIN alone) and it must always appear first in path. */
+ /* $ORIGIN is not expanded for SUID/GUID programs. */
++name;
- if ((len = is_dst (start, name, "ORIGIN", is_path,
- INTUSE(__libc_enable_secure))) != 0
- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
+ && !INTUSE(__libc_enable_secure))
+ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
+ || (len = is_dst (start, name, "LIB", is_path)) != 0)
++cnt;
name = strchr (name + len, '$');
@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
size_t len;
++name;
- if ((len = is_dst (start, name, "ORIGIN", is_path,
- INTUSE(__libc_enable_secure))) != 0)
+ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
{
+ /* Ignore this path element in SUID/SGID programs. */
+ if (INTUSE(__libc_enable_secure))
+ repl = (const char *) -1;
+ else
#ifndef SHARED
if (l == NULL)
repl = _dl_get_origin ();
@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
#endif
repl = l->l_origin;
}
- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
+ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
repl = GLRO(dl_platform);
- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+ else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
repl = DL_DST_LIB;
if (repl != NULL && repl != (const char *) -1)
--
1.7.2

218
core/glibc/glibc-2.12.1-require-suid-on-audit.patch
View file

@ -1,218 +0,0 @@
From 8e9f92e9d5d7737afdacf79b76d98c4c42980508 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@redhat.com>
Date: Sun, 24 Oct 2010 21:43:15 -0400
Subject: [PATCH 1/1] Require suid bit on audit objects in privileged programs
---
ChangeLog | 15 +++++++++++++++
elf/dl-deps.c | 2 +-
elf/dl-load.c | 20 +++++++++++---------
elf/dl-open.c | 2 +-
elf/rtld.c | 16 +++++++---------
include/dlfcn.h | 1 +
sysdeps/generic/ldsodefs.h | 6 ++----
7 files changed, 38 insertions(+), 24 deletions(-)
diff --git a/elf/dl-deps.c b/elf/dl-deps.c
index a58de5c..a51fb6e 100644
--- a/elf/dl-deps.c
+++ b/elf/dl-deps.c
@@ -62,7 +62,7 @@ openaux (void *a)
{
struct openaux_args *args = (struct openaux_args *) a;
- args->aux = _dl_map_object (args->map, args->name, 0,
+ args->aux = _dl_map_object (args->map, args->name,
(args->map->l_type == lt_executable
? lt_library : args->map->l_type),
args->trace_mode, args->open_mode,
diff --git a/elf/dl-load.c b/elf/dl-load.c
index a7162eb..aa8738f 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -1812,7 +1812,7 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
if MAY_FREE_DIRS is true. */
static int
-open_path (const char *name, size_t namelen, int preloaded,
+open_path (const char *name, size_t namelen, int secure,
struct r_search_path_struct *sps, char **realname,
struct filebuf *fbp, struct link_map *loader, int whatcode,
bool *found_other_class)
@@ -1894,7 +1894,7 @@ open_path (const char *name, size_t namelen, int preloaded,
/* Remember whether we found any existing directory. */
here_any |= this_dir->status[cnt] != nonexisting;
- if (fd != -1 && __builtin_expect (preloaded, 0)
+ if (fd != -1 && __builtin_expect (secure, 0)
&& INTUSE(__libc_enable_secure))
{
/* This is an extra security effort to make sure nobody can
@@ -1963,7 +1963,7 @@ open_path (const char *name, size_t namelen, int preloaded,
struct link_map *
internal_function
-_dl_map_object (struct link_map *loader, const char *name, int preloaded,
+_dl_map_object (struct link_map *loader, const char *name,
int type, int trace_mode, int mode, Lmid_t nsid)
{
int fd;
@@ -2067,7 +2067,8 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
for (l = loader; l; l = l->l_loader)
if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
{
- fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs,
+ fd = open_path (name, namelen, mode & __RTLD_SECURE,
+ &l->l_rpath_dirs,
&realname, &fb, loader, LA_SER_RUNPATH,
&found_other_class);
if (fd != -1)
@@ -2082,14 +2083,15 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
&& main_map != NULL && main_map->l_type != lt_loaded
&& cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH,
"RPATH"))
- fd = open_path (name, namelen, preloaded, &main_map->l_rpath_dirs,
+ fd = open_path (name, namelen, mode & __RTLD_SECURE,
+ &main_map->l_rpath_dirs,
&realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
&found_other_class);
}
/* Try the LD_LIBRARY_PATH environment variable. */
if (fd == -1 && env_path_list.dirs != (void *) -1)
- fd = open_path (name, namelen, preloaded, &env_path_list,
+ fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list,
&realname, &fb,
loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded,
LA_SER_LIBPATH, &found_other_class);
@@ -2098,12 +2100,12 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
if (fd == -1 && loader != NULL
&& cache_rpath (loader, &loader->l_runpath_dirs,
DT_RUNPATH, "RUNPATH"))
- fd = open_path (name, namelen, preloaded,
+ fd = open_path (name, namelen, mode & __RTLD_SECURE,
&loader->l_runpath_dirs, &realname, &fb, loader,
LA_SER_RUNPATH, &found_other_class);
if (fd == -1
- && (__builtin_expect (! preloaded, 1)
+ && (__builtin_expect (! (mode & __RTLD_SECURE), 1)
|| ! INTUSE(__libc_enable_secure)))
{
/* Check the list of libraries in the file /etc/ld.so.cache,
@@ -2169,7 +2171,7 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
&& ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL
|| __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1))
&& rtld_search_dirs.dirs != (void *) -1)
- fd = open_path (name, namelen, preloaded, &rtld_search_dirs,
+ fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs,
&realname, &fb, l, LA_SER_DEFAULT, &found_other_class);
/* Add another newline when we are tracing the library loading. */
diff --git a/elf/dl-open.c b/elf/dl-open.c
index c394b3f..cf8e8cc 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -223,7 +223,7 @@ dl_open_worker (void *a)
/* Load the named object. */
struct link_map *new;
- args->map = new = _dl_map_object (call_map, file, 0, lt_loaded, 0,
+ args->map = new = _dl_map_object (call_map, file, lt_loaded, 0,
mode | __RTLD_CALLMAP, args->nsid);
/* If the pointer returned is NULL this means the RTLD_NOLOAD flag is
diff --git a/elf/rtld.c b/elf/rtld.c
index 5ecc4fe..06b534a 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -589,7 +589,6 @@ struct map_args
/* Argument to map_doit. */
char *str;
struct link_map *loader;
- int is_preloaded;
int mode;
/* Return value of map_doit. */
struct link_map *map;
@@ -627,16 +626,17 @@ static void
map_doit (void *a)
{
struct map_args *args = (struct map_args *) a;
- args->map = _dl_map_object (args->loader, args->str,
- args->is_preloaded, lt_library, 0, args->mode,
- LM_ID_BASE);
+ args->map = _dl_map_object (args->loader, args->str, lt_library, 0,
+ args->mode, LM_ID_BASE);
}
static void
dlmopen_doit (void *a)
{
struct dlmopen_args *args = (struct dlmopen_args *) a;
- args->map = _dl_open (args->fname, RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT,
+ args->map = _dl_open (args->fname,
+ (RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT
+ | __RTLD_SECURE),
dl_main, LM_ID_NEWLM, _dl_argc, INTUSE(_dl_argv),
__environ);
}
@@ -806,8 +806,7 @@ do_preload (char *fname, struct link_map *main_map, const char *where)
args.str = fname;
args.loader = main_map;
- args.is_preloaded = 1;
- args.mode = 0;
+ args.mode = __RTLD_SECURE;
unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded;
@@ -1054,7 +1053,6 @@ of this helper program; chances are you did not intend to run this program.\n\
args.str = rtld_progname;
args.loader = NULL;
- args.is_preloaded = 0;
args.mode = __RTLD_OPENEXEC;
(void) _dl_catch_error (&objname, &err_str, &malloced, map_doit,
&args);
@@ -1066,7 +1064,7 @@ of this helper program; chances are you did not intend to run this program.\n\
else
{
HP_TIMING_NOW (start);
- _dl_map_object (NULL, rtld_progname, 0, lt_library, 0,
+ _dl_map_object (NULL, rtld_progname, lt_library, 0,
__RTLD_OPENEXEC, LM_ID_BASE);
HP_TIMING_NOW (stop);
diff --git a/include/dlfcn.h b/include/dlfcn.h
index a67426d..af92483 100644
--- a/include/dlfcn.h
+++ b/include/dlfcn.h
@@ -9,6 +9,7 @@
#define __RTLD_OPENEXEC 0x20000000
#define __RTLD_CALLMAP 0x10000000
#define __RTLD_AUDIT 0x08000000
+#define __RTLD_SECURE 0x04000000 /* Apply additional security checks. */
#define __LM_ID_CALLER -2
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index fcc943b..fa4b6b2 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -824,11 +824,9 @@ extern void _dl_receive_error (receiver_fct fct, void (*operate) (void *),
/* Open the shared object NAME and map in its segments.
LOADER's DT_RPATH is used in searching for NAME.
- If the object is already opened, returns its existing map.
- For preloaded shared objects PRELOADED is set to a non-zero
- value to allow additional security checks. */
+ If the object is already opened, returns its existing map. */
extern struct link_map *_dl_map_object (struct link_map *loader,
- const char *name, int preloaded,
+ const char *name,
int type, int trace_mode, int mode,
Lmid_t nsid)
internal_function attribute_hidden;
--
1.7.2

26
core/glibc/glibc-2.12.2-ignore-origin-of-privileged-program.patch Normal file
View file

@ -0,0 +1,26 @@
From d14e6b09d60d52cc12f0396c3106b14e1bd0fe8f Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@redhat.com>
Date: Thu, 9 Dec 2010 15:00:59 +0100
Subject: [PATCH 1/1] Ignore origin of privileged program
---
ChangeLog | 5 +++++
elf/dl-object.c | 3 +++
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/elf/dl-object.c b/elf/dl-object.c
index 22a1635..7674d49 100644
--- a/elf/dl-object.c
+++ b/elf/dl-object.c
@@ -214,6 +214,9 @@ _dl_new_object (char *realname, const char *libname, int type,
out:
new->l_origin = origin;
}
+ else if (INTUSE(__libc_enable_secure) && type == lt_executable)
+ /* The origin of a privileged program cannot be trusted. */
+ new->l_origin = (char *) -1;
return new;
}
--
1.7.2

5
core/glibc/glibc.install
View file

@ -1,6 +1,5 @@
infodir=/usr/share/info infodir=usr/share/info
filelist=(libc.info libc.info-1 libc.info-2 libc.info-3 libc.info-4 libc.info-5 libc.info-6 libc.info-7 filelist=(libc.info{,-1,-2,-3,-4,-5,-6,-7,-8,-9,-10,-11})
libc.info-8 libc.info-9 libc.info-10 libc.info-11)
post_upgrade() { post_upgrade() {
sbin/ldconfig -r . sbin/ldconfig -r .