mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-18 22:54:00 +00:00
Updated toolchain to gcc 4.5.2/glibc 2.13
This commit is contained in:
parent
3d6c9250e6
commit
783d25b272
16 changed files with 187 additions and 533 deletions
|
@ -1,72 +1,84 @@
|
|||
# $Id: PKGBUILD 72655 2010-03-19 03:19:22Z allan $
|
||||
# $Id: PKGBUILD 106767 2011-01-19 00:42:04Z allan $
|
||||
# Maintainer: Allan McRae <allan@archlinux.org>
|
||||
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
|
||||
|
||||
noautobuild=1 # prevent plugbuild from autobuilding this package
|
||||
plugrel=1
|
||||
|
||||
# toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc
|
||||
|
||||
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
|
||||
# - Added a CONFIGFLAG for arm, defining our build host
|
||||
|
||||
plugrel=1
|
||||
noautobuild=1
|
||||
|
||||
pkgname=binutils
|
||||
pkgver=2.20.1
|
||||
pkgrel=1
|
||||
_date=20100318
|
||||
pkgver=2.21
|
||||
pkgrel=3
|
||||
_date=20101216
|
||||
pkgdesc="A set of programs to assemble and manipulate binary and object files"
|
||||
arch=('i686' 'x86_64')
|
||||
url="http://www.gnu.org/software/binutils/"
|
||||
license=('GPL')
|
||||
groups=('base')
|
||||
depends=('glibc>=2.11.1-2' 'zlib')
|
||||
depends=('glibc>=2.13' 'zlib')
|
||||
makedepends=('dejagnu')
|
||||
options=('!libtool' '!distcc' '!ccache')
|
||||
install=binutils.install
|
||||
source=(ftp://ftp.archlinux.org/other/${pkgname}/${pkgname}-${pkgver}_${_date}.tar.bz2)
|
||||
md5sums=('c153213a20a5075bd98d7f12fbd38a51')
|
||||
md5sums=('96a95d028ee86ca4347576c51d1ea1d4')
|
||||
|
||||
mksource() {
|
||||
mkdir ${pkgname}-${_date}
|
||||
cd ${pkgname}-${_date}
|
||||
export _TAG=binutils-2_20-branch
|
||||
export _TAG=binutils-2_21-branch
|
||||
export 'CVSROOT=:pserver:anoncvs@sourceware.org:/cvs/src'
|
||||
cvs -z9 co -r $_TAG binutils || return 1
|
||||
cd src && tar -cvjf ../../binutils-${pkgver}_${_date}.tar.bz2 *
|
||||
mv src binutils
|
||||
tar -cvjf ../binutils-${pkgver}_${_date}.tar.bz2 binutils/*
|
||||
}
|
||||
|
||||
build() {
|
||||
cd ${srcdir}
|
||||
mkdir build && cd build
|
||||
mkdir binutils-build && cd binutils-build
|
||||
|
||||
CC="gcc -L`pwd`/bfd/.libs/"
|
||||
if [ "${CARCH}" = "x86_64" ]; then
|
||||
../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-64-bit-bfd --disable-multilib
|
||||
else
|
||||
../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi
|
||||
fi
|
||||
# fix man files install path
|
||||
sed -i -e "s:mandir \= \/usr\/share:mandir \= ${pkgdir}\/usr\/share:" ${srcdir}/build/Makefile || return 1
|
||||
# fix info files install path
|
||||
sed -i -e "s:infodir \= \/usr\/share:infodir \= ${pkgdir}\/usr\/share:" ${srcdir}/build/Makefile || return 1
|
||||
[[ $CARCH == "x86_64" ]] && CONFIGFLAG="--enable-64-bit-bfd --disable-multilib"
|
||||
[[ $CARCH == "arm" ]] && CONFIGFLAG="--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi"
|
||||
|
||||
${srcdir}/binutils/configure --prefix=/usr \
|
||||
--enable-ld=default --enable-gold \
|
||||
--enable-plugins --enable-threads \
|
||||
--enable-shared $CONFIGFLAG
|
||||
|
||||
# This checks the host environment and makes sure all the necessary tools are available to compile Binutils.
|
||||
make configure-host || return 1
|
||||
make configure-host
|
||||
|
||||
make tooldir=${pkgdir}/usr || return 1
|
||||
make tooldir=${pkgdir}/usr
|
||||
|
||||
# do not abort on errors - manually check log files
|
||||
make -k -j1 check || true
|
||||
}
|
||||
|
||||
package() {
|
||||
cd ${srcdir}/binutils-build
|
||||
make prefix=${pkgdir}/usr tooldir=${pkgdir}/usr install
|
||||
install -m644 ${srcdir}/include/libiberty.h ${pkgdir}/usr/include
|
||||
|
||||
if [ "${CARCH}" = "x86_64" ]; then
|
||||
# Add some useful headers
|
||||
install -m644 ${srcdir}/binutils/include/libiberty.h ${pkgdir}/usr/include
|
||||
install -m644 ${srcdir}/binutils/include/demangle.h ${pkgdir}/usr/include
|
||||
|
||||
# Rebuild libiberty.a with -fPIC
|
||||
make -C libiberty clean
|
||||
make CFLAGS="$CFLAGS -fPIC" -C libiberty
|
||||
install -m644 libiberty/libiberty.a ${pkgdir}/usr/lib
|
||||
|
||||
# Rebuild libbfd.a with -fPIC
|
||||
make -C bfd clean
|
||||
make CFLAGS="$CFLAGS -fPIC" -C bfd
|
||||
# hidden visability prevent 3rd party shared libraries exporting bfd non-stable API
|
||||
make CFLAGS="$CFLAGS -fPIC -fvisibility=hidden" -C bfd
|
||||
install -m644 bfd/libbfd.a ${pkgdir}/usr/lib
|
||||
fi
|
||||
|
||||
# Remove Windows/Novell specific man pages
|
||||
rm -f ${pkgdir}/usr/share/man/man1/{dlltool,nlmconv,windres,windmc}*
|
||||
|
||||
# Remove these symlinks, with binutils prereleases they are not ABI stable.
|
||||
# Remove these symlinks, they are not ABI stable.
|
||||
# Programs should compile static to the .a file.
|
||||
rm -f ${pkgdir}/usr/lib/lib{bfd,opcodes}.so
|
||||
echo "INPUT ( /usr/lib/libbfd.a -liberty -lz )" >${pkgdir}/usr/lib/libbfd.so
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
infodir=/usr/share/info
|
||||
infodir=usr/share/info
|
||||
filelist=(as.info bfd.info binutils.info configure.info gprof.info ld.info standards.info)
|
||||
|
||||
post_upgrade() {
|
||||
|
|
|
@ -1,13 +1,15 @@
|
|||
# $Id: PKGBUILD 87235 2010-08-11 12:10:19Z allan $
|
||||
# $Id: PKGBUILD 104416 2011-01-02 12:23:31Z allan $
|
||||
# Maintainer: Allan McRae <allan@archlinux.org>
|
||||
# Contributor: ezzetabi <ezzetabi at gawab dot com>
|
||||
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
|
||||
|
||||
noautobuild=1 # prevent plugbuild from autobuilding this package
|
||||
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
|
||||
# - no changes, here just to maintain this version
|
||||
|
||||
plugrel=1
|
||||
noautobuild=1
|
||||
|
||||
pkgname=cloog-ppl
|
||||
pkgver=0.15.9
|
||||
pkgver=0.15.10
|
||||
pkgrel=2
|
||||
pkgdesc="Library that generates loops for scanning polyhedra"
|
||||
arch=('i686' 'x86_64')
|
||||
|
@ -16,15 +18,13 @@ license=('GPL')
|
|||
depends=('ppl>=0.11')
|
||||
options=('!libtool')
|
||||
source=(ftp://gcc.gnu.org/pub/gcc/infrastructure/${pkgname}-${pkgver}.tar.gz)
|
||||
md5sums=('806e001d1b1a6b130069ff6274900af5')
|
||||
md5sums=('04aa756179b6d850d9ffa50f61b91895')
|
||||
|
||||
build() {
|
||||
cd $srcdir/$pkgname-$pkgver
|
||||
|
||||
# "Add" ppl-0.11 compatibility
|
||||
sed -i "/ppl_minor_version=/s#10#11#" configure
|
||||
|
||||
./configure --prefix=/usr --infodir=/usr/share/info \
|
||||
./autogen.sh
|
||||
./configure --prefix=/usr --includedir=/usr/include/cloog-ppl \
|
||||
--with-bits=gmp --with-ppl=/usr
|
||||
make
|
||||
make check
|
||||
|
@ -33,4 +33,5 @@ build() {
|
|||
package() {
|
||||
cd $srcdir/$pkgname-$pkgver
|
||||
make DESTDIR=$pkgdir/ install
|
||||
mv $pkgdir/usr/bin/cloog{,-ppl}
|
||||
}
|
||||
|
|
|
@ -1,35 +1,39 @@
|
|||
# $Id: PKGBUILD 87242 2010-08-11 12:46:24Z allan $
|
||||
# Maintainer: Jan de Groot <jgc@archlinux.org>
|
||||
# $Id: PKGBUILD 106770 2011-01-19 00:45:20Z allan $
|
||||
# Maintainer: Allan McRae <allan@archlinux.org>
|
||||
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
|
||||
|
||||
noautobuild=1 # prevent plugbuild from autobuilding this package
|
||||
plugrel=1
|
||||
|
||||
# toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc
|
||||
# NOTE: libtool requires rebuilt with each new gcc version
|
||||
|
||||
# PlugApps: Kevin Mihelich
|
||||
# - removed ada, disabled checks at end of build, removed gnat (ada stuff) from gcc packaging, removed ada package
|
||||
# - CHOST in makepkg.conf must be set to arm-unknown-linux-gnueabi, or plan to fail
|
||||
# - disabled make check at the end of build(), too much stress, kills plugs :(
|
||||
|
||||
plugrel=1
|
||||
noautobuild=1
|
||||
|
||||
pkgname=('gcc' 'gcc-libs' 'gcc-fortran' 'gcc-objc')
|
||||
pkgver=4.5.1
|
||||
pkgrel=1
|
||||
#_snapshot=4.5-20100610
|
||||
_libstdcppmanver=20100719 # Note: check source directory name when updating this
|
||||
pkgver=4.5.2
|
||||
pkgrel=5
|
||||
#_snapshot=4.5.2-RC-20101208
|
||||
_libstdcppmanver=4.5.2 # Note: check source directory name when updating this
|
||||
pkgdesc="The GNU Compiler Collection"
|
||||
arch=('arm')
|
||||
arch=('i686' 'x86_64')
|
||||
license=('GPL' 'LGPL' 'custom')
|
||||
url="http://gcc.gnu.org"
|
||||
makedepends=('binutils>=2.20.1' 'libmpc>=0.8.2-2' 'cloog-ppl>=0.15.9-2' 'elfutils')
|
||||
makedepends=('binutils>=2.21' 'libmpc' 'cloog-ppl>=0.15.9-2' 'elfutils' 'dejagnu')
|
||||
options=('!libtool' '!emptydirs')
|
||||
source=(ftp://gcc.gnu.org/pub/gcc/releases/gcc-${pkgver}/gcc-{core,g++,fortran,objc}-${pkgver}.tar.bz2
|
||||
#ftp://gcc.gnu.org/pub/gcc/snapshots/${_snapshot}/gcc-{core,g++,fortran,objc}-${_snapshot}.tar.bz2
|
||||
ftp://gcc.gnu.org/pub/gcc/libstdc++/doxygen/libstdc++-api.${_libstdcppmanver}.man.tar.bz2
|
||||
source=(ftp://gcc.gnu.org/pub/gcc/releases/gcc-${pkgver}/gcc-{core,g++,fortran,objc,testsuite}-${pkgver}.tar.bz2
|
||||
#ftp://gcc.gnu.org/pub/gcc/snapshots/${_snapshot}/gcc-{core,g++,fortran,objc,ada,testsuite}-${_snapshot}.tar.bz2
|
||||
ftp://gcc.gnu.org/pub/gcc/libstdc++/doxygen/libstdc++-api-${_libstdcppmanver}.man.tar.bz2
|
||||
gcc_pure64.patch
|
||||
gcc-hash-style-both.patch)
|
||||
md5sums=('dc8959e31b01a65ce10d269614815054'
|
||||
'b294953ff0bb2f20c7acb2bf005d832a'
|
||||
'7567c2f8df8a8bf61b48fe414b88de65'
|
||||
'3c11b7037896e967eddf8178af2ddd98'
|
||||
'226ae0c6364cfe2c1f7ac88d06088d5a'
|
||||
md5sums=('aa9e36bec080452372bfba793428ee82'
|
||||
'9821f1c61e43755866861485ff364e90'
|
||||
'8cc545fda70085c78076d79e0e23962a'
|
||||
'3561c6585e9062105cc3591a8c39d7dc'
|
||||
'29ae615438aba0bd3384b94bac54c235'
|
||||
'2776eab5ebb7f9cc62dd2199a3a24382'
|
||||
'4030ee1c08dd1e843c0225b772360e76'
|
||||
'6fd395bacbd7b6e47c7b74854b478363')
|
||||
|
||||
|
@ -41,11 +45,6 @@ else
|
|||
fi
|
||||
|
||||
build() {
|
||||
if ! locale -a | grep ^de_DE > /dev/null; then
|
||||
echo "You need the de_DE locale to build gcc."
|
||||
return 1
|
||||
fi
|
||||
|
||||
cd ${_basedir}
|
||||
|
||||
# "Add" ppl-0.11 compatibility
|
||||
|
@ -58,33 +57,45 @@ build() {
|
|||
sed -i 's@\./fixinc\.sh@-c true@' gcc/Makefile.in
|
||||
|
||||
if [ "${CARCH}" = "x86_64" ]; then
|
||||
patch -Np1 -i ../gcc_pure64.patch
|
||||
patch -Np1 -i ${srcdir}/gcc_pure64.patch
|
||||
fi
|
||||
patch -Np0 -i ${srcdir}/gcc-hash-style-both.patch
|
||||
|
||||
echo ${pkgver} > gcc/BASE-VER
|
||||
|
||||
mkdir build && cd build
|
||||
../configure --prefix=/usr --enable-languages=c,c++,fortran,objc,obj-c++ \
|
||||
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi \
|
||||
cd ${srcdir}
|
||||
mkdir gcc-build && cd gcc-build
|
||||
${_basedir}/configure --prefix=/usr \
|
||||
--enable-languages=c,c++,fortran,objc,obj-c++ \
|
||||
--enable-shared --enable-threads=posix --enable-__cxa_atexit \
|
||||
--enable-clocale=gnu --enable-gnu-unique-object \
|
||||
--enable-lto --enable-plugin \
|
||||
--enable-gold --with-plugin-ld=ld.gold \
|
||||
--disable-multilib --disable-libstdcxx-pch \
|
||||
--with-system-zlib --with-ppl --with-cloog \
|
||||
--with-system-zlib --with-ppl \
|
||||
--with-cloog --with-cloog-include=/usr/include/cloog-ppl \
|
||||
--libdir=/usr/lib --libexecdir=/usr/lib \
|
||||
--mandir=/usr/share/man --infodir=/usr/share/info
|
||||
--mandir=/usr/share/man --infodir=/usr/share/info \
|
||||
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi
|
||||
make
|
||||
|
||||
# increase stack size to prevent test failures
|
||||
# http://gcc.gnu.org/bugzilla/show_bug.cgi?id=31827
|
||||
ulimit -s 32768
|
||||
|
||||
# do not abort on error as some are "expected"
|
||||
#make -k check || true
|
||||
#${_basedir}/contrib/test_summary
|
||||
}
|
||||
|
||||
package_gcc-libs()
|
||||
{
|
||||
pkgdesc="Runtime libraries shipped by GCC for C and C++ languages"
|
||||
pkgdesc="Runtime libraries shipped by GCC"
|
||||
groups=('base')
|
||||
depends=('glibc>=2.11.1-2')
|
||||
install=gcc-libs.install
|
||||
|
||||
cd ${_basedir}/build
|
||||
cd gcc-build
|
||||
make -j1 -C $CHOST/libgcc DESTDIR=${pkgdir} install-shared
|
||||
for lib in libmudflap libgomp libssp libstdc++-v3/src; do
|
||||
make -j1 -C $CHOST/$lib DESTDIR=${pkgdir} install-toolexeclibLTLIBRARIES
|
||||
|
@ -108,15 +119,16 @@ package_gcc-libs()
|
|||
|
||||
package_gcc()
|
||||
{
|
||||
pkgdesc="The GNU Compiler Collection - C and C++ frontends"
|
||||
depends=('binutils>=2.20.1' 'libmpc>=0.8.1-2' 'cloog-ppl>=0.15.9-2' 'elfutils')
|
||||
groups=('base-devel')
|
||||
install=gcc.install
|
||||
|
||||
cd ${_basedir}/build
|
||||
cd gcc-build
|
||||
|
||||
# much, much easier to install the lot and clean-up the mess
|
||||
make -j1 DESTDIR=${pkgdir} install
|
||||
rm -f $pkgdir/usr/bin/*gfortran
|
||||
rm -f $pkgdir/usr/bin/{*gfortran}
|
||||
rm -f $pkgdir/usr/lib/gcc/$CHOST/${pkgver}/{finclude,include/objc}/*
|
||||
rm -f $pkgdir/usr/lib/gcc/$CHOST/${pkgver}/{cc1obj{,plus},f951,libgfortranbegin.a}
|
||||
rm -f $pkgdir/usr/lib/{*.so*,lib{gfortran,objc}.a}
|
||||
|
@ -163,8 +175,6 @@ EOF
|
|||
install -dm755 ${pkgdir}/usr/share/man/man3
|
||||
install -m644 ${srcdir}/libstdc++-api-${_libstdcppmanver}.man/man3/* \
|
||||
${pkgdir}/usr/share/man/man3/
|
||||
# deal with conflicts...
|
||||
rm -f ${pkgdir}/usr/share/man/man3/{ctime,queue,random,regex,string}.3
|
||||
|
||||
# Install Runtime Library Exception
|
||||
install -Dm644 ${_basedir}/COPYING.RUNTIME \
|
||||
|
@ -177,7 +187,7 @@ package_gcc-fortran()
|
|||
depends=("gcc=$pkgver-$pkgrel")
|
||||
install=gcc-fortran.install
|
||||
|
||||
cd ${_basedir}/build
|
||||
cd gcc-build
|
||||
make -j1 DESTDIR=$pkgdir install-target-libgfortran
|
||||
make -j1 -C $CHOST/libgomp DESTDIR=$pkgdir install-nodist_fincludeHEADERS
|
||||
make -j1 -C gcc DESTDIR=$pkgdir fortran.install-{common,man,info}
|
||||
|
@ -196,7 +206,7 @@ package_gcc-objc()
|
|||
pkgdesc="Objective-C front-end for GCC"
|
||||
depends=("gcc=$pkgver-$pkgrel")
|
||||
|
||||
cd ${_basedir}/build
|
||||
cd gcc-build
|
||||
make -j1 DESTDIR=$pkgdir install-target-libobjc
|
||||
install -dm755 $pkgdir/usr/lib/gcc/$CHOST/$pkgver/
|
||||
install -m755 gcc/cc1obj{,plus} $pkgdir/usr/lib/gcc/$CHOST/$pkgver/
|
||||
|
@ -208,3 +218,5 @@ package_gcc-objc()
|
|||
install -Dm644 ${_basedir}/COPYING.RUNTIME \
|
||||
${pkgdir}/usr/share/licenses/gcc-objc/RUNTIME.LIBRARY.EXCEPTION
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
infodir=/usr/share/info
|
||||
infodir=usr/share/info
|
||||
filelist=(gnat-style.info gnat_rm.info gnat_ugn.info)
|
||||
|
||||
post_install() {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
infodir=/usr/share/info
|
||||
infodir=usr/share/info
|
||||
file="gfortran.info"
|
||||
|
||||
post_install() {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
infodir=/usr/share/info
|
||||
infodir=usr/share/info
|
||||
file="libgomp.info"
|
||||
|
||||
post_upgrade() {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
infodir=/usr/share/info
|
||||
infodir=usr/share/info
|
||||
filelist=(cpp.info cppinternals.info gcc.info gccinstall.info gccint.info)
|
||||
|
||||
post_install() {
|
||||
|
|
|
@ -1,26 +1,28 @@
|
|||
# $Id: PKGBUILD 97014 2010-10-26 01:24:43Z allan $
|
||||
# Maintainer: Jan de Groot <jgc@archlinux.org>
|
||||
# $Id: PKGBUILD 106764 2011-01-19 00:37:38Z allan $
|
||||
# Maintainer: Allan McRae <allan@archlinux.org>
|
||||
# PlugApps: Kevin Mihelich <kevin@plugapps.com>
|
||||
|
||||
noautobuild=1 # prevent plugbuild from autobuilding this package
|
||||
plugrel=1
|
||||
|
||||
# toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc
|
||||
# NOTE: valgrind requires rebuilt with each new glibc version
|
||||
|
||||
# PlugApps: Kevin Mihelich <kevin@mihelich>
|
||||
# - Added source file for glibc-ports-2.13, needed for building on ARM
|
||||
# - Symlink glibc-ports-2.13 source dir to ports dir in glibc directory
|
||||
# - Changed configure to enable ports add-on, specify our build host type
|
||||
|
||||
plugrel=1
|
||||
noautobuild=1
|
||||
|
||||
pkgname=glibc
|
||||
pkgver=2.12.1
|
||||
pkgrel=4
|
||||
_glibcdate=20101025
|
||||
pkgver=2.13
|
||||
pkgrel=1
|
||||
_glibcdate=20110117
|
||||
pkgdesc="GNU C Library"
|
||||
arch=('i686' 'x86_64')
|
||||
url="http://www.gnu.org/software/libc"
|
||||
license=('GPL' 'LGPL')
|
||||
groups=('base')
|
||||
depends=('linux-api-headers>=2.6.34' 'tzdata')
|
||||
depends=('linux-api-headers>=2.6.37' 'tzdata')
|
||||
makedepends=('gcc>=4.4')
|
||||
replaces=('glibc-xen')
|
||||
backup=(etc/locale.gen
|
||||
etc/nscd.conf)
|
||||
options=('!strip')
|
||||
|
@ -30,26 +32,18 @@ source=(ftp://ftp.archlinux.org/other/glibc/${pkgname}-${pkgver}_${_glibcdate}.t
|
|||
glibc-2.10-dont-build-timezone.patch
|
||||
glibc-2.10-bz4781.patch
|
||||
glibc-__i686.patch
|
||||
glibc-2.12.1-make-3.82-compatibility.patch
|
||||
glibc-2.12.1-static-shared-getpagesize.patch
|
||||
glibc-2.12.1-but-I-am-an-i686.patch
|
||||
glibc-2.12.1-fix-IPTOS_CLASS-definition.patch
|
||||
glibc-2.12.1-never-expand-origin-when-privileged.patch
|
||||
glibc-2.12.1-require-suid-on-audit.patch
|
||||
glibc-2.12.2-ignore-origin-of-privileged-program.patch
|
||||
nscd
|
||||
locale.gen.txt
|
||||
locale-gen)
|
||||
md5sums=('b12192eff7306f2a6e919641b847e7cf'
|
||||
'd3311554368849da08dc16f6c535f097'
|
||||
md5sums=('b7b17d9c6b5b71b5e5322e04ca63c190'
|
||||
'8ceda1d0006820cda04a9087aabc5eca'
|
||||
'4dadb9203b69a3210d53514bb46f41c3'
|
||||
'0c5540efc51c0b93996c51b57a8540ae'
|
||||
'40cd342e21f71f5e49e32622b25acc52'
|
||||
'1deecaa78c0909f7175732da2af796b5'
|
||||
'a3ac6f318d680347bb6e2805d42b73b2'
|
||||
'de17165e3fa721c4e056dacfc9ee1e52'
|
||||
'fdc0908c9971fcf9b32e1185954b6eeb'
|
||||
'e154dbe21d4e24968ab257ffd9c106f2'
|
||||
'bbc99319ad78fe9eb1ac217efc770ac6'
|
||||
'b042647ea7d6f22ad319e12e796bd13e'
|
||||
'b587ee3a70c9b3713099295609afde49'
|
||||
'07ac979b6ab5eeb778d55f041529d623'
|
||||
'476e9113489f93b348b21e144b6a8fcf')
|
||||
|
@ -57,7 +51,9 @@ md5sums=('b12192eff7306f2a6e919641b847e7cf'
|
|||
mksource() {
|
||||
git clone git://sourceware.org/git/glibc.git
|
||||
pushd glibc
|
||||
git checkout -b glibc-2.12-arch origin/release/2.12/master
|
||||
# glibc-2.13 has been tagged but not branched yet
|
||||
git checkout -b glibc-2.13-arch origin/master || return 1
|
||||
#git checkout -b glibc-2.13-arch origin/release/2.13/master || return 1
|
||||
popd
|
||||
tar -cvJf glibc-${pkgver}_${_glibcdate}.tar.xz glibc/*
|
||||
}
|
||||
|
@ -76,31 +72,23 @@ build() {
|
|||
# http://sourceware.org/ml/libc-alpha/2009-07/msg00072.html
|
||||
patch -Np1 -i ${srcdir}/glibc-__i686.patch
|
||||
|
||||
# http://sourceware.org/git/?p=glibc.git;a=patch;h=32cf4069
|
||||
patch -Np1 -i ${srcdir}/glibc-2.12.1-make-3.82-compatibility.patch
|
||||
|
||||
# http://sourceware.org/bugzilla/show_bug.cgi?id=11929
|
||||
# using Fedora "fix" as patch in that bug report causes breakages...
|
||||
patch -Np1 -i ${srcdir}/glibc-2.12.1-static-shared-getpagesize.patch
|
||||
|
||||
# fedora "fix" for excess linker optimization on i686
|
||||
# proper fix will be in binutils-2.21
|
||||
patch -Np1 -i ${srcdir}/glibc-2.12.1-but-I-am-an-i686.patch
|
||||
|
||||
# http://www.exploit-db.com/exploits/15274/
|
||||
# http://sourceware.org/git/?p=glibc.git;a=patch;h=2232b90f (only fedora branch...)
|
||||
patch -Np1 -i ${srcdir}/glibc-2.12.1-never-expand-origin-when-privileged.patch
|
||||
# http://sourceware.org/git/?p=glibc.git;a=patch;h=d14e6b09 (only fedora branch...)
|
||||
patch -Np1 -i ${srcdir}/glibc-2.12.2-ignore-origin-of-privileged-program.patch
|
||||
|
||||
# http://www.exploit-db.com/exploits/15304/
|
||||
# http://sourceware.org/git/?p=glibc.git;a=patch;h=8e9f92e9
|
||||
patch -Np1 -i ${srcdir}/glibc-2.12.1-require-suid-on-audit.patch
|
||||
|
||||
# http://sources.redhat.com/git/?p=glibc.git;a=patch;h=15bac72b
|
||||
patch -Np1 -i ${srcdir}/glibc-2.12.1-fix-IPTOS_CLASS-definition.patch
|
||||
# http://sourceware.org/bugzilla/show_bug.cgi?id=12403
|
||||
if [[ $CARCH == "x86_64" ]]; then
|
||||
sed -i '/__ASSUME_PRIVATE_FUTEX/d' $srcdir/glibc/sysdeps/unix/sysv/linux/kernel-features.h
|
||||
fi
|
||||
|
||||
install -dm755 ${pkgdir}/etc
|
||||
touch ${pkgdir}/etc/ld.so.conf
|
||||
|
||||
cd ${srcdir}
|
||||
mkdir glibc-build
|
||||
cd glibc-build
|
||||
|
||||
|
@ -111,25 +99,28 @@ build() {
|
|||
|
||||
echo "slibdir=/lib" >> configparms
|
||||
|
||||
../configure --prefix=/usr \
|
||||
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi \
|
||||
--enable-add-ons=nptl,libidn,ports --without-cvs \
|
||||
--enable-kernel=2.6.36 --disable-profile \
|
||||
--with-headers=/usr/include --libexecdir=/usr/lib \
|
||||
--enable-bind-now --with-tls --with-__thread \
|
||||
--libdir=/usr/lib --without-gd --disable-multi-arch
|
||||
${srcdir}/glibc/configure --prefix=/usr \
|
||||
--libdir=/usr/lib --libexecdir=/usr/lib \
|
||||
--with-headers=/usr/include \
|
||||
--enable-add-ons=nptl,libidn,ports \
|
||||
--enable-kernel=2.6.27 \
|
||||
--with-tls --with-__thread \
|
||||
--enable-bind-now --without-gd \
|
||||
--without-cvs --disable-profile \
|
||||
--host=arm-unknown-linux-gnueabi --build=arm-unknown-linux-gnueabi
|
||||
|
||||
make
|
||||
|
||||
# --disable-multi-arch \
|
||||
# some errors are expected - manually check log files
|
||||
make -k check || true
|
||||
}
|
||||
|
||||
package() {
|
||||
cd ${srcdir}/glibc/glibc-build
|
||||
cd ${srcdir}/glibc-build
|
||||
make install_root=${pkgdir} install
|
||||
|
||||
# provided by kernel-headers
|
||||
rm ${pkgdir}/usr/include/scsi/scsi.h
|
||||
|
||||
rm ${pkgdir}/etc/ld.so.conf
|
||||
rm ${pkgdir}/etc/ld.so.{cache,conf}
|
||||
|
||||
install -dm755 ${pkgdir}/etc/rc.d
|
||||
install -dm755 ${pkgdir}/usr/sbin
|
||||
|
@ -137,6 +128,7 @@ package() {
|
|||
install -m644 ${srcdir}/glibc/nscd/nscd.conf ${pkgdir}/etc/nscd.conf
|
||||
install -m755 ${srcdir}/nscd ${pkgdir}/etc/rc.d/nscd
|
||||
install -m755 ${srcdir}/locale-gen ${pkgdir}/usr/sbin
|
||||
install -m644 ${srcdir}/glibc/posix/gai.conf ${pkgdir}/etc/gai.conf
|
||||
|
||||
sed -i -e 's/^\tserver-user/#\tserver-user/' ${pkgdir}/etc/nscd.conf
|
||||
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
--- glibc-2.12-62-gb08c89d/sysdeps/i386/i686/Makefile
|
||||
+++ glibc-2.12.90-6/sysdeps/i386/i686/Makefile
|
||||
@@ -9,19 +9,3 @@ stack-align-test-flags += -msse
|
||||
ifeq ($(subdir),string)
|
||||
sysdep_routines += cacheinfo
|
||||
endif
|
||||
-
|
||||
-ifeq (yes,$(config-asflags-i686))
|
||||
-CFLAGS-.o += -Wa,-mtune=i686
|
||||
-CFLAGS-.os += -Wa,-mtune=i686
|
||||
-CFLAGS-.op += -Wa,-mtune=i686
|
||||
-CFLAGS-.og += -Wa,-mtune=i686
|
||||
-CFLAGS-.ob += -Wa,-mtune=i686
|
||||
-CFLAGS-.oS += -Wa,-mtune=i686
|
||||
-
|
||||
-ASFLAGS-.o += -Wa,-mtune=i686
|
||||
-ASFLAGS-.os += -Wa,-mtune=i686
|
||||
-ASFLAGS-.op += -Wa,-mtune=i686
|
||||
-ASFLAGS-.og += -Wa,-mtune=i686
|
||||
-ASFLAGS-.ob += -Wa,-mtune=i686
|
||||
-ASFLAGS-.oS += -Wa,-mtune=i686
|
||||
-endif
|
|
@ -1,34 +0,0 @@
|
|||
From 15bac72bac03faeb3b725b1d208c62160f0c3ad7 Mon Sep 17 00:00:00 2001
|
||||
From: Ulrich Drepper <drepper@redhat.com>
|
||||
Date: Wed, 11 Aug 2010 07:44:03 -0700
|
||||
Subject: [PATCH] Fix IPTOS_CLASS definition.
|
||||
|
||||
---
|
||||
ChangeLog | 4 ++++
|
||||
NEWS | 4 ++--
|
||||
sysdeps/generic/netinet/ip.h | 5 ++---
|
||||
3 files changed, 8 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/sysdeps/generic/netinet/ip.h b/sysdeps/generic/netinet/ip.h
|
||||
index a837b98..4955fee 100644
|
||||
--- a/sysdeps/generic/netinet/ip.h
|
||||
+++ b/sysdeps/generic/netinet/ip.h
|
||||
@@ -1,5 +1,4 @@
|
||||
-/* Copyright (C) 1991,92,93,95,96,97,98,99,2000,2009 Free Software
|
||||
- Foundation, Inc.
|
||||
+/* Copyright (C) 1991-1993,1995-2000,2009,2010 Free Software Foundation, Inc.
|
||||
This file is part of the GNU C Library.
|
||||
|
||||
The GNU C Library is free software; you can redistribute it and/or
|
||||
@@ -194,7 +193,7 @@ struct ip_timestamp
|
||||
*/
|
||||
|
||||
#define IPTOS_CLASS_MASK 0xe0
|
||||
-#define IPTOS_CLASS(class) ((tos) & IPTOS_CLASS_MASK)
|
||||
+#define IPTOS_CLASS(class) ((class) & IPTOS_CLASS_MASK)
|
||||
#define IPTOS_CLASS_CS0 0x00
|
||||
#define IPTOS_CLASS_CS1 0x20
|
||||
#define IPTOS_CLASS_CS2 0x40
|
||||
--
|
||||
1.7.2
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
From 32cf40699346d37fabfa887bbd95e95004799ae1 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schwab <schwab@redhat.com>
|
||||
Date: Mon, 6 Sep 2010 14:55:59 +0200
|
||||
Subject: [PATCH 1/1] Don't mix pattern rules with normal rules
|
||||
|
||||
---
|
||||
ChangeLog | 4 ++++
|
||||
manual/Makefile | 5 ++++-
|
||||
2 files changed, 8 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/manual/Makefile b/manual/Makefile
|
||||
index c5866eb..b1f5fa7 100644
|
||||
--- a/manual/Makefile
|
||||
+++ b/manual/Makefile
|
||||
@@ -232,7 +232,10 @@ ifdef objpfx
|
||||
.PHONY: stubs
|
||||
stubs: $(objpfx)stubs
|
||||
endif
|
||||
-$(objpfx)stubs ../po/manual.pot $(objpfx)stamp%:
|
||||
+$(objpfx)stubs ../po/manual.pot:
|
||||
+ $(make-target-directory)
|
||||
+ touch $@
|
||||
+$(objpfx)stamp%:
|
||||
$(make-target-directory)
|
||||
touch $@
|
||||
|
||||
--
|
||||
1.7.2
|
||||
|
|
@ -1,85 +0,0 @@
|
|||
From 2232b90f0bd3a41b4d63cac98a5b60abbfaccd46 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schwab <schwab@redhat.com>
|
||||
Date: Mon, 18 Oct 2010 11:46:00 +0200
|
||||
Subject: [PATCH] Never expand $ORIGIN in privileged programs
|
||||
|
||||
---
|
||||
ChangeLog | 6 ++++++
|
||||
elf/dl-load.c | 30 +++++++++++++-----------------
|
||||
2 files changed, 19 insertions(+), 17 deletions(-)
|
||||
|
||||
diff --git a/elf/dl-load.c b/elf/dl-load.c
|
||||
index 0adddf5..1cc6f25 100644
|
||||
--- a/elf/dl-load.c
|
||||
+++ b/elf/dl-load.c
|
||||
@@ -169,8 +169,7 @@ local_strdup (const char *s)
|
||||
|
||||
|
||||
static size_t
|
||||
-is_dst (const char *start, const char *name, const char *str,
|
||||
- int is_path, int secure)
|
||||
+is_dst (const char *start, const char *name, const char *str, int is_path)
|
||||
{
|
||||
size_t len;
|
||||
bool is_curly = false;
|
||||
@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
|
||||
&& (!is_path || name[len] != ':'))
|
||||
return 0;
|
||||
|
||||
- if (__builtin_expect (secure, 0)
|
||||
- && ((name[len] != '\0' && (!is_path || name[len] != ':'))
|
||||
- || (name != start + 1 && (!is_path || name[-2] != ':'))))
|
||||
- return 0;
|
||||
-
|
||||
return len;
|
||||
}
|
||||
|
||||
@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
|
||||
{
|
||||
size_t len;
|
||||
|
||||
- /* $ORIGIN is not expanded for SUID/GUID programs (except if it
|
||||
- is $ORIGIN alone) and it must always appear first in path. */
|
||||
+ /* $ORIGIN is not expanded for SUID/GUID programs. */
|
||||
++name;
|
||||
- if ((len = is_dst (start, name, "ORIGIN", is_path,
|
||||
- INTUSE(__libc_enable_secure))) != 0
|
||||
- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
|
||||
- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
|
||||
+ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
|
||||
+ && !INTUSE(__libc_enable_secure))
|
||||
+ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
|
||||
+ || (len = is_dst (start, name, "LIB", is_path)) != 0)
|
||||
++cnt;
|
||||
|
||||
name = strchr (name + len, '$');
|
||||
@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
|
||||
size_t len;
|
||||
|
||||
++name;
|
||||
- if ((len = is_dst (start, name, "ORIGIN", is_path,
|
||||
- INTUSE(__libc_enable_secure))) != 0)
|
||||
+ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
|
||||
{
|
||||
+ /* Ignore this path element in SUID/SGID programs. */
|
||||
+ if (INTUSE(__libc_enable_secure))
|
||||
+ repl = (const char *) -1;
|
||||
+ else
|
||||
#ifndef SHARED
|
||||
if (l == NULL)
|
||||
repl = _dl_get_origin ();
|
||||
@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
|
||||
#endif
|
||||
repl = l->l_origin;
|
||||
}
|
||||
- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
|
||||
+ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
|
||||
repl = GLRO(dl_platform);
|
||||
- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
|
||||
+ else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
|
||||
repl = DL_DST_LIB;
|
||||
|
||||
if (repl != NULL && repl != (const char *) -1)
|
||||
--
|
||||
1.7.2
|
||||
|
|
@ -1,218 +0,0 @@
|
|||
From 8e9f92e9d5d7737afdacf79b76d98c4c42980508 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schwab <schwab@redhat.com>
|
||||
Date: Sun, 24 Oct 2010 21:43:15 -0400
|
||||
Subject: [PATCH 1/1] Require suid bit on audit objects in privileged programs
|
||||
|
||||
---
|
||||
ChangeLog | 15 +++++++++++++++
|
||||
elf/dl-deps.c | 2 +-
|
||||
elf/dl-load.c | 20 +++++++++++---------
|
||||
elf/dl-open.c | 2 +-
|
||||
elf/rtld.c | 16 +++++++---------
|
||||
include/dlfcn.h | 1 +
|
||||
sysdeps/generic/ldsodefs.h | 6 ++----
|
||||
7 files changed, 38 insertions(+), 24 deletions(-)
|
||||
|
||||
diff --git a/elf/dl-deps.c b/elf/dl-deps.c
|
||||
index a58de5c..a51fb6e 100644
|
||||
--- a/elf/dl-deps.c
|
||||
+++ b/elf/dl-deps.c
|
||||
@@ -62,7 +62,7 @@ openaux (void *a)
|
||||
{
|
||||
struct openaux_args *args = (struct openaux_args *) a;
|
||||
|
||||
- args->aux = _dl_map_object (args->map, args->name, 0,
|
||||
+ args->aux = _dl_map_object (args->map, args->name,
|
||||
(args->map->l_type == lt_executable
|
||||
? lt_library : args->map->l_type),
|
||||
args->trace_mode, args->open_mode,
|
||||
diff --git a/elf/dl-load.c b/elf/dl-load.c
|
||||
index a7162eb..aa8738f 100644
|
||||
--- a/elf/dl-load.c
|
||||
+++ b/elf/dl-load.c
|
||||
@@ -1812,7 +1812,7 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
|
||||
if MAY_FREE_DIRS is true. */
|
||||
|
||||
static int
|
||||
-open_path (const char *name, size_t namelen, int preloaded,
|
||||
+open_path (const char *name, size_t namelen, int secure,
|
||||
struct r_search_path_struct *sps, char **realname,
|
||||
struct filebuf *fbp, struct link_map *loader, int whatcode,
|
||||
bool *found_other_class)
|
||||
@@ -1894,7 +1894,7 @@ open_path (const char *name, size_t namelen, int preloaded,
|
||||
/* Remember whether we found any existing directory. */
|
||||
here_any |= this_dir->status[cnt] != nonexisting;
|
||||
|
||||
- if (fd != -1 && __builtin_expect (preloaded, 0)
|
||||
+ if (fd != -1 && __builtin_expect (secure, 0)
|
||||
&& INTUSE(__libc_enable_secure))
|
||||
{
|
||||
/* This is an extra security effort to make sure nobody can
|
||||
@@ -1963,7 +1963,7 @@ open_path (const char *name, size_t namelen, int preloaded,
|
||||
|
||||
struct link_map *
|
||||
internal_function
|
||||
-_dl_map_object (struct link_map *loader, const char *name, int preloaded,
|
||||
+_dl_map_object (struct link_map *loader, const char *name,
|
||||
int type, int trace_mode, int mode, Lmid_t nsid)
|
||||
{
|
||||
int fd;
|
||||
@@ -2067,7 +2067,8 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
|
||||
for (l = loader; l; l = l->l_loader)
|
||||
if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
|
||||
{
|
||||
- fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs,
|
||||
+ fd = open_path (name, namelen, mode & __RTLD_SECURE,
|
||||
+ &l->l_rpath_dirs,
|
||||
&realname, &fb, loader, LA_SER_RUNPATH,
|
||||
&found_other_class);
|
||||
if (fd != -1)
|
||||
@@ -2082,14 +2083,15 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
|
||||
&& main_map != NULL && main_map->l_type != lt_loaded
|
||||
&& cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH,
|
||||
"RPATH"))
|
||||
- fd = open_path (name, namelen, preloaded, &main_map->l_rpath_dirs,
|
||||
+ fd = open_path (name, namelen, mode & __RTLD_SECURE,
|
||||
+ &main_map->l_rpath_dirs,
|
||||
&realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
|
||||
&found_other_class);
|
||||
}
|
||||
|
||||
/* Try the LD_LIBRARY_PATH environment variable. */
|
||||
if (fd == -1 && env_path_list.dirs != (void *) -1)
|
||||
- fd = open_path (name, namelen, preloaded, &env_path_list,
|
||||
+ fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list,
|
||||
&realname, &fb,
|
||||
loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded,
|
||||
LA_SER_LIBPATH, &found_other_class);
|
||||
@@ -2098,12 +2100,12 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
|
||||
if (fd == -1 && loader != NULL
|
||||
&& cache_rpath (loader, &loader->l_runpath_dirs,
|
||||
DT_RUNPATH, "RUNPATH"))
|
||||
- fd = open_path (name, namelen, preloaded,
|
||||
+ fd = open_path (name, namelen, mode & __RTLD_SECURE,
|
||||
&loader->l_runpath_dirs, &realname, &fb, loader,
|
||||
LA_SER_RUNPATH, &found_other_class);
|
||||
|
||||
if (fd == -1
|
||||
- && (__builtin_expect (! preloaded, 1)
|
||||
+ && (__builtin_expect (! (mode & __RTLD_SECURE), 1)
|
||||
|| ! INTUSE(__libc_enable_secure)))
|
||||
{
|
||||
/* Check the list of libraries in the file /etc/ld.so.cache,
|
||||
@@ -2169,7 +2171,7 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
|
||||
&& ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL
|
||||
|| __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1))
|
||||
&& rtld_search_dirs.dirs != (void *) -1)
|
||||
- fd = open_path (name, namelen, preloaded, &rtld_search_dirs,
|
||||
+ fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs,
|
||||
&realname, &fb, l, LA_SER_DEFAULT, &found_other_class);
|
||||
|
||||
/* Add another newline when we are tracing the library loading. */
|
||||
diff --git a/elf/dl-open.c b/elf/dl-open.c
|
||||
index c394b3f..cf8e8cc 100644
|
||||
--- a/elf/dl-open.c
|
||||
+++ b/elf/dl-open.c
|
||||
@@ -223,7 +223,7 @@ dl_open_worker (void *a)
|
||||
|
||||
/* Load the named object. */
|
||||
struct link_map *new;
|
||||
- args->map = new = _dl_map_object (call_map, file, 0, lt_loaded, 0,
|
||||
+ args->map = new = _dl_map_object (call_map, file, lt_loaded, 0,
|
||||
mode | __RTLD_CALLMAP, args->nsid);
|
||||
|
||||
/* If the pointer returned is NULL this means the RTLD_NOLOAD flag is
|
||||
diff --git a/elf/rtld.c b/elf/rtld.c
|
||||
index 5ecc4fe..06b534a 100644
|
||||
--- a/elf/rtld.c
|
||||
+++ b/elf/rtld.c
|
||||
@@ -589,7 +589,6 @@ struct map_args
|
||||
/* Argument to map_doit. */
|
||||
char *str;
|
||||
struct link_map *loader;
|
||||
- int is_preloaded;
|
||||
int mode;
|
||||
/* Return value of map_doit. */
|
||||
struct link_map *map;
|
||||
@@ -627,16 +626,17 @@ static void
|
||||
map_doit (void *a)
|
||||
{
|
||||
struct map_args *args = (struct map_args *) a;
|
||||
- args->map = _dl_map_object (args->loader, args->str,
|
||||
- args->is_preloaded, lt_library, 0, args->mode,
|
||||
- LM_ID_BASE);
|
||||
+ args->map = _dl_map_object (args->loader, args->str, lt_library, 0,
|
||||
+ args->mode, LM_ID_BASE);
|
||||
}
|
||||
|
||||
static void
|
||||
dlmopen_doit (void *a)
|
||||
{
|
||||
struct dlmopen_args *args = (struct dlmopen_args *) a;
|
||||
- args->map = _dl_open (args->fname, RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT,
|
||||
+ args->map = _dl_open (args->fname,
|
||||
+ (RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT
|
||||
+ | __RTLD_SECURE),
|
||||
dl_main, LM_ID_NEWLM, _dl_argc, INTUSE(_dl_argv),
|
||||
__environ);
|
||||
}
|
||||
@@ -806,8 +806,7 @@ do_preload (char *fname, struct link_map *main_map, const char *where)
|
||||
|
||||
args.str = fname;
|
||||
args.loader = main_map;
|
||||
- args.is_preloaded = 1;
|
||||
- args.mode = 0;
|
||||
+ args.mode = __RTLD_SECURE;
|
||||
|
||||
unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded;
|
||||
|
||||
@@ -1054,7 +1053,6 @@ of this helper program; chances are you did not intend to run this program.\n\
|
||||
|
||||
args.str = rtld_progname;
|
||||
args.loader = NULL;
|
||||
- args.is_preloaded = 0;
|
||||
args.mode = __RTLD_OPENEXEC;
|
||||
(void) _dl_catch_error (&objname, &err_str, &malloced, map_doit,
|
||||
&args);
|
||||
@@ -1066,7 +1064,7 @@ of this helper program; chances are you did not intend to run this program.\n\
|
||||
else
|
||||
{
|
||||
HP_TIMING_NOW (start);
|
||||
- _dl_map_object (NULL, rtld_progname, 0, lt_library, 0,
|
||||
+ _dl_map_object (NULL, rtld_progname, lt_library, 0,
|
||||
__RTLD_OPENEXEC, LM_ID_BASE);
|
||||
HP_TIMING_NOW (stop);
|
||||
|
||||
diff --git a/include/dlfcn.h b/include/dlfcn.h
|
||||
index a67426d..af92483 100644
|
||||
--- a/include/dlfcn.h
|
||||
+++ b/include/dlfcn.h
|
||||
@@ -9,6 +9,7 @@
|
||||
#define __RTLD_OPENEXEC 0x20000000
|
||||
#define __RTLD_CALLMAP 0x10000000
|
||||
#define __RTLD_AUDIT 0x08000000
|
||||
+#define __RTLD_SECURE 0x04000000 /* Apply additional security checks. */
|
||||
|
||||
#define __LM_ID_CALLER -2
|
||||
|
||||
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
|
||||
index fcc943b..fa4b6b2 100644
|
||||
--- a/sysdeps/generic/ldsodefs.h
|
||||
+++ b/sysdeps/generic/ldsodefs.h
|
||||
@@ -824,11 +824,9 @@ extern void _dl_receive_error (receiver_fct fct, void (*operate) (void *),
|
||||
|
||||
/* Open the shared object NAME and map in its segments.
|
||||
LOADER's DT_RPATH is used in searching for NAME.
|
||||
- If the object is already opened, returns its existing map.
|
||||
- For preloaded shared objects PRELOADED is set to a non-zero
|
||||
- value to allow additional security checks. */
|
||||
+ If the object is already opened, returns its existing map. */
|
||||
extern struct link_map *_dl_map_object (struct link_map *loader,
|
||||
- const char *name, int preloaded,
|
||||
+ const char *name,
|
||||
int type, int trace_mode, int mode,
|
||||
Lmid_t nsid)
|
||||
internal_function attribute_hidden;
|
||||
--
|
||||
1.7.2
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
From d14e6b09d60d52cc12f0396c3106b14e1bd0fe8f Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schwab <schwab@redhat.com>
|
||||
Date: Thu, 9 Dec 2010 15:00:59 +0100
|
||||
Subject: [PATCH 1/1] Ignore origin of privileged program
|
||||
|
||||
---
|
||||
ChangeLog | 5 +++++
|
||||
elf/dl-object.c | 3 +++
|
||||
2 files changed, 8 insertions(+), 0 deletions(-)
|
||||
|
||||
diff --git a/elf/dl-object.c b/elf/dl-object.c
|
||||
index 22a1635..7674d49 100644
|
||||
--- a/elf/dl-object.c
|
||||
+++ b/elf/dl-object.c
|
||||
@@ -214,6 +214,9 @@ _dl_new_object (char *realname, const char *libname, int type,
|
||||
out:
|
||||
new->l_origin = origin;
|
||||
}
|
||||
+ else if (INTUSE(__libc_enable_secure) && type == lt_executable)
|
||||
+ /* The origin of a privileged program cannot be trusted. */
|
||||
+ new->l_origin = (char *) -1;
|
||||
|
||||
return new;
|
||||
}
|
||||
--
|
||||
1.7.2
|
|
@ -1,6 +1,5 @@
|
|||
infodir=/usr/share/info
|
||||
filelist=(libc.info libc.info-1 libc.info-2 libc.info-3 libc.info-4 libc.info-5 libc.info-6 libc.info-7
|
||||
libc.info-8 libc.info-9 libc.info-10 libc.info-11)
|
||||
infodir=usr/share/info
|
||||
filelist=(libc.info{,-1,-2,-3,-4,-5,-6,-7,-8,-9,-10,-11})
|
||||
|
||||
post_upgrade() {
|
||||
sbin/ldconfig -r .
|
||||
|
|
Loading…
Reference in a new issue