diff options
Diffstat (limited to 'sys-libs/glibc')
42 files changed, 10943 insertions, 0 deletions
diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest new file mode 100644 index 0000000..6129ea1 --- /dev/null +++ b/sys-libs/glibc/Manifest @@ -0,0 +1,58 @@ +DIST glibc-2.10.1-patches-7.tar.bz2 113612 SHA256 6c94493e08c13072c94c967f55b659e6c950ec470c9677c43cfab10e24a88370 SHA512 6f1d575273ee354e6b9fb85d1a25b660e52fc77ed50bbe0a2c25f60d4ad11ed4560b27358d1b7a5412d5f1fafac2dd83b7ce5b1420205ef2d4906e4c99b610ba WHIRLPOOL 70efe90ab258bf15cf6c0b2ec826aacf25d4cab0d0e09b8883ecfdc34bdc54072bcd3330dd622b8f12ee6a1c74928ecd022e844a351717b53397f056b376992a +DIST glibc-2.10.1.tar.bz2 16106243 SHA256 cbad3e637eab613184405a87a2bf08a41991a0e512a3ced60d120effc73de667 SHA512 3933f69884862b38999b25af60b66c3d887bb022a26bf72e69ca17f2733e37017329d085b4ebca56dfad265906748b83535ccc41df034a867d76a62025c86df2 WHIRLPOOL afffcf139b78643822e6c89f6d6748161bd8c9043e5337d7b057fcedc4ba4e07572c6548c0288bd1bac10bdb63bf69c5eee1047750511ed814c150179ec34f8c +DIST glibc-2.11.3-patches-3.tar.bz2 112513 SHA256 e3b3a256151d86fec9a2625f29ea1486a3e770a0df8e5a803f4914da50e582e7 SHA512 a6f980c91e4fa40ec466cabdc666ccdf78b017f16d2e454d6b3bdbdbe32ad4ae316b9f8f5865ea8f0aeb5081319793fa569029f5aca536f40ce82dc1df629b67 WHIRLPOOL 58b10e2aa5691ada1f504ca192329cef8ac0babb98d21bc54436c7b0218979703aa3f525611b8016a11dbf9551b3bc443e5a17c49481518709322c01fda0b5b1 +DIST glibc-2.11.3.tar.bz2 15667797 SHA256 9c10538262c13018910721b8160e6caf65ba38ca2750c5710bd220e44d696afa SHA512 aaf344a50f40c08811da17434579f93856b129ee751eded66ac2136ce42d7cb58bfc3d4249c1b3ffc5154715d95cb5fd6b12bc6b83eb99be6718403af0184109 WHIRLPOOL d74d7266ae03bd7a6caf2edb3c2e15e242557a35fee91f7a141f0f612cfffb5c42f45bbf3291cbff26a14ee6d29c8ac87e7653d9e8556b16b7893e4cc6c01bf5 +DIST glibc-2.12.1-patches-8.tar.bz2 112063 SHA256 564fe8d9dbf80763c32eca13129ecc69aa276eb8364fe15b400d0cf0cbbf7085 SHA512 688f27a6d049007d51377210c64d94e341b6e8ccfe94b4dd93b57f3a2eec852c87fb8282b67895ac4a86c269514ed58592994dcf0dea7238f1d22157f99f6443 WHIRLPOOL 2a88d6a2ce9fae1106a4753809202815f6ccb8d5e7ace4b77bebcf709f8619e63985f6ecef75f3ffbaefa24d080746d2523bc23b0c0a5f08a160f0b23bfbf7ce +DIST glibc-2.12.1.tar.bz2 15667516 SHA256 759f115c52bc12c5bb453af559dcd456d32138250b7cc96e47804e3d0ec97407 SHA512 e01eaf0c93b20549e159adf7e838458216245c6781d225de908804b275a967712d4f4dfe5b5aefc3e16b75a8593f2aba2f7bc287c89a6c39c9e929cd228766d1 WHIRLPOOL 99061d40d4e1291f3f15c4f25df0a0c7eecf27127a9aeba0c724b636992648b2ff8879b11653081c821f28a82a54dfe4375fc992af1a8de988867965604bbec4 +DIST glibc-2.12.2-patches-4.tar.bz2 109270 SHA256 23362824e7ffbcc34c05f82e6f51b30cb502e648efbe7bc6a644cb8384f57330 SHA512 1776dda77964beff33be1a1cb88c410ff6fa4bdb36a1439ee1acb9698dc97c2621b1e44b06632f1b4d34c29dd707d9193e67a54af506e067a219457dcc6b3d04 WHIRLPOOL 7afe99cd94d916dfc993f084ef56d75fbbb1043319b66cecdf621dda263be122c1a0c21962c47235503989a46aba01bd2006fb9fb67ba0aa0c2692aed3be01e1 +DIST glibc-2.12.2.tar.bz2 15667759 SHA256 22f8eb3c49b9eb5e88fc249daf8670899adef24eb1f74708fb150a6502fa1216 SHA512 8197ece913e572ce3f7dfa0a33d520418aea2d8b85ccda3100118bca9f650e21fb7a8d14b1b4a5587a252c07e70c6fe85f84605a0be9dec649e92d6028979c40 WHIRLPOOL a2585b83e8ba70dd4fe3a6a47b6b5b86ba92d2dadfd50178d98c7e48ed8d5a906b630e79869b8eed44db7eb333af68d20914e3682cf87035d295d7375120d32d +DIST glibc-2.13-patches-11.tar.bz2 114949 SHA256 7db753b6ba3f58b77a95d48cf9fd8c54d843ece9b8ecdc01fd9cc787552a6e54 SHA512 ee3f02f12958220b5d97d72dbac0352d97dd225f9538fb8d036ec469c572ec577fb2648bf39f155d823928a01ab37ed8a1540d309b25b8719130d4a9d36447d1 WHIRLPOOL c26acfa64262c130be786bac905775ac0a2b1037b73259d6d4f387d6bcd5c82452e3525e284010fa687a921a8882b17737b87e7f214af546940f41e55f4edf75 +DIST glibc-2.13.tar.bz2 15725729 SHA256 0173c92a0545e6d99a46a4fbed2da00ba26556f5c6198e2f9f1631ed5318dbb2 SHA512 7fdae9acdbe8cbfda008f107ffd1559c0163ff70730a5bc618f1f15b64096a813a3495e0b2d2be7b7206bef3ed9ca67a68fd2004c8275ffeffa38b70c80887e0 WHIRLPOOL cfaeb0831f177926610d2c89bd6bd20735107ac4738ee0485a2d2e14b13c986e68e64c8f9093b89f135c3d7eb94fc2230b9f3837f3841a8bc2bc886ff5415005 +DIST glibc-2.14-patches-7.tar.bz2 105702 SHA256 f213848ae57ca7c3bcd0ac87bf04ef638b9c8191a8124394771d758a861bf009 SHA512 ef0c3cfe3b9935ea071fa96084b0fcbaa3865fe12e8c04d312f698dfe0395a8036716f1f9999777bb77eff314c423a056cf6483a9e6dd58b1919ee2fddb153ae WHIRLPOOL 3ed0b83b19b0729e550c959f5c299a639d93f04d285b24bc8ddf2f790cd5a376ed2eac44acb51a357a02f3906a470ef8783e98e8fd3a0e181fec95cca1deb649 +DIST glibc-2.14.1-patches-10.tar.bz2 167926 SHA256 e93815f125a6d1cfbaa6aa920274ea55c12da0bb4719fafd4bc0bfad27322108 SHA512 520a8e5e63daf33f1ac2d475e2d880718a774dc9228fa1d61792eb17d39a5a3d92dafac7963c4eada71ad06e8d34aea34098e08533dbc6844e9649d84b8980ab WHIRLPOOL a0c246425bffb5ce84ac8e5f25614e2ccb90de668365fc1a3ddf187ab8ae954990d12a5924f83ffa56d563b6c70fa1dbb01263d0219c40279f4267301b83646c +DIST glibc-2.14.1.tar.bz2 15650580 SHA256 6e85a2fa3ebe6b28103361f09d27eeda37a021f24dab73f34064456d5a715b3b SHA512 c83c9d6dae0091b7b6d3c8fb2b9376e58d2574a8016ce1b4d6e870afca3b892e8da2482ddf95d07ae7407a7f4cc84c1f52cb2f975a18c734529ec019204f65b7 WHIRLPOOL 0aee8c43d851375dd18b3b0ec33aad74ab396936f347cbc9f91f182d84ec03d45425be44a7edbc3faa8159dcbf9cbc4a09fa8c70b3da495fff071469fe063959 +DIST glibc-2.14.tar.bz2 15630590 SHA256 8404b54651d42133d9a2ab17d30d698e53c5f250b2ad8e5f3d9a208ea7c75d6c SHA512 4647b9999e56d88c669832b58555d4e53a22737d5c1963ae62e89958d9880193d1ad8f37cd4b05464cab79f7a244772eb1484d55788ec4828ff98dac30c8fa80 WHIRLPOOL 3aa97d56fa28bd45fb9a41925f41fe0d74020553ca4aa92293cbc47de2bc8a88b7dcbf368c77f0872d18ab6ba91bdf2b199a0520d946115f821dd4a4728ef2b8 +DIST glibc-2.15-patches-23.tar.bz2 118999 SHA256 11c38082635822eb7b12d538e3b9c38ee71f6a86be6cebb59f5f2c575be93830 SHA512 ff3792a0029ea24990fe2419579472bd02119ed6a2dab28e85089d232029be5f1c18c643bcb9d577dce78a7c682bb5eee1ed3644f086b5cf19230bcf37ce8a4b WHIRLPOOL 110ddb5989bf1b66a487c9ebae03a3e62ac22b7a28b4c70d142e1c56160bdd50b9f5fa6f4dc4a28cfb28d94281c582fcfc1f60df8ae2ef4e8a946b3b06d2b1b1 +DIST glibc-2.15.tar.xz 10280176 SHA256 321ec482abdc27b03244f7b345ee22dc431bc55daf9c000a4e7b040fbdbecb50 SHA512 fc8bc407cd9edfd79bd286d28c84e0b8224e1f57c1d318e73da098a9693257d78970178fd59f487f0321a079fcb772e8e78473fab52f091b2addb0a48fe8dcf7 WHIRLPOOL 061fc0c9915bd821dc31c2fea8e4f9a75b6c7ec0c935ea713d8c087408a8bf3c600179273438f3d9748fe40b946866b2f160e6da6fee4da51e549a30d0f0ebbc +DIST glibc-2.16.0-patches-12.tar.bz2 95047 SHA256 e8fd08ee1af5ba4c2999657ea7ec3a0669c10fcf36151874a22f9d8e20d535ed SHA512 f377043d51e7b1d9d74af2ae1d40543329b9d6d5e07f7f9d84b1db9773f61864dc1f52253a952b2618bfe170f9cae32fdf748919460605bafaea6bc0c1f1befe WHIRLPOOL 69fe1b2a9ca0f2521bb59089cfccb7393c3fdd335498ab397d17dcb441a8ea0c579a35e3f175025d2c348b72d08ce496a0ed6d577bc1e0b5a65eb5fcef88e04c +DIST glibc-2.16.0.tar.xz 9990512 SHA256 1edc36aa2a6cb7127971fce8e02eecffe9c7956297ad3ef10dd4c09f486d5924 SHA512 be9acc11b77ab3c01d5766fe626a6a51bc3192ac98f9554fbb5c37120cfc6f636c0b7a80beddc180f13b32ad06051d24c1999fa2e64eeb724d55a9498f0f634e WHIRLPOOL 9bfd4358a4488080e12e08deca5fca59c1555853d1c1978b7d1bb3b480eb8fb125dccab38c55644248ae5e18b0167aec85f8a7850bab9e11f980aae6f171eac3 +DIST glibc-2.3.6-patches-1.19.tar.bz2 216069 SHA256 8aa924347c50bd721cc1dd8dc7b0c986136689346d4d78eaea4d9f15a4db2dea SHA512 4fc2ed654ecc1021596d5737a0b2b74cec4c42393f49a8a50f30bdcb1a7f3e58876a6ad384dd8d8ed6ee9b3ca0fce034c1e2c85db2a998db4737a93c572b8e16 WHIRLPOOL 56058d0b11fef5f3845e50cc17cd4acb03cb6e5c59930582fd905f9b3bf17fa566fa6a4c5870e274a8e30a947d767113a2033eda1ca5c785ba8c98aa259c30e1 +DIST glibc-2.3.6.tar.bz2 14014977 SHA256 e73ff5eddea95d09238b41d3c9c4d9ccddcf99fcc93d04956599c91c704f4a8e SHA512 e92c15b33c80cbbfee83289840de904f5d795f375daf60dd10bb9cbc3701f3c13f35c46063a4359cd662742a9ced5aca62d20eceb580d29c8e02fb5e3845348b WHIRLPOOL e4c0ff5b368ab63aa4662fc0d7563b8276046212e429ba1db3e2f98406a9229264edce9fbda622742205f01c99d429337fa7e6c04ea3c0670b9e4f34068ec9a6 +DIST glibc-2.4-patches-1.19.tar.bz2 132880 SHA256 9ec4cd3df3b8e7f294b3c93138d2f0fd7e8213b4981cfcc9cb58c25f934a23fa SHA512 749b6b3430a6351afc676c590e4ede5baa010865168896478df1cd781c785facd19b4b4a772252ccad70fdcea167df2ccf6c06e3f8bd827e7f5282275ab640bd WHIRLPOOL 366d7c47027ace9513720a9902f10265e177280d26de3fa6651130fd6f3f12dd6d566589340b3338426a9eff1290dd59664bc0c0ab6fd8c89503c6fd123e2073 +DIST glibc-2.4.tar.bz2 15202445 SHA256 27aaaaa78b4ab5da76bb29385dc9be087ba7b855a9102eaaa78ce3ec5e2e7fcd SHA512 a870c3bd808fe2245068a023c8c3294b404e3eb10cf7f68a8d5e234f533db945f2b7bfa57adaa4407d1b75bfdd7fb296b8f2a05e8f7c5de798ee70b247c920d7 WHIRLPOOL 2040b8c0ecab247d699b2a53b6f5ec7ffbb90d56ecb0fad954476cf9a5215f218b9c72ab9efdc730017ffd622db565b49dc583469400577ab370e0ce4ab9b80e +DIST glibc-2.5.1-patches-1.0.tar.bz2 533092 SHA256 d54847e35b1533ac5eee0dac36cc358b75cdb85e90fa589cf4270e69338197b0 SHA512 2929751174c54921c25f5ce53ef9e3584b5e4d663199896ffbd96f4ba362364bc2440ca22668aa7aacd457e130733e579d9f20548ca9c87a5241fbff260147c8 WHIRLPOOL 3c4526bff063ff7710e22cd9db1b9b17b2dd5bf7e4722cef56b2ed9da3e0abc0a81993f0ff851dced0770f78c0a8f4a38945e45ac9db3c70c4376a77215ce448 +DIST glibc-2.5.1.tar.bz2 15421428 SHA256 a29e0d149816364820512f71b9c9ebd0f8a148fbeaac42b79e2c342532e5bf8e SHA512 38975b0672504cbd762c83203a6421688ee255786494bd49cc95c84c44837c61b4a3566b21ac22a001ed4a4b3fffce12a6dc812985a2dd0f5c19b08a8eda3c63 WHIRLPOOL 40397d0193f43cb3992d67a3cb1697ca67be2bd19d011661951be7b57fb92a1e1eb54d570ed0e6b9dc18062b1e5c72a2671d70dbf972d5df71c0bec9556b7889 +DIST glibc-2.6.1-patches-1.2.tar.bz2 89639 SHA256 218b8491d6f0a3e550514fab5e6db60ab9a031f00e71ec3b9e7f5db5eacbc44c SHA512 89a71f1504a0eb405badd78a406aaa407c11a65f3836e8b614baa4d8e95f95060a366b5826d08b1b62f3d74a95c5085653cb82bb384f1913a95a883612568676 WHIRLPOOL 1dad284a5280374b99cda3c527849ced8079c45444afede1e4ae5f248971c223dff1c18b218c0ca8aedf88c78c812591764ba9dc5f53bb15fc553c9b9e48fbe2 +DIST glibc-2.6.1.tar.bz2 15767401 SHA256 3ded3a3c3ba2cf02d72479a5cc0829c7c261a9d0934e49a79233de9fa276ec22 SHA512 cd139ed651a7b346cc0bcb2ef0b86e11709a5be965eee98f856f29149f272882e1563be272a08cdbd7610f4d685e0d9a90513f8abc3e0d9bac116b0d93fa0df3 WHIRLPOOL 473d05ac9aeb5b5cb3cbc57ed6e2c3e8ce06e3d05eb3c70ef8a1470d155faf4d6d1724cc833a9a642bd6ee9018dd466326c805ed8f039d0c8c7a9dd8ed34e6d0 +DIST glibc-2.7-patches-1.7.tar.bz2 97989 SHA256 4f71345bc2ef73975f921a5bdbc4841e8911a36fec7edc17f1e758a9688a7153 SHA512 ea295ca3458e85467c79955ccb0a4a70a29b46299cc4ad5be51dc28f8b4179ae3e07ed4324ad4cca588b992121e370140daf108fe4b76edc58e06df001ac1e09 WHIRLPOOL a28659361d01642bd2d9bee68d4d7fc03477cfece5ce38389aac03c3d6f21e353e550bef7b7f8b8afdd7b67e2083e661f8038a049ba6524d0a8d903ef2a7841d +DIST glibc-2.7.tar.bz2 15976860 SHA256 4224a522ac4ee0fd89eb337e7505e280dfb05e2fe1ad44339ba8874081c0451a SHA512 2ecf3bd2d70298b3c44a8a78bf3ab734db3f22ea009712057ff9f5016c33b8180087fafe6474bf8f181e07f1eb6dca8a8a08ca807a65d0dc9b6dad8ce57c5d1e WHIRLPOOL 05cedfccbc38e60c5ac7fe67ba7c529d4cc43b83df00e034f5002c03ca02a5248378f12bf7e5ac82d9a439d3310e708c32d09f7a53ef183f8c7d9e61f5e60c1c +DIST glibc-2.8-20080602.tar.bz2 16235726 SHA256 142eaba19eb85121206ee034fd828ca5dcd1bf2bfa940fef92c37457c06a6d48 SHA512 4c3acfa53844020fe8a6158a3fd3bd9c8423f335eae6e5cc3ebff89b33bccca8c642016b02170faeb8921b072b845921346fa57664f8448dfc967947601c999e WHIRLPOOL 9f5ad676db308f24fab6f611c00341ca6e0d7b2c6ebd165e1d0251607cf93512c04459c905ec05d98111828f605d2a5afa63db099620b8c3f6d8d36cdca786b2 +DIST glibc-2.8-patches-6.tar.bz2 103171 SHA256 dc335095de83ff4ff405c9aaf5b3ee3d82148888c73b31081ae1c706510973c2 SHA512 2cdfd14cd64341e3f4a535c1d576a2a92b49cfe85a790de3acd4b82337fe4b8fecfaa6b0950a909cfb8d45a004da2ed4974d2468e33eb0cf89acfe34fbd414c9 WHIRLPOOL f893b1dded80b2b61e04c069fee5cff808fa20a5d75f72f34137c82c69dd2640a3fb6222955ad792c5e6008a761ac72e91737357abdcadf723aedaaf013ac5cc +DIST glibc-2.8-ports-20080602.tar.bz2 469234 SHA256 1f3665e80b5832f7d281c109bc2f5412521cc9ccc3bd7b499fd493ff5eb9aa9b SHA512 1357c27140f227846b9fb408aeb7fd032797ea582ead525ca1ad28e67421b5f7413cbffaf006394357b84cfb6d9315c292ccb00bff07a8ecfc4e166ceaf7f56d WHIRLPOOL 2553934c6f529c2a41c1f736873c3ccbe62dfc17ba281eaccb85e62a2d1a57a8c712d0fa96d5f1414fb57cd39120caeab4241b1279f1cf5930f864c5ad2959cc +DIST glibc-2.9-20081201.tar.bz2 16430489 SHA256 6f8e515775e20ed48610860d10315adda418a3649b3465f36ee5cd467364a8f6 SHA512 bdd3f5b61f741f09da21020ceef95e8e4f22574d11f8f2341f573ab2225baaf68698446ec26cbc4a63a21a8a400eaf5820fce4bd89c3e1dcf52172a62df561f4 WHIRLPOOL 37e4875e450e8a4067f657b4d71be184844cd45c0d7dbd9242e8f998aab4e15c732fc64ba148c5782078873182d4b132c911da9242b0513eea96a2338aa04722 +DIST glibc-2.9-patches-8.tar.bz2 106638 SHA256 5f1f8b569ac02c2f538bebd64d137bccb442ddfcb28b3ef17b86134edd8e3f6c SHA512 f5070bf45c28bcf455f53bee85414e6efa1da3cdbc51425a1bc67fb92ff793d1416d5743a48e69080e636d80e41463c5897d437190d496c0b34f7dcf158e8d9c WHIRLPOOL f15b98a7bd6a8cbfaa9c6e1ad7204de875876bf1640c2a008532537cf65b811b42c45446dba846f6e572e9d763cb6afbe878920a51f772c7367cc7a6f615f4b7 +DIST glibc-2.9-ports-20081201.tar.bz2 487663 SHA256 19bb6e89855171d7ae01aef92054dfe4524521fbc13c67bfaa3ee81944210744 SHA512 8bc400fe1f8213908c96fa8c1060a360c4ed83fdb21ba6ffb7b6dc0232216ea23217d0c165336603a8969cca89e8b3edc7d32a38516f2c27114368682d06e6b6 WHIRLPOOL 917d6b77a3d999cb7eca7c9b8bb8d6838a109c609ef8bd3aabb3afa04755c142e4dde352c5c62561a8b39581295eb48b23192b52d1d9f1916454c4cf39db702d +DIST glibc-infopages-2.3.6.tar.bz2 1298413 SHA256 651701bb5d8431401fa0f2252ad1cd37f69dc3a2aa28e4ce3405b4417b5e2c22 SHA512 62cd706e22dcf948e2eb3dd24b3a5700f0dc50c6bcdb55b11028187f317b0497795112a5cfb5fce158b9add913e67bfe49844cbaa2251a5af307db897bc49983 WHIRLPOOL a3b4850d85733a5cb035950b07595caeade02eb541fe108a6fbb2af1f930e9c01b322249d1b74ae343f3f6d5f2ffc03ae32cba1fa28c01100ec2c10e91909eb6 +DIST glibc-libidn-2.10.1.tar.bz2 102248 SHA256 0fa72d1dd06a30642d3bb20a659f4ed0f4af54a205d7102896b68169b38676dc SHA512 cc2f74ce50d344b2052cd9b292101e15fe1f27389f74a98cfdf969392e78fc192809c1daa6fe4695851e72535e48d2e8000ab7c776483657e3990e81195886a3 WHIRLPOOL 00b6212b157f4861c860548cdc2841779f744919dbe8123f09fd5918c0c4b1ee110a34e15a933bf74a740860d52d2a5866341eea3b81569877dd2b591ab027e6 +DIST glibc-libidn-2.3.6.tar.bz2 101041 SHA256 99a20232c1ad994e8a6dcd15c34e413eed94e7dd558bed7b832649dce09fb4f2 SHA512 1febf922702ae9e48c4654145712ee5fe1f31dc835d21928fe6537bed6dec2a3cf19066d28693b8afae0b93982ec2f72a3a0f98fcc0ee981dff222d761caead4 WHIRLPOOL f8deb0ea94771665f41b99e87d0623e376f8cf0479759dc4d26af8f017a20c45ec7269b331de376c21f328df02c344be2db0c2ebab201f4df2d952a41dc73052 +DIST glibc-libidn-2.4.tar.bz2 102305 SHA256 2f29ec2b2b2f75f787a1eed8fdea20aff212dc3bad97651ca376914c49181977 SHA512 c6dcf0db2bcb736d1df7ca69a8da1870f2ec0a2ce491f3eeb3e0fd8ce98b009f0dbe88f96f17421875a120e8984966764260e38ee356d852a11544516a8b5284 WHIRLPOOL d944f12e8943e7e064c92ba3b7e72164647a2bef875844f201561690eda79dd6a051f26eaec555be6ec943ab728a5e955d15a0488a16af2f6e0e3277c89b140e +DIST glibc-libidn-2.5.1.tar.bz2 102290 SHA256 800e2b35443ffff200970df6d35a7afc2eb6e75c88a8074391867545e46d9f2e SHA512 f84d56163fdc21fc9e5c760865fb7dde41134c930de0dc6b7cbb80df61a74ab2a044ca07ae864c95f510a636d6e93ea9fe63be20213773bf34952d95d89ba95e WHIRLPOOL 154f6e81eaa54d3df5a4f64f063f3f5d5503380cbbd669e34fc8efb751476a27c1863e238946079317129344a90c78a3f15382782b14a91fc0524f349cb70e3f +DIST glibc-libidn-2.6.1.tar.bz2 102319 SHA256 67c98ca1299f5f25eaece256d033e0e63bcf6876b920ca62a1fe61ac62c5c451 SHA512 3963cdedb6fc965e1aaed066d0484afdc46f536541f0eaa931be03cc10d08e984eb894e32beb28e4282e126fa8f633147425a874d897957e8eafe09dde7bc83c WHIRLPOOL 7912524ad862ab0e962af29f6b2e6d843844d427eb4e3e9d272d505b10213c920ca6b543727020c160e7f8959b476650d4573a04329de2758bd5f4a1ce9b91d3 +DIST glibc-libidn-2.7.tar.bz2 101939 SHA256 07de78810a5320d696792b67131c4cf3d6654aee015a6b74820d66fb00799000 SHA512 aa6fd5ca729804f6e774462aaa87cf963098c87e15a326599c8c137f2d0dffccb00e408b013a51a6423422c4591eea12a72c55a65b89aa92a6f7862f485b6f5c WHIRLPOOL c5d0908ed19743a60e02ac1c6f827d4406b6aa1992bb9055f2abd4dfa086c90e6fcf439c3fd6a3bac6a1f045dc6bec34c66268b3151e5e7a196df20aaae6c468 +DIST glibc-linuxthreads-2.3.6.tar.bz2 243534 SHA256 6c3bc4a247d1e5308fb14f81956802f09095d3683219859fcad5795aa3aea638 SHA512 d51281df3baab7f600fffd4053048447e0d53b66319f5c6aebcdab8025c706a3990d826e0c175f5a0a8ab5db35545b5180bc15dcb21c66824bd8f0402204a188 WHIRLPOOL 3f69ecdde52ce22d8a49db745ccd5fd443f23e4807f55914ceacfd16f6f07263ec6bb892ee79b1d88ea7e1814cd97e6ad6702474f9a3f9711bd9ca626c2579b1 +DIST glibc-linuxthreads-2.5.tar.bz2 242445 SHA256 ee27aeba6124a8b351c720eb898917f0f8874d9a384cc2f17aa111a3d679bd2c SHA512 e6231590d976762f22c1668f20ec5f5288c2aa45dfcc246c8b628207948ecd009f4e7fb999fbf63d3fb590f0a20b2ade819ddacdf391ec2cf8562d7556335b66 WHIRLPOOL c3f943dc39b9a271fdd32b98a875a308f14532e810c8ffa6b6994c7723d8dd57fa22c17fdc6173f659d440958c15d3b2763210376be6802c4feefcd397a5d6db +DIST glibc-linuxthreads-20060605.tar.bz2 247200 SHA256 1d15e236926fff6daa81e6af34e7903206b67f849f828ca976ab077b4677fb52 SHA512 dadff68163f75debf65ea06e4f537d880560245cc6e193b81d668ab54739829b14c29c86cbf0126699a4d36198305dd94c525c416c490cb0c20635b82ee04460 WHIRLPOOL 6d46d0d3e00d84f9481aaa3f9d6645a4d8946bd82b9e1d899305d8000a6e445515f85526672179d11020899737e6a55be22fe3146bc19821ed75941c0da82260 +DIST glibc-manpages-2.3.6-1.tar.bz2 22216 SHA256 2ba9c7fff2f02f888160dbadd013356fe4a6e9f3d71ac583f5ba6a1d73cb2ab6 SHA512 c4d19f00f03bdcec09c438406ae246ec70479294c1cd096c080889169b30ad5bd715f015a3c8278ec6373562450dc91fdd1f079609d754089b51043fbc8e57ed WHIRLPOOL 31b4e59300975ddd55b69fe32d4de2067ae7e0caaa6554d928be09bffbe872e399c89473b0051265745a0c8539a1b5115ded637c4a27f0e6262e16cc0324769f +DIST glibc-ports-2.10.1.tar.bz2 584860 SHA256 b1f1ec9720036a3a33598b8478eef102535444a083d5b5813a6981ed74ab4071 SHA512 9319fa98b159f904f263ceb1f073db14caf6af61c7fb723d8e5c210a061d2e1ffd634d87912c07f748e9a309be6062fb0799c06638fcc54f1219e4494143fae9 WHIRLPOOL d94ae024811887d0a46800161d29be371d53827690b80df35a58a38e4a78811784e096335b0cfcd7587c26e392158765a182a91c9252e5b304d12901b2e41a73 +DIST glibc-ports-2.11.tar.bz2 599606 SHA256 38d212b1a22ed121c97f2827e7357e3e077084635ebc197246993d328b1b6589 SHA512 55254f538919bcc6e5046ca699ebf6c2d5ff039b4d3d0254361d3185f735b3a6561c6518cf99d25702659e10de7950b445b36d0ba8bb3fae0558ee6edaff41ac WHIRLPOOL 1516a97ac2c7bf06975a1364ab0097e3d90054facd4f5c86e1aa4d6d58e94c6ae7e6c13e998604ee766207ee80a4653fca585cc127057f5540019f691e5ba29c +DIST glibc-ports-2.12.1.tar.bz2 621800 SHA256 3986c166d08c30b83c9cc7d972651550b548386d5a02e4e4c985d9832de83110 SHA512 d7dad77d9d495df2d0605e915e0db0c170d3d5d1e83509a3e48d51f32f6c08cbe133c49dd1f09ee559a503af25756c38dd83725f336ba0ec7d96a15f29ac33cb WHIRLPOOL 561ba89d6ef8702867126a36f657254f3fea1b1ba25acc9140da831fc76ced740fa55c4b4d8d3fbe4be86399e9ff0b9e2a3cd5f160738a3889a3554496ceaca2 +DIST glibc-ports-2.13.tar.bz2 625945 SHA256 b11c4501ae929883447f409c31d65e82822b1c5693075a825a3d54612876ee5a SHA512 39ed578db363dab05e54d5272d3a8a0600493b91985c65a4d043b5a88d617ff46cca2d66d99ae69e92282d8f8a2357e79dcd5b0ae45b505497417d5137866ad6 WHIRLPOOL 766309e315f2f7edbe0b431691ea16f9917dd2f1c8d54b707e819b695f26dedac2d60c3a58499ee1b51a218b982e9930e49f79db096e166576c215a6ccac21e5 +DIST glibc-ports-2.14.1.tar.bz2 630641 SHA256 1c830afb6d4aa166edaa09ec539580377ecbb16ba655d0aad6f5cb5a9a269aa9 SHA512 4ed18be51e2dec4395bf89701b32e443ba02e4e6b26ee1a72684a1f84ef302d58ed8b58f99e4e0ba3f539da0ade668de5881bb2b86fcd065d741448d9c129bae WHIRLPOOL 463aac8660f7f8d9d6e4ee5728aef2948892a54dc250d0543ffb3c2fb636a816384d5984631ab4420b98a51254d62b4b0ad8381a8006ceb1f632de135155939d +DIST glibc-ports-2.14.tar.bz2 631253 SHA256 580a656a55a17ba3db80ab0a9321332cd1f0aaddd7fad76004b524303fb6632d SHA512 843a8daee3210fca86956718bff71f21f6532b7ca3077b4a1964f6d797df0a3dba42a29108715410ae232a48809f166cb051303a567fe16b0c05b9f71aef6225 WHIRLPOOL 156c43e90bb47d939e0852c583d6382021440c5b4c0b3705f60d4ad953866ab92ba1d502e010e7ff2b3a031795393f776dea3cfed317daf426d0360346ff9064 +DIST glibc-ports-2.15.tar.xz 421820 SHA256 fcc271fcc3a808bf0f3aa1d144bc39b8d0d5f730aed6e206b883961515f0d1b9 SHA512 fc3c80a9a7ede0f35054e5be043fff4b967e6ef6678f42e617dd1dd498920edb4e4c785cf8e3cd97fc2914a35a892e0fd7e1aab24f0c3c8d207765a131bf3744 WHIRLPOOL a8a617eacb326615265832f86a7ef39678364b5b65d5c16d58680ec0debfbca6780018b7da9c1a86bdfffcde58aa1258b96ea4bd50b114901b522e62d48ae4a5 +DIST glibc-ports-2.16.0.tar.xz 925916 SHA256 93a10ac3b9ab70ccc59dfe50a4747d48a7e92f9481656f8a37558a2767ac02f3 SHA512 8653ad9f5cf239a55eb2e236f9510ba227e910168efefd74df8e4951f2e1e4bca69598bc23daa6581e0ba94fe334ac625524fb22f0d38c2a07e373eda1db821b WHIRLPOOL 60b0cb559e28bcab9c6625ccd24a13ecfc301cc055d7e18d1324627912b528ca8cc7c2f999e1e979d2685e407879b1bfffdb61f1536d91fa143cffb7ded72a8a +DIST glibc-ports-2.4.tar.bz2 381472 SHA256 2fbbcaad8a9f8560485c398a9066959fe2713c8bc7e653ec476fb56fed21d19a SHA512 c6a37e56aa384cf3f6b74c8a2ccb50fd2f6f494fe65543e18153998ea4bc7fd44806284f263bd14098158680c996f0e45100827b3180a8a791d13d4ace46c294 WHIRLPOOL 2a1558556b0f9ad1ccb47a1f513a7d70d644cef53a382b917db56140f7e9ebbe1f41bb24143c461158fb3047b2b5a60fbb6091f9858619d6acef5c7fb88422fa +DIST glibc-ports-2.5.tar.bz2 409372 SHA256 80c38a005325e7539012bd665fb8e06af9ee9bfc74efb236ebff121265bfd463 SHA512 e9a0630bab9dc262c6bdd1696a79e060b39d55bbc0c6a6e9e3b36fe315aa11c22d008f722efa546fa5ec443c224933bb8b64f90acaf1f9dd886e5126f1a81c0e WHIRLPOOL af1a0f1bc46435a24c9020194a6fdd7067245ada85159f7b3e24e55b7cc88129570834dba532495e40f1646067e93aac1bd60de2d6f2cec9f9ecef2f64c66755 +DIST glibc-ports-2.6.1.tar.bz2 431292 SHA256 d094028bc6d6691f56b4efeff7cd7e1c7ca10733e0cb5efc36e8fb08d8324bf1 SHA512 10821599e095a38c10b9e3b757b9919ab29b536eb9a275ca1050aeb63a08d4a429e7e1821f184e8add2d870cff49d9d4f7b445f5337ecb9964dcd92405b53f6c WHIRLPOOL c1813db493da4d7fc22b319bb70e33db59ce055c30de5f860921c08968e6b558794121ac1ba0fbab199e31c532d82a915490c030b056ffadd3bdde2eaee80cce +DIST glibc-ports-2.7.tar.bz2 435392 SHA256 3e481996259af87c3581da23481970a27de679e3c87cfa9a5a59751cd20c7b44 SHA512 4723dafae5c07bc8177bfac888a43c5cf324a066631fcdb702a24a5fd5949332c0465de1fc10e454672333b448f4342a27199422786cd24b689679b4cd1787f9 WHIRLPOOL da9a751ab508162dca9f3f1d116fd25d871c9da1b7416270cb2a16e41a145aa0aa0cfadd7cbb14898b4f77bfe011d4da92967a787783c843ca07894710e367f6 +DIST glibc-powerpc-cpu-addon-v0.01.tgz 22422 SHA256 0ffa9a432fffb9bfed99c529b631a27534ba848c7ec1d707732338b73a4a8ce9 SHA512 8349a0f7a460349430b7b99bc0fe2ee3a7423f3c085b73a7ba930c84e2a65785acf3205cf206e02fdda36afe045085ee5400c792467634d548bf115c5687bdbd WHIRLPOOL c13a7efab5e3438eaaaf8c0df4ba1edda92447b4796957efd394084ff1d9150e5f7b3327ea9884175402dfff0cc1055d8fb45c9a7f5961a4d603264ee5ce9fb4 diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c b/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c new file mode 100644 index 0000000..37711e8 --- /dev/null +++ b/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c @@ -0,0 +1,315 @@ +/* Copyright (C) 2004, 2005 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +/* Copyright (C) 2006-2008 Gentoo Foundation Inc. + * License terms as above. + * + * Hardened Gentoo SSP and FORTIFY handler + * + * An SSP failure handler that does not use functions from the rest of + * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures + * no possibility of recursion into the handler. + * + * Direct all bug reports to http://bugs.gentoo.org/ + * + * Re-written from the glibc-2.3 Hardened Gentoo SSP handler + * by Kevin F. Quinn - <kevquinn[@]gentoo.org> + * + * The following people contributed to the glibc-2.3 Hardened + * Gentoo SSP and FORTIFY handler, from which this implementation draws much: + * + * Ned Ludd - <solar[@]gentoo.org> + * Alexander Gabert - <pappy[@]gentoo.org> + * The PaX Team - <pageexec[@]freemail.hu> + * Peter S. Mazinger - <ps.m[@]gmx.net> + * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> + * Robert Connolly - <robert[@]linuxfromscratch.org> + * Cory Visi <cory[@]visi.name> + * Mike Frysinger <vapier[@]gentoo.org> + * Magnus Granberg <zorry[@]ume.nu> + */ + +#include <stdio.h> +#include <stdlib.h> +#include <errno.h> +#include <unistd.h> +#include <signal.h> + +#include <sys/types.h> + +#include <sysdep-cancel.h> +#include <sys/syscall.h> +#include <bp-checks.h> + +#include <kernel-features.h> + +#include <alloca.h> +/* from sysdeps */ +#include <socketcall.h> +/* for the stuff in bits/socket.h */ +#include <sys/socket.h> +#include <sys/un.h> + +/* Sanity check on SYSCALL macro names - force compilation + * failure if the names used here do not exist + */ +#if !defined __NR_socketcall && !defined __NR_socket +# error Cannot do syscall socket or socketcall +#endif +#if !defined __NR_socketcall && !defined __NR_connect +# error Cannot do syscall connect or socketcall +#endif +#ifndef __NR_write +# error Cannot do syscall write +#endif +#ifndef __NR_close +# error Cannot do syscall close +#endif +#ifndef __NR_getpid +# error Cannot do syscall getpid +#endif +#ifndef __NR_kill +# error Cannot do syscall kill +#endif +#ifndef __NR_exit +# error Cannot do syscall exit +#endif +#ifdef SSP_SMASH_DUMPS_CORE +# define ENABLE_SSP_SMASH_DUMPS_CORE 1 +# if !defined _KERNEL_NSIG && !defined _NSIG +# error No _NSIG or _KERNEL_NSIG for rt_sigaction +# endif +# if !defined __NR_sigaction && !defined __NR_rt_sigaction +# error Cannot do syscall sigaction or rt_sigaction +# endif +/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size + * of the _kernel_ sigset_t which is not the same as the user sigset_t. + * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for + * some reason. + */ +# ifdef _KERNEL_NSIG +# define _SSP_NSIG _KERNEL_NSIG +# else +# define _SSP_NSIG _NSIG +# endif +#else +# define _SSP_NSIG 0 +# define ENABLE_SSP_SMASH_DUMPS_CORE 0 +#endif + +/* Define DO_SIGACTION - default to newer rt signal interface but + * fallback to old as needed. + */ +#ifdef __NR_rt_sigaction +# define DO_SIGACTION(signum, act, oldact) \ + INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) +#else +# define DO_SIGACTION(signum, act, oldact) \ + INLINE_SYSCALL(sigaction, 3, signum, act, oldact) +#endif + +/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ +#if defined(__NR_socket) && defined(__NR_connect) +# define USE_OLD_SOCKETCALL 0 +#else +# define USE_OLD_SOCKETCALL 1 +#endif + +/* stub out the __NR_'s so we can let gcc optimize away dead code */ +#ifndef __NR_socketcall +# define __NR_socketcall 0 +#endif +#ifndef __NR_socket +# define __NR_socket 0 +#endif +#ifndef __NR_connect +# define __NR_connect 0 +#endif +#define DO_SOCKET(result, domain, type, protocol) \ + do { \ + if (USE_OLD_SOCKETCALL) { \ + socketargs[0] = domain; \ + socketargs[1] = type; \ + socketargs[2] = protocol; \ + socketargs[3] = 0; \ + result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ + } else \ + result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ + } while (0) +#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ + do { \ + if (USE_OLD_SOCKETCALL) { \ + socketargs[0] = sockfd; \ + socketargs[1] = (unsigned long int)serv_addr; \ + socketargs[2] = addrlen; \ + socketargs[3] = 0; \ + result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ + } else \ + result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ + } while (0) + +#ifndef _PATH_LOG +# define _PATH_LOG "/dev/log" +#endif + +static const char path_log[] = _PATH_LOG; + +/* For building glibc with SSP switched on, define __progname to a + * constant if building for the run-time loader, to avoid pulling + * in more of libc.so into ld.so + */ +#ifdef IS_IN_rtld +static char *__progname = "<rtld>"; +#else +extern char *__progname; +#endif + +/* Common handler code, used by chk_fail + * Inlined to ensure no self-references to the handler within itself. + * Data static to avoid putting more than necessary on the stack, + * to aid core debugging. + */ +__attribute__ ((__noreturn__ , __always_inline__)) +static inline void +__hardened_gentoo_chk_fail(char func[], int damaged) +{ +#define MESSAGE_BUFSIZ 256 + static pid_t pid; + static int plen, i; + static char message[MESSAGE_BUFSIZ]; + static const char msg_ssa[] = ": buffer overflow attack"; + static const char msg_inf[] = " in function "; + static const char msg_ssd[] = "*** buffer overflow detected ***: "; + static const char msg_terminated[] = " - terminated\n"; + static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; + static const char msg_unknown[] = "<unknown>"; + static int log_socket, connect_result; + static struct sockaddr_un sock; + static unsigned long int socketargs[4]; + + /* Build socket address + */ + sock.sun_family = AF_UNIX; + i = 0; + while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { + sock.sun_path[i] = path_log[i]; + i++; + } + sock.sun_path[i] = '\0'; + + /* Try SOCK_DGRAM connection to syslog */ + connect_result = -1; + DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); + if (log_socket != -1) + DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); + if (connect_result == -1) { + if (log_socket != -1) + INLINE_SYSCALL(close, 1, log_socket); + /* Try SOCK_STREAM connection to syslog */ + DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); + if (log_socket != -1) + DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); + } + + /* Build message. Messages are generated both in the old style and new style, + * so that log watchers that are configured for the old-style message continue + * to work. + */ +#define strconcat(str) \ + {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ + {\ + message[plen+i]=str[i];\ + i++;\ + }\ + plen+=i;} + + /* R.Henderson post-gcc-4 style message */ + plen = 0; + strconcat(msg_ssd); + if (__progname != (char *)0) + strconcat(__progname) + else + strconcat(msg_unknown); + strconcat(msg_terminated); + + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); + if (connect_result != -1) + INLINE_SYSCALL(write, 3, log_socket, message, plen); + + /* Dr. Etoh pre-gcc-4 style message */ + plen = 0; + if (__progname != (char *)0) + strconcat(__progname) + else + strconcat(msg_unknown); + strconcat(msg_ssa); + strconcat(msg_inf); + if (func != NULL) + strconcat(func) + else + strconcat(msg_unknown); + strconcat(msg_terminated); + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); + if (connect_result != -1) + INLINE_SYSCALL(write, 3, log_socket, message, plen); + + /* Direct reports to bugs.gentoo.org */ + plen=0; + strconcat(msg_report); + message[plen++]='\0'; + + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); + if (connect_result != -1) + INLINE_SYSCALL(write, 3, log_socket, message, plen); + + if (log_socket != -1) + INLINE_SYSCALL(close, 1, log_socket); + + /* Suicide */ + pid = INLINE_SYSCALL(getpid, 0); + + if (ENABLE_SSP_SMASH_DUMPS_CORE) { + static struct sigaction default_abort_act; + /* Remove any user-supplied handler for SIGABRT, before using it */ + default_abort_act.sa_handler = SIG_DFL; + default_abort_act.sa_sigaction = NULL; + __sigfillset(&default_abort_act.sa_mask); + default_abort_act.sa_flags = 0; + if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) + INLINE_SYSCALL(kill, 2, pid, SIGABRT); + } + + /* Note; actions cannot be added to SIGKILL */ + INLINE_SYSCALL(kill, 2, pid, SIGKILL); + + /* In case the kill didn't work, exit anyway + * The loop prevents gcc thinking this routine returns + */ + while (1) + INLINE_SYSCALL(exit, 0); +} + +__attribute__ ((__noreturn__)) +void __chk_fail(void) +{ + __hardened_gentoo_chk_fail(NULL, 0); +} + diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch new file mode 100644 index 0000000..e75ccc7 --- /dev/null +++ b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch @@ -0,0 +1,30 @@ +Prevent default-fPIE from confusing configure into thinking +PIC code is default. This causes glibc to build both PIC and +non-PIC code as normal, which on the hardened compiler generates +PIC and PIE. + +Patch by Kevin F. Quinn <kevquinn@gentoo.org> +Fixed for glibc 2.10 by Magnus Granberg <zorry@ume.nu> + +--- configure.in ++++ configure.in +@@ -2145,7 +2145,7 @@ + # error PIC is default. + #endif + EOF +-if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then ++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then + libc_cv_pic_default=no + fi + rm -f conftest.*]) +--- configure ++++ configure +@@ -7698,7 +7698,7 @@ + # error PIC is default. + #endif + EOF +-if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then ++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then + libc_cv_pic_default=no + fi + rm -f conftest.* diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch new file mode 100644 index 0000000..cb6d8e3 --- /dev/null +++ b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch @@ -0,0 +1,274 @@ +When building glibc PIE (which is not something upstream support), +several modifications are necessary to the glibc build process. + +First, any syscalls in PIEs must be of the PIC variant, otherwise +textrels ensue. Then, any syscalls made before the initialisation +of the TLS will fail on i386, as the sysenter variant on i386 uses +the TLS, giving rise to a chicken-and-egg situation. This patch +defines a PIC syscall variant that doesn't use sysenter, even when the sysenter +version is normally used, and uses the non-sysenter version for the brk +syscall that is performed by the TLS initialisation. Further, the TLS +initialisation is moved in this case prior to the initialisation of +dl_osversion, as that requires further syscalls. + +csu/libc-start.c: Move initial TLS initialization to before the +initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined + +csu/libc-tls.c: Use the no-sysenter version of sbrk when +INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter +version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/brk.c: Define a no-sysenter version of brk if +INTERNAL_SYSCALL_NOSYSENTER is defined. + +sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER +Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. + +Patch by Kevin F. Quinn <kevquinn@gentoo.org> +Fixed for 2.10 by Magnus Granberg <zorry@ume.nu> + +--- csu/libc-start.c ++++ csu/libc-start.c +@@ -28,6 +28,7 @@ + extern int __libc_multiple_libcs; + + #include <tls.h> ++#include <sysdep.h> + #ifndef SHARED + # include <dl-osinfo.h> + extern void __pthread_initialize_minimal (void); +@@ -129,6 +130,11 @@ + # endif + _dl_aux_init (auxvec); + # endif ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ /* Do the initial TLS initialization before _dl_osversion, ++ since the latter uses the uname syscall. */ ++ __pthread_initialize_minimal (); ++# endif + # ifdef DL_SYSDEP_OSCHECK + if (!__libc_multiple_libcs) + { +@@ -138,10 +144,12 @@ + } + # endif + ++# ifndef INTERNAL_SYSCALL_NOSYSENTER + /* Initialize the thread library at least a bit since the libgcc + functions are using thread functions if these are available and + we need to setup errno. */ + __pthread_initialize_minimal (); ++# endif + + /* Set up the stack checker's canary. */ + uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); +--- csu/libc-tls.c ++++ csu/libc-tls.c +@@ -23,6 +23,7 @@ + #include <unistd.h> + #include <stdio.h> + #include <sys/param.h> ++#include <sysdep.h> + + + #ifdef SHARED +@@ -29,6 +30,9 @@ + #error makefile bug, this file is for static only + #endif + ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++extern void *__sbrk_nosysenter (intptr_t __delta); ++#endif + extern ElfW(Phdr) *_dl_phdr; + extern size_t _dl_phnum; + +@@ -141,14 +145,26 @@ + + The initialized value of _dl_tls_static_size is provided by dl-open.c + to request some surplus that permits dynamic loading of modules with +- IE-model TLS. */ ++ IE-model TLS. ++ ++ Where the normal sbrk would use a syscall that needs the TLS (i386) ++ use the special non-sysenter version instead. */ + #if TLS_TCB_AT_TP + tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); ++# else + tlsblock = __sbrk (tcb_offset + tcbsize + max_align); ++# endif + #elif TLS_DTV_AT_TP + tcb_offset = roundup (tcbsize, align ?: 1); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align ++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# else + tlsblock = __sbrk (tcb_offset + memsz + max_align + + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# endif + tlsblock += TLS_PRE_TCB_SIZE; + #else + /* In case a model with a different layout for the TCB and DTV +--- misc/sbrk.c ++++ misc/sbrk.c +@@ -18,6 +18,7 @@ + #include <errno.h> + #include <stdint.h> + #include <unistd.h> ++#include <sysdep.h> + + /* Defined in brk.c. */ + extern void *__curbrk; +@@ -29,6 +30,35 @@ + /* Extend the process's data space by INCREMENT. + If INCREMENT is negative, shrink data space by - INCREMENT. + Return start of new space allocated, or -1 for errors. */ ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ if the SYSENTER version requires the TLS (which it does on i386). ++ Obviously using the TLS before it is initialised is broken. */ ++extern int __brk_nosysenter (void *addr); ++void * ++__sbrk_nosysenter (intptr_t increment) ++{ ++ void *oldbrk; ++ ++ /* If this is not part of the dynamic library or the library is used ++ via dynamic loading in a statically linked program update ++ __curbrk from the kernel's brk value. That way two separate ++ instances of __brk and __sbrk can share the heap, returning ++ interleaved pieces of it. */ ++ if (__curbrk == NULL || __libc_multiple_libcs) ++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ ++ return (void *) -1; ++ ++ if (increment == 0) ++ return __curbrk; ++ ++ oldbrk = __curbrk; ++ if (__brk_nosysenter (oldbrk + increment) < 0) ++ return (void *) -1; ++ ++ return oldbrk; ++} ++#endif + void * + __sbrk (intptr_t increment) + { +--- sysdeps/unix/sysv/linux/i386/brk.c ++++ sysdeps/unix/sysv/linux/i386/brk.c +@@ -31,6 +31,30 @@ + linker. */ + weak_alias (__curbrk, ___brk_addr) + ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ * if the SYSENTER version requires the TLS (which it does on i386). ++ * Obviously using the TLS before it is initialised is broken. */ ++int ++__brk_nosysenter (void *addr) ++{ ++ void *__unbounded newbrk; ++ ++ INTERNAL_SYSCALL_DECL (err); ++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, ++ __ptrvalue (addr)); ++ ++ __curbrk = newbrk; ++ ++ if (newbrk < addr) ++ { ++ __set_errno (ENOMEM); ++ return -1; ++ } ++ ++ return 0; ++} ++#endif + int + __brk (void *addr) + { +--- sysdeps/unix/sysv/linux/i386/sysdep.h ++++ sysdeps/unix/sysv/linux/i386/sysdep.h +@@ -187,7 +187,7 @@ + /* The original calling convention for system calls on Linux/i386 is + to use int $0x80. */ + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET + # else + # define ENTER_KERNEL call *_dl_sysinfo +@@ -358,7 +358,7 @@ + possible to use more than four parameters. */ + #undef INTERNAL_SYSCALL + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ + register unsigned int resultvar; \ +@@ -384,6 +384,18 @@ + : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ + ASMFMT_##nr(args) : "memory", "cc"); \ + (int) resultvar; }) ++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ ++ ({ \ ++ register unsigned int resultvar; \ ++ EXTRAVAR_##nr \ ++ asm volatile ( \ ++ LOADARGS_NOSYSENTER_##nr \ ++ "movl %1, %%eax\n\t" \ ++ "int $0x80\n\t" \ ++ RESTOREARGS_NOSYSENTER_##nr \ ++ : "=a" (resultvar) \ ++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ ++ (int) resultvar; }) + # else + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ +@@ -447,12 +459,20 @@ + + #define LOADARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define LOADARGS_1 \ + "bpushl .L__X'%k3, %k3\n\t" + # define LOADARGS_5 \ + "movl %%ebx, %4\n\t" \ + "movl %3, %%ebx\n\t" ++# define LOADARGS_NOSYSENTER_1 \ ++ "bpushl .L__X'%k2, %k2\n\t" ++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 ++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_5 \ ++ "movl %%ebx, %3\n\t" \ ++ "movl %2, %%ebx\n\t" + # else + # define LOADARGS_1 \ + "bpushl .L__X'%k2, %k2\n\t" +@@ -474,11 +495,18 @@ + + #define RESTOREARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define RESTOREARGS_1 \ + "bpopl .L__X'%k3, %k3\n\t" + # define RESTOREARGS_5 \ + "movl %4, %%ebx" ++# define RESTOREARGS_NOSYSENTER_1 \ ++ "bpopl .L__X'%k2, %k2\n\t" ++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 ++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_5 \ ++ "movl %3, %%ebx" + # else + # define RESTOREARGS_1 \ + "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch new file mode 100644 index 0000000..a1c9eef --- /dev/null +++ b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch @@ -0,0 +1,168 @@ +Add backwards compat support for gcc-3.x ssp ... older ssp versions +used __guard and __stack_smash_handler symbols while gcc-4.1 and newer +uses __stack_chk_guard and __stack_chk_fail. + +--- config.h.in ++++ config.h.in +@@ -42,6 +42,9 @@ + assembler instructions per line. Default is `;' */ + #undef ASM_LINE_SEP + ++/* Define if we want to enable support for old ssp symbols */ ++#undef ENABLE_OLD_SSP_COMPAT ++ + /* Define if not using ELF, but `.init' and `.fini' sections are available. */ + #undef HAVE_INITFINI + +--- configure ++++ configure +@@ -1378,6 +1378,9 @@ Optional Features: + --enable-kernel=VERSION compile for compatibility with kernel not older than + VERSION + --enable-all-warnings enable all useful warnings gcc can issue ++ --disable-old-ssp-compat ++ enable support for older ssp symbols ++ [default=no] + --enable-multi-arch enable single DSO with optimizations for multiple + architectures + --enable-experimental-malloc +@@ -6462,6 +6465,20 @@ fi + $as_echo "$libc_cv_ssp" >&6; } + + ++# Check whether --enable-old-ssp-compat or --disable-old-ssp-compat was given. ++if test "${enable_old_ssp_compat+set}" = set; then ++ enableval="$enable_old_ssp_compat" ++ enable_old_ssp_compat=$enableval ++else ++ enable_old_ssp_compat=no ++fi; ++if test "x$enable_old_ssp_compat" = "xyes"; then ++ cat >>confdefs.h <<\_ACEOF ++#define ENABLE_OLD_SSP_COMPAT 1 ++_ACEOF ++ ++fi ++ + { $as_echo "$as_me:$LINENO: checking for -fgnu89-inline" >&5 + $as_echo_n "checking for -fgnu89-inline... " >&6; } + if test "${libc_cv_gnu89_inline+set}" = set; then +--- configure.in ++++ configure.in +@@ -1641,6 +1641,15 @@ fi + rm -f conftest*]) + AC_SUBST(libc_cv_ssp) + ++AC_ARG_ENABLE([old-ssp-compat], ++ AC_HELP_STRING([--enable-old-ssp-compat], ++ [enable support for older ssp symbols @<:@default=no@:>@]), ++ [enable_old_ssp_compat=$enableval], ++ [enable_old_ssp_compat=no]) ++if test "x$enable_old_ssp_compat" = "xyes"; then ++ AC_DEFINE(ENABLE_OLD_SSP_COMPAT) ++fi ++ + AC_CACHE_CHECK(for -fgnu89-inline, libc_cv_gnu89_inline, [dnl + cat > conftest.c <<EOF + int foo; +--- csu/libc-start.c ++++ csu/libc-start.c +@@ -37,6 +37,9 @@ extern void __pthread_initialize_minimal + uintptr_t __stack_chk_guard attribute_relro; + # endif + #endif ++#ifdef ENABLE_OLD_SSP_COMPAT ++uintptr_t __guard attribute_relro; ++#endif + + #ifdef HAVE_PTR_NTHREADS + /* We need atomic operations. */ +@@ -141,6 +145,9 @@ LIBC_START_MAIN (int (*main) (int, char + + /* Set up the stack checker's canary. */ + uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); ++#ifdef ENABLE_OLD_SSP_COMPAT ++ __guard = stack_chk_guard; ++#endif + # ifdef THREAD_SET_STACK_GUARD + THREAD_SET_STACK_GUARD (stack_chk_guard); + # else +--- csu/Versions ++++ csu/Versions +@@ -17,6 +17,12 @@ libc { + # New special glibc functions. + gnu_get_libc_release; gnu_get_libc_version; + } ++ GLIBC_2.3.2 { ++%ifdef ENABLE_OLD_SSP_COMPAT ++ # global objects and functions for the old propolice patch in gcc ++ __guard; ++%endif ++ } + GLIBC_PRIVATE { + %if HAVE___THREAD + # This version is for the TLS symbol, GLIBC_2.0 is the old object symbol. +--- debug/Versions ++++ debug/Versions +@@ -10,6 +10,12 @@ libc { + # These are to support some gcc features. + __cyg_profile_func_enter; __cyg_profile_func_exit; + } ++%ifdef ENABLE_OLD_SSP_COMPAT ++ GLIBC_2.3.2 { ++ # backwards ssp compat support; alias to __stack_chk_fail ++ __stack_smash_handler; ++ } ++%endif + GLIBC_2.3.4 { + __chk_fail; + __memcpy_chk; __memmove_chk; __mempcpy_chk; __memset_chk; __stpcpy_chk; +--- elf/rtld.c ++++ elf/rtld.c +@@ -89,6 +89,9 @@ INTDEF(_dl_argv) + in thread local area. */ + uintptr_t __stack_chk_guard attribute_relro; + #endif ++#ifdef ENABLE_OLD_SSP_COMPAT ++uintptr_t __guard attribute_relro; ++#endif + + /* Only exported for architectures that don't store the pointer guard + value in thread local area. */ +@@ -1817,6 +1821,9 @@ ERROR: ld.so: object '%s' cannot be load + + /* Set up the stack checker's canary. */ + uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); ++#ifdef ENABLE_OLD_SSP_COMPAT ++ __guard = stack_chk_guard; ++#endif + #ifdef THREAD_SET_STACK_GUARD + THREAD_SET_STACK_GUARD (stack_chk_guard); + #else +--- elf/Versions ++++ elf/Versions +@@ -43,6 +43,12 @@ ld { + # runtime interface to TLS + __tls_get_addr; + } ++%ifdef ENABLE_OLD_SSP_COMPAT ++ GLIBC_2.3.2 { ++ # backwards ssp compat support ++ __guard; ++ } ++%endif + GLIBC_2.4 { + # stack canary + __stack_chk_guard; +--- Versions.def ++++ Versions.def +@@ -109,6 +109,9 @@ ld { + GLIBC_2.0 + GLIBC_2.1 + GLIBC_2.3 ++%ifdef ENABLE_OLD_SSP_COMPAT ++ GLIBC_2.3.2 ++%endif + GLIBC_2.4 + GLIBC_PRIVATE + } diff --git a/sys-libs/glibc/files/2.11/glibc-2.11-hardened-pie.patch b/sys-libs/glibc/files/2.11/glibc-2.11-hardened-pie.patch new file mode 100644 index 0000000..df7292f --- /dev/null +++ b/sys-libs/glibc/files/2.11/glibc-2.11-hardened-pie.patch @@ -0,0 +1,40 @@ +http://bugs.gentoo.org/292139 + +2009-11-08 Magnus Granberg <zorry@ume.nu> + + * Makeconfig (+link): Set to +link-pie. + (+link-static): Change $(static-start-installed-name) to + S$(static-start-installed-name). + (+prector): Set to +prectorS. + (+postctor): Set to +postctorS. + +--- libc/Makeconfig ++++ libc/Makeconfig +@@ -447,11 +447,12 @@ + $(common-objpfx)libc% $(+postinit),$^) \ + $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) + endif +++link = $(+link-pie) + # Command for statically linking programs with the C library. + ifndef +link-static + +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ + $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ +- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ ++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ + $(+preinit) $(+prector) \ + $(filter-out $(addprefix $(csu-objpfx),start.o \ + $(start-installed-name))\ +@@ -549,11 +550,10 @@ + ifeq ($(elf),yes) + +preinit = $(addprefix $(csu-objpfx),crti.o) + +postinit = $(addprefix $(csu-objpfx),crtn.o) +-+prector = `$(CC) --print-file-name=crtbegin.o` +-+postctor = `$(CC) --print-file-name=crtend.o` +-# Variants of the two previous definitions for linking PIE programs. + +prectorS = `$(CC) --print-file-name=crtbeginS.o` + +postctorS = `$(CC) --print-file-name=crtendS.o` +++prector = $(+prectorS) +++postctor = $(+postctorS) + +interp = $(addprefix $(elf-objpfx),interp.os) + endif + csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch b/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch new file mode 100644 index 0000000..3315171 --- /dev/null +++ b/sys-libs/glibc/files/2.12/glibc-2.12-hardened-pie.patch @@ -0,0 +1,39 @@ +2010-08-11 Magnus Granberg <zorry@ume.nu> + + #332331 + * Makeconfig (+link): Set to +link-pie. + (+link-static): Change $(static-start-installed-name) to + S$(static-start-installed-name). + (+prector): Set to +prectorS. + (+postctor): Set to +postctorS. + +--- libc/Makeconfig ++++ libc/Makeconfig +@@ -447,11 +447,12 @@ + $(common-objpfx)libc% $(+postinit),$^) \ + $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) + endif +++link = $(+link-pie) + # Command for statically linking programs with the C library. + ifndef +link-static + +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ + $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ +- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ ++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ + $(+preinit) $(+prector) \ + $(filter-out $(addprefix $(csu-objpfx),start.o \ + $(start-installed-name))\ +@@ -549,11 +550,10 @@ + ifeq ($(elf),yes) + +preinit = $(addprefix $(csu-objpfx),crti.o) + +postinit = $(addprefix $(csu-objpfx),crtn.o) +-+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` +-+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` +-# Variants of the two previous definitions for linking PIE programs. + +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` + +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` +++prector = $(+prectorS) +++postctor = $(+postctorS) + +interp = $(addprefix $(elf-objpfx),interp.os) + endif + csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch b/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch new file mode 100644 index 0000000..a850a61 --- /dev/null +++ b/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch @@ -0,0 +1,39 @@ +2012-11-11 Magnus Granberg <zorry@gentoo.org> + + #442712 + * Makeconfig (+link): Set to +link-pie. + (+link-static-before-libc): Change $(static-start-installed-name) to + S$(static-start-installed-name). + (+prector): Set to +prectorS. + (+postctor): Set to +postctorS. + +--- libc/Makeconfig ++++ libc/Makeconfig +@@ -447,11 +447,12 @@ + $(common-objpfx)libc% $(+postinit),$^) \ + $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) + endif +++link = $(+link-pie) + # Command for statically linking programs with the C library. + ifndef +link-static + +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \ + $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ +- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ ++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ + $(+preinit) $(+prector) \ + $(filter-out $(addprefix $(csu-objpfx),start.o \ + $(start-installed-name))\ +@@ -549,11 +550,10 @@ + ifeq ($(elf),yes) + +preinit = $(addprefix $(csu-objpfx),crti.o) + +postinit = $(addprefix $(csu-objpfx),crtn.o) +-+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` +-+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` +-# Variants of the two previous definitions for linking PIE programs. + +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` + +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` +++prector = $(+prectorS) +++postctor = $(+postctorS) + +interp = $(addprefix $(elf-objpfx),interp.os) + endif + csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.3.5/ssp.c b/sys-libs/glibc/files/2.3.5/ssp.c new file mode 100644 index 0000000..99f8531 --- /dev/null +++ b/sys-libs/glibc/files/2.3.5/ssp.c @@ -0,0 +1,155 @@ +/* + * Distributed under the terms of the GNU General Public License v2 + * $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/2.3.5/Attic/ssp.c,v 1.4 2009/12/14 14:44:11 vapier dead $ + * + * This is a modified version of Hiroaki Etoh's stack smashing routines + * implemented for glibc. + * + * The following people have contributed input to this code. + * Ned Ludd - <solar[@]gentoo.org> + * Alexander Gabert - <pappy[@]gentoo.org> + * The PaX Team - <pageexec[@]freemail.hu> + * Peter S. Mazinger - <ps.m[@]gmx.net> + * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> + * Robert Connolly - <robert[@]linuxfromscratch.org> + * Cory Visi <cory@visi.name> + * + */ + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + +#ifdef __SSP__ +# error ssp.c has to be built w/ -fno-stack-protector +#endif + +#include <stdio.h> +#include <string.h> +#include <fcntl.h> +#include <unistd.h> +#include <signal.h> +#include <sys/types.h> +#include <sys/un.h> +#include <sys/syslog.h> +#include <sys/time.h> +#ifdef __SSP_USE_ERANDOM__ +# include <sys/sysctl.h> +#endif + +#ifdef __PROPOLICE_BLOCK_SEGV__ +# define SSP_SIGTYPE SIGSEGV +#elif __PROPOLICE_BLOCK_KILL__ +# define SSP_SIGTYPE SIGKILL +#else +# define SSP_SIGTYPE SIGABRT +#endif + +unsigned long __guard = 0UL; + +/* Use of __* functions from the rest of glibc here avoids + * initialisation problems for executables preloaded with + * libraries that overload the associated standard library + * functions. + */ +#ifdef __UCLIBC__ +extern int __libc_open(__const char *file, int flags, ...); +extern ssize_t __libc_read(int fd, void *buf, size_t count); +extern int __libc_close(int fd); +#else +# define __libc_open(file, flags) __open(file, flags) +# define __libc_read(fd, buf, count) __read(fd, buf, count) +# define __libc_close(fd) __close(fd) +# define __libc_write(fd, buf, count) __write(fd, buf, count) +#endif + +void __guard_setup(void) __attribute__ ((constructor)); +void __guard_setup(void) +{ + size_t size; + + if (__guard != 0UL) + return; + + /* Start with the "terminator canary". */ + __guard = 0xFF0A0D00UL; + +#ifndef __SSP_QUICK_CANARY__ +# ifdef __SSP_USE_ERANDOM__ + { + int mib[3]; + /* Random is another depth in Linux, hence an array of 3. */ + mib[0] = CTL_KERN; + mib[1] = KERN_RANDOM; + mib[2] = RANDOM_ERANDOM; + + size = sizeof(unsigned long); + if (__sysctl(mib, 3, &__guard, &size, NULL, 0) != (-1)) + if (__guard != 0UL) + return; + } +# endif /* ifdef __SSP_USE_ERANDOM__ */ + /* + * Attempt to open kernel pseudo random device if one exists before + * opening urandom to avoid system entropy depletion. + */ + { + int fd; + +# ifdef __SSP_USE_ERANDOM__ + if ((fd = __libc_open("/dev/erandom", O_RDONLY)) == (-1)) +# endif + fd = __libc_open("/dev/urandom", O_RDONLY); + if (fd != (-1)) { + size = __libc_read(fd, (char *) &__guard, sizeof(__guard)); + __libc_close(fd); + if (size == sizeof(__guard)) + return; + } + } +#endif /* ifndef __SSP_QUICK_CANARY__ */ + + /* Everything failed? Or we are using a weakened model of the + * terminator canary */ + { + struct timeval tv; + __gettimeofday(&tv, NULL); + __guard ^= tv.tv_usec ^ tv.tv_sec; + } +} + +void __stack_smash_handler(char func[], int damaged __attribute__ ((unused))); +void __stack_smash_handler(char func[], int damaged) +{ + extern char *__progname; + const char message[] = ": stack smashing attack in function "; + struct sigaction sa; + sigset_t mask; + + sigfillset(&mask); + + sigdelset(&mask, SSP_SIGTYPE); /* Block all signal handlers */ + sigprocmask(SIG_BLOCK, &mask, NULL); /* except SSP_SIGTYPE */ + + /* Print error message to stderr and syslog */ +#if 1 /* syslog() causes issues with glibc #94325 */ + __libc_write(STDERR_FILENO, __progname, strlen(__progname)); + __libc_write(STDERR_FILENO, message, strlen(message)); + __libc_write(STDERR_FILENO, func, strlen(func)); + __libc_write(STDERR_FILENO, "()\n", 3); + //_syscall3(int, _ssp_syslog, int, type, char *, bufp, int, len) + //_ssp_syslog(LOG_INFO, +#else + fprintf(stderr, "%s%s%s()\n", __progname, message, func); + syslog(LOG_INFO, "%s%s%s()", __progname, message, func); +#endif + + /* Make the default handler associated with the signal handler */ + memset(&sa, 0, sizeof(struct sigaction)); + sigfillset(&sa.sa_mask); /* Block all signals */ + sa.sa_flags = 0; + sa.sa_handler = SIG_DFL; + sigaction(SSP_SIGTYPE, &sa, NULL); + (void) kill(getpid(), SSP_SIGTYPE); + _exit(127); +} diff --git a/sys-libs/glibc/files/2.3.6/glibc-2.3.6-propolice-guard-functions.patch b/sys-libs/glibc/files/2.3.6/glibc-2.3.6-propolice-guard-functions.patch new file mode 100644 index 0000000..8779a2c --- /dev/null +++ b/sys-libs/glibc/files/2.3.6/glibc-2.3.6-propolice-guard-functions.patch @@ -0,0 +1,138 @@ +The configure check for SSP was taken from glibc HEAD + +diff -ur glibc-2.3.6-orig/config.make.in glibc-2.3.6/config.make.in +--- glibc-2.3.6-orig/config.make.in 2006-01-17 14:22:02.000000000 -0500 ++++ glibc-2.3.6/config.make.in 2006-01-17 14:22:39.000000000 -0500 +@@ -62,6 +62,7 @@ + have-libaudit = @have_libaudit@ + have-cc-with-libunwind = @libc_cv_cc_with_libunwind@ + fno-unit-at-a-time = @fno_unit_at_a_time@ ++have-ssp = @libc_cv_ssp@ + bind-now = @bindnow@ + + static-libgcc = @libc_cv_gcc_static_libgcc@ +diff -ur glibc-2.3.6-orig/configure glibc-2.3.6/configure +--- glibc-2.3.6-orig/configure 2006-01-17 14:22:17.000000000 -0500 ++++ glibc-2.3.6/configure 2006-01-17 14:18:24.000000000 -0500 +@@ -313,7 +313,7 @@ + # include <unistd.h> + #endif" + +-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS with_fp with_cvs enable_check_abi oldest_abi bindnow force_install all_warnings build build_cpu build_vendor build_os host host_cpu host_vendor host_os subdirs add_ons base_machine sysnames INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA LN_S CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC OBJEXT BUILD_CC cross_compiling CPP CXX CXXFLAGS ac_ct_CXX AR OBJDUMP RANLIB ac_ct_RANLIB MIG AS LD PWD_P MAKE MSGFMT MAKEINFO SED AUTOCONF SYSINCLUDES libc_cv_gcc_static_libgcc BASH libc_cv_have_bash2 KSH libc_cv_have_ksh AWK PERL INSTALL_INFO BISON VERSIONING libc_cv_asm_protected_directive libc_cv_initfinit_array libc_cv_cc_with_libunwind libc_cv_z_nodelete libc_cv_z_nodlopen libc_cv_z_initfirst libc_cv_z_relro libc_cv_Bgroup libc_cv_libgcc_s_suffix libc_cv_as_needed ASFLAGS_config libc_cv_z_combreloc libc_cv_z_execstack libc_cv_fpie fno_unit_at_a_time libc_cv_have_initfini libc_cv_cpp_asm_debuginfo no_whole_archive exceptions LIBGD have_libaudit have_selinux EGREP sizeof_long_double libc_cv_gcc_unwind_find_fde uname_sysname uname_release uname_version old_glibc_headers libc_cv_slibdir libc_cv_localedir libc_cv_sysconfdir libc_cv_rootsbindir libc_cv_forced_unwind use_ldconfig ldd_rewrite_script gnu_ld gnu_as elf xcoff static shared pic_default profile omitfp bounded static_nss nopic_initfini DEFINES linux_doors mach_interface_list VERSION RELEASE LIBOBJS LTLIBOBJS' ++ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS with_fp with_cvs enable_check_abi oldest_abi bindnow force_install all_warnings build build_cpu build_vendor build_os host host_cpu host_vendor host_os subdirs add_ons base_machine sysnames INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA LN_S CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC OBJEXT BUILD_CC cross_compiling CPP CXX CXXFLAGS ac_ct_CXX AR OBJDUMP RANLIB ac_ct_RANLIB MIG AS LD PWD_P MAKE MSGFMT MAKEINFO SED AUTOCONF SYSINCLUDES libc_cv_gcc_static_libgcc BASH libc_cv_have_bash2 KSH libc_cv_have_ksh AWK PERL INSTALL_INFO BISON VERSIONING libc_cv_asm_protected_directive libc_cv_initfinit_array libc_cv_cc_with_libunwind libc_cv_z_nodelete libc_cv_z_nodlopen libc_cv_z_initfirst libc_cv_z_relro libc_cv_Bgroup libc_cv_libgcc_s_suffix libc_cv_as_needed ASFLAGS_config libc_cv_z_combreloc libc_cv_z_execstack libc_cv_fpie fno_unit_at_a_time libc_cv_ssp libc_cv_have_initfini libc_cv_cpp_asm_debuginfo no_whole_archive exceptions LIBGD have_libaudit have_selinux EGREP sizeof_long_double libc_cv_gcc_unwind_find_fde uname_sysname uname_release uname_version old_glibc_headers libc_cv_slibdir libc_cv_localedir libc_cv_sysconfdir libc_cv_rootsbindir libc_cv_forced_unwind use_ldconfig ldd_rewrite_script gnu_ld gnu_as elf xcoff static shared pic_default profile omitfp bounded static_nss nopic_initfini DEFINES linux_doors mach_interface_list VERSION RELEASE LIBOBJS LTLIBOBJS' + ac_subst_files='' + + # Initialize some variables set by options. +@@ -5785,6 +5785,33 @@ + fi + + ++echo "$as_me:$LINENO: checking for -fstack-protector" >&5 ++echo $ECHO_N "checking for -fstack-protector... $ECHO_C" >&6 ++if test "${libc_cv_ssp+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ cat > conftest.c <<EOF ++int foo; ++main () { return 0;} ++EOF ++if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -fstack-protector ++ -o conftest conftest.c 1>&5' ++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 ++ (eval $ac_try) 2>&5 ++ ac_status=$? ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 ++ (exit $ac_status); }; } ++then ++ libc_cv_ssp=yes ++else ++ libc_cv_ssp=no ++fi ++rm -f conftest* ++fi ++echo "$as_me:$LINENO: result: $libc_cv_ssp" >&5 ++echo "${ECHO_T}$libc_cv_ssp" >&6 ++ ++ + if test $elf != yes; then + echo "$as_me:$LINENO: checking for .init and .fini sections" >&5 + echo $ECHO_N "checking for .init and .fini sections... $ECHO_C" >&6 +@@ -8504,6 +8531,7 @@ + s,@libc_cv_z_execstack@,$libc_cv_z_execstack,;t t + s,@libc_cv_fpie@,$libc_cv_fpie,;t t + s,@fno_unit_at_a_time@,$fno_unit_at_a_time,;t t ++s,@libc_cv_ssp@,$libc_cv_ssp,;t t + s,@libc_cv_have_initfini@,$libc_cv_have_initfini,;t t + s,@libc_cv_cpp_asm_debuginfo@,$libc_cv_cpp_asm_debuginfo,;t t + s,@no_whole_archive@,$no_whole_archive,;t t +diff -ur glibc-2.3.6-orig/configure.in glibc-2.3.6/configure.in +--- glibc-2.3.6-orig/configure.in 2006-01-17 14:22:17.000000000 -0500 ++++ glibc-2.3.6/configure.in 2006-01-17 14:18:24.000000000 -0500 +@@ -1500,6 +1500,21 @@ + fi + AC_SUBST(fno_unit_at_a_time) + ++AC_CACHE_CHECK(for -fstack-protector, libc_cv_ssp, [dnl ++cat > conftest.c <<EOF ++int foo; ++main () { return 0;} ++EOF ++if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -fstack-protector ++ -o conftest conftest.c 1>&AS_MESSAGE_LOG_FD]) ++then ++ libc_cv_ssp=yes ++else ++ libc_cv_ssp=no ++fi ++rm -f conftest*]) ++AC_SUBST(libc_cv_ssp) ++ + if test $elf != yes; then + AC_CACHE_CHECK(for .init and .fini sections, libc_cv_have_initfini, + [AC_TRY_COMPILE(, [asm (".section .init"); +diff -ur glibc-2.3.6-orig/sysdeps/generic/libc-start.c glibc-2.3.6/sysdeps/generic/libc-start.c +--- glibc-2.3.6-orig/sysdeps/generic/libc-start.c 2006-01-17 14:22:17.000000000 -0500 ++++ glibc-2.3.6/sysdeps/generic/libc-start.c 2006-01-17 14:18:24.000000000 -0500 +@@ -188,6 +188,9 @@ + GLRO(dl_debug_printf) ("\ntransferring control: %s\n\n", argv[0]); + #endif + ++ /* call the __guard_setup to set up the random __guard value */ ++ __guard_setup (); /* pappy@gentoo.org (pappy rules) */ ++ + #ifdef HAVE_CLEANUP_JMP_BUF + /* Memory for the cancellation buffer. */ + struct pthread_unwind_buf unwind_buf; +diff -ur glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Dist glibc-2.3.6/sysdeps/unix/sysv/linux/Dist +--- glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Dist 2006-01-17 14:22:17.000000000 -0500 ++++ glibc-2.3.6/sysdeps/unix/sysv/linux/Dist 2006-01-17 14:18:24.000000000 -0500 +@@ -1,3 +1,4 @@ ++ssp.c + bits/initspin.h + cmsg_nxthdr.c + dl-brk.c +diff -ur glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Makefile glibc-2.3.6/sysdeps/unix/sysv/linux/Makefile +--- glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Makefile 2006-01-17 14:22:17.000000000 -0500 ++++ glibc-2.3.6/sysdeps/unix/sysv/linux/Makefile 2006-01-17 14:18:24.000000000 -0500 +@@ -1,5 +1,8 @@ + ifeq ($(subdir),csu) +-sysdep_routines += errno-loc ++sysdep_routines += errno-loc ssp ++ifeq (yes,$(have-ssp)) ++CFLAGS-ssp.c += -fno-stack-protector ++endif + endif + + ifeq ($(subdir),assert) +diff -ur glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Versions glibc-2.3.6/sysdeps/unix/sysv/linux/Versions +--- glibc-2.3.6-orig/sysdeps/unix/sysv/linux/Versions 2006-01-17 14:22:17.000000000 -0500 ++++ glibc-2.3.6/sysdeps/unix/sysv/linux/Versions 2006-01-17 14:18:24.000000000 -0500 +@@ -108,6 +108,8 @@ + GLIBC_2.3.2 { + # New kernel interfaces. + epoll_create; epoll_ctl; epoll_wait; ++ # global objects and functions for the propolice patch in gcc - moved from libgcc by pappy@gentoo.org ++ __guard; __guard_setup; __stack_smash_handler; + } + GLIBC_2.3.3 { + gnu_dev_major; gnu_dev_minor; gnu_dev_makedev; diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c new file mode 100644 index 0000000..e304440 --- /dev/null +++ b/sys-libs/glibc/files/2.5/glibc-2.5-gentoo-stack_chk_fail.c @@ -0,0 +1,311 @@ +/* Copyright (C) 2005 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +/* Copyright (C) 2006 Gentoo Foundation Inc. + * License terms as above. + * + * Hardened Gentoo SSP handler + * + * An SSP failure handler that does not use functions from the rest of + * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures + * no possibility of recursion into the handler. + * + * Direct all bug reports to http://bugs.gentoo.org/ + * + * Re-written from the glibc-2.3 Hardened Gentoo SSP handler + * by Kevin F. Quinn - <kevquinn[@]gentoo.org> + * + * The following people contributed to the glibc-2.3 Hardened + * Gentoo SSP handler, from which this implementation draws much: + * + * Ned Ludd - <solar[@]gentoo.org> + * Alexander Gabert - <pappy[@]gentoo.org> + * The PaX Team - <pageexec[@]freemail.hu> + * Peter S. Mazinger - <ps.m[@]gmx.net> + * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> + * Robert Connolly - <robert[@]linuxfromscratch.org> + * Cory Visi <cory[@]visi.name> + * Mike Frysinger <vapier[@]gentoo.org> + */ + +#include <errno.h> +#include <stdlib.h> +#include <unistd.h> +#include <signal.h> + +#include <sys/types.h> + +#include <sysdep-cancel.h> +#include <sys/syscall.h> +#include <bp-checks.h> + +#include <kernel-features.h> + +#include <alloca.h> +/* from sysdeps */ +#include <socketcall.h> +/* for the stuff in bits/socket.h */ +#include <sys/socket.h> +#include <sys/un.h> + + +/* Sanity check on SYSCALL macro names - force compilation + * failure if the names used here do not exist + */ +#if !defined __NR_socketcall && !defined __NR_socket +# error Cannot do syscall socket or socketcall +#endif +#if !defined __NR_socketcall && !defined __NR_connect +# error Cannot do syscall connect or socketcall +#endif +#ifndef __NR_write +# error Cannot do syscall write +#endif +#ifndef __NR_close +# error Cannot do syscall close +#endif +#ifndef __NR_getpid +# error Cannot do syscall getpid +#endif +#ifndef __NR_kill +# error Cannot do syscall kill +#endif +#ifndef __NR_exit +# error Cannot do syscall exit +#endif +#ifdef SSP_SMASH_DUMPS_CORE +# if !defined _KERNEL_NSIG && !defined _NSIG +# error No _NSIG or _KERNEL_NSIG for rt_sigaction +# endif +# if !defined __NR_sigation && !defined __NR_rt_sigaction +# error Cannot do syscall sigaction or rt_sigaction +# endif +#endif + + + +/* Define DO_SOCKET/DO_CONNECT macros to deal with socketcall vs socket/connect */ +#ifdef __NR_socketcall + +# define DO_SOCKET(result,domain,type,protocol) \ + {socketargs[0] = domain; \ + socketargs[1] = type; \ + socketargs[2] = protocol; \ + socketargs[3] = 0; \ + result = INLINE_SYSCALL(socketcall,2,SOCKOP_socket,socketargs);} + +# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ + {socketargs[0] = sockfd; \ + socketargs[1] = (unsigned long int)serv_addr; \ + socketargs[2] = addrlen; \ + socketargs[3] = 0; \ + result = INLINE_SYSCALL(socketcall,2,SOCKOP_connect,socketargs);} + +#else + +# define DO_SOCKET(result,domain,type,protocol) \ + {result = INLINE_SYSCALL(socket,3,domain,type,protocol);} + +# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ + {result = INLINE_SYSCALL(connect,3,sockfd,serv_addr,addrlen);} + +#endif +/* __NR_socketcall */ + + +#ifndef _PATH_LOG +# define _PATH_LOG "/dev/log" +#endif + +static const char path_log[]=_PATH_LOG; + +/* For building glibc with SSP switched on, define __progname to a + * constant if building for the run-time loader, to avoid pulling + * in more of libc.so into ld.so + */ +#ifdef IS_IN_rtld +static char *__progname = "<rtld>"; +#else +extern char *__progname; +#endif + + +/* Common handler code, used by stack_chk_fail and __stack_smash_handler + * Inlined to ensure no self-references to the handler within itself. + * Data static to avoid putting more than necessary on the stack, + * to aid core debugging. + */ +static inline void +__attribute__ ((__noreturn__ , __always_inline__)) +__hardened_gentoo_stack_chk_fail (char func[], int damaged) +{ +#define MESSAGE_BUFSIZ 256 + static pid_t pid; + static int plen, i; + static char message[MESSAGE_BUFSIZ]; + static const char msg_ssa[]=": stack smashing attack"; + static const char msg_inf[]=" in function "; + static const char msg_ssd[]="*** stack smashing detected ***: "; + static const char msg_terminated[]=" - terminated\n"; + static const char msg_report[]="Report to http://bugs.gentoo.org/\n"; + static const char msg_unknown[]="<unknown>"; +#ifdef SSP_SMASH_DUMPS_CORE + static struct sigaction default_abort_act; +#endif + static int log_socket, connect_result; + static struct sockaddr_un sock; +#ifdef __NR_socketcall + static unsigned long int socketargs[4]; +#endif + + /* Build socket address + */ + sock.sun_family = AF_UNIX; + i=0; + while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) + { + sock.sun_path[i]=path_log[i]; + i++; + } + sock.sun_path[i]='\0'; + + /* Try SOCK_DGRAM connection to syslog */ + connect_result=-1; + DO_SOCKET(log_socket,AF_UNIX,SOCK_DGRAM,0); + if (log_socket != -1) + DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); + if (connect_result == -1) + { + if (log_socket != -1) + INLINE_SYSCALL(close,1,log_socket); + /* Try SOCK_STREAM connection to syslog */ + DO_SOCKET(log_socket,AF_UNIX,SOCK_STREAM,0); + if (log_socket != -1) + DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); + } + + /* Build message. Messages are generated both in the old style and new style, + * so that log watchers that are configured for the old-style message continue + * to work. + */ +#define strconcat(str) \ + {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ + {\ + message[plen+i]=str[i];\ + i++;\ + }\ + plen+=i;} + + /* R.Henderson post-gcc-4 style message */ + plen=0; + strconcat(msg_ssd); + if (__progname != (char *)0) + strconcat(__progname) + else + strconcat(msg_unknown); + strconcat(msg_terminated); + + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); + if (connect_result != -1) + INLINE_SYSCALL(write,3,log_socket,message,plen); + + /* Dr. Etoh pre-gcc-4 style message */ + plen=0; + if (__progname != (char *)0) + strconcat(__progname) + else + strconcat(msg_unknown); + strconcat(msg_ssa); + strconcat(msg_inf); + if (func!=NULL) + strconcat(func) + else + strconcat(msg_unknown); + strconcat(msg_terminated); + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); + if (connect_result != -1) + INLINE_SYSCALL(write,3,log_socket,message,plen); + + /* Direct reports to bugs.gentoo.org */ + plen=0; + strconcat(msg_report); + message[plen++]='\0'; + + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen); + if (connect_result != -1) + INLINE_SYSCALL(write,3,log_socket,message,plen); + + if (log_socket != -1) + INLINE_SYSCALL(close,1,log_socket); + + /* Suicide */ + pid=INLINE_SYSCALL(getpid,0); +#ifdef SSP_SMASH_DUMPS_CORE + /* Remove any user-supplied handler for SIGABRT, before using it */ + default_abort_act.sa_handler = SIG_DFL; + default_abort_act.sa_sigaction = NULL; + __sigfillset(&default_abort_act.sa_mask); + default_abort_act.sa_flags = 0; + /* sigaction doesn't exist on amd64; however rt_sigaction seems to + * exist everywhere. rt_sigaction has an extra parameter - the + * size of sigset_t. + */ +# ifdef __NR_sigation + if (INLINE_SYSCALL(sigaction,3,SIGABRT,&default_abort_act,NULL) == 0) +# else + /* Although rt_sigaction expects sizeof(sigset_t) - it expects the size + * of the _kernel_ sigset_t which is not the same as the user sigset_t. + * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for + * some reason. + */ +# ifdef _KERNEL_NSIG + if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_KERNEL_NSIG/8) == 0) +# else + if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_NSIG/8) == 0) +# endif +# endif + INLINE_SYSCALL(kill,2,pid,SIGABRT); +#endif + /* Note; actions cannot be added to SIGKILL */ + INLINE_SYSCALL(kill,2,pid,SIGKILL); + + /* In case the kill didn't work, exit anyway + * The loop prevents gcc thinking this routine returns + */ + while (1) INLINE_SYSCALL(exit,0); +} + +void +__attribute__ ((__noreturn__)) + __stack_chk_fail (void) +{ + __hardened_gentoo_stack_chk_fail(NULL,0); +} + +#ifdef ENABLE_OLD_SSP_COMPAT +void +__attribute__ ((__noreturn__)) +__stack_smash_handler(char func[], int damaged) +{ + __hardened_gentoo_stack_chk_fail(func,damaged); +} +#endif + diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch new file mode 100644 index 0000000..253a61b --- /dev/null +++ b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch @@ -0,0 +1,29 @@ +Prevent default-fPIE from confusing configure into thinking +PIC code is default. This causes glibc to build both PIC and +non-PIC code as normal, which on the hardened compiler generates +PIC and PIE. + +Patch by Kevin F. Quinn <kevquinn@gentoo.org> + +--- configure.in ++++ configure.in +@@ -2145,7 +2145,7 @@ + # error PIC is default. + #endif + EOF +-if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then ++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then + pic_default=no + fi + rm -f conftest.*]) +--- configure ++++ configure +@@ -7698,7 +7698,7 @@ + # error PIC is default. + #endif + EOF +-if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then ++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then + pic_default=no + fi + rm -f conftest.* diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch new file mode 100644 index 0000000..420e6fd --- /dev/null +++ b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-inittls-nosysenter.patch @@ -0,0 +1,283 @@ +When building glibc PIE (which is not something upstream support), +several modifications are necessary to the glibc build process. + +First, any syscalls in PIEs must be of the PIC variant, otherwise +textrels ensue. Then, any syscalls made before the initialisation +of the TLS will fail on i386, as the sysenter variant on i386 uses +the TLS, giving rise to a chicken-and-egg situation. This patch +defines a PIC syscall variant that doesn't use sysenter, even when the sysenter +version is normally used, and uses the non-sysenter version for the brk +syscall that is performed by the TLS initialisation. Further, the TLS +initialisation is moved in this case prior to the initialisation of +dl_osversion, as that requires further syscalls. + +csu/libc-start.c: Move initial TLS initialization to before the +initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined + +csu/libc-tls.c: Use the no-sysenter version of sbrk when +INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter +version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/brk.c: Define a no-sysenter version of brk if +INTERNAL_SYSCALL_NOSYSENTER is defined. + +sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER +Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. + +Patch by Kevin F. Quinn <kevquinn@gentoo.org> + +--- csu/libc-start.c.orig 2007-01-21 11:51:06.000000000 +0100 ++++ csu/libc-start.c 2007-01-21 11:55:57.000000000 +0100 +@@ -28,6 +28,7 @@ + extern int __libc_multiple_libcs; + + #include <tls.h> ++#include <sysdep.h> + #ifndef SHARED + # include <dl-osinfo.h> + extern void __pthread_initialize_minimal (void) +@@ -133,6 +134,14 @@ + # endif + _dl_aux_init (auxvec); + # endif ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ /* Do the initial TLS initialization before _dl_osversion, ++ since the latter uses the uname syscall. */ ++# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP ++ if (__pthread_initialize_minimal) ++# endif ++ __pthread_initialize_minimal (); ++# endif + # ifdef DL_SYSDEP_OSCHECK + if (!__libc_multiple_libcs) + { +@@ -142,15 +151,17 @@ + } + # endif + ++# ifndef INTERNAL_SYSCALL_NOSYSENTER + /* Initialize the thread library at least a bit since the libgcc + functions are using thread functions if these are available and + we need to setup errno. If there is no thread library and we + handle TLS the function is defined in the libc to initialized the + TLS handling. */ +-# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP ++# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP + if (__pthread_initialize_minimal) +-# endif ++# endif + __pthread_initialize_minimal (); ++# endif + #endif + + # ifndef SHARED +--- csu/libc-tls.c.orig 2007-01-21 11:37:02.000000000 +0100 ++++ csu/libc-tls.c 2007-01-21 12:09:33.000000000 +0100 +@@ -23,6 +23,7 @@ + #include <unistd.h> + #include <stdio.h> + #include <sys/param.h> ++#include <sysdep.h> + + + #ifdef SHARED +@@ -30,6 +31,9 @@ + #endif + + #ifdef USE_TLS ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++extern void *__sbrk_nosysenter (intptr_t __delta); ++# endif + extern ElfW(Phdr) *_dl_phdr; + extern size_t _dl_phnum; + +@@ -142,14 +146,26 @@ + + The initialized value of _dl_tls_static_size is provided by dl-open.c + to request some surplus that permits dynamic loading of modules with +- IE-model TLS. */ ++ IE-model TLS. ++ ++ Where the normal sbrk would use a syscall that needs the TLS (i386) ++ use the special non-sysenter version instead. */ + # if TLS_TCB_AT_TP + tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); ++# else + tlsblock = __sbrk (tcb_offset + tcbsize + max_align); ++# endif + # elif TLS_DTV_AT_TP + tcb_offset = roundup (tcbsize, align ?: 1); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align ++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# else + tlsblock = __sbrk (tcb_offset + memsz + max_align + + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# endif + tlsblock += TLS_PRE_TCB_SIZE; + # else + /* In case a model with a different layout for the TCB and DTV +--- misc/sbrk.c.orig 2007-01-21 11:38:27.000000000 +0100 ++++ misc/sbrk.c 2007-01-21 12:07:29.000000000 +0100 +@@ -18,6 +18,7 @@ + + #include <unistd.h> + #include <errno.h> ++#include <sysdep.h> + + /* Defined in brk.c. */ + extern void *__curbrk; +@@ -29,6 +30,35 @@ + /* Extend the process's data space by INCREMENT. + If INCREMENT is negative, shrink data space by - INCREMENT. + Return start of new space allocated, or -1 for errors. */ ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ if the SYSENTER version requires the TLS (which it does on i386). ++ Obviously using the TLS before it is initialised is broken. */ ++extern int __brk_nosysenter (void *addr); ++void * ++__sbrk_nosysenter (intptr_t increment) ++{ ++ void *oldbrk; ++ ++ /* If this is not part of the dynamic library or the library is used ++ via dynamic loading in a statically linked program update ++ __curbrk from the kernel's brk value. That way two separate ++ instances of __brk and __sbrk can share the heap, returning ++ interleaved pieces of it. */ ++ if (__curbrk == NULL || __libc_multiple_libcs) ++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ ++ return (void *) -1; ++ ++ if (increment == 0) ++ return __curbrk; ++ ++ oldbrk = __curbrk; ++ if (__brk_nosysenter (oldbrk + increment) < 0) ++ return (void *) -1; ++ ++ return oldbrk; ++} ++#endif + void * + __sbrk (intptr_t increment) + { +--- sysdeps/unix/sysv/linux/i386/brk.c.orig 2007-01-21 11:39:16.000000000 +0100 ++++ sysdeps/unix/sysv/linux/i386/brk.c 2007-01-21 11:44:01.000000000 +0100 +@@ -31,6 +31,30 @@ + linker. */ + weak_alias (__curbrk, ___brk_addr) + ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ * if the SYSENTER version requires the TLS (which it does on i386). ++ * Obviously using the TLS before it is initialised is broken. */ ++int ++__brk_nosysenter (void *addr) ++{ ++ void *__unbounded newbrk; ++ ++ INTERNAL_SYSCALL_DECL (err); ++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, ++ __ptrvalue (addr)); ++ ++ __curbrk = newbrk; ++ ++ if (newbrk < addr) ++ { ++ __set_errno (ENOMEM); ++ return -1; ++ } ++ ++ return 0; ++} ++#endif + int + __brk (void *addr) + { +--- sysdeps/unix/sysv/linux/i386/sysdep.h.orig 2007-01-21 13:08:00.000000000 +0100 ++++ sysdeps/unix/sysv/linux/i386/sysdep.h 2007-01-21 13:19:10.000000000 +0100 +@@ -187,7 +187,7 @@ + /* The original calling convention for system calls on Linux/i386 is + to use int $0x80. */ + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET + # else + # define ENTER_KERNEL call *_dl_sysinfo +@@ -358,7 +358,7 @@ + possible to use more than four parameters. */ + #undef INTERNAL_SYSCALL + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ + register unsigned int resultvar; \ +@@ -384,6 +384,18 @@ + : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ + ASMFMT_##nr(args) : "memory", "cc"); \ + (int) resultvar; }) ++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ ++ ({ \ ++ register unsigned int resultvar; \ ++ EXTRAVAR_##nr \ ++ asm volatile ( \ ++ LOADARGS_NOSYSENTER_##nr \ ++ "movl %1, %%eax\n\t" \ ++ "int $0x80\n\t" \ ++ RESTOREARGS_NOSYSENTER_##nr \ ++ : "=a" (resultvar) \ ++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ ++ (int) resultvar; }) + # else + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ +@@ -447,12 +459,20 @@ + + #define LOADARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define LOADARGS_1 \ + "bpushl .L__X'%k3, %k3\n\t" + # define LOADARGS_5 \ + "movl %%ebx, %4\n\t" \ + "movl %3, %%ebx\n\t" ++# define LOADARGS_NOSYSENTER_1 \ ++ "bpushl .L__X'%k2, %k2\n\t" ++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 ++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_5 \ ++ "movl %%ebx, %3\n\t" \ ++ "movl %2, %%ebx\n\t" + # else + # define LOADARGS_1 \ + "bpushl .L__X'%k2, %k2\n\t" +@@ -474,11 +495,18 @@ + + #define RESTOREARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define RESTOREARGS_1 \ + "bpopl .L__X'%k3, %k3\n\t" + # define RESTOREARGS_5 \ + "movl %4, %%ebx" ++# define RESTOREARGS_NOSYSENTER_1 \ ++ "bpopl .L__X'%k2, %k2\n\t" ++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 ++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_5 \ ++ "movl %3, %%ebx" + # else + # define RESTOREARGS_1 \ + "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch new file mode 100644 index 0000000..46f3de4 --- /dev/null +++ b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch @@ -0,0 +1,39 @@ +Change link commands for glibc executables to build PIEs + +Patch by Kevin F. Quinn <kevquinn@gentoo.org> + +--- Makeconfig ++++ Makeconfig +@@ -415,10 +415,10 @@ + + # Command for linking programs with the C library. + ifndef +link +-+link = $(CC) -nostdlib -nostartfiles -o $@ \ +++link = $(CC) -nostdlib -nostartfiles -fPIE -pie -o $@ \ + $(sysdep-LDFLAGS) $(config-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ + $(combreloc-LDFLAGS) $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \ +- $(addprefix $(csu-objpfx),$(start-installed-name)) \ ++ $(addprefix $(csu-objpfx),S$(start-installed-name)) \ + $(+preinit) $(+prector) \ + $(filter-out $(addprefix $(csu-objpfx),start.o \ + $(start-installed-name))\ +@@ -429,7 +429,7 @@ + ifndef +link-static + +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ + $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ +- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ ++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ + $(+preinit) $(+prector) \ + $(filter-out $(addprefix $(csu-objpfx),start.o \ + $(start-installed-name))\ +@@ -528,8 +528,8 @@ + ifeq ($(elf),yes) + +preinit = $(addprefix $(csu-objpfx),crti.o) + +postinit = $(addprefix $(csu-objpfx),crtn.o) +-+prector = `$(CC) --print-file-name=crtbegin.o` +-+postctor = `$(CC) --print-file-name=crtend.o` +++prector = `$(CC) --print-file-name=crtbeginS.o` +++postctor = `$(CC) --print-file-name=crtendS.o` + +interp = $(addprefix $(elf-objpfx),interp.os) + endif + csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c new file mode 100644 index 0000000..217bf1a --- /dev/null +++ b/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c @@ -0,0 +1,321 @@ +/* Copyright (C) 2005 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +/* Copyright (C) 2006-2007 Gentoo Foundation Inc. + * License terms as above. + * + * Hardened Gentoo SSP handler + * + * An SSP failure handler that does not use functions from the rest of + * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures + * no possibility of recursion into the handler. + * + * Direct all bug reports to http://bugs.gentoo.org/ + * + * Re-written from the glibc-2.3 Hardened Gentoo SSP handler + * by Kevin F. Quinn - <kevquinn[@]gentoo.org> + * + * The following people contributed to the glibc-2.3 Hardened + * Gentoo SSP handler, from which this implementation draws much: + * + * Ned Ludd - <solar[@]gentoo.org> + * Alexander Gabert - <pappy[@]gentoo.org> + * The PaX Team - <pageexec[@]freemail.hu> + * Peter S. Mazinger - <ps.m[@]gmx.net> + * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> + * Robert Connolly - <robert[@]linuxfromscratch.org> + * Cory Visi <cory[@]visi.name> + * Mike Frysinger <vapier[@]gentoo.org> + */ + +#include <errno.h> +#include <stdlib.h> +#include <unistd.h> +#include <signal.h> + +#include <sys/types.h> + +#include <sysdep-cancel.h> +#include <sys/syscall.h> +#include <bp-checks.h> + +#include <kernel-features.h> + +#include <alloca.h> +/* from sysdeps */ +#include <socketcall.h> +/* for the stuff in bits/socket.h */ +#include <sys/socket.h> +#include <sys/un.h> + + +/* Sanity check on SYSCALL macro names - force compilation + * failure if the names used here do not exist + */ +#if !defined __NR_socketcall && !defined __NR_socket +# error Cannot do syscall socket or socketcall +#endif +#if !defined __NR_socketcall && !defined __NR_connect +# error Cannot do syscall connect or socketcall +#endif +#ifndef __NR_write +# error Cannot do syscall write +#endif +#ifndef __NR_close +# error Cannot do syscall close +#endif +#ifndef __NR_getpid +# error Cannot do syscall getpid +#endif +#ifndef __NR_kill +# error Cannot do syscall kill +#endif +#ifndef __NR_exit +# error Cannot do syscall exit +#endif +#ifdef SSP_SMASH_DUMPS_CORE +# define ENABLE_SSP_SMASH_DUMPS_CORE 1 +# if !defined _KERNEL_NSIG && !defined _NSIG +# error No _NSIG or _KERNEL_NSIG for rt_sigaction +# endif +# if !defined __NR_sigaction && !defined __NR_rt_sigaction +# error Cannot do syscall sigaction or rt_sigaction +# endif +/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size + * of the _kernel_ sigset_t which is not the same as the user sigset_t. + * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for + * some reason. + */ +# ifdef _KERNEL_NSIG +# define _SSP_NSIG _KERNEL_NSIG +# else +# define _SSP_NSIG _NSIG +# endif +#else +# define _SSP_NSIG 0 +# define ENABLE_SSP_SMASH_DUMPS_CORE 0 +#endif + +/* Define DO_SIGACTION - default to newer rt signal interface but + * fallback to old as needed. + */ +#ifdef __NR_rt_sigaction +# define DO_SIGACTION(signum, act, oldact) \ + INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) +#else +# define DO_SIGACTION(signum, act, oldact) \ + INLINE_SYSCALL(sigaction, 3, signum, act, oldact) +#endif + +/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ +#if defined(__NR_socket) && defined(__NR_connect) +# define USE_OLD_SOCKETCALL 0 +#else +# define USE_OLD_SOCKETCALL 1 +#endif +/* stub out the __NR_'s so we can let gcc optimize away dead code */ +#ifndef __NR_socketcall +# define __NR_socketcall 0 +#endif +#ifndef __NR_socket +# define __NR_socket 0 +#endif +#ifndef __NR_connect +# define __NR_connect 0 +#endif +#define DO_SOCKET(result, domain, type, protocol) \ + do { \ + if (USE_OLD_SOCKETCALL) { \ + socketargs[0] = domain; \ + socketargs[1] = type; \ + socketargs[2] = protocol; \ + socketargs[3] = 0; \ + result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ + } else \ + result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ + } while (0) +#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ + do { \ + if (USE_OLD_SOCKETCALL) { \ + socketargs[0] = sockfd; \ + socketargs[1] = (unsigned long int)serv_addr; \ + socketargs[2] = addrlen; \ + socketargs[3] = 0; \ + result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ + } else \ + result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ + } while (0) + +#ifndef _PATH_LOG +# define _PATH_LOG "/dev/log" +#endif + +static const char path_log[] = _PATH_LOG; + +/* For building glibc with SSP switched on, define __progname to a + * constant if building for the run-time loader, to avoid pulling + * in more of libc.so into ld.so + */ +#ifdef IS_IN_rtld +static char *__progname = "<rtld>"; +#else +extern char *__progname; +#endif + + +/* Common handler code, used by stack_chk_fail and __stack_smash_handler + * Inlined to ensure no self-references to the handler within itself. + * Data static to avoid putting more than necessary on the stack, + * to aid core debugging. + */ +__attribute__ ((__noreturn__ , __always_inline__)) +static inline void +__hardened_gentoo_stack_chk_fail(char func[], int damaged) +{ +#define MESSAGE_BUFSIZ 256 + static pid_t pid; + static int plen, i; + static char message[MESSAGE_BUFSIZ]; + static const char msg_ssa[] = ": stack smashing attack"; + static const char msg_inf[] = " in function "; + static const char msg_ssd[] = "*** stack smashing detected ***: "; + static const char msg_terminated[] = " - terminated\n"; + static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; + static const char msg_unknown[] = "<unknown>"; + static int log_socket, connect_result; + static struct sockaddr_un sock; + static unsigned long int socketargs[4]; + + /* Build socket address + */ + sock.sun_family = AF_UNIX; + i = 0; + while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { + sock.sun_path[i] = path_log[i]; + i++; + } + sock.sun_path[i] = '\0'; + + /* Try SOCK_DGRAM connection to syslog */ + connect_result = -1; + DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); + if (log_socket != -1) + DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); + if (connect_result == -1) { + if (log_socket != -1) + INLINE_SYSCALL(close, 1, log_socket); + /* Try SOCK_STREAM connection to syslog */ + DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); + if (log_socket != -1) + DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); + } + + /* Build message. Messages are generated both in the old style and new style, + * so that log watchers that are configured for the old-style message continue + * to work. + */ +#define strconcat(str) \ + {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ + {\ + message[plen+i]=str[i];\ + i++;\ + }\ + plen+=i;} + + /* R.Henderson post-gcc-4 style message */ + plen = 0; + strconcat(msg_ssd); + if (__progname != (char *)0) + strconcat(__progname) + else + strconcat(msg_unknown); + strconcat(msg_terminated); + + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); + if (connect_result != -1) + INLINE_SYSCALL(write, 3, log_socket, message, plen); + + /* Dr. Etoh pre-gcc-4 style message */ + plen = 0; + if (__progname != (char *)0) + strconcat(__progname) + else + strconcat(msg_unknown); + strconcat(msg_ssa); + strconcat(msg_inf); + if (func != NULL) + strconcat(func) + else + strconcat(msg_unknown); + strconcat(msg_terminated); + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); + if (connect_result != -1) + INLINE_SYSCALL(write, 3, log_socket, message, plen); + + /* Direct reports to bugs.gentoo.org */ + plen=0; + strconcat(msg_report); + message[plen++]='\0'; + + /* Write out error message to STDERR, to syslog if open */ + INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); + if (connect_result != -1) + INLINE_SYSCALL(write, 3, log_socket, message, plen); + + if (log_socket != -1) + INLINE_SYSCALL(close, 1, log_socket); + + /* Suicide */ + pid = INLINE_SYSCALL(getpid, 0); + + if (ENABLE_SSP_SMASH_DUMPS_CORE) { + static struct sigaction default_abort_act; + /* Remove any user-supplied handler for SIGABRT, before using it */ + default_abort_act.sa_handler = SIG_DFL; + default_abort_act.sa_sigaction = NULL; + __sigfillset(&default_abort_act.sa_mask); + default_abort_act.sa_flags = 0; + if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) + INLINE_SYSCALL(kill, 2, pid, SIGABRT); + } + + /* Note; actions cannot be added to SIGKILL */ + INLINE_SYSCALL(kill, 2, pid, SIGKILL); + + /* In case the kill didn't work, exit anyway + * The loop prevents gcc thinking this routine returns + */ + while (1) + INLINE_SYSCALL(exit, 0); +} + +__attribute__ ((__noreturn__)) +void __stack_chk_fail(void) +{ + __hardened_gentoo_stack_chk_fail(NULL, 0); +} + +#ifdef ENABLE_OLD_SSP_COMPAT +__attribute__ ((__noreturn__)) +void __stack_smash_handler(char func[], int damaged) +{ + __hardened_gentoo_stack_chk_fail(func, damaged); +} +#endif diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch new file mode 100644 index 0000000..be8ca19 --- /dev/null +++ b/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch @@ -0,0 +1,273 @@ +When building glibc PIE (which is not something upstream support), +several modifications are necessary to the glibc build process. + +First, any syscalls in PIEs must be of the PIC variant, otherwise +textrels ensue. Then, any syscalls made before the initialisation +of the TLS will fail on i386, as the sysenter variant on i386 uses +the TLS, giving rise to a chicken-and-egg situation. This patch +defines a PIC syscall variant that doesn't use sysenter, even when the sysenter +version is normally used, and uses the non-sysenter version for the brk +syscall that is performed by the TLS initialisation. Further, the TLS +initialisation is moved in this case prior to the initialisation of +dl_osversion, as that requires further syscalls. + +csu/libc-start.c: Move initial TLS initialization to before the +initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined + +csu/libc-tls.c: Use the no-sysenter version of sbrk when +INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter +version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/brk.c: Define a no-sysenter version of brk if +INTERNAL_SYSCALL_NOSYSENTER is defined. + +sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER +Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. + +Patch by Kevin F. Quinn <kevquinn@gentoo.org> + +--- csu/libc-start.c ++++ csu/libc-start.c +@@ -28,6 +28,7 @@ + extern int __libc_multiple_libcs; + + #include <tls.h> ++#include <sysdep.h> + #ifndef SHARED + # include <dl-osinfo.h> + extern void __pthread_initialize_minimal (void); +@@ -129,6 +130,11 @@ + # endif + _dl_aux_init (auxvec); + # endif ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ /* Do the initial TLS initialization before _dl_osversion, ++ since the latter uses the uname syscall. */ ++ __pthread_initialize_minimal (); ++# endif + # ifdef DL_SYSDEP_OSCHECK + if (!__libc_multiple_libcs) + { +@@ -138,10 +144,12 @@ + } + # endif + ++# ifndef INTERNAL_SYSCALL_NOSYSENTER + /* Initialize the thread library at least a bit since the libgcc + functions are using thread functions if these are available and + we need to setup errno. */ + __pthread_initialize_minimal (); ++# endif + #endif + + # ifndef SHARED +--- csu/libc-tls.c ++++ csu/libc-tls.c +@@ -23,6 +23,7 @@ + #include <unistd.h> + #include <stdio.h> + #include <sys/param.h> ++#include <sysdep.h> + + + #ifdef SHARED +@@ -29,6 +30,9 @@ + #error makefile bug, this file is for static only + #endif + ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++extern void *__sbrk_nosysenter (intptr_t __delta); ++#endif + extern ElfW(Phdr) *_dl_phdr; + extern size_t _dl_phnum; + +@@ -141,14 +145,26 @@ + + The initialized value of _dl_tls_static_size is provided by dl-open.c + to request some surplus that permits dynamic loading of modules with +- IE-model TLS. */ ++ IE-model TLS. ++ ++ Where the normal sbrk would use a syscall that needs the TLS (i386) ++ use the special non-sysenter version instead. */ + #if TLS_TCB_AT_TP + tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); ++# else + tlsblock = __sbrk (tcb_offset + tcbsize + max_align); ++# endif + #elif TLS_DTV_AT_TP + tcb_offset = roundup (tcbsize, align ?: 1); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align ++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# else + tlsblock = __sbrk (tcb_offset + memsz + max_align + + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# endif + tlsblock += TLS_PRE_TCB_SIZE; + #else + /* In case a model with a different layout for the TCB and DTV +--- misc/sbrk.c ++++ misc/sbrk.c +@@ -18,6 +18,7 @@ + + #include <unistd.h> + #include <errno.h> ++#include <sysdep.h> + + /* Defined in brk.c. */ + extern void *__curbrk; +@@ -29,6 +30,35 @@ + /* Extend the process's data space by INCREMENT. + If INCREMENT is negative, shrink data space by - INCREMENT. + Return start of new space allocated, or -1 for errors. */ ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ if the SYSENTER version requires the TLS (which it does on i386). ++ Obviously using the TLS before it is initialised is broken. */ ++extern int __brk_nosysenter (void *addr); ++void * ++__sbrk_nosysenter (intptr_t increment) ++{ ++ void *oldbrk; ++ ++ /* If this is not part of the dynamic library or the library is used ++ via dynamic loading in a statically linked program update ++ __curbrk from the kernel's brk value. That way two separate ++ instances of __brk and __sbrk can share the heap, returning ++ interleaved pieces of it. */ ++ if (__curbrk == NULL || __libc_multiple_libcs) ++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ ++ return (void *) -1; ++ ++ if (increment == 0) ++ return __curbrk; ++ ++ oldbrk = __curbrk; ++ if (__brk_nosysenter (oldbrk + increment) < 0) ++ return (void *) -1; ++ ++ return oldbrk; ++} ++#endif + void * + __sbrk (intptr_t increment) + { +--- sysdeps/unix/sysv/linux/i386/brk.c ++++ sysdeps/unix/sysv/linux/i386/brk.c +@@ -31,6 +31,30 @@ + linker. */ + weak_alias (__curbrk, ___brk_addr) + ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ * if the SYSENTER version requires the TLS (which it does on i386). ++ * Obviously using the TLS before it is initialised is broken. */ ++int ++__brk_nosysenter (void *addr) ++{ ++ void *__unbounded newbrk; ++ ++ INTERNAL_SYSCALL_DECL (err); ++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, ++ __ptrvalue (addr)); ++ ++ __curbrk = newbrk; ++ ++ if (newbrk < addr) ++ { ++ __set_errno (ENOMEM); ++ return -1; ++ } ++ ++ return 0; ++} ++#endif + int + __brk (void *addr) + { +--- sysdeps/unix/sysv/linux/i386/sysdep.h ++++ sysdeps/unix/sysv/linux/i386/sysdep.h +@@ -187,7 +187,7 @@ + /* The original calling convention for system calls on Linux/i386 is + to use int $0x80. */ + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET + # else + # define ENTER_KERNEL call *_dl_sysinfo +@@ -358,7 +358,7 @@ + possible to use more than four parameters. */ + #undef INTERNAL_SYSCALL + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ + register unsigned int resultvar; \ +@@ -384,6 +384,18 @@ + : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ + ASMFMT_##nr(args) : "memory", "cc"); \ + (int) resultvar; }) ++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ ++ ({ \ ++ register unsigned int resultvar; \ ++ EXTRAVAR_##nr \ ++ asm volatile ( \ ++ LOADARGS_NOSYSENTER_##nr \ ++ "movl %1, %%eax\n\t" \ ++ "int $0x80\n\t" \ ++ RESTOREARGS_NOSYSENTER_##nr \ ++ : "=a" (resultvar) \ ++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ ++ (int) resultvar; }) + # else + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ +@@ -447,12 +459,20 @@ + + #define LOADARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define LOADARGS_1 \ + "bpushl .L__X'%k3, %k3\n\t" + # define LOADARGS_5 \ + "movl %%ebx, %4\n\t" \ + "movl %3, %%ebx\n\t" ++# define LOADARGS_NOSYSENTER_1 \ ++ "bpushl .L__X'%k2, %k2\n\t" ++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 ++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_5 \ ++ "movl %%ebx, %3\n\t" \ ++ "movl %2, %%ebx\n\t" + # else + # define LOADARGS_1 \ + "bpushl .L__X'%k2, %k2\n\t" +@@ -474,11 +495,18 @@ + + #define RESTOREARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define RESTOREARGS_1 \ + "bpopl .L__X'%k3, %k3\n\t" + # define RESTOREARGS_5 \ + "movl %4, %%ebx" ++# define RESTOREARGS_NOSYSENTER_1 \ ++ "bpopl .L__X'%k2, %k2\n\t" ++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 ++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_5 \ ++ "movl %3, %%ebx" + # else + # define RESTOREARGS_1 \ + "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch new file mode 100644 index 0000000..ecf57a9 --- /dev/null +++ b/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch @@ -0,0 +1,273 @@ +When building glibc PIE (which is not something upstream support), +several modifications are necessary to the glibc build process. + +First, any syscalls in PIEs must be of the PIC variant, otherwise +textrels ensue. Then, any syscalls made before the initialisation +of the TLS will fail on i386, as the sysenter variant on i386 uses +the TLS, giving rise to a chicken-and-egg situation. This patch +defines a PIC syscall variant that doesn't use sysenter, even when the sysenter +version is normally used, and uses the non-sysenter version for the brk +syscall that is performed by the TLS initialisation. Further, the TLS +initialisation is moved in this case prior to the initialisation of +dl_osversion, as that requires further syscalls. + +csu/libc-start.c: Move initial TLS initialization to before the +initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined + +csu/libc-tls.c: Use the no-sysenter version of sbrk when +INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter +version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. + +misc/brk.c: Define a no-sysenter version of brk if +INTERNAL_SYSCALL_NOSYSENTER is defined. + +sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER +Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. + +Patch by Kevin F. Quinn <kevquinn@gentoo.org> + +--- csu/libc-start.c ++++ csu/libc-start.c +@@ -28,6 +28,7 @@ + extern int __libc_multiple_libcs; + + #include <tls.h> ++#include <sysdep.h> + #ifndef SHARED + # include <dl-osinfo.h> + extern void __pthread_initialize_minimal (void); +@@ -129,6 +130,11 @@ + # endif + _dl_aux_init (auxvec); + # endif ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ /* Do the initial TLS initialization before _dl_osversion, ++ since the latter uses the uname syscall. */ ++ __pthread_initialize_minimal (); ++# endif + # ifdef DL_SYSDEP_OSCHECK + if (!__libc_multiple_libcs) + { +@@ -138,10 +144,12 @@ + } + # endif + ++# ifndef INTERNAL_SYSCALL_NOSYSENTER + /* Initialize the thread library at least a bit since the libgcc + functions are using thread functions if these are available and + we need to setup errno. */ + __pthread_initialize_minimal (); ++# endif + + /* Set up the stack checker's canary. */ + uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); +--- csu/libc-tls.c ++++ csu/libc-tls.c +@@ -23,6 +23,7 @@ + #include <unistd.h> + #include <stdio.h> + #include <sys/param.h> ++#include <sysdep.h> + + + #ifdef SHARED +@@ -29,6 +30,9 @@ + #error makefile bug, this file is for static only + #endif + ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++extern void *__sbrk_nosysenter (intptr_t __delta); ++#endif + extern ElfW(Phdr) *_dl_phdr; + extern size_t _dl_phnum; + +@@ -141,14 +145,26 @@ + + The initialized value of _dl_tls_static_size is provided by dl-open.c + to request some surplus that permits dynamic loading of modules with +- IE-model TLS. */ ++ IE-model TLS. ++ ++ Where the normal sbrk would use a syscall that needs the TLS (i386) ++ use the special non-sysenter version instead. */ + #if TLS_TCB_AT_TP + tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); ++# else + tlsblock = __sbrk (tcb_offset + tcbsize + max_align); ++# endif + #elif TLS_DTV_AT_TP + tcb_offset = roundup (tcbsize, align ?: 1); ++# ifdef INTERNAL_SYSCALL_NOSYSENTER ++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align ++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# else + tlsblock = __sbrk (tcb_offset + memsz + max_align + + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); ++# endif + tlsblock += TLS_PRE_TCB_SIZE; + #else + /* In case a model with a different layout for the TCB and DTV +--- misc/sbrk.c ++++ misc/sbrk.c +@@ -18,6 +18,7 @@ + + #include <unistd.h> + #include <errno.h> ++#include <sysdep.h> + + /* Defined in brk.c. */ + extern void *__curbrk; +@@ -29,6 +30,35 @@ + /* Extend the process's data space by INCREMENT. + If INCREMENT is negative, shrink data space by - INCREMENT. + Return start of new space allocated, or -1 for errors. */ ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ if the SYSENTER version requires the TLS (which it does on i386). ++ Obviously using the TLS before it is initialised is broken. */ ++extern int __brk_nosysenter (void *addr); ++void * ++__sbrk_nosysenter (intptr_t increment) ++{ ++ void *oldbrk; ++ ++ /* If this is not part of the dynamic library or the library is used ++ via dynamic loading in a statically linked program update ++ __curbrk from the kernel's brk value. That way two separate ++ instances of __brk and __sbrk can share the heap, returning ++ interleaved pieces of it. */ ++ if (__curbrk == NULL || __libc_multiple_libcs) ++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ ++ return (void *) -1; ++ ++ if (increment == 0) ++ return __curbrk; ++ ++ oldbrk = __curbrk; ++ if (__brk_nosysenter (oldbrk + increment) < 0) ++ return (void *) -1; ++ ++ return oldbrk; ++} ++#endif + void * + __sbrk (intptr_t increment) + { +--- sysdeps/unix/sysv/linux/i386/brk.c ++++ sysdeps/unix/sysv/linux/i386/brk.c +@@ -31,6 +31,30 @@ + linker. */ + weak_alias (__curbrk, ___brk_addr) + ++#ifdef INTERNAL_SYSCALL_NOSYSENTER ++/* This version is used by csu/libc-tls.c whem initialising the TLS ++ * if the SYSENTER version requires the TLS (which it does on i386). ++ * Obviously using the TLS before it is initialised is broken. */ ++int ++__brk_nosysenter (void *addr) ++{ ++ void *__unbounded newbrk; ++ ++ INTERNAL_SYSCALL_DECL (err); ++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, ++ __ptrvalue (addr)); ++ ++ __curbrk = newbrk; ++ ++ if (newbrk < addr) ++ { ++ __set_errno (ENOMEM); ++ return -1; ++ } ++ ++ return 0; ++} ++#endif + int + __brk (void *addr) + { +--- sysdeps/unix/sysv/linux/i386/sysdep.h ++++ sysdeps/unix/sysv/linux/i386/sysdep.h +@@ -187,7 +187,7 @@ + /* The original calling convention for system calls on Linux/i386 is + to use int $0x80. */ + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET + # else + # define ENTER_KERNEL call *_dl_sysinfo +@@ -358,7 +358,7 @@ + possible to use more than four parameters. */ + #undef INTERNAL_SYSCALL + #ifdef I386_USE_SYSENTER +-# ifdef SHARED ++# if defined SHARED || defined __PIC__ + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ + register unsigned int resultvar; \ +@@ -384,6 +384,18 @@ + : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ + ASMFMT_##nr(args) : "memory", "cc"); \ + (int) resultvar; }) ++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ ++ ({ \ ++ register unsigned int resultvar; \ ++ EXTRAVAR_##nr \ ++ asm volatile ( \ ++ LOADARGS_NOSYSENTER_##nr \ ++ "movl %1, %%eax\n\t" \ ++ "int $0x80\n\t" \ ++ RESTOREARGS_NOSYSENTER_##nr \ ++ : "=a" (resultvar) \ ++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ ++ (int) resultvar; }) + # else + # define INTERNAL_SYSCALL(name, err, nr, args...) \ + ({ \ +@@ -447,12 +459,20 @@ + + #define LOADARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define LOADARGS_1 \ + "bpushl .L__X'%k3, %k3\n\t" + # define LOADARGS_5 \ + "movl %%ebx, %4\n\t" \ + "movl %3, %%ebx\n\t" ++# define LOADARGS_NOSYSENTER_1 \ ++ "bpushl .L__X'%k2, %k2\n\t" ++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 ++# define LOADARGS_NOSYSENTER_3 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_4 LOADARGS_3 ++# define LOADARGS_NOSYSENTER_5 \ ++ "movl %%ebx, %3\n\t" \ ++ "movl %2, %%ebx\n\t" + # else + # define LOADARGS_1 \ + "bpushl .L__X'%k2, %k2\n\t" +@@ -474,11 +495,18 @@ + + #define RESTOREARGS_0 + #ifdef __PIC__ +-# if defined I386_USE_SYSENTER && defined SHARED ++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) + # define RESTOREARGS_1 \ + "bpopl .L__X'%k3, %k3\n\t" + # define RESTOREARGS_5 \ + "movl %4, %%ebx" ++# define RESTOREARGS_NOSYSENTER_1 \ ++ "bpopl .L__X'%k2, %k2\n\t" ++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 ++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 ++# define RESTOREARGS_NOSYSENTER_5 \ ++ "movl %3, %%ebx" + # else + # define RESTOREARGS_1 \ + "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/eblits/common.eblit b/sys-libs/glibc/files/eblits/common.eblit new file mode 100644 index 0000000..55619f2 --- /dev/null +++ b/sys-libs/glibc/files/eblits/common.eblit @@ -0,0 +1,291 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# We need to be able to set alternative headers for +# compiling for non-native platform +# Will also become useful for testing kernel-headers without screwing up +# the whole system. +# note: intentionally undocumented. +alt_headers() { + if [[ -z ${ALT_HEADERS} ]] ; then + if is_crosscompile ; then + ALT_HEADERS="/usr/${CTARGET}/usr/include" + else + ALT_HEADERS="/usr/include" + fi + fi + echo "${ALT_HEADERS}" +} +alt_build_headers() { + if [[ -z ${ALT_BUILD_HEADERS} ]] ; then + ALT_BUILD_HEADERS=$(alt_headers) + if tc-is-cross-compiler ; then + ALT_BUILD_HEADERS=${ROOT}$(alt_headers) + if [[ ! -e ${ALT_BUILD_HEADERS}/linux/version.h ]] ; then + local header_path=$(echo '#include <linux/version.h>' | $(tc-getCPP ${CTARGET}) ${CFLAGS} 2>&1 | grep -o '[^"]*linux/version.h') + ALT_BUILD_HEADERS=${header_path%/linux/version.h} + fi + fi + fi + echo "${ALT_BUILD_HEADERS}" +} + +alt_usrlibdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/usr/$(get_libdir) + else + echo /usr/$(get_libdir) + fi +} + +setup_target_flags() { + # This largely mucks with compiler flags. None of which should matter + # when building up just the headers. + just_headers && return 0 + + case $(tc-arch) in + x86) + # -march needed for #185404 #199334 + if ! glibc_compile_test "" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then + local t=${CTARGET_OPT:-${CTARGET}} + t=${t%%-*} + filter-flags '-march=*' + export CFLAGS="-march=${t} ${CFLAGS}" + einfo "Auto adding -march=${t} to CFLAGS #185404" + fi + ;; + amd64) + # -march needed for #185404 #199334 + if ! glibc_compile_test "${CFLAGS_x86}" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then + local t=${CTARGET_OPT:-${CTARGET}} + t=${t%%-*} + filter-flags '-march=*' + export CFLAGS_x86="${CFLAGS_x86} -march=${t}" + einfo "Auto adding -march=${t} to CFLAGS_x86 #185404" + fi + ;; + ppc) + append-flags "-freorder-blocks" + ;; + sparc) + # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though. + filter-flags "-fcall-used-g7" + append-flags "-fcall-used-g6" + filter-flags "-mvis" + + GLIBCMAJOR=$(get_version_component_range 1 ${PV}) + GLIBCMINOR=$(get_version_component_range 2 ${PV}) + + # set CTARGET_OPT so glibc can use cpu-specific .S files for better performance + # - UltraSPARC T1 (niagara) support requires >= glibc 2.8 + # - UltraSPARC T2 (niagara2) support requires >= glibc 2.7 + + if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then + case ${ABI}:${CTARGET} in + sparc64:*|\ + default:sparc64*) + filter-flags -Wa,-xarch -Wa,-A + + if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then + CTARGET_OPT="sparc64v2-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9b" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" + elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then + CTARGET_OPT="sparc64v-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9b" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" + elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then + CTARGET_OPT="sparc64b-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9b" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" + else + CTARGET_OPT="sparc64-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9a" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a" + fi + ;; + *) + if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then + CTARGET_OPT="sparcv9v2-unknown-linux-gnu" + elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then + CTARGET_OPT="sparcv9v-unknown-linux-gnu" + elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + else + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + ;; + esac + else + if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then + CTARGET_OPT="sparcv9v2-unknown-linux-gnu" + elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then + CTARGET_OPT="sparcv9v-unknown-linux-gnu" + elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + elif { is_crosscompile && want_nptl; } || is-flagq "-mcpu=ultrasparc2" || is-flagq "-mcpu=ultrasparc"; then + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + fi + ;; + esac +} + +setup_flags() { + # Make sure host make.conf doesn't pollute us + if is_crosscompile || tc-is-cross-compiler ; then + CHOST=${CTARGET} strip-unsupported-flags + fi + + # Store our CFLAGS because it's changed depending on which CTARGET + # we are building when pulling glibc on a multilib profile + CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}} + CFLAGS=${CFLAGS_BASE} + CXXFLAGS_BASE=${CXXFLAGS_BASE-${CXXFLAGS}} + CXXFLAGS=${CXXFLAGS_BASE} + ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}} + ASFLAGS=${ASFLAGS_BASE} + + # Over-zealous CFLAGS can often cause problems. What may work for one + # person may not work for another. To avoid a large influx of bugs + # relating to failed builds, we strip most CFLAGS out to ensure as few + # problems as possible. + strip-flags + strip-unsupported-flags + filter-flags -m32 -m64 -mabi=* + + unset CBUILD_OPT CTARGET_OPT + if has_multilib_profile ; then + CTARGET_OPT=$(get_abi_CTARGET) + [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST) + fi + + setup_target_flags + + if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then + CBUILD_OPT=${CTARGET_OPT} + fi + + # Lock glibc at -O2 -- linuxthreads needs it and we want to be + # conservative here. -fno-strict-aliasing is to work around #155906 + filter-flags -O? + append-flags -O2 -fno-strict-aliasing + + # Cant build glibc itself with fortify code + append-cppflags -U_FORTIFY_SOURCE + + # building glibc with SSP is fraught with difficulty, especially + # due to __stack_chk_fail_local which would mean significant changes + # to the glibc build process. See bug #94325 #293721 + use hardened && gcc-specs-ssp && append-cflags $(test-flags-CC -fno-stack-protector) + + if use hardened && gcc-specs-pie ; then + # Force PIC macro definition for all compilations since they're all + # either -fPIC or -fPIE with the default-PIE compiler. + append-cppflags -DPIC + else + # Don't build -fPIE without the default-PIE compiler and the + # hardened-pie patch + filter-flags -fPIE + fi +} + +want_nptl() { + [[ -z ${LT_VER} ]] && return 0 + want_tls || return 1 + use nptl || return 1 + + # Only list the arches that cannot do NPTL + case $(tc-arch) in + m68k) return 1;; + sparc) + # >= v9 is needed for nptl. + [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 + ;; + esac + + return 0 +} + +want_linuxthreads() { + [[ -z ${LT_VER} ]] && return 1 + ! use nptlonly && return 0 + want_nptl || return 0 + return 1 +} + +want_tls() { + # Archs that can use TLS (Thread Local Storage) + case $(tc-arch) in + x86) + # requires i486 or better #106556 + [[ ${CTARGET} == i[4567]86* ]] && return 0 + return 1 + ;; + esac + + return 0 +} + +want__thread() { + want_tls || return 1 + + # For some reason --with-tls --with__thread is causing segfaults on sparc32. + [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 + + [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD} + + # only test gcc -- cant test linking yet + tc-has-tls -c ${CTARGET} + WANT__THREAD=$? + + return ${WANT__THREAD} +} + +use_multiarch() { + # Make sure binutils is new enough to support indirect functions #336792 + local bver=$($(tc-getLD ${CTARGET}) -v | awk '{print $NF}') nver + case $(tc-arch ${CTARGET}) in + amd64|x86) nver="2.20" ;; + sparc) nver="2.21" ;; + *) return 1 ;; + esac + version_is_at_least ${nver} ${bver} +} + +# Setup toolchain variables that had historically +# been defined in the profiles for these archs. +setup_env() { + # silly users + unset LD_RUN_PATH + + multilib_env ${CTARGET_OPT:-${CTARGET}} + if is_crosscompile || tc-is-cross-compiler ; then + if ! use multilib ; then + MULTILIB_ABIS=${DEFAULT_ABI} + else + MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}} + fi + + # If the user has CFLAGS_<CTARGET> in their make.conf, use that, + # and fall back on CFLAGS. + local VAR=CFLAGS_${CTARGET//[-.]/_} + CFLAGS=${!VAR-${CFLAGS}} + fi + + setup_flags + + export ABI=${ABI:-${DEFAULT_ABI:-default}} + + local VAR=CFLAGS_${ABI} + # We need to export CFLAGS with abi information in them because glibc's + # configure script checks CFLAGS for some targets (like mips). Keep + # around the original clean value to avoid appending multiple ABIs on + # top of each other. + : ${__GLIBC_CC:=$(tc-getCC ${CTARGET_OPT:-${CTARGET}})} + export __GLIBC_CC CC="${__GLIBC_CC} ${!VAR}" +} + +just_headers() { + is_crosscompile && use crosscompile_opts_headers-only +} diff --git a/sys-libs/glibc/files/eblits/pkg_postinst.eblit b/sys-libs/glibc/files/eblits/pkg_postinst.eblit new file mode 100644 index 0000000..9f256fa --- /dev/null +++ b/sys-libs/glibc/files/eblits/pkg_postinst.eblit @@ -0,0 +1,28 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +eblit-glibc-pkg_postinst() { + # nothing to do if just installing headers + just_headers && return + + if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then + # Generate fastloading iconv module configuration file. + "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" + fi + + if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then + # Reload init ... if in a chroot or a diff init package, ignore + # errors from this step #253697 + /sbin/telinit U 2>/dev/null + + # if the host locales.gen contains no entries, we'll install everything + local locale_list="${ROOT}etc/locale.gen" + if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then + ewarn "Generating all locales; edit /etc/locale.gen to save time/space" + locale_list="${ROOT}usr/share/i18n/SUPPORTED" + fi + local x jobs + for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done + locale-gen -j ${jobs:-1} --config "${locale_list}" + fi +} diff --git a/sys-libs/glibc/files/eblits/pkg_preinst.eblit b/sys-libs/glibc/files/eblits/pkg_preinst.eblit new file mode 100644 index 0000000..694a7da --- /dev/null +++ b/sys-libs/glibc/files/eblits/pkg_preinst.eblit @@ -0,0 +1,89 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +fix_lib64_symlinks() { + # the original Gentoo/AMD64 devs decided that since 64bit is the native + # bitdepth for AMD64, lib should be used for 64bit libraries. however, + # this ignores the FHS and breaks multilib horribly... especially + # since it wont even work without a lib64 symlink anyways. *rolls eyes* + # see bug 59710 for more information. + # Travis Tilley <lv@gentoo.org> (08 Aug 2004) + if [ -L ${ROOT}/lib64 ] ; then + ewarn "removing /lib64 symlink and moving lib to lib64..." + ewarn "dont hit ctrl-c until this is done" + rm ${ROOT}/lib64 + # now that lib64 is gone, nothing will run without calling ld.so + # directly. luckily the window of brokenness is almost non-existant + use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + # all better :) + ldconfig + ln -s lib64 ${ROOT}/lib + einfo "done! :-)" + einfo "fixed broken lib64/lib symlink in ${ROOT}" + fi + if [ -L ${ROOT}/usr/lib64 ] ; then + rm ${ROOT}/usr/lib64 + mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 + ln -s lib64 ${ROOT}/usr/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" + fi + if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then + rm ${ROOT}/usr/X11R6/lib64 + mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 + ln -s lib64 ${ROOT}/usr/X11R6/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" + fi +} + +eblit-glibc-pkg_preinst() { + # nothing to do if just installing headers + just_headers && return + + # PPC64+others may want to eventually be added to this logic if they + # decide to be multilib compatible and FHS compliant. note that this + # chunk of FHS compliance only applies to 64bit archs where 32bit + # compatibility is a major concern (not IA64, for example). + + # amd64's 2005.0 is the first amd64 profile to not need this code. + # 2005.0 is setup properly, and this is executed as part of the + # 2004.3 -> 2005.0 upgrade script. + # It can be removed after 2004.3 has been purged from portage. + { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks + + # it appears that /lib/tls is sometimes not removed. See bug + # 69258 for more info. + if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then + ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." + rm -r "${ROOT}"/$(alt_libdir)/tls || die + fi + + # prepare /etc/ld.so.conf.d/ for files + mkdir -p "${ROOT}"/etc/ld.so.conf.d + + # simple test to make sure our new glibc isnt completely broken. + # make sure we don't test with statically built binaries since + # they will fail. also, skip if this glibc is a cross compiler. + [[ ${ROOT} != "/" ]] && return 0 + [[ -d ${D}/$(get_libdir) ]] || return 0 + cd / #228809 + local x striptest + for x in date env ls true uname ; do + x=$(type -p ${x}) + [[ -z ${x} ]] && continue + striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) + [[ -z ${striptest} ]] && continue + [[ ${striptest} == *"statically linked"* ]] && continue + # we enter ${D} so to avoid trouble if the path contains + # special characters; for instance if the path contains the + # colon character (:), then the linker will try to split it + # and look for the libraries in an unexpected place. This can + # lead to unsafe code execution if the generated prefix is + # within a world-writable directory + # (e.g. /var/tmp/portage:${HOSTNAME}) + pushd "${D}"/$(get_libdir) 2>/dev/null + ./ld-*.so --library-path . ${x} > /dev/null \ + || die "simple run test (${x}) failed" + popd 2>/dev/null + done +} diff --git a/sys-libs/glibc/files/eblits/pkg_setup.eblit b/sys-libs/glibc/files/eblits/pkg_setup.eblit new file mode 100644 index 0000000..208967c --- /dev/null +++ b/sys-libs/glibc/files/eblits/pkg_setup.eblit @@ -0,0 +1,104 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +glibc_compile_test() { + local ret save_cflags=${CFLAGS} + CFLAGS+=" $1" + shift + + pushd "${T}" >/dev/null + + rm -f glibc-test* + printf '%b' "$*" > glibc-test.c + + emake -s glibc-test + ret=$? + + popd >/dev/null + + CFLAGS=${save_cflags} + return ${ret} +} + +glibc_run_test() { + local ret + + if [[ ${EMERGE_FROM} == "binary" ]] ; then + # ignore build failures when installing a binary package #324685 + glibc_compile_test "" "$@" 2>/dev/null || return 0 + else + if ! glibc_compile_test "" "$@" ; then + ewarn "Simple build failed ... assuming this is desired #324685" + return 0 + fi + fi + + pushd "${T}" >/dev/null + + ./glibc-test + ret=$? + rm -f glibc-test* + + popd >/dev/null + + return ${ret} +} + +eblit-glibc-pkg_setup() { + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + + if ! glibc_run_test '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n' + then + eerror "Your patched vendor kernel is broken. You need to get an" + eerror "update from whoever is providing the kernel to you." + eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" + eerror "http://bugs.gentoo.org/262698" + die "keeping your system alive, say thank you" + fi + + if ! glibc_run_test '#include <unistd.h>\n#include <sys/syscall.h>\nint main(){return syscall(1000)!=-1;}\n' + then + eerror "Your old kernel is broken. You need to update it to" + eerror "a newer version as syscall(<bignum>) will break." + eerror "http://bugs.gentoo.org/279260" + die "keeping your system alive, say thank you" + fi + fi + + # users have had a chance to phase themselves, time to give em the boot + if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then + eerror "You still haven't deleted ${ROOT}/etc/locales.build." + eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." + die "lazy upgrader detected" + fi + + if [[ ${CTARGET} == i386-* ]] ; then + eerror "i386 CHOSTs are no longer supported." + eerror "Chances are you don't actually want/need i386." + eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" + die "please fix your CHOST" + fi + + if [[ -n ${LT_VER} ]] ; then + if use nptlonly && ! use nptl ; then + eerror "If you want nptlonly, add nptl to your USE too ;p" + die "nptlonly without nptl" + fi + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty when running with a 32bit" + ewarn "hypervisor, which is probably not what you want." + fi + + use hardened && ! gcc-specs-pie && \ + ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" +} diff --git a/sys-libs/glibc/files/eblits/src_compile.eblit b/sys-libs/glibc/files/eblits/src_compile.eblit new file mode 100644 index 0000000..ea7e487 --- /dev/null +++ b/sys-libs/glibc/files/eblits/src_compile.eblit @@ -0,0 +1,211 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +glibc_do_configure() { + local myconf + + einfo "Configuring GLIBC for $1" + + # set addons + pushd "${S}" > /dev/null + local ADDONS=$(echo */configure | sed \ + -e 's:/configure::g' \ + -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ + -e 's: \+$::' \ + -e 's! !,!g' \ + -e 's!^!,!' \ + -e '/^,\*$/d') + [[ -d ports ]] && ADDONS="${ADDONS},ports" + popd > /dev/null + + myconf="${myconf} $(use_enable hardened stackguard-randomization)" + if [[ $(<"${T}"/.ssp.compat) == "yes" ]] ; then + myconf="${myconf} --enable-old-ssp-compat" + else + myconf="${myconf} --disable-old-ssp-compat" + fi + + use glibc-omitfp && myconf="${myconf} --enable-omitfp" + + [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" + + if [[ $1 == "linuxthreads" ]] ; then + if want_tls ; then + myconf="${myconf} --with-tls" + + if ! want__thread || use glibc-compat20 || [[ ${LT_KER_VER} == 2.[02].* ]] ; then + myconf="${myconf} --without-__thread" + else + myconf="${myconf} --with-__thread" + fi + else + myconf="${myconf} --without-tls --without-__thread" + fi + + myconf="${myconf} --disable-sanity-checks" + myconf="${myconf} --enable-add-ons=linuxthreads${ADDONS}" + myconf="${myconf} --enable-kernel=${LT_KER_VER}" + elif [[ $1 == "nptl" ]] ; then + myconf="${myconf} --enable-add-ons=nptl${ADDONS}" + myconf="${myconf} --enable-kernel=${NPTL_KERN_VER}" + else + die "invalid pthread option" + fi + + # Since SELinux support is only required for nscd, only enable it if: + # 1. USE selinux + # 2. only for the primary ABI on multilib systems + # 3. Not a crosscompile + if ! is_crosscompile && use selinux ; then + if use multilib || has_multilib_profile ; then + if is_final_abi ; then + myconf="${myconf} --with-selinux" + else + myconf="${myconf} --without-selinux" + fi + else + myconf="${myconf} --with-selinux" + fi + else + myconf="${myconf} --without-selinux" + fi + + myconf="${myconf} + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + $(use_enable profile) + $(use_with gd) + --with-headers=$(alt_build_headers) + --prefix=/usr + --libdir=/usr/$(get_libdir) + --mandir=/usr/share/man + --infodir=/usr/share/info + --libexecdir=/usr/$(get_libdir)/misc/glibc + $(use_multiarch || echo --disable-multi-arch) + ${EXTRA_ECONF}" + + # There is no configure option for this and we need to export it + # since the glibc build will re-run configure on itself + export libc_cv_slibdir=/$(get_libdir) + + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + echo "${S}"/configure ${myconf} + "${S}"/configure ${myconf} || die "failed to configure glibc" + + # since we'll be punting them for cross-compilers, and they can cause + # problems (ia64+static), we'll just skip building altogether + is_crosscompile && sed -i '1ibuild-programs = no' config.make +} + +toolchain-glibc_src_compile() { + echo + local v + for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do + einfo " $(printf '%15s' ${v}:) ${!v}" + done + export CC=$(tc-getCC ${CTARGET}) + einfo " $(printf '%15s' 'Manual CC:') ${CC}" + echo + + if want_linuxthreads ; then + glibc_do_configure linuxthreads + emake || die "make for ${ABI} failed" + fi + if want_nptl ; then + # ... and then do the optional nptl build + unset LD_ASSUME_KERNEL + glibc_do_configure nptl + emake || die "make for ${ABI} failed" + fi +} + +toolchain-glibc_headers_compile() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + + # if we don't have a compiler yet, we cant really test it now ... + # hopefully they don't affect header geneation, so let's hope for + # the best here ... + export \ + ac_cv_header_cpuid_h=yes \ + libc_cv_386_tls=yes \ + libc_cv_asm_cfi_directives=yes \ + libc_cv_broken_visibility_attribute=no \ + libc_cv_gcc___thread=yes \ + libc_cv_mlong_double_128=yes \ + libc_cv_mlong_double_128ibm=yes \ + libc_cv_ppc_machine=yes \ + libc_cv_ppc_rel16=yes \ + libc_cv_visibility_attribute=yes \ + libc_cv_z_combreloc=yes \ + libc_cv_z_execstack=yes \ + libc_cv_z_initfirst=yes \ + libc_cv_z_nodelete=yes \ + libc_cv_z_nodlopen=yes \ + libc_cv_z_relro=yes + + # Pick out the correct location for build headers + local ports="" myconf="--disable-sanity-checks --enable-hacker-mode" + [[ -d ${S}/ports ]] && ports=",ports" + myconf="${myconf} + --enable-add-ons=nptl${ports} + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + --with-headers=$(alt_build_headers) + --prefix=/usr + ${EXTRA_ECONF}" + + # Nothing is compiled here which would affect the headers for the target. + # so forcing CC/CFLAGS is sane. unless you dont have `gcc`. then i + # dont care :p. + echo "${S}"/configure ${myconf} + CC=gcc \ + CFLAGS="-O1 -pipe" \ + CPPFLAGS="-U_FORTIFY_SOURCE" \ + "${S}"/configure ${myconf} || die "failed to configure glibc" +} + +eblit-glibc-src_compile() { + if is_crosscompile ; then + export \ + libc_cv_c_cleanup=yes \ + libc_cv_forced_unwind=yes + fi + + if just_headers ; then + export ABI=default + toolchain-glibc_headers_compile + return + fi + + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Building multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + src_compile + done + ABI=${OABI} + unset OABI + return 0 + fi + fi + + toolchain-glibc_src_compile +} diff --git a/sys-libs/glibc/files/eblits/src_install.eblit b/sys-libs/glibc/files/eblits/src_install.eblit new file mode 100644 index 0000000..ecbba79 --- /dev/null +++ b/sys-libs/glibc/files/eblits/src_install.eblit @@ -0,0 +1,239 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +toolchain-glibc_src_install() { + local GBUILDDIR + if want_linuxthreads ; then + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads + else + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl + fi + + local install_root=${D} + is_crosscompile && install_root="${install_root}/usr/${CTARGET}" + if want_linuxthreads ; then + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads + einfo "Installing GLIBC ${ABI} with linuxthreads ..." + else # nptlonly + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + einfo "Installing GLIBC ${ABI} with NPTL ..." + fi + emake install_root="${install_root}" install || die + + if is_crosscompile ; then + # punt all the junk not needed by a cross-compiler + cd "${D}"/usr/${CTARGET} || die + rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} + fi + + if want_linuxthreads && want_nptl ; then + einfo "Installing NPTL to $(alt_libdir)/tls/..." + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl + + local l src_lib + for l in libc libm librt libpthread libthread_db ; do + # take care of shared lib first ... + l=${l}.so + if [[ -e ${l} ]] ; then + src_lib=${l} + else + src_lib=$(eval echo */${l}) + fi + cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" + fperms a+rx $(alt_libdir)/tls/${l} + dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) + + # then grab the linker script or the symlink ... + if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then + dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} + else + sed \ + -e "s:/${l}:/tls/${l}:g" \ + -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ + "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} + fi + + # then grab the static lib ... + src_lib=${src_lib/%.so/.a} + [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + src_lib=${src_lib/%.a/_nonshared.a} + if [[ -e ${src_lib} ]] ; then + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + fi + done + + # use the nptl linker instead of the linuxthreads one as the linuxthreads + # one may lack TLS support and that can be really bad for business + cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" + fi + + # We'll take care of the cache ourselves + rm -f "${D}"/etc/ld.so.cache + + # When cross-compiling for a non-multilib setup, make sure we have + # lib and a proper symlink setup + if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then + cd "${D}"$(alt_libdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + cd "${D}"$(alt_usrlibdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + fi + + ################################################################# + # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # + # Make sure we install some symlink hacks so that when we build + # a 2nd stage cross-compiler, gcc finds the target system + # headers correctly. See gcc/doc/gccinstall.info + if is_crosscompile ; then + dosym usr/include /usr/${CTARGET}/sys-include + return 0 + fi + + # Everything past this point just needs to be done once ... + is_final_abi || return 0 + + # Make sure the non-native interp can be found on multilib systems + if [[ ${SYMLINK_LIB} == "yes" ]] && has_multilib_profile ; then + case $(tc-arch) in + amd64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib + dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 + ;; + ppc64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib + dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 + ;; + esac + fi + + # Files for Debian-style locale updating + dodir /usr/share/i18n + sed \ + -e "/^#/d" \ + -e "/SUPPORTED-LOCALES=/d" \ + -e "s: \\\\::g" -e "s:/: :g" \ + "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ + || die "generating /usr/share/i18n/SUPPORTED failed" + cd "${WORKDIR}"/extra/locale + dosbin locale-gen || die + doman *.[0-8] + insinto /etc + doins locale.gen || die + + # Make sure all the ABI's can find the locales and so we only + # have to generate one set + local a + keepdir /usr/$(get_libdir)/locale + for a in $(get_install_abis) ; do + if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then + dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale + fi + done + + if ! has noinfo ${FEATURES} && [[ -n ${INFOPAGE_VER} ]] ; then + einfo "Installing info pages..." + + emake \ + -C "${GBUILDDIR}" \ + install_root="${install_root}" \ + info -i || die + fi + + if [[ -n ${MANPAGE_VER} ]] ; then + einfo "Installing man pages..." + + # Install linuxthreads man pages even if nptl is enabled + cd "${WORKDIR}"/man + doman *.3thr + fi + + cd "${S}" + + # Install misc network config files + insinto /etc + doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die + doins "${WORKDIR}"/extra/etc/*.conf || die + doinitd "${WORKDIR}"/extra/etc/nscd || die + + sed -i -e "s:@PIDFILE@:$(strings "${D}"/usr/sbin/nscd | grep nscd.pid):" "${D}"/etc/init.d/nscd + + echo 'LDPATH="include ld.so.conf.d/*.conf"' > "${T}"/00glibc + doenvd "${T}"/00glibc || die + + dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* + + # Prevent overwriting of the /etc/localtime symlink. We'll handle the + # creation of the "factory" symlink in pkg_postinst(). + rm -f "${D}"/etc/localtime +} + +toolchain-glibc_headers_install() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + cd "${GBUILDDIR}" + emake install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" + # Copy over headers that are not part of install-headers ... these + # are pretty much taken verbatim from crosstool, see it for more details + insinto $(alt_headers)/bits + doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" + insinto $(alt_headers)/gnu + doins "${S}"/include/gnu/stubs.h || die "doins include gnu" + # Make sure we install the sys-include symlink so that when + # we build a 2nd stage cross-compiler, gcc finds the target + # system headers correctly. See gcc/doc/gccinstall.info + dosym usr/include /usr/${CTARGET}/sys-include +} + +src_strip() { + # gdb is lame and requires some debugging information to remain in + # libpthread, so we need to strip it by hand. libthread_db makes no + # sense stripped as it is only used when debugging. + local pthread=$(has splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}") + env \ + -uRESTRICT \ + CHOST=${CTARGET} \ + STRIP_MASK="/*/{,tls/}${pthread}*" \ + prepallstrip + # if user has stripping enabled and does not have split debug turned on, + # then leave the debugging sections in libpthread. + if ! has nostrip ${FEATURES} && ! has splitdebug ${FEATURES} ; then + ${STRIP:-${CTARGET}-strip} --strip-debug "${D}"/*/libpthread-*.so + fi +} + +eblit-glibc-src_install() { + if just_headers ; then + export ABI=default + toolchain-glibc_headers_install + return + fi + + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Installing multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + eblit-glibc-src_install + done + ABI=${OABI} + unset OABI + src_strip + return 0 + fi + fi + + toolchain-glibc_src_install + [[ -z ${OABI} ]] && src_strip +} diff --git a/sys-libs/glibc/files/eblits/src_test.eblit b/sys-libs/glibc/files/eblits/src_test.eblit new file mode 100644 index 0000000..3b83291 --- /dev/null +++ b/sys-libs/glibc/files/eblits/src_test.eblit @@ -0,0 +1,41 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +toolchain-glibc_src_test() { + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-$1 || die "cd build-${ABI}-${CTARGET}-$1" + unset LD_ASSUME_KERNEL + emake -j1 check && return 0 + einfo "make check failed - re-running with --keep-going to get the rest of the results" + emake -j1 -k check + ewarn "make check failed for ${ABI}-${CTARGET}-$1" + return 1 +} + +eblit-glibc-src_test() { + local ret=0 + + setup_env + + # give tests more time to complete + export TIMEOUTFACTOR=5 + + if [[ -z ${OABI} ]] && has_multilib_profile ; then + OABI=${ABI} + einfo "Testing multilib glibc for ABIs: $(get_install_abis)" + for ABI in $(get_install_abis) ; do + export ABI + einfo " Testing ${ABI} glibc" + src_test + ((ret+=$?)) + done + ABI=${OABI} + unset OABI + [[ ${ret} -ne 0 ]] \ + && die "tests failed" \ + || return 0 + fi + + want_linuxthreads && toolchain-glibc_src_test linuxthreads ; ((ret+=$?)) + want_nptl && toolchain-glibc_src_test nptl ; ((ret+=$?)) + return ${ret} +} diff --git a/sys-libs/glibc/files/eblits/src_unpack.eblit b/sys-libs/glibc/files/eblits/src_unpack.eblit new file mode 100644 index 0000000..df0b490 --- /dev/null +++ b/sys-libs/glibc/files/eblits/src_unpack.eblit @@ -0,0 +1,196 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +int_to_KV() { + local version=$1 major minor micro + major=$((version / 65536)) + minor=$(((version % 65536) / 256)) + micro=$((version % 256)) + echo ${major}.${minor}.${micro} +} + +eend_KV() { + [[ $(KV_to_int $1) -ge $(KV_to_int $2) ]] + eend $? +} + +get_kheader_version() { + printf '#include <linux/version.h>\nLINUX_VERSION_CODE\n' | \ + $(tc-getCPP ${CTARGET}) -I "$(alt_build_headers)" | \ + tail -n 1 +} + +check_nptl_support() { + # don't care about the compiler here as we arent using it + just_headers && return + + local run_kv build_kv want_kv + run_kv=$(int_to_KV $(get_KV)) + build_kv=$(int_to_KV $(get_kheader_version)) + want_kv=${NPTL_KERN_VER} + + ebegin "Checking gcc for __thread support" + if ! eend $(want__thread ; echo $?) ; then + echo + eerror "Could not find a gcc that supports the __thread directive!" + eerror "Please update your binutils/gcc and try again." + die "No __thread support in gcc!" + fi + + if ! is_crosscompile && ! tc-is-cross-compiler ; then + # Building fails on an non-supporting kernel + ebegin "Checking kernel version (${run_kv} >= ${want_kv})" + if ! eend_KV ${run_kv} ${want_kv} ; then + echo + eerror "You need a kernel of at least ${want_kv} for NPTL support!" + die "Kernel version too low!" + fi + fi + + ebegin "Checking linux-headers version (${build_kv} >= ${want_kv})" + if ! eend_KV ${build_kv} ${want_kv} ; then + echo + eerror "You need linux-headers of at least ${want_kv} for NPTL support!" + die "linux-headers version too low!" + fi +} + +unpack_pkg() { + local a=${PN} + [[ -n ${SNAP_VER} ]] && a="${a}-${RELEASE_VER}" + [[ -n $1 ]] && a="${a}-$1" + if [[ -n ${SNAP_VER} ]] ; then + a="${a}-${SNAP_VER}" + else + if [[ -n $2 ]] ; then + a="${a}-$2" + else + a="${a}-${RELEASE_VER}" + fi + fi + unpack ${a}.tar.bz2 + [[ -n $1 ]] && mv ${a} $1 +} + +toolchain-glibc_src_unpack() { + # Check NPTL support _before_ we unpack things to save some time + want_nptl && check_nptl_support + + if [[ -n ${EGIT_REPO_URIS} ]] ; then + local i d + for ((i=0; i<${#EGIT_REPO_URIS[@]}; ++i)) ; do + EGIT_REPO_URI=${EGIT_REPO_URIS[$i]} + EGIT_SOURCEDIR=${EGIT_SOURCEDIRS[$i]} + git-2_src_unpack + done + else + unpack_pkg + fi + + cd "${S}" + touch locale/C-translit.h #185476 #218003 + [[ -n ${LT_VER} ]] && unpack_pkg linuxthreads ${LT_VER} + [[ -n ${PORTS_VER} ]] && unpack_pkg ports ${PORTS_VER} + [[ -n ${LIBIDN_VER} ]] && unpack_pkg libidn + + if [[ -n ${PATCH_VER} ]] ; then + cd "${WORKDIR}" + unpack glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 + # pull out all the addons + local d + for d in extra/*/configure ; do + d=${d%/configure} + [[ -d ${S}/${d} ]] && die "${d} already exists in \${S}" + mv "${d}" "${S}" || die "moving ${d} failed" + done + fi + + # XXX: We should do the branchupdate, before extracting the manpages and + # infopages else it does not help much (mtimes change if there is a change + # to them with branchupdate) + if [[ -n ${BRANCH_UPDATE} ]] ; then + cd "${S}" + epatch "${DISTDIR}"/glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + + # Snapshot date patch + einfo "Patching version to display snapshot date ..." + sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h + fi + + if [[ -n ${MANPAGE_VER} ]] ; then + cd "${WORKDIR}" + unpack glibc-manpages-${MANPAGE_VER}.tar.bz2 + fi + + if [[ -n ${INFOPAGE_VER} ]] ; then + cd "${S}" + unpack glibc-infopages-${INFOPAGE_VER}.tar.bz2 + fi + + # tag, glibc is it + cd "${S}" + [[ -e csu/Banner ]] && die "need new banner location" + [[ -n ${SNAP_VER} ]] && echo "Gentoo snapshot ${SNAP_VER}" >> csu/Banner + [[ -n ${BRANCH_UPDATE} ]] && echo "Gentoo branch ${BRANCH_UPDATE}" >> csu/Banner + if [[ -n ${PATCH_VER} ]] && ! use vanilla ; then + cd "${S}" + EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${RELEASE_VER}-${PATCH_VER} ..." \ + EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \ + EPATCH_SUFFIX="patch" \ + ARCH=$(tc-arch) \ + epatch "${WORKDIR}"/patches + echo "Gentoo patchset ${PATCH_VER}" >> csu/Banner + fi + + if just_headers ; then + if [[ -e ports/sysdeps/mips/preconfigure ]] ; then + # mips peeps like to screw with us. if building headers, + # we don't have a real compiler, so we can't let them + # insert -mabi on us. + sed -i '/CPPFLAGS=.*-mabi/s|.*|:|' ports/sysdeps/mips/preconfigure || die + find ports/sysdeps/mips/ -name Makefile -exec sed -i '/^CC.*-mabi=/s:-mabi=.*:-D_MIPS_SZPTR=32:' {} + + fi + fi + + epatch_user + + gnuconfig_update +} + +eblit-glibc-src_unpack() { + setup_env + + toolchain-glibc_src_unpack + + # Backwards SSP support + cd "${S}" +# For now, we force everyone to have the extra symbols +# einfon "Scanning system for __guard to see if we need SSP compat ... " +# if [[ -n $(scanelf -qyls__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then + echo "yes" > "${T}"/.ssp.compat +# else +# # ok, a quick scan didnt find it, so lets do a deep scan ... +# if [[ -n $(scanelf -qyRlps__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then +# echo "yes" > "${T}"/.ssp.compat +# else +# echo "no" > "${T}"/.ssp.compat +# fi +# fi +# cat "${T}"/.ssp.compat + + # Glibc is stupid sometimes, and doesn't realize that with a + # static C-Only gcc, -lgcc_eh doesn't exist. + # http://sources.redhat.com/ml/libc-alpha/2003-09/msg00100.html + # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html + echo 'int main(){}' > "${T}"/gcc_eh_test.c + if ! $(tc-getCC ${CTARGET}) "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then + sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh" + fi + + cd "${WORKDIR}" + find . -type f '(' -size 0 -o -name "*.orig" ')' -exec rm -f {} \; + find . -name configure -exec touch {} \; + + # Fix permissions on some of the scripts + chmod u+x "${S}"/scripts/*.sh +} diff --git a/sys-libs/glibc/glibc-2.10.1-r1.ebuild b/sys-libs/glibc/glibc-2.10.1-r1.ebuild new file mode 100644 index 0000000..64c7d43 --- /dev/null +++ b/sys-libs/glibc/glibc-2.10.1-r1.ebuild @@ -0,0 +1,202 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +if [[ ${PV} == *_p* ]] ; then +RELEASE_VER=${PV%_p*} +BRANCH_UPDATE="" +SNAP_VER=${PV#*_p} +LIBIDN_VER="" +else +RELEASE_VER=${PV} +BRANCH_UPDATE="" +SNAP_VER="" +LIBIDN_VER=${RELEASE_VER} +fi +PATCH_VER="7" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + else + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Patching Glibc to support older SSP __guard" + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-ssp-compat.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} diff --git a/sys-libs/glibc/glibc-2.11.3.ebuild b/sys-libs/glibc/glibc-2.11.3.ebuild new file mode 100644 index 0000000..5361734 --- /dev/null +++ b/sys-libs/glibc/glibc-2.11.3.ebuild @@ -0,0 +1,205 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +if [[ ${PV} == *_p* ]] ; then +RELEASE_VER=${PV%_p*} +BRANCH_UPDATE="" +SNAP_VER=${PV#*_p} +else +RELEASE_VER=${PV} +BRANCH_UPDATE="" +SNAP_VER="" +fi +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="3" # Gentoo patchset +PORTS_VER=${RELEASE_VER%.?} # version of glibc ports addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + x86? ( >=sys-devel/gcc-4.3 ) + amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" + RDEPEND="${RDEPEND} + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + else + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.11/glibc-2.11-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Patching Glibc to support older SSP __guard" + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-ssp-compat.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} diff --git a/sys-libs/glibc/glibc-2.12.1-r3.ebuild b/sys-libs/glibc/glibc-2.12.1-r3.ebuild new file mode 100644 index 0000000..e4a9e04 --- /dev/null +++ b/sys-libs/glibc/glibc-2.12.1-r3.ebuild @@ -0,0 +1,219 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="~amd64 ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +if [[ ${PV} == *_p* ]] ; then +RELEASE_VER=${PV%_p*} +BRANCH_UPDATE="" +SNAP_VER=${PV#*_p} +else +RELEASE_VER=${PV} +BRANCH_UPDATE="" +SNAP_VER="" +fi +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="8" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + x86? ( >=sys-devel/gcc-4.3 ) + amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" + RDEPEND="${RDEPEND} + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + else + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +pkg_setup() { + eblit-run pkg_setup + + # Static binary sanity check #332927 + if [[ ${ROOT} == "/" ]] && \ + has_version "<${CATEGORY}/${P}" && \ + built_with_use sys-apps/coreutils static + then + eerror "Please rebuild coreutils with USE=-static, then install" + eerror "glibc, then you may rebuild coreutils with USE=static." + die "Avoiding system meltdown #332927" + fi +} + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.12/glibc-2.12-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Patching Glibc to support older SSP __guard" + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-ssp-compat.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} diff --git a/sys-libs/glibc/glibc-2.12.2.ebuild b/sys-libs/glibc/glibc-2.12.2.ebuild new file mode 100644 index 0000000..1d997a6 --- /dev/null +++ b/sys-libs/glibc/glibc-2.12.2.ebuild @@ -0,0 +1,219 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="amd64 arm hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +if [[ ${PV} == *_p* ]] ; then +RELEASE_VER=${PV%_p*} +BRANCH_UPDATE="" +SNAP_VER=${PV#*_p} +else +RELEASE_VER=${PV} +BRANCH_UPDATE="" +SNAP_VER="" +fi +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="4" # Gentoo patchset +PORTS_VER="2.12.1" # version of glibc ports addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + x86? ( >=sys-devel/gcc-4.3 ) + amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" + RDEPEND="${RDEPEND} + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + else + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +pkg_setup() { + eblit-run pkg_setup + + # Static binary sanity check #332927 + if [[ ${ROOT} == "/" ]] && \ + has_version "<${CATEGORY}/${P}" && \ + built_with_use sys-apps/coreutils static + then + eerror "Please rebuild coreutils with USE=-static, then install" + eerror "glibc, then you may rebuild coreutils with USE=static." + die "Avoiding system meltdown #332927" + fi +} + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.12/glibc-2.12-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Patching Glibc to support older SSP __guard" + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-ssp-compat.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} diff --git a/sys-libs/glibc/glibc-2.13-r4.ebuild b/sys-libs/glibc/glibc-2.13-r4.ebuild new file mode 100644 index 0000000..192a31a --- /dev/null +++ b/sys-libs/glibc/glibc-2.13-r4.ebuild @@ -0,0 +1,217 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="https://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="alpha amd64 arm hppa ia64 ~m68k ~mips ppc ppc64 s390 ~sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +if [[ ${PV} == *_p* ]] ; then +RELEASE_VER=${PV%_p*} +BRANCH_UPDATE="" +SNAP_VER=${PV#*_p} +else +RELEASE_VER=${PV} +BRANCH_UPDATE="" +SNAP_VER="" +fi +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="11" # Gentoo patchset +PORTS_VER="2.13" # version of glibc ports addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + x86? ( >=sys-devel/gcc-4.3 ) + amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + !<sys-devel/patch-2.6 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" + RDEPEND="${RDEPEND} + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/https://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + else + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +pkg_setup() { + eblit-run pkg_setup + + # Static binary sanity check #332927 + if [[ ${ROOT} == "/" ]] && \ + has_version "<${CATEGORY}/${P}" && \ + built_with_use sys-apps/coreutils static + then + eerror "Please rebuild coreutils with USE=-static, then install" + eerror "glibc, then you may rebuild coreutils with USE=static." + die "Avoiding system meltdown #332927" + fi +} + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.12/glibc-2.12-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} diff --git a/sys-libs/glibc/glibc-2.14.1-r3.ebuild b/sys-libs/glibc/glibc-2.14.1-r3.ebuild new file mode 100644 index 0000000..b4ad83f --- /dev/null +++ b/sys-libs/glibc/glibc-2.14.1-r3.ebuild @@ -0,0 +1,245 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="https://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +RELEASE_VER="" +BRANCH_UPDATE="" +SNAP_VER="" +case ${PV} in +9999*) + EGIT_REPO_URIS=( "git://sourceware.org/git/glibc.git" "git://sourceware.org/git/glibc-ports.git" ) + EGIT_SOURCEDIRS=( "${S}" "${S}/ports" ) + inherit git-2 + ;; +*_p*) + RELEASE_VER=${PV%_p*} + SNAP_VER=${PV#*_p} + ;; +*) + RELEASE_VER=${PV} + ;; +esac +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="10" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +[[ -n ${RELEASE_VER} ]] && S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + x86? ( >=sys-devel/gcc-4.3 ) + amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + !<sys-devel/patch-2.6 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" + RDEPEND="${RDEPEND} + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/https://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + elif [[ -z ${EGIT_REPO_URIS} ]] ; then + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +pkg_setup() { + eblit-run pkg_setup + + # Static binary sanity check #332927 + if [[ ${ROOT} == "/" ]] && \ + has_version "<${CATEGORY}/${P}" && \ + built_with_use sys-apps/coreutils static + then + eerror "Please rebuild coreutils with USE=-static, then install" + eerror "glibc, then you may rebuild coreutils with USE=static." + die "Avoiding system meltdown #332927" + fi +} + +eblit-src_unpack-pre() { + GLIBC_PATCH_EXCLUDE+=" 1200_all_glibc-${PV}-x32.patch" +} + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.12/glibc-2.12-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} + +eblit-pkg_preinst-post() { + if [[ ${CTARGET} == arm* ]] ; then + # Backwards compat support for renaming hardfp ldsos #417287 + local oldso='/lib/ld-linux.so.3' + local nldso='/lib/ld-linux-armhf.so.3' + if [[ -e ${D}${nldso} ]] ; then + if scanelf -qRyi "${ROOT}$(alt_prefix)"/*bin/ | grep -s "^${oldso}" ; then + ewarn "Symlinking old ldso (${oldso}) to new ldso (${nldso})." + ewarn "Please rebuild all packages using this old ldso as compat" + ewarn "support will be dropped in the future." + ln -s "${nldso##*/}" "${D}$(alt_prefix)${oldso}" + fi + fi + fi +} diff --git a/sys-libs/glibc/glibc-2.14.ebuild b/sys-libs/glibc/glibc-2.14.ebuild new file mode 100644 index 0000000..c833c0d --- /dev/null +++ b/sys-libs/glibc/glibc-2.14.ebuild @@ -0,0 +1,241 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="~amd64 ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +RELEASE_VER="" +BRANCH_UPDATE="" +SNAP_VER="" +case ${PV} in +9999*) + EGIT_REPO_URIS=( "git://sourceware.org/git/glibc.git" "git://sourceware.org/git/glibc-ports.git" ) + EGIT_SOURCEDIRS=( "${S}" "${S}/ports" ) + inherit git-2 + ;; +*_p*) + RELEASE_VER=${PV%_p*} + SNAP_VER=${PV#*_p} + ;; +*) + RELEASE_VER=${PV} + ;; +esac +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="7" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +[[ -n ${RELEASE_VER} ]] && S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + x86? ( >=sys-devel/gcc-4.3 ) + amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + !<sys-devel/patch-2.6 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" + RDEPEND="${RDEPEND} + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + elif [[ -z ${EGIT_REPO_URIS} ]] ; then + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +pkg_setup() { + eblit-run pkg_setup + + # Static binary sanity check #332927 + if [[ ${ROOT} == "/" ]] && \ + has_version "<${CATEGORY}/${P}" && \ + built_with_use sys-apps/coreutils static + then + eerror "Please rebuild coreutils with USE=-static, then install" + eerror "glibc, then you may rebuild coreutils with USE=static." + die "Avoiding system meltdown #332927" + fi +} + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.12/glibc-2.12-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} + +eblit-pkg_preinst-post() { + if [[ ${CTARGET} == arm* ]] ; then + # Backwards compat support for renaming hardfp ldsos #417287 + local oldso='/lib/ld-linux.so.3' + local nldso='/lib/ld-linux-armhf.so.3' + if [[ -e ${D}${nldso} ]] ; then + if scanelf -qRyi "${ROOT}$(alt_prefix)"/*bin/ | grep -s "^${oldso}" ; then + ewarn "Symlinking old ldso (${oldso}) to new ldso (${nldso})." + ewarn "Please rebuild all packages using this old ldso as compat" + ewarn "support will be dropped in the future." + ln -s "${nldso##*/}" "${D}$(alt_prefix)${oldso}" + fi + fi + fi +} diff --git a/sys-libs/glibc/glibc-2.15-r3.ebuild b/sys-libs/glibc/glibc-2.15-r3.ebuild new file mode 100644 index 0000000..4cfb2d6 --- /dev/null +++ b/sys-libs/glibc/glibc-2.15-r3.ebuild @@ -0,0 +1,224 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="https://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="alpha amd64 arm -hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +RELEASE_VER="" +BRANCH_UPDATE="" +SNAP_VER="" +case ${PV} in +9999*) + EGIT_REPO_URIS=( "git://sourceware.org/git/glibc.git" "git://sourceware.org/git/glibc-ports.git" ) + EGIT_SOURCEDIRS=( "${S}" "${S}/ports" ) + inherit git-2 + ;; +*_p*) + RELEASE_VER=${PV%_p*} + SNAP_VER=${PV#*_p} + ;; +*) + RELEASE_VER=${PV} + ;; +esac +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="23" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only" +[[ -n ${RELEASE_VER} ]] && S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + x86? ( >=sys-devel/gcc-4.3 ) + amd64? ( >=sys-devel/binutils-2.19 >=sys-devel/gcc-4.3 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + !<sys-devel/patch-2.6 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux ) + !sys-libs/nss-db" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} !vanilla? ( >=sys-libs/timezone-data-2007c )" + RDEPEND="${RDEPEND} + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/https://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + elif [[ -z ${EGIT_REPO_URIS} ]] ; then + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.xz + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.xz + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.12/glibc-2.12-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} + +eblit-pkg_preinst-post() { + if [[ ${CTARGET} == arm* ]] ; then + # Backwards compat support for renaming hardfp ldsos #417287 + local oldso='/lib/ld-linux.so.3' + local nldso='/lib/ld-linux-armhf.so.3' + if [[ -e ${D}${nldso} ]] ; then + if scanelf -qRyi "${ROOT}$(alt_prefix)"/*bin/ | grep -s "^${oldso}" ; then + ewarn "Symlinking old ldso (${oldso}) to new ldso (${nldso})." + ewarn "Please rebuild all packages using this old ldso as compat" + ewarn "support will be dropped in the future." + ln -s "${nldso##*/}" "${D}$(alt_prefix)${oldso}" + fi + fi + fi +} diff --git a/sys-libs/glibc/glibc-2.16.0.ebuild b/sys-libs/glibc/glibc-2.16.0.ebuild new file mode 100644 index 0000000..5ef3211 --- /dev/null +++ b/sys-libs/glibc/glibc-2.16.0.ebuild @@ -0,0 +1,222 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="https://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="~alpha amd64 arm -hppa ia64 ~mips ppc ppc64 ~s390 ~sh ~sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +RELEASE_VER="" +BRANCH_UPDATE="" +SNAP_VER="" +case ${PV} in +9999*) + EGIT_REPO_URIS=( "git://sourceware.org/git/glibc.git" "git://sourceware.org/git/glibc-ports.git" ) + EGIT_SOURCEDIRS=( "${S}" "${S}/ports" ) + inherit git-2 + ;; +*_p*) + RELEASE_VER=${PV%_p*} + SNAP_VER=${PV#*_p} + ;; +*) + RELEASE_VER=${PV} + ;; +esac +LIBIDN_VER="" # it's integrated into the main tarball now +PATCH_VER="12" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.16"} # min kernel version nptl requires + +IUSE="debug gd hardened multilib selinux suid systemtap profile vanilla crosscompile_opts_headers-only" +[[ -n ${RELEASE_VER} ]] && S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.16/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils/gcc to match upstream baseline. +# arch: we need to make sure our binutils/gcc supports TLS. +DEPEND=">=app-misc/pax-utils-0.1.10 + !<sys-apps/sandbox-1.6 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux ) + !sys-libs/nss-db" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND+=" !crosscompile_opts_headers-only? ( + >=${CATEGORY}/binutils-2.20 + >=${CATEGORY}/gcc-4.3 + )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND+=" ${CATEGORY}/linux-headers" +else + DEPEND+=" + >=sys-devel/binutils-2.20 + >=sys-devel/gcc-4.3 + virtual/os-headers + !vanilla? ( >=sys-libs/timezone-data-2012c )" + RDEPEND+=" + vanilla? ( !sys-libs/timezone-data ) + !vanilla? ( sys-libs/timezone-data )" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/https://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + elif [[ -z ${EGIT_REPO_URIS} ]] ; then + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.xz + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.xz + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.16/glibc-2.16-hardened-pie.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \ + debug/chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug fortify handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} + +eblit-pkg_preinst-post() { + if [[ ${CTARGET} == arm* ]] ; then + # Backwards compat support for renaming hardfp ldsos #417287 + local oldso='/lib/ld-linux.so.3' + local nldso='/lib/ld-linux-armhf.so.3' + if [[ -e ${D}${nldso} ]] ; then + if scanelf -qRyi "${ROOT}$(alt_prefix)"/*bin/ | grep -s "^${oldso}" ; then + ewarn "Symlinking old ldso (${oldso}) to new ldso (${nldso})." + ewarn "Please rebuild all packages using this old ldso as compat" + ewarn "support will be dropped in the future." + ln -s "${nldso##*/}" "${D}$(alt_prefix)${oldso}" + fi + fi + fi +} diff --git a/sys-libs/glibc/glibc-2.3.6-r5.ebuild b/sys-libs/glibc/glibc-2.3.6-r5.ebuild new file mode 100644 index 0000000..abd91ff --- /dev/null +++ b/sys-libs/glibc/glibc-2.3.6-r5.ebuild @@ -0,0 +1,1220 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +KEYWORDS="-* alpha amd64 arm hppa ia64 mips ppc ppc64 ~s390 sh sparc x86" + +BRANCH_UPDATE="" + +# Generated man pages +GLIBC_MANPAGE_VERSION="2.3.6-1" + +# Generated stuff in manual subdir +GLIBC_INFOPAGE_VERSION="2.3.6" + +# Gentoo patchset +PATCH_VER="1.19" + +GENTOO_TOOLCHAIN_BASE_URI="mirror://gentoo" +GENTOO_TOOLCHAIN_DEV_URI="http://dev.gentoo.org/~azarah/glibc/XXX http://dev.gentoo.org/~vapier/dist/XXX" + +### PUNT OUT TO ECLASS?? ### +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" +LICENSE="LGPL-2" + +IUSE="build nptl nptlonly hardened multilib selinux glibc-compat20 glibc-omitfp profile" + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + export CTARGET=${CATEGORY/cross-} + fi +fi + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} +just_headers() { + is_crosscompile && use crosscompile_opts_headers-only +} + +GLIBC_RELEASE_VER=$(get_version_component_range 1-3) + +# Don't set this to :-, - allows BRANCH_UPDATE="" +BRANCH_UPDATE=${BRANCH_UPDATE-$(get_version_component_range 4)} + +# (Recent snapshots fails with 2.6.5 and earlier with NPTL) +NPTL_KERNEL_VERSION=${NPTL_KERNEL_VERSION:-"2.6.9"} +LT_KERNEL_VERSION=${LT_KERNEL_VERSION:-"2.4.1"} + +### SRC_URI ### + +# This function handles the basics of setting the SRC_URI for a glibc ebuild. +# To use, set SRC_URI with: +# +# SRC_URI="$(get_glibc_src_uri)" +# +# Other than the variables normally set by portage, this function's behavior +# can be altered by setting the following: +# +# GENTOO_TOOLCHAIN_BASE_URI +# This sets the base URI for all gentoo-specific patch files. Note +# that this variable is only important for a brief period of time, +# before your source files get picked up by mirrors. However, it is +# still highly suggested that you keep files in this location +# available. +# +# BRANCH_UPDATE +# If set, this variable signals that we should be using the main +# release tarball (determined by ebuild version) and applying a +# CVS branch update patch against it. The location of this branch +# update patch is assumed to be in ${GENTOO_TOOLCHAIN_BASE_URI}. +# Just like with SNAPSHOT, this variable is ignored if the ebuild +# has a _pre suffix. +# +# PATCH_VER +# PATCH_GLIBC_VER +# This should be set to the version of the gentoo patch tarball. +# The resulting filename of this tarball will be: +# glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 +# +# GLIBC_MANPAGE_VERSION +# GLIBC_INFOPAGE_VERSION +# The version of glibc for which we will download pages. This will +# default to ${GLIBC_RELEASE_VER}, but we may not want to pre-generate man pages +# for prerelease test ebuilds for example. This allows you to +# continue using pre-generated manpages from the last stable release. +# If set to "none", this will prevent the downloading of manpages, +# which is useful for individual library targets. +# +get_glibc_src_uri() { + GENTOO_TOOLCHAIN_BASE_URI=${GENTOO_TOOLCHAIN_BASE_URI:-"mirror://gentoo"} + +# GLIBC_SRC_URI="http://ftp.gnu.org/gnu/glibc/glibc-${GLIBC_RELEASE_VER}.tar.bz2 +# http://ftp.gnu.org/gnu/glibc/glibc-linuxthreads-${GLIBC_RELEASE_VER}.tar.bz2 +# http://ftp.gnu.org/gnu/glibc/glibc-libidn-${GLIBC_RELEASE_VER}.tar.bz2 + GLIBC_SRC_URI="mirror://gnu/glibc/glibc-${GLIBC_RELEASE_VER}.tar.bz2 + mirror://gnu/glibc/glibc-linuxthreads-${GLIBC_RELEASE_VER}.tar.bz2 + mirror://gnu/glibc/glibc-libidn-${GLIBC_RELEASE_VER}.tar.bz2" + + if [[ -n ${BRANCH_UPDATE} ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2}" + fi + + if [[ -n ${PATCH_VER} ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2}" + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2}" + fi + + if [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2}" + fi + + echo "${GLIBC_SRC_URI}" +} + +SRC_URI=$(get_glibc_src_uri) +S=${WORKDIR}/glibc-${GLIBC_RELEASE_VER} + +### EXPORTED FUNCTIONS ### +toolchain-glibc_src_unpack() { + # Check NPTL support _before_ we unpack things to save some time + want_nptl && check_nptl_support + + unpack glibc-${GLIBC_RELEASE_VER}.tar.bz2 + + cd "${S}" + unpack glibc-linuxthreads-${GLIBC_RELEASE_VER}.tar.bz2 + unpack glibc-libidn-${GLIBC_RELEASE_VER}.tar.bz2 + + if [[ -n ${PATCH_VER} ]] ; then + cd "${WORKDIR}" + unpack glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 + # pull out all the addons + local d + for d in extra/*/configure ; do + mv "${d%/configure}" "${S}" || die "moving ${d}" + done + fi + + # XXX: We should do the branchupdate, before extracting the manpages and + # infopages else it does not help much (mtimes change if there is a change + # to them with branchupdate) + if [[ -n ${BRANCH_UPDATE} ]] ; then + cd "${S}" + epatch "${DISTDIR}"/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + + # Snapshot date patch + einfo "Patching version to display snapshot date ..." + sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + cd "${WORKDIR}" + unpack glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + fi + + if [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + cd "${S}" + unpack glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + fi + + if [[ -n ${PATCH_VER} ]] ; then + cd "${S}" + EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-${PATCH_VER} ..." \ + EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \ + EPATCH_SUFFIX="patch" \ + ARCH=$(tc-arch) \ + epatch "${WORKDIR}"/patches + + # tag, glibc is it + [[ -e csu/Banner ]] && die "need new banner location" + echo "Gentoo patchset ${PATCH_VER}" > csu/Banner + fi + + gnuconfig_update +} + +toolchain-glibc_src_compile() { + echo + local v + for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do + einfo " $(printf '%15s' ${v}:) ${!v}" + done + echo + + if want_linuxthreads ; then + glibc_do_configure linuxthreads + einfo "Building GLIBC with linuxthreads..." + make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" + fi + if want_nptl ; then + # ... and then do the optional nptl build + unset LD_ASSUME_KERNEL + glibc_do_configure nptl + einfo "Building GLIBC with NPTL..." + make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" + fi +} + +toolchain-glibc_headers_compile() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + + # Pick out the correct location for build headers + local myconf="--disable-sanity-checks --enable-hacker-mode" + myconf="${myconf} + --enable-add-ons=linuxthreads + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + --with-headers=$(alt_build_headers) + --prefix=/usr + ${EXTRA_ECONF}" + + einfo "Configuring GLIBC headers with: ${myconf// /\n\t\t}" + CC=gcc \ + CFLAGS="-O1 -pipe" \ + "${S}"/configure ${myconf} || die "failed to configure glibc" +} + +toolchain-glibc_src_test() { + # This is wrong, but glibc's tests fail bad when screwing + # around with sandbox, so lets just punt it + unset LD_PRELOAD + + # do the linuxthreads build unless we're using nptlonly + if want_linuxthreads ; then + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads + einfo "Checking GLIBC with linuxthreads..." + make check || die "linuxthreads glibc did not pass make check" + fi + if want_nptl ; then + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + unset LD_ASSUME_KERNEL || : + einfo "Checking GLIBC with NPTL..." + make check || die "nptl glibc did not pass make check" + fi +} + +toolchain-glibc_pkg_preinst() { + # PPC64+others may want to eventually be added to this logic if they + # decide to be multilib compatible and FHS compliant. note that this + # chunk of FHS compliance only applies to 64bit archs where 32bit + # compatibility is a major concern (not IA64, for example). + + # amd64's 2005.0 is the first amd64 profile to not need this code. + # 2005.0 is setup properly, and this is executed as part of the + # 2004.3 -> 2005.0 upgrade script. + # It can be removed after 2004.3 has been purged from portage. + { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks + + # it appears that /lib/tls is sometimes not removed. See bug + # 69258 for more info. + if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && ! { want_nptl && want_linuxthreads; }; then + addwrite "${ROOT}"/$(alt_libdir)/ + ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." + rm -r "${ROOT}"/$(alt_libdir)/tls || die + fi + + # Shouldnt need to keep this updated + [[ -e ${ROOT}/etc/locale.gen ]] && rm -f "${D}"/etc/locale.gen +} + +toolchain-glibc_src_install() { + # These should not be set, else the + # zoneinfo do not always get installed ... + unset LANGUAGE LANG LC_ALL + + local GBUILDDIR + if want_linuxthreads ; then + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads + else + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl + fi + + local install_root=${D} + if is_crosscompile ; then + install_root="${install_root}/usr/${CTARGET}" + fi + if want_linuxthreads ; then + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads + einfo "Installing GLIBC ${ABI} with linuxthreads ..." + make PARALLELMFLAGS="${MAKEOPTS} -j1" \ + install_root="${install_root}" \ + install || die + else # nptlonly + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + einfo "Installing GLIBC ${ABI} with NPTL ..." + make PARALLELMFLAGS="${MAKEOPTS} -j1" \ + install_root="${install_root}" \ + install || die + fi + + if is_crosscompile ; then + # punt all the junk not needed by a cross-compiler + cd "${D}"/usr/${CTARGET} || die + rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} + fi + + if want_linuxthreads && want_nptl ; then + einfo "Installing NPTL to $(alt_libdir)/tls/..." + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl + + local l src_lib + for l in libc libm librt libpthread libthread_db ; do + # take care of shared lib first ... + l=${l}.so + if [[ -e ${l} ]] ; then + src_lib=${l} + else + src_lib=$(eval echo */${l}) + fi + cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" + fperms a+rx $(alt_libdir)/tls/${l} + dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) + + # then grab the linker script or the symlink ... + if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then + dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} + else + sed \ + -e "s:/${l}:/tls/${l}:g" \ + -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ + "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} + fi + + # then grab the static lib ... + src_lib=${src_lib/%.so/.a} + [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + src_lib=${src_lib/%.a/_nonshared.a} + if [[ -e ${src_lib} ]] ; then + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + fi + done + + # use the nptl linker instead of the linuxthreads one as the linuxthreads + # one may lack TLS support and that can be really bad for business + cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" + fi + + # We'll take care of the cache ourselves + rm -f "${D}"/etc/ld.so.cache + + # Some things want this, notably ash. + dosym libbsd-compat.a $(alt_usrlibdir)/libbsd.a + + # Handle includes for different ABIs + prep_ml_includes $(alt_headers) + + # When cross-compiling for a non-multilib setup, make sure we have + # lib and a proper symlink setup + if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then + cd "${D}"$(alt_libdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + cd "${D}"$(alt_usrlibdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + fi + + ################################################################# + # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # + # Make sure we install some symlink hacks so that when we build + # a 2nd stage cross-compiler, gcc finds the target system + # headers correctly. See gcc/doc/gccinstall.info + if is_crosscompile ; then + dosym usr/include /usr/${CTARGET}/sys-include + return 0 + fi + + # Everything past this point just needs to be done once ... + is_final_abi || return 0 + + # Make sure the non-native interp can be found on multilib systems + if has_multilib_profile ; then + case $(tc-arch) in + amd64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib + dosym /$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 + ;; + ppc64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib + dosym /$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 + ;; + esac + fi + + # Files for Debian-style locale updating + dodir /usr/share/i18n + sed \ + -e "/^#/d" \ + -e "/SUPPORTED-LOCALES=/d" \ + -e "s: \\\\::g" -e "s:/: :g" \ + "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ + || die "generating /usr/share/i18n/SUPPORTED failed" + cd "${WORKDIR}"/extra/locale + dosbin locale-gen || die + doman *.[0-8] + insinto /etc + doins locale.gen || die + + # Make sure all the ABI's can find the locales and so we only + # have to generate one set + local a + keepdir /usr/$(get_libdir)/locale + for a in $(get_install_abis) ; do + if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then + dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale + fi + done + + if ! has noinfo ${FEATURES} && [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + einfo "Installing info pages..." + + make \ + -C "${GBUILDDIR}" \ + PARALLELMFLAGS="${MAKEOPTS} -j1" \ + install_root="${install_root}" \ + info -i || die + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + einfo "Installing man pages..." + + # Install linuxthreads man pages even if nptl is enabled + cd "${WORKDIR}"/man + doman *.3thr + fi + + # Install misc network config files + insinto /etc + doins "${WORKDIR}"/extra/etc/*.conf || die + doinitd "${WORKDIR}"/extra/etc/nscd || die + + cd "${S}" + dodoc BUGS ChangeLog* CONFORMANCE FAQ INTERFACE NEWS NOTES PROJECTS README* + + # Prevent overwriting of the /etc/localtime symlink. We'll handle the + # creation of the "factory" symlink in pkg_postinst(). + rm -f "${D}"/etc/localtime + + # simple test to make sure our new glibc isnt completely broken. + # for now, skip the multilib scenario. also make sure we don't + # test with statically built binaries since they will fail. + [[ ${CBUILD} != ${CHOST} ]] && return 0 + [[ $(get_libdir) != "lib" ]] && return 0 + for x in date env ls true uname ; do + x=$(type -p ${x}) + [[ -z ${x} ]] && continue + striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) + [[ -z ${striptest} ]] && continue + [[ ${striptest} == *"statically linked"* ]] && continue + "${D}"/$(get_libdir)/ld-*.so \ + --library-path "${D}"/$(get_libdir) \ + ${x} > /dev/null \ + || die "simple run test (${x}) failed" + done +} + +toolchain-glibc_headers_install() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + cd "${GBUILDDIR}" + make install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" + # Copy over headers that are not part of install-headers ... these + # are pretty much taken verbatim from crosstool, see it for more details + insinto $(alt_headers)/bits + doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" + insinto $(alt_headers)/gnu + doins "${S}"/include/gnu/stubs.h || die "doins include gnu" + # Make sure we install the sys-include symlink so that when + # we build a 2nd stage cross-compiler, gcc finds the target + # system headers correctly. See gcc/doc/gccinstall.info + dosym usr/include /usr/${CTARGET}/sys-include +} + +toolchain-glibc_pkg_postinst() { + # Mixing nptlonly and -nptlonly glibc can prove dangerous if libpthread + # isn't removed in unmerge which happens sometimes. See bug #87671 + if ! is_crosscompile && want_linuxthreads && [[ ${ROOT} == "/" ]] ; then + for libdir in $(get_all_libdirs) ; do + for f in "${ROOT}"/${libdir}/libpthread-2.* "${ROOT}"/${libdir}/libpthread-0.6* ; do + if [[ -f ${f} ]] ; then + rm -f ${f} + ldconfig + fi + done + done + fi + + if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then + # Generate fastloading iconv module configuration file. + "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" + fi + + if [[ ! -e ${ROOT}/lib/ld.so.1 ]] && use ppc64 && ! has_multilib_profile ; then + ## SHOULDN'T THIS BE lib64?? + ln -s ld64.so.1 "${ROOT}"/lib/ld.so.1 + fi + + if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then + # Reload init ... + /sbin/telinit U &> /dev/null + + # if the host locales.gen contains no entries, we'll install everything + local locale_list="${ROOT}etc/locale.gen" + if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then + ewarn "Generating all locales; edit /etc/locale.gen to save time/space" + locale_list="${ROOT}usr/share/i18n/SUPPORTED" + fi + local x jobs + for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done + locale-gen -j ${jobs:-1} --config "${locale_list}" + fi + + echo + einfo "Gentoo's glibc no longer includes mdns." + einfo "If you want mdns, emerge the sys-auth/nss-mdns package." + echo + + if want_nptl && want_linuxthreads ; then + einfo "The default behavior of glibc on your system is to use NPTL. If" + einfo "you want to use linuxthreads for a particular program, start it" + einfo "by executing 'LD_ASSUME_KERNEL=${LT_KERNEL_VERSION} <program> [<options>]'" + echo + fi +} + +### SUPPORT FUNCTIONS ### +# We need to be able to set alternative headers for +# compiling for non-native platform +# Will also become useful for testing kernel-headers without screwing up +# the whole system. +# note: intentionally undocumented. +alt_headers() { + if [[ -z ${ALT_HEADERS} ]] ; then + if is_crosscompile ; then + ALT_HEADERS="/usr/${CTARGET}/usr/include" + else + ALT_HEADERS="/usr/include" + fi + fi + echo "${ALT_HEADERS}" +} +alt_build_headers() { + if [[ -z ${ALT_BUILD_HEADERS} ]] ; then + ALT_BUILD_HEADERS=$(alt_headers) + tc-is-cross-compiler && ALT_BUILD_HEADERS=${ROOT}$(alt_headers) + fi + echo "${ALT_BUILD_HEADERS}" +} + +alt_libdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/$(get_libdir) + else + echo /$(get_libdir) + fi +} + +alt_usrlibdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/usr/$(get_libdir) + else + echo /usr/$(get_libdir) + fi +} + +setup_flags() { + # Make sure host make.conf doesn't pollute us + if is_crosscompile || tc-is-cross-compiler ; then + CHOST=${CTARGET} strip-unsupported-flags + fi + + # Store our CFLAGS because it's changed depending on which CTARGET + # we are building when pulling glibc on a multilib profile + CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}} + CFLAGS=${CFLAGS_BASE} + ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}} + ASFLAGS=${ASFLAGS_BASE} + + # Over-zealous CFLAGS can often cause problems. What may work for one + # person may not work for another. To avoid a large influx of bugs + # relating to failed builds, we strip most CFLAGS out to ensure as few + # problems as possible. + strip-flags + strip-unsupported-flags + filter-flags -m32 -m64 -mabi=* + + unset CBUILD_OPT CTARGET_OPT + if has_multilib_profile ; then + CTARGET_OPT=$(get_abi_CTARGET) + [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST) + fi + + case $(tc-arch) in + amd64) + # Punt this when amd64's 2004.3 is removed + CFLAGS_x86="-m32" + ;; + ppc) + append-flags "-freorder-blocks" + ;; + sparc) + # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though. + filter-flags "-fcall-used-g7" + append-flags "-fcall-used-g6" + filter-flags "-mvis" + + if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then + case ${ABI} in + sparc64) + filter-flags -Wa,-xarch -Wa,-A + + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparc64b-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9b" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" + else + CTARGET_OPT="sparc64-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9a" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a" + fi + ;; + *) + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + else + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + ;; + esac + else + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + elif { is_crosscompile && want_nptl; } || is-flag "-mcpu=ultrasparc2" || is-flag "-mcpu=ultrasparc"; then + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + fi + ;; + esac + + if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then + CBUILD_OPT=${CTARGET_OPT} + fi + + if $(tc-getCC ${CTARGET}) -v 2>&1 | grep -q 'gcc version 3.[0123]'; then + append-flags -finline-limit=2000 + fi + + # We dont want these flags for glibc + filter-ldflags -pie + + # We cannot build glibc with Bdirect support + filter-flags -Wl,-Bdirect + filter-ldflags -Bdirect + filter-ldflags -Wl,-Bdirect + + # Same for hashvals ... + filter-flags -Wl,-hashvals + filter-ldflags -hashvals + filter-ldflags -Wl,-hashvals + + # Lock glibc at -O2 -- linuxthreads needs it and we want to be + # conservative here. -fno-strict-aliasing is to work around #155906 + filter-flags -O? + append-flags -O2 -fno-strict-aliasing +} + +check_kheader_version() { + local header="$(alt_build_headers)/linux/version.h" + + [[ -z $1 ]] && return 1 + + if [ -f "${header}" ] ; then + local version="`grep 'LINUX_VERSION_CODE' ${header} | \ + sed -e 's:^.*LINUX_VERSION_CODE[[:space:]]*::'`" + + if [ "${version}" -ge "$1" ] ; then + return 0 + fi + fi + + return 1 +} + +check_nptl_support() { + local min_kernel_version=$(KV_to_int "${NPTL_KERNEL_VERSION}") + + echo + + ebegin "Checking gcc for __thread support" + if ! eend $(want__thread ; echo $?) ; then + echo + eerror "Could not find a gcc that supports the __thread directive!" + eerror "Please update your binutils/gcc and try again." + die "No __thread support in gcc!" + fi + + if ! is_crosscompile && ! tc-is-cross-compiler ; then + # Building fails on an non-supporting kernel + ebegin "Checking kernel version (>=${NPTL_KERNEL_VERSION})" + if ! eend $([[ $(get_KV) -ge ${min_kernel_version} ]] ; echo $?) ; then + echo + eerror "You need a kernel of at least version ${NPTL_KERNEL_VERSION}" + eerror "for NPTL support!" + die "Kernel version too low!" + fi + fi + + # Building fails with too low linux-headers + ebegin "Checking linux-headers version (>=${NPTL_KERNEL_VERSION})" + if ! eend $(check_kheader_version "${min_kernel_version}" ; echo $?) ; then + echo + eerror "You need linux-headers of at least version ${NPTL_KERNEL_VERSION}" + eerror "for NPTL support!" + die "linux-headers version too low!" + fi + + echo +} + +want_nptl() { + want_tls || return 1 + use nptl || return 1 + + # Archs that can use NPTL + case $(tc-arch) in + alpha|amd64|ia64|mips|ppc|ppc64|s390|sh|x86) + return 0; + ;; + sparc) + # >= v9 is needed for nptl. + [[ "${PROFILE_ARCH}" == "sparc" ]] && return 1 + return 0; + ;; + esac + + return 1 +} + +want_linuxthreads() { + ! use nptlonly && return 0 + want_nptl || return 0 + return 1 +} + +want_tls() { + # Archs that can use TLS (Thread Local Storage) + case $(tc-arch) in + alpha|amd64|ia64|mips|ppc|ppc64|s390|sh) + return 0; + ;; + sparc) + # 2.3.6 should have tls support on sparc64 + # when using newer binutils + case ${CTARGET/-*} in + sparc64*) return 1 ;; + *) return 0 ;; + esac + ;; + x86) + # requires i486 or better #106556 + [[ ${CTARGET} == i[4567]86* ]] && return 0 + ;; + esac + + return 1 +} + +want__thread() { + want_tls || return 1 + + # For some reason --with-tls --with__thread is causing segfaults on sparc32. + [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 + + [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD} + + echo 'extern __thread int i;' > "${T}"/test-__thread.c + $(tc-getCC ${CTARGET}) -c "${T}"/test-__thread.c -o "${T}"/test-__thread.o &> /dev/null + WANT__THREAD=$? + rm -f "${T}"/test-__thread.[co] + + return ${WANT__THREAD} +} + +glibc_do_configure() { + local myconf + + # set addons + pushd "${S}" > /dev/null + local ADDONS=$(echo */configure | sed \ + -e 's:/configure::g' \ + -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ + -e 's: \+$::' \ + -e 's! !,!g' \ + -e 's!^!,!' \ + -e '/^,\*$/d') + popd > /dev/null + use glibc-compat20 && [[ -d glibc-compat ]] && ADDONS="${ADDONS},glibc-compat" + + use glibc-omitfp && myconf="${myconf} --enable-omitfp" + + [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" + + if [ "$1" == "linuxthreads" ] ; then + if want_tls ; then + myconf="${myconf} --with-tls" + + if want__thread && ! use glibc-compat20 ; then + myconf="${myconf} --with-__thread" + else + myconf="${myconf} --without-__thread" + fi + else + myconf="${myconf} --without-tls --without-__thread" + fi + + myconf="${myconf} --enable-add-ons=linuxthreads${ADDONS}" + myconf="${myconf} --enable-kernel=${LT_KERNEL_VERSION}" + elif [ "$1" == "nptl" ] ; then + myconf="${myconf} --with-tls --with-__thread" + myconf="${myconf} --enable-add-ons=nptl${ADDONS}" + myconf="${myconf} --enable-kernel=${NPTL_KERNEL_VERSION}" + else + die "invalid pthread option" + fi + + # Since SELinux support is only required for nscd, only enable it if: + # 1. USE selinux + # 2. ! USE build + # 3. only for the primary ABI on multilib systems + if use selinux && ! use build ; then + if use multilib || has_multilib_profile ; then + if is_final_abi ; then + myconf="${myconf} --with-selinux" + else + myconf="${myconf} --without-selinux" + fi + else + myconf="${myconf} --with-selinux" + fi + else + myconf="${myconf} --without-selinux" + fi + + myconf="${myconf} + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + $(use_enable profile) + --without-gd + --with-headers=$(alt_build_headers) + --prefix=/usr + --libdir=/usr/$(get_libdir) + --mandir=/usr/share/man + --infodir=/usr/share/info + --libexecdir=/usr/$(get_libdir)/misc/glibc + ${EXTRA_ECONF}" + + # There is no configure option for this and we need to export it + # since the glibc build will re-run configure on itself + export libc_cv_slibdir=/$(get_libdir) + + has_version app-admin/eselect-compiler || export CC=$(tc-getCC ${CTARGET}) + + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + einfo "Configuring GLIBC for $1 with: ${myconf// /\n\t\t}" + "${S}"/configure ${myconf} || die "failed to configure glibc" +} + +fix_lib64_symlinks() { + # the original Gentoo/AMD64 devs decided that since 64bit is the native + # bitdepth for AMD64, lib should be used for 64bit libraries. however, + # this ignores the FHS and breaks multilib horribly... especially + # since it wont even work without a lib64 symlink anyways. *rolls eyes* + # see bug 59710 for more information. + # Travis Tilley <lv@gentoo.org> (08 Aug 2004) + if [ -L ${ROOT}/lib64 ] ; then + ewarn "removing /lib64 symlink and moving lib to lib64..." + ewarn "dont hit ctrl-c until this is done" + addwrite ${ROOT}/ + rm ${ROOT}/lib64 + # now that lib64 is gone, nothing will run without calling ld.so + # directly. luckily the window of brokenness is almost non-existant + use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + # all better :) + ldconfig + ln -s lib64 ${ROOT}/lib + einfo "done! :-)" + einfo "fixed broken lib64/lib symlink in ${ROOT}" + fi + if [ -L ${ROOT}/usr/lib64 ] ; then + addwrite ${ROOT}/usr + rm ${ROOT}/usr/lib64 + mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 + ln -s lib64 ${ROOT}/usr/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" + fi + if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then + addwrite ${ROOT}/usr/X11R6 + rm ${ROOT}/usr/X11R6/lib64 + mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 + ln -s lib64 ${ROOT}/usr/X11R6/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" + fi +} + +use_multilib() { + case ${CTARGET} in + sparc64*|mips64*|x86_64*|powerpc64*|s390x*) + has_multilib_profile || use multilib ;; + *) false ;; + esac +} + +# Setup toolchain variables that would be defined in the profiles for these archs. +setup_env() { + # These should not be set, else the zoneinfo do not always get installed ... + unset LANGUAGE LANG LC_ALL + # silly users + unset LD_RUN_PATH + + if is_crosscompile || tc-is-cross-compiler ; then + multilib_env ${CTARGET} + if ! use multilib ; then + MULTILIB_ABIS=${DEFAULT_ABI} + else + MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}} + fi + + # If the user has CFLAGS_<CTARGET> in their make.conf, use that, + # and fall back on CFLAGS. + local VAR=CFLAGS_${CTARGET//[-.]/_} + CFLAGS=${!VAR-${CFLAGS}} + fi + + setup_flags + + export ABI=${ABI:-${DEFAULT_ABI:-default}} + + if is_crosscompile || tc-is-cross-compiler ; then + local VAR=CFLAGS_${ABI} + # We need to export CFLAGS with abi information in them because + # glibc's configure script checks CFLAGS for some targets (like mips) + export CFLAGS="${!VAR} ${CFLAGS}" + fi +} + +### /ECLASS PUNTAGE ### + +if is_crosscompile ; then + SLOT="${CTARGET}-2.2" +else + SLOT="2.2" +fi + +# we'll handle stripping ourself #46186 +RESTRICT="strip" +EMULTILIB_PKG="true" + +# We need a new-enough binutils for as-needed +DEPEND="!ia64? ( >=sys-devel/gcc-3.4 ) + nptl? ( >=sys-kernel/linux-headers-${NPTL_KERNEL_VERSION} ) + >=sys-devel/binutils-2.15.94 + >=sys-devel/gcc-config-1.3.12 + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + selinux? ( !build? ( sys-libs/libselinux ) )" +RDEPEND="selinux? ( !build? ( sys-libs/libselinux ) )" + +if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + + if [[ ${CATEGORY} == *-linux* ]] ; then + if [[ ${CATEGORY} == cross-mips* ]] ; then + DEPEND="${DEPEND} >=${CATEGORY}/mips-headers-2.6.10" + else + DEPEND="${DEPEND} ${CATEGORY}/linux-headers" + fi + fi +else + DEPEND="${DEPEND} sys-libs/timezone-data" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +pkg_setup() { + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if ! is_crosscompile && ! tc-is-cross-compiler ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + fi + + if use nptlonly && ! use nptl ; then + eerror "If you want nptlonly, add nptl to your USE too ;p" + die "nptlonly without nptl" + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty, which is probably not what you want." + fi + + if ! type -p scanelf > /dev/null ; then + eerror "You do not have pax-utils installed." + die "install pax-utils" + fi + + # give some sort of warning about the nptl logic changes... + if want_nptl && want_linuxthreads ; then + ewarn "Warning! Gentoo's GLIBC with NPTL enabled now behaves like the" + ewarn "glibc from almost every other distribution out there. This means" + ewarn "that glibc is compiled -twice-, once with linuxthreads and once" + ewarn "with nptl. The NPTL version is installed to lib/tls and is still" + ewarn "used by default. If you do not need nor want the linuxthreads" + ewarn "fallback, you can disable this behavior by adding nptlonly to" + ewarn "USE to save yourself some compile time." + + ebeep + epause 5 + fi +} + +src_unpack() { + setup_env + + # Do not enable -Bdirect support for now. + GLIBC_PATCH_EXCLUDE="${GLIBC_PATCH_EXCLUDE} 2020_all_2.3.6-hashvals.patch" + GLIBC_PATCH_EXCLUDE="${GLIBC_PATCH_EXCLUDE} 2030_all_2.3.6-bdirect.patch" + + toolchain-glibc_src_unpack + + # XXX: do not package ssp up into tarballs, leave it in FILESDIR + cd "${S}" + cp "${FILESDIR}"/2.3.5/ssp.c sysdeps/unix/sysv/linux/ || die "could not find ssp.c" + rm -f "${WORKDIR}"/patches/2* + epatch "${FILESDIR}"/2.3.6/glibc-2.3.6-propolice-guard-functions.patch + + # Glibc is stupid sometimes, and doesn't realize that with a + # static C-Only gcc, -lgcc_eh doesn't exist. + # http://sources.redhat.com/ml/libc-alpha/2003-09/msg00100.html + # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html + echo 'int main(){}' > "${T}"/gcc_eh_test.c + if ! $(tc-getCC ${CTARGET}) "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then + sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh" + fi + + # Some configure checks fail on the first emerge through because they + # try to link. This doesn't work well if we don't have a libc yet. + # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html + if is_crosscompile && use build; then + rm "${S}"/sysdeps/sparc/sparc64/elf/configure{,.in} + rm "${S}"/nptl/sysdeps/pthread/configure{,.in} + fi + + cd "${WORKDIR}" + find . -type f '(' -size 0 -o -name "*.orig" ')' -exec rm -f {} \; + find . -name configure -exec touch {} \; + + # Fix permissions on some of the scripts + chmod u+x "${S}"/scripts/*.sh +} + +src_compile() { + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Building multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + src_compile + done + ABI=${OABI} + unset OABI + return 0 + fi + fi + + if just_headers ; then + toolchain-glibc_headers_compile + else + toolchain-glibc_src_compile + fi +} + +src_test() { + setup_env + + if [[ -z ${OABI} ]] && has_multilib_profile ; then + OABI=${ABI} + einfo "Testing multilib glibc for ABIs: $(get_install_abis)" + for ABI in $(get_install_abis) ; do + export ABI + einfo " Testing ${ABI} glibc" + src_test + done + ABI=${OABI} + unset OABI + return 0 + fi + + toolchain-glibc_src_test +} + +src_strip() { + # Now, strip everything but the thread libs #46186, as well as the dynamic + # linker, else we cannot set breakpoints in shared libraries due to bugs in + # gdb. Also want to grab stuff in tls subdir. whee. +#when new portage supports this ... +# env \ +# -uRESTRICT \ +# CHOST=${CTARGET} \ +# STRIP_MASK="/*/{,tls/}{ld-,lib{pthread,thread_db}}*" \ +# prepallstrip + pushd "${D}" > /dev/null + + if ! is_crosscompile ; then + mkdir -p "${T}"/strip-backup + for x in $(find "${D}" -maxdepth 3 \ + '(' -name 'ld-*' -o -name 'libpthread*' -o -name 'libthread_db*' ')' \ + -a '(' '!' -name '*.a' ')' -type f -printf '%P ') + do + mkdir -p "${T}/strip-backup/${x%/*}" + cp -a -- "${D}/${x}" "${T}/strip-backup/${x}" || die "backing up ${x}" + done + fi + env -uRESTRICT CHOST=${CTARGET} prepallstrip + if ! is_crosscompile ; then + cp -a -- "${T}"/strip-backup/* "${D}"/ || die "restoring non-stripped libs" + fi + + popd > /dev/null +} + +src_install() { + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Installing multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + src_install + done + ABI=${OABI} + unset OABI + src_strip + return 0 + fi + fi + + if just_headers ; then + toolchain-glibc_headers_install + else + toolchain-glibc_src_install + fi + [[ -z ${OABI} ]] && src_strip +} + +pkg_preinst() { + toolchain-glibc_pkg_preinst +} + +pkg_postinst() { + toolchain-glibc_pkg_postinst +} diff --git a/sys-libs/glibc/glibc-2.4-r4.ebuild b/sys-libs/glibc/glibc-2.4-r4.ebuild new file mode 100644 index 0000000..e8e659c --- /dev/null +++ b/sys-libs/glibc/glibc-2.4-r4.ebuild @@ -0,0 +1,1260 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +KEYWORDS="-* amd64 ~ia64 ~mips ppc ppc64 s390 sh ~sparc x86" + +BRANCH_UPDATE="" + +# Generated man pages +GLIBC_MANPAGE_VERSION="none" + +# Generated stuff in manual subdir +GLIBC_INFOPAGE_VERSION="none" + +# Gentoo patchset +PATCH_VER="1.19" + +# PPC cpu addon +# http://penguinppc.org/dev/glibc/glibc-powerpc-cpu-addon.html +PPC_CPU_ADDON_VER="0.01" +PPC_CPU_ADDON_TARBALL="glibc-powerpc-cpu-addon-v${PPC_CPU_ADDON_VER}.tgz" +PPC_CPU_ADDON_URI="http://penguinppc.org/dev/glibc/${PPC_CPU_ADDON_TARBALL}" + +# LinuxThreads addon +LT_VER="20060605" +LT_TARBALL="glibc-linuxthreads-${LT_VER}.tar.bz2" +LT_URI="ftp://sources.redhat.com/pub/glibc/snapshots/${LT_TARBALL} mirror://gentoo/${LT_TARBALL}" + +GENTOO_TOOLCHAIN_BASE_URI="mirror://gentoo" +GENTOO_TOOLCHAIN_DEV_URI="http://dev.gentoo.org/~azarah/glibc/XXX http://dev.gentoo.org/~vapier/dist/XXX" + +### PUNT OUT TO ECLASS?? ### +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" +LICENSE="LGPL-2" + +# note that nptl/nptlonly/glibc-compat20 are for upgrade checks only. +# we dont generally support these things in this version. +IUSE="build nptl nptlonly hardened multilib selinux glibc-omitfp profile glibc-compat20" + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + export CTARGET=${CATEGORY/cross-} + fi +fi + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} +just_headers() { + is_crosscompile && use crosscompile_opts_headers-only +} + +GLIBC_RELEASE_VER=$(get_version_component_range 1-3) + +# Don't set this to :-, - allows BRANCH_UPDATE="" +BRANCH_UPDATE=${BRANCH_UPDATE-$(get_version_component_range 4)} + +# (Recent snapshots fails with 2.6.5 and earlier with NPTL) +NPTL_KERNEL_VERSION=${NPTL_KERNEL_VERSION:-"2.6.9"} +LT_KERNEL_VERSION=${LT_KERNEL_VERSION:-"2.4.1"} + +### SRC_URI ### + +# This function handles the basics of setting the SRC_URI for a glibc ebuild. +# To use, set SRC_URI with: +# +# SRC_URI="$(get_glibc_src_uri)" +# +# Other than the variables normally set by portage, this function's behavior +# can be altered by setting the following: +# +# GENTOO_TOOLCHAIN_BASE_URI +# This sets the base URI for all gentoo-specific patch files. Note +# that this variable is only important for a brief period of time, +# before your source files get picked up by mirrors. However, it is +# still highly suggested that you keep files in this location +# available. +# +# BRANCH_UPDATE +# If set, this variable signals that we should be using the main +# release tarball (determined by ebuild version) and applying a +# CVS branch update patch against it. The location of this branch +# update patch is assumed to be in ${GENTOO_TOOLCHAIN_BASE_URI}. +# Just like with SNAPSHOT, this variable is ignored if the ebuild +# has a _pre suffix. +# +# PATCH_VER +# PATCH_GLIBC_VER +# This should be set to the version of the gentoo patch tarball. +# The resulting filename of this tarball will be: +# glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 +# +# GLIBC_MANPAGE_VERSION +# GLIBC_INFOPAGE_VERSION +# The version of glibc for which we will download pages. This will +# default to ${GLIBC_RELEASE_VER}, but we may not want to pre-generate man pages +# for prerelease test ebuilds for example. This allows you to +# continue using pre-generated manpages from the last stable release. +# If set to "none", this will prevent the downloading of manpages, +# which is useful for individual library targets. +# +get_glibc_src_uri() { + GENTOO_TOOLCHAIN_BASE_URI=${GENTOO_TOOLCHAIN_BASE_URI:-"mirror://gentoo"} + +# GLIBC_SRC_URI="http://ftp.gnu.org/gnu/glibc/glibc-${GLIBC_RELEASE_VER}.tar.bz2 +# http://ftp.gnu.org/gnu/glibc/glibc-linuxthreads-${GLIBC_RELEASE_VER}.tar.bz2 +# http://ftp.gnu.org/gnu/glibc/glibc-libidn-${GLIBC_RELEASE_VER}.tar.bz2 + GLIBC_SRC_URI="mirror://gnu/glibc/glibc-${GLIBC_RELEASE_VER}.tar.bz2 + mirror://gnu/glibc/glibc-ports-${GLIBC_RELEASE_VER}.tar.bz2 + mirror://gnu/glibc/glibc-libidn-${GLIBC_RELEASE_VER}.tar.bz2" + + if [[ -n ${BRANCH_UPDATE} ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2}" + fi + + if [[ -n ${PATCH_VER} ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2}" + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2}" + fi + + if [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2}" + fi + + [[ -n ${LT_VER} ]] && GLIBC_SRC_URI="${GLIBC_SRC_URI} ${LT_URI}" + + GLIBC_SRC_URI="${GLIBC_SRC_URI} ${PPC_CPU_ADDON_URI}" + + echo "${GLIBC_SRC_URI}" +} + +SRC_URI=$(get_glibc_src_uri) +S=${WORKDIR}/glibc-${GLIBC_RELEASE_VER} + +### EXPORTED FUNCTIONS ### +unpack_addon() { + local addon=$1 ver=${2:-${GLIBC_RELEASE_VER}} + unpack glibc-${addon}-${ver}.tar.bz2 + mv glibc-${addon}-${ver} ${addon} || die +} +toolchain-glibc_src_unpack() { + # Check NPTL support _before_ we unpack things to save some time + want_nptl && check_nptl_support + + unpack glibc-${GLIBC_RELEASE_VER}.tar.bz2 + + cd "${S}" + if [[ -n ${LT_VER} ]] ; then + unpack ${LT_TARBALL} + mv glibc-linuxthreads-${LT_VER}/* . || die + fi + unpack_addon libidn + unpack_addon ports + + if [[ -n ${PPC_CPU_ADDON_TARBALL} ]] ; then + cd "${S}" + unpack ${PPC_CPU_ADDON_TARBALL} + fi + + if [[ -n ${PATCH_VER} ]] ; then + cd "${WORKDIR}" + unpack glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 + # pull out all the addons + local d + for d in extra/*/configure ; do + mv "${d%/configure}" "${S}" || die "moving ${d}" + done + fi + + # XXX: We should do the branchupdate, before extracting the manpages and + # infopages else it does not help much (mtimes change if there is a change + # to them with branchupdate) + if [[ -n ${BRANCH_UPDATE} ]] ; then + cd "${S}" + epatch "${DISTDIR}"/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + + # Snapshot date patch + einfo "Patching version to display snapshot date ..." + sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + cd "${WORKDIR}" + unpack glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + fi + + if [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + cd "${S}" + unpack glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + fi + + if [[ -n ${PATCH_VER} ]] ; then + cd "${S}" + EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-${PATCH_VER} ..." \ + EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \ + EPATCH_SUFFIX="patch" \ + ARCH=$(tc-arch) \ + epatch "${WORKDIR}"/patches + + # tag, glibc is it + [[ -e csu/Banner ]] && die "need new banner location" + echo "Gentoo patchset ${PATCH_VER}" > csu/Banner + fi + + gnuconfig_update +} + +toolchain-glibc_src_compile() { + echo + local v + for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do + einfo " $(printf '%15s' ${v}:) ${!v}" + done + echo + + if want_linuxthreads ; then + glibc_do_configure linuxthreads + einfo "Building GLIBC with linuxthreads..." + make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" + fi + if want_nptl ; then + # ... and then do the optional nptl build + unset LD_ASSUME_KERNEL + glibc_do_configure nptl + einfo "Building GLIBC with NPTL..." + make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" + fi +} + +toolchain-glibc_headers_compile() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + + # Pick out the correct location for build headers + local myconf="--disable-sanity-checks --enable-hacker-mode" + myconf="${myconf} + --enable-add-ons=nptl,ports + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + --with-headers=$(alt_build_headers) + --prefix=/usr + ${EXTRA_ECONF}" + + einfo "Configuring GLIBC headers with: ${myconf// /\n\t\t}" + CC=gcc \ + CFLAGS="-O1 -pipe" \ + "${S}"/configure ${myconf} || die "failed to configure glibc" +} + +toolchain-glibc_src_test() { + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-$1 || die "cd build-${ABI}-${CTARGET}-$1" + unset LD_ASSUME_KERNEL + make check || die "make check failed for ${ABI}-${CTARGET}-$1" +} + +toolchain-glibc_pkg_preinst() { + # PPC64+others may want to eventually be added to this logic if they + # decide to be multilib compatible and FHS compliant. note that this + # chunk of FHS compliance only applies to 64bit archs where 32bit + # compatibility is a major concern (not IA64, for example). + + # amd64's 2005.0 is the first amd64 profile to not need this code. + # 2005.0 is setup properly, and this is executed as part of the + # 2004.3 -> 2005.0 upgrade script. + # It can be removed after 2004.3 has been purged from portage. + { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks + + # it appears that /lib/tls is sometimes not removed. See bug + # 69258 for more info. + if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && ! { want_nptl && want_linuxthreads; }; then + addwrite "${ROOT}"/$(alt_libdir)/ + ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." + rm -r "${ROOT}"/$(alt_libdir)/tls || die + fi + + # Shouldnt need to keep this updated + [[ -e ${ROOT}/etc/locale.gen ]] && rm -f "${D}"/etc/locale.gen +} + +toolchain-glibc_src_install() { + # These should not be set, else the + # zoneinfo do not always get installed ... + unset LANGUAGE LANG LC_ALL + + local GBUILDDIR + if want_linuxthreads ; then + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads + else + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl + fi + + local install_root=${D} + if is_crosscompile ; then + install_root="${install_root}/usr/${CTARGET}" + fi + if want_linuxthreads ; then + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads + einfo "Installing GLIBC ${ABI} with linuxthreads ..." + make PARALLELMFLAGS="${MAKEOPTS} -j1" \ + install_root="${install_root}" \ + install || die + else # nptlonly + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + einfo "Installing GLIBC ${ABI} with NPTL ..." + make PARALLELMFLAGS="${MAKEOPTS} -j1" \ + install_root="${install_root}" \ + install || die + fi + + if is_crosscompile ; then + # punt all the junk not needed by a cross-compiler + cd "${D}"/usr/${CTARGET} || die + rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} + fi + + if want_linuxthreads && want_nptl ; then + einfo "Installing NPTL to $(alt_libdir)/tls/..." + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl + + local l src_lib + for l in libc libm librt libpthread libthread_db ; do + # take care of shared lib first ... + l=${l}.so + if [[ -e ${l} ]] ; then + src_lib=${l} + else + src_lib=$(eval echo */${l}) + fi + cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" + fperms a+rx $(alt_libdir)/tls/${l} + dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) + + # then grab the linker script or the symlink ... + if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then + dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} + else + sed \ + -e "s:/${l}:/tls/${l}:g" \ + -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ + "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} + fi + + # then grab the static lib ... + src_lib=${src_lib/%.so/.a} + [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + src_lib=${src_lib/%.a/_nonshared.a} + if [[ -e ${src_lib} ]] ; then + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + fi + done + + # use the nptl linker instead of the linuxthreads one as the linuxthreads + # one may lack TLS support and that can be really bad for business + cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" + fi + + # We'll take care of the cache ourselves + rm -f "${D}"/etc/ld.so.cache + + # Some things want this, notably ash. + dosym libbsd-compat.a $(alt_usrlibdir)/libbsd.a + + # Handle includes for different ABIs + prep_ml_includes $(alt_headers) + + # When cross-compiling for a non-multilib setup, make sure we have + # lib and a proper symlink setup + if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then + cd "${D}"$(alt_libdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + cd "${D}"$(alt_usrlibdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + fi + + ################################################################# + # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # + # Make sure we install some symlink hacks so that when we build + # a 2nd stage cross-compiler, gcc finds the target system + # headers correctly. See gcc/doc/gccinstall.info + if is_crosscompile ; then + dosym usr/include /usr/${CTARGET}/sys-include + return 0 + fi + + # Everything past this point just needs to be done once ... + is_final_abi || return 0 + + # Make sure the non-native interp can be found on multilib systems + if has_multilib_profile ; then + case $(tc-arch) in + amd64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib + dosym /$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 + ;; + ppc64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib + dosym /$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 + ;; + esac + fi + + # Files for Debian-style locale updating + dodir /usr/share/i18n + sed \ + -e "/^#/d" \ + -e "/SUPPORTED-LOCALES=/d" \ + -e "s: \\\\::g" -e "s:/: :g" \ + "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ + || die "generating /usr/share/i18n/SUPPORTED failed" + cd "${WORKDIR}"/extra/locale + dosbin locale-gen || die + doman *.[0-8] + insinto /etc + doins locale.gen || die + + # Make sure all the ABI's can find the locales and so we only + # have to generate one set + local a + keepdir /usr/$(get_libdir)/locale + for a in $(get_install_abis) ; do + if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then + dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale + fi + done + + if ! has noinfo ${FEATURES} && [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + einfo "Installing info pages..." + + make \ + -C "${GBUILDDIR}" \ + PARALLELMFLAGS="${MAKEOPTS} -j1" \ + install_root="${install_root}" \ + info -i || die + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + einfo "Installing man pages..." + + # Install linuxthreads man pages even if nptl is enabled + cd "${WORKDIR}"/man + doman *.3thr + fi + + # Install misc network config files + insinto /etc + doins "${WORKDIR}"/extra/etc/*.conf || die + doinitd "${WORKDIR}"/extra/etc/nscd || die + + cd "${S}" + dodoc BUGS ChangeLog* CONFORMANCE FAQ INTERFACE NEWS NOTES PROJECTS README* + + # Prevent overwriting of the /etc/localtime symlink. We'll handle the + # creation of the "factory" symlink in pkg_postinst(). + rm -f "${D}"/etc/localtime + + # simple test to make sure our new glibc isnt completely broken. + # for now, skip the multilib scenario. also make sure we don't + # test with statically built binaries since they will fail. + [[ ${CBUILD} != ${CHOST} ]] && return 0 + [[ $(get_libdir) != "lib" ]] && return 0 + for x in date env ls true uname ; do + x=$(type -p ${x}) + [[ -z ${x} ]] && continue + striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) + [[ -z ${striptest} ]] && continue + [[ ${striptest} == *"statically linked"* ]] && continue + "${D}"/$(get_libdir)/ld-*.so \ + --library-path "${D}"/$(get_libdir) \ + ${x} > /dev/null \ + || die "simple run test (${x}) failed" + done +} + +toolchain-glibc_headers_install() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + cd "${GBUILDDIR}" + make install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" + # Copy over headers that are not part of install-headers ... these + # are pretty much taken verbatim from crosstool, see it for more details + insinto $(alt_headers)/bits + doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" + insinto $(alt_headers)/gnu + doins "${S}"/include/gnu/stubs.h || die "doins include gnu" + # Make sure we install the sys-include symlink so that when + # we build a 2nd stage cross-compiler, gcc finds the target + # system headers correctly. See gcc/doc/gccinstall.info + dosym usr/include /usr/${CTARGET}/sys-include +} + +toolchain-glibc_pkg_postinst() { + # Mixing nptlonly and -nptlonly glibc can prove dangerous if libpthread + # isn't removed in unmerge which happens sometimes. See bug #87671 + if ! is_crosscompile && want_linuxthreads && [[ ${ROOT} == "/" ]] ; then + for libdir in $(get_all_libdirs) ; do + for f in "${ROOT}"/${libdir}/libpthread-2.* "${ROOT}"/${libdir}/libpthread-0.6* ; do + if [[ -f ${f} ]] ; then + rm -f ${f} + ldconfig + fi + done + done + fi + + if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then + # Generate fastloading iconv module configuration file. + "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" + fi + + if [[ ! -e ${ROOT}/lib/ld.so.1 ]] && use ppc64 && ! has_multilib_profile ; then + ## SHOULDN'T THIS BE lib64?? + ln -s ld64.so.1 "${ROOT}"/lib/ld.so.1 + fi + + if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then + # Reload init ... + /sbin/telinit U &> /dev/null + + # if the host locales.gen contains no entries, we'll install everything + local locale_list="${ROOT}etc/locale.gen" + if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then + ewarn "Generating all locales; edit /etc/locale.gen to save time/space" + locale_list="${ROOT}usr/share/i18n/SUPPORTED" + fi + local x jobs + for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done + locale-gen -j ${jobs:-1} --config "${locale_list}" + fi + + echo + einfo "Gentoo's glibc no longer includes mdns." + einfo "If you want mdns, emerge the sys-auth/nss-mdns package." + echo + + if want_nptl && want_linuxthreads ; then + einfo "The default behavior of glibc on your system is to use NPTL. If" + einfo "you want to use linuxthreads for a particular program, start it" + einfo "by executing 'LD_ASSUME_KERNEL=${LT_KERNEL_VERSION} <program> [<options>]'" + echo + fi +} + +### SUPPORT FUNCTIONS ### +# We need to be able to set alternative headers for +# compiling for non-native platform +# Will also become useful for testing kernel-headers without screwing up +# the whole system. +# note: intentionally undocumented. +alt_headers() { + if [[ -z ${ALT_HEADERS} ]] ; then + if is_crosscompile ; then + ALT_HEADERS="/usr/${CTARGET}/usr/include" + else + ALT_HEADERS="/usr/include" + fi + fi + echo "${ALT_HEADERS}" +} +alt_build_headers() { + if [[ -z ${ALT_BUILD_HEADERS} ]] ; then + ALT_BUILD_HEADERS=$(alt_headers) + tc-is-cross-compiler && ALT_BUILD_HEADERS=${ROOT}$(alt_headers) + fi + echo "${ALT_BUILD_HEADERS}" +} + +alt_libdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/$(get_libdir) + else + echo /$(get_libdir) + fi +} + +alt_usrlibdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/usr/$(get_libdir) + else + echo /usr/$(get_libdir) + fi +} + +setup_flags() { + # Make sure host make.conf doesn't pollute us + if is_crosscompile || tc-is-cross-compiler ; then + CHOST=${CTARGET} strip-unsupported-flags + fi + + # Store our CFLAGS because it's changed depending on which CTARGET + # we are building when pulling glibc on a multilib profile + CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}} + CFLAGS=${CFLAGS_BASE} + ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}} + ASFLAGS=${ASFLAGS_BASE} + + # Over-zealous CFLAGS can often cause problems. What may work for one + # person may not work for another. To avoid a large influx of bugs + # relating to failed builds, we strip most CFLAGS out to ensure as few + # problems as possible. + strip-flags + strip-unsupported-flags + filter-flags -m32 -m64 -mabi=* + + unset CBUILD_OPT CTARGET_OPT + if has_multilib_profile ; then + CTARGET_OPT=$(get_abi_CTARGET) + [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST) + fi + + case $(tc-arch) in + amd64) + # Punt this when amd64's 2004.3 is removed + CFLAGS_x86="-m32" + ;; + ppc) + append-flags "-freorder-blocks" + ;; + sparc) + # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though. + filter-flags "-fcall-used-g7" + append-flags "-fcall-used-g6" + filter-flags "-mvis" + + if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then + case ${ABI} in + sparc64) + filter-flags -Wa,-xarch -Wa,-A + + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparc64b-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9b" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" + else + CTARGET_OPT="sparc64-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9a" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a" + fi + ;; + *) + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + else + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + ;; + esac + else + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + elif { is_crosscompile && want_nptl; } || is-flag "-mcpu=ultrasparc2" || is-flag "-mcpu=ultrasparc"; then + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + fi + ;; + esac + + if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then + CBUILD_OPT=${CTARGET_OPT} + fi + + if $(tc-getCC ${CTARGET}) -v 2>&1 | grep -q 'gcc version 3.[0123]'; then + append-flags -finline-limit=2000 + fi + + # We dont want these flags for glibc + filter-ldflags -pie + + # Lock glibc at -O2 -- linuxthreads needs it and we want to be + # conservative here. -fno-strict-aliasing is to work around #155906 + filter-flags -O? + append-flags -O2 -fno-strict-aliasing +} + +check_kheader_version() { + local header="$(alt_build_headers)/linux/version.h" + + [[ -z $1 ]] && return 1 + + if [[ -f ${header} ]] ; then + local version=$(grep 'LINUX_VERSION_CODE' ${header} | \ + sed -e 's:^.*LINUX_VERSION_CODE[[:space:]]*::') + + if [[ ${version} -ge "$1" ]] ; then + return 0 + fi + fi + + return 1 +} + +check_nptl_support() { + local min_kernel_version=$(KV_to_int "${NPTL_KERNEL_VERSION}") + + echo + + ebegin "Checking gcc for __thread support" + if ! eend $(want__thread ; echo $?) ; then + echo + eerror "Could not find a gcc that supports the __thread directive!" + eerror "Please update your binutils/gcc and try again." + die "No __thread support in gcc!" + fi + + if ! is_crosscompile && ! tc-is-cross-compiler ; then + # Building fails on an non-supporting kernel + ebegin "Checking kernel version (>=${NPTL_KERNEL_VERSION})" + if ! eend $([[ $(get_KV) -ge ${min_kernel_version} ]] ; echo $?) ; then + echo + eerror "You need a kernel of at least version ${NPTL_KERNEL_VERSION}" + eerror "for NPTL support!" + die "Kernel version too low!" + fi + fi + + # Building fails with too low linux-headers + ebegin "Checking linux-headers version (>=${NPTL_KERNEL_VERSION})" + if ! eend $(check_kheader_version "${min_kernel_version}" ; echo $?) ; then + echo + eerror "You need linux-headers of at least version ${NPTL_KERNEL_VERSION}" + eerror "for NPTL support!" + die "linux-headers version too low!" + fi + + echo +} + +want_nptl() { + want_tls || return 1 + use nptl || return 1 + + # Only list the arches that cannot do NPTL + case $(tc-arch) in + hppa|m68k) return 1;; + sparc) + # >= v9 is needed for nptl. + [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 + ;; + esac + + return 0 +} + +want_linuxthreads() { + ! use nptlonly && return 0 + want_nptl || return 0 + return 1 +} + +want_tls() { + # Archs that can use TLS (Thread Local Storage) + case $(tc-arch) in + sparc) + # 2.3.6 should have tls support on sparc64 + # when using newer binutils + case ${CTARGET/-*} in + sparc64*) return 1 ;; + *) return 0 ;; + esac + ;; + x86) + # requires i486 or better #106556 + [[ ${CTARGET} == i[4567]86* ]] && return 0 + return 1 + ;; + esac + + return 0 +} + +want__thread() { + want_tls || return 1 + + # For some reason --with-tls --with__thread is causing segfaults on sparc32. + [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 + + [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD} + + echo 'extern __thread int i;' > "${T}"/test-__thread.c + $(tc-getCC ${CTARGET}) -c "${T}"/test-__thread.c -o "${T}"/test-__thread.o &> /dev/null + WANT__THREAD=$? + rm -f "${T}"/test-__thread.[co] + + return ${WANT__THREAD} +} + +glibc_do_configure() { + local myconf + + # set addons + pushd "${S}" > /dev/null + local ADDONS=$(echo */configure | sed \ + -e 's:/configure::g' \ + -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ + -e 's: \+$::' \ + -e 's! !,!g' \ + -e 's!^!,!' \ + -e '/^,\*$/d') + popd > /dev/null + + if [[ -n ${PPC_CPU_ADDON_VER} ]] && [[ $(tc-arch) == ppc* ]] ; then + ADDONS="${ADDONS},powerpc-cpu" + case $(get-flag mcpu) in + 970|power4|power5|power5+) myconf="${myconf} --with-cpu=$(get-flag mcpu)" + esac + fi + + myconf="${myconf} $(use_enable hardened stackguard-randomization)" + if [[ $(<"${T}"/.ssp.compat) == "yes" ]] ; then + myconf="${myconf} --enable-old-ssp-compat" + else + myconf="${myconf} --disable-old-ssp-compat" + fi + + use glibc-omitfp && myconf="${myconf} --enable-omitfp" + + [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" + + if [[ $1 == "linuxthreads" ]] ; then + if want_tls ; then + myconf="${myconf} --with-tls" + + if ! want__thread || use glibc-compat20 || [[ ${LT_KERNEL_VERSION} == 2.[02].* ]] ; then + myconf="${myconf} --without-__thread" + else + myconf="${myconf} --with-__thread" + fi + else + myconf="${myconf} --without-tls --without-__thread" + fi + + myconf="${myconf} --disable-sanity-checks" + myconf="${myconf} --enable-add-ons=ports,linuxthreads${ADDONS}" + myconf="${myconf} --enable-kernel=${LT_KERNEL_VERSION}" + elif [[ $1 == "nptl" ]] ; then + myconf="${myconf} --with-tls --with-__thread" + myconf="${myconf} --enable-add-ons=ports,nptl${ADDONS}" + myconf="${myconf} --enable-kernel=${NPTL_KERNEL_VERSION}" + else + die "invalid pthread option" + fi + + # Since SELinux support is only required for nscd, only enable it if: + # 1. USE selinux + # 2. ! USE build + # 3. only for the primary ABI on multilib systems + if use selinux && ! use build ; then + if use multilib || has_multilib_profile ; then + if is_final_abi ; then + myconf="${myconf} --with-selinux" + else + myconf="${myconf} --without-selinux" + fi + else + myconf="${myconf} --with-selinux" + fi + else + myconf="${myconf} --without-selinux" + fi + + myconf="${myconf} + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + $(use_enable profile) + --without-gd + --with-headers=$(alt_build_headers) + --prefix=/usr + --libdir=/usr/$(get_libdir) + --mandir=/usr/share/man + --infodir=/usr/share/info + --libexecdir=/usr/$(get_libdir)/misc/glibc + ${EXTRA_ECONF}" + + # There is no configure option for this and we need to export it + # since the glibc build will re-run configure on itself + export libc_cv_slibdir=/$(get_libdir) + + has_version app-admin/eselect-compiler || export CC=$(tc-getCC ${CTARGET}) + + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + einfo "Configuring GLIBC for $1 with: ${myconf// /\n\t\t}" + "${S}"/configure ${myconf} || die "failed to configure glibc" +} + +fix_lib64_symlinks() { + # the original Gentoo/AMD64 devs decided that since 64bit is the native + # bitdepth for AMD64, lib should be used for 64bit libraries. however, + # this ignores the FHS and breaks multilib horribly... especially + # since it wont even work without a lib64 symlink anyways. *rolls eyes* + # see bug 59710 for more information. + # Travis Tilley <lv@gentoo.org> (08 Aug 2004) + if [ -L ${ROOT}/lib64 ] ; then + ewarn "removing /lib64 symlink and moving lib to lib64..." + ewarn "dont hit ctrl-c until this is done" + addwrite ${ROOT}/ + rm ${ROOT}/lib64 + # now that lib64 is gone, nothing will run without calling ld.so + # directly. luckily the window of brokenness is almost non-existant + use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + # all better :) + ldconfig + ln -s lib64 ${ROOT}/lib + einfo "done! :-)" + einfo "fixed broken lib64/lib symlink in ${ROOT}" + fi + if [ -L ${ROOT}/usr/lib64 ] ; then + addwrite ${ROOT}/usr + rm ${ROOT}/usr/lib64 + mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 + ln -s lib64 ${ROOT}/usr/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" + fi + if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then + addwrite ${ROOT}/usr/X11R6 + rm ${ROOT}/usr/X11R6/lib64 + mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 + ln -s lib64 ${ROOT}/usr/X11R6/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" + fi +} + +use_multilib() { + case ${CTARGET} in + sparc64*|mips64*|x86_64*|powerpc64*|s390x*) + has_multilib_profile || use multilib ;; + *) false ;; + esac +} + +# Setup toolchain variables that would be defined in the profiles for these archs. +setup_env() { + # These should not be set, else the zoneinfo do not always get installed ... + unset LANGUAGE LANG LC_ALL + # silly users + unset LD_RUN_PATH + + if is_crosscompile || tc-is-cross-compiler ; then + multilib_env ${CTARGET} + if ! use multilib ; then + MULTILIB_ABIS=${DEFAULT_ABI} + else + MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}} + fi + + # If the user has CFLAGS_<CTARGET> in their make.conf, use that, + # and fall back on CFLAGS. + local VAR=CFLAGS_${CTARGET//[-.]/_} + CFLAGS=${!VAR-${CFLAGS}} + fi + + setup_flags + + export ABI=${ABI:-${DEFAULT_ABI:-default}} + + if is_crosscompile || tc-is-cross-compiler ; then + local VAR=CFLAGS_${ABI} + # We need to export CFLAGS with abi information in them because + # glibc's configure script checks CFLAGS for some targets (like mips) + export CFLAGS="${!VAR} ${CFLAGS}" + fi +} + +### /ECLASS PUNTAGE ### + +if is_crosscompile ; then + SLOT="${CTARGET}-2.2" +else + SLOT="2.2" +fi + +# we'll handle stripping ourself #46186 +RESTRICT="strip" +EMULTILIB_PKG="true" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + nptl? ( || ( >=sys-kernel/mips-headers-${NPTL_KERNEL_VERSION} >=sys-kernel/linux-headers-${NPTL_KERNEL_VERSION} ) ) + >=sys-devel/binutils-2.15.94 + >=sys-devel/gcc-config-1.3.12 + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + selinux? ( !build? ( sys-libs/libselinux ) )" +RDEPEND="selinux? ( !build? ( sys-libs/libselinux ) )" + +if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + + if [[ ${CATEGORY} == *-linux* ]] ; then + if [[ ${CATEGORY} == cross-mips* ]] ; then + DEPEND="${DEPEND} >=${CATEGORY}/mips-headers-2.6.10" + else + DEPEND="${DEPEND} ${CATEGORY}/linux-headers" + fi + fi +else + DEPEND="${DEPEND} sys-libs/timezone-data" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +pkg_setup() { + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if ! is_crosscompile && ! tc-is-cross-compiler ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + fi + + if use glibc-compat20 ; then + eerror "This version no longer provides compatibility with old broken" + eerror "applications. If you need this support, call your vendor" + eerror "and tell them to release an update that isn't broken." + die "non-TLS symbol errno@glibc_2.0 not supported" + fi + if want_linuxthreads ; then + ewarn "glibc-2.4 is nptl-only!" + [[ ${CTARGET} == i386-* ]] && eerror "NPTL requires a CHOST of i486 or better" + die "please add USE='nptl nptlonly' to make.conf" + fi + + if use nptlonly && ! use nptl ; then + eerror "If you want nptlonly, add nptl to your USE too ;p" + die "nptlonly without nptl" + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty, which is probably not what you want." + fi + + if ! type -p scanelf > /dev/null ; then + eerror "You do not have pax-utils installed." + die "install pax-utils" + fi + + # give some sort of warning about the nptl logic changes... + if want_nptl && want_linuxthreads ; then + ewarn "Warning! Gentoo's GLIBC with NPTL enabled now behaves like the" + ewarn "glibc from almost every other distribution out there. This means" + ewarn "that glibc is compiled -twice-, once with linuxthreads and once" + ewarn "with nptl. The NPTL version is installed to lib/tls and is still" + ewarn "used by default. If you do not need nor want the linuxthreads" + ewarn "fallback, you can disable this behavior by adding nptlonly to" + ewarn "USE to save yourself some compile time." + + ebeep + epause 5 + fi +} + +src_unpack() { + setup_env + + toolchain-glibc_src_unpack + + # Backwards SSP support + cd "${S}" +# For now, we force everyone to have the extra symbols +# einfon "Scanning system for __guard to see if we need SSP compat ... " +# if [[ -n $(scanelf -qyls__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then + echo "yes" > "${T}"/.ssp.compat +# else +# # ok, a quick scan didnt find it, so lets do a deep scan ... +# if [[ -n $(scanelf -qyRlps__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then +# echo "yes" > "${T}"/.ssp.compat +# else +# echo "no" > "${T}"/.ssp.compat +# fi +# fi +# cat "${T}"/.ssp.compat + + # Glibc is stupid sometimes, and doesn't realize that with a + # static C-Only gcc, -lgcc_eh doesn't exist. + # http://sources.redhat.com/ml/libc-alpha/2003-09/msg00100.html + # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html + echo 'int main(){}' > "${T}"/gcc_eh_test.c + if ! $(tc-getCC ${CTARGET}) "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then + sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh" + fi + + # Some configure checks fail on the first emerge through because they + # try to link. This doesn't work well if we don't have a libc yet. + # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html + if is_crosscompile && use build; then + rm "${S}"/sysdeps/sparc/sparc64/elf/configure{,.in} + rm "${S}"/nptl/sysdeps/pthread/configure{,.in} + fi + + cd "${WORKDIR}" + find . -type f '(' -size 0 -o -name "*.orig" ')' -exec rm -f {} \; + find . -name configure -exec touch {} \; + + # Fix permissions on some of the scripts + chmod u+x "${S}"/scripts/*.sh +} + +src_compile() { + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Building multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + src_compile + done + ABI=${OABI} + unset OABI + return 0 + fi + fi + + if just_headers ; then + toolchain-glibc_headers_compile + else + toolchain-glibc_src_compile + fi +} + +src_test() { + setup_env + + if [[ -z ${OABI} ]] && has_multilib_profile ; then + OABI=${ABI} + einfo "Testing multilib glibc for ABIs: $(get_install_abis)" + for ABI in $(get_install_abis) ; do + export ABI + einfo " Testing ${ABI} glibc" + src_test + done + ABI=${OABI} + unset OABI + return 0 + fi + + want_linuxthreads && toolchain-glibc_src_test linuxthreads + want_nptl && toolchain-glibc_src_test nptl +} + +src_strip() { + # Now, strip everything but the thread libs #46186, as well as the dynamic + # linker, else we cannot set breakpoints in shared libraries due to bugs in + # gdb. Also want to grab stuff in tls subdir. whee. +#when new portage supports this ... +# env \ +# -uRESTRICT \ +# CHOST=${CTARGET} \ +# STRIP_MASK="/*/{,tls/}{ld-,lib{pthread,thread_db}}*" \ +# prepallstrip + pushd "${D}" > /dev/null + + if ! is_crosscompile ; then + mkdir -p "${T}"/strip-backup + for x in $(find "${D}" -maxdepth 3 \ + '(' -name 'ld-*' -o -name 'libpthread*' -o -name 'libthread_db*' ')' \ + -a '(' '!' -name '*.a' ')' -type f -printf '%P ') + do + mkdir -p "${T}/strip-backup/${x%/*}" + cp -a -- "${D}/${x}" "${T}/strip-backup/${x}" || die "backing up ${x}" + done + fi + env -uRESTRICT CHOST=${CTARGET} prepallstrip + if ! is_crosscompile ; then + cp -a -- "${T}"/strip-backup/* "${D}"/ || die "restoring non-stripped libs" + fi + + popd > /dev/null +} + +src_install() { + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Installing multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + src_install + done + ABI=${OABI} + unset OABI + src_strip + return 0 + fi + fi + + if just_headers ; then + toolchain-glibc_headers_install + else + toolchain-glibc_src_install + fi + [[ -z ${OABI} ]] && src_strip +} + +pkg_preinst() { + toolchain-glibc_pkg_preinst +} + +pkg_postinst() { + toolchain-glibc_pkg_postinst +} diff --git a/sys-libs/glibc/glibc-2.5.1.ebuild b/sys-libs/glibc/glibc-2.5.1.ebuild new file mode 100644 index 0000000..d317efc --- /dev/null +++ b/sys-libs/glibc/glibc-2.5.1.ebuild @@ -0,0 +1,1226 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +# need to wait for proper ports/linuxthreads release +KEYWORDS="" #~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" + +BRANCH_UPDATE="" + +# Generated man pages +GLIBC_MANPAGE_VERSION="none" + +# Generated stuff in manual subdir +GLIBC_INFOPAGE_VERSION="none" + +# Gentoo patchset +PATCH_VER="1.0" + +GENTOO_TOOLCHAIN_BASE_URI="mirror://gentoo" +GENTOO_TOOLCHAIN_DEV_URI="http://dev.gentoo.org/~azarah/glibc/XXX http://dev.gentoo.org/~vapier/dist/XXX" + +### PUNT OUT TO ECLASS?? ### +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" +LICENSE="LGPL-2" + +IUSE="build debug nptl nptlonly hardened multilib selinux glibc-omitfp profile glibc-compat20" + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + export CTARGET=${CATEGORY/cross-} + fi +fi + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} +just_headers() { + is_crosscompile && use crosscompile_opts_headers-only +} + +GLIBC_RELEASE_VER=$(get_version_component_range 1-3) + +# Don't set this to :-, - allows BRANCH_UPDATE="" +BRANCH_UPDATE=${BRANCH_UPDATE-$(get_version_component_range 4)} +GLIBC_PORTS_VER="2.5" #${GLIBC_RELEASE_VER} +#GLIBC_PORTS_VER="20060925" +GLIBC_LT_VER="2.5" #${GLIBC_RELEASE_VER} +#GLIBC_LT_VER="20060605" + +# (Recent snapshots fails with 2.6.5 and earlier with NPTL) +NPTL_KERNEL_VERSION=${NPTL_KERNEL_VERSION:-"2.6.9"} +LT_KERNEL_VERSION=${LT_KERNEL_VERSION:-"2.4.1"} + +[[ ${CTARGET} == hppa* ]] && NPTL_KERNEL_VERSION=${NPTL_KERNEL_VERSION:-2.6.20} + +### SRC_URI ### + +# This function handles the basics of setting the SRC_URI for a glibc ebuild. +# To use, set SRC_URI with: +# +# SRC_URI="$(get_glibc_src_uri)" +# +# Other than the variables normally set by portage, this function's behavior +# can be altered by setting the following: +# +# GENTOO_TOOLCHAIN_BASE_URI +# This sets the base URI for all gentoo-specific patch files. Note +# that this variable is only important for a brief period of time, +# before your source files get picked up by mirrors. However, it is +# still highly suggested that you keep files in this location +# available. +# +# BRANCH_UPDATE +# If set, this variable signals that we should be using the main +# release tarball (determined by ebuild version) and applying a +# CVS branch update patch against it. The location of this branch +# update patch is assumed to be in ${GENTOO_TOOLCHAIN_BASE_URI}. +# Just like with SNAPSHOT, this variable is ignored if the ebuild +# has a _pre suffix. +# +# PATCH_VER +# PATCH_GLIBC_VER +# This should be set to the version of the gentoo patch tarball. +# The resulting filename of this tarball will be: +# glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 +# +# GLIBC_MANPAGE_VERSION +# GLIBC_INFOPAGE_VERSION +# The version of glibc for which we will download pages. This will +# default to ${GLIBC_RELEASE_VER}, but we may not want to pre-generate man pages +# for prerelease test ebuilds for example. This allows you to +# continue using pre-generated manpages from the last stable release. +# If set to "none", this will prevent the downloading of manpages, +# which is useful for individual library targets. +# +get_glibc_src_uri() { + GENTOO_TOOLCHAIN_BASE_URI=${GENTOO_TOOLCHAIN_BASE_URI:-"mirror://gentoo"} + + GLIBC_SRC_URI="mirror://gnu/glibc/glibc-${GLIBC_RELEASE_VER}.tar.bz2 + mirror://gnu/glibc/glibc-ports-${GLIBC_PORTS_VER}.tar.bz2 + ftp://sources.redhat.com/pub/glibc/snapshots/glibc-ports-${GLIBC_PORTS_VER}.tar.bz2 + mirror://gnu/glibc/glibc-libidn-${GLIBC_RELEASE_VER}.tar.bz2" + + if [[ -n ${BRANCH_UPDATE} ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2}" + fi + + if [[ -n ${PATCH_VER} ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2}" + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2}" + fi + + if [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + ${GENTOO_TOOLCHAIN_BASE_URI}/glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + ${GENTOO_TOOLCHAIN_DEV_URI//XXX/glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2}" + fi + + if [[ -n ${GLIBC_LT_VER} ]] ; then + GLIBC_SRC_URI="${GLIBC_SRC_URI} + mirror://gnu/glibc/glibc-linuxthreads-${GLIBC_LT_VER}.tar.bz2 + ftp://sources.redhat.com/pub/glibc/snapshots/glibc-linuxthreads-${GLIBC_LT_VER}.tar.bz2" + fi + + echo "${GLIBC_SRC_URI}" +} + +SRC_URI=$(get_glibc_src_uri) +S=${WORKDIR}/glibc-${GLIBC_RELEASE_VER} + +### EXPORTED FUNCTIONS ### +unpack_addon() { + local addon=$1 ver=${2:-${GLIBC_RELEASE_VER}} + unpack glibc-${addon}-${ver}.tar.bz2 + mv glibc-${addon}-${ver} ${addon} || die +} +toolchain-glibc_src_unpack() { + # Check NPTL support _before_ we unpack things to save some time + want_nptl && check_nptl_support + + unpack glibc-${GLIBC_RELEASE_VER}.tar.bz2 + + cd "${S}" + [[ -n ${GLIBC_LT_VER} ]] && unpack glibc-linuxthreads-${GLIBC_LT_VER}.tar.bz2 + unpack_addon libidn + unpack_addon ports ${GLIBC_PORTS_VER} + + if [[ -n ${PATCH_VER} ]] ; then + cd "${WORKDIR}" + unpack glibc-${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 + # pull out all the addons + local d + for d in extra/*/configure ; do + mv "${d%/configure}" "${S}" || die "moving ${d}" + done + fi + + # XXX: We should do the branchupdate, before extracting the manpages and + # infopages else it does not help much (mtimes change if there is a change + # to them with branchupdate) + if [[ -n ${BRANCH_UPDATE} ]] ; then + cd "${S}" + epatch "${DISTDIR}"/glibc-${GLIBC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + + # Snapshot date patch + einfo "Patching version to display snapshot date ..." + sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + cd "${WORKDIR}" + unpack glibc-manpages-${GLIBC_MANPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + fi + + if [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + cd "${S}" + unpack glibc-infopages-${GLIBC_INFOPAGE_VERSION:-${GLIBC_RELEASE_VER}}.tar.bz2 + fi + + if [[ -n ${PATCH_VER} ]] ; then + cd "${S}" + EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${PATCH_GLIBC_VER:-${GLIBC_RELEASE_VER}}-${PATCH_VER} ..." \ + EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \ + EPATCH_SUFFIX="patch" \ + ARCH=$(tc-arch) \ + epatch "${WORKDIR}"/patches + + # tag, glibc is it + [[ -e csu/Banner ]] && die "need new banner location" + echo "Gentoo patchset ${PATCH_VER}" > csu/Banner + fi + + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch + epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP handler" + cp -f "${FILESDIR}"/2.5/glibc-2.5-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi + + gnuconfig_update +} + +toolchain-glibc_src_compile() { + echo + local v + for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do + einfo " $(printf '%15s' ${v}:) ${!v}" + done + echo + + if want_linuxthreads ; then + glibc_do_configure linuxthreads + einfo "Building GLIBC with linuxthreads..." + make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" + fi + if want_nptl ; then + # ... and then do the optional nptl build + unset LD_ASSUME_KERNEL + glibc_do_configure nptl + einfo "Building GLIBC with NPTL..." + make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" + fi +} + +toolchain-glibc_headers_compile() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + + # Pick out the correct location for build headers + local myconf="--disable-sanity-checks --enable-hacker-mode" + myconf="${myconf} + --enable-add-ons=nptl,ports + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + --with-headers=$(alt_build_headers) + --prefix=/usr + ${EXTRA_ECONF}" + + einfo "Configuring GLIBC headers with: ${myconf// /\n\t\t}" + CC=gcc \ + CFLAGS="-O1 -pipe" \ + "${S}"/configure ${myconf} || die "failed to configure glibc" +} + +toolchain-glibc_src_test() { + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-$1 || die "cd build-${ABI}-${CTARGET}-$1" + unset LD_ASSUME_KERNEL + make check && return 0 + einfo "make check failed - re-running with --keep-going to get the rest of the results" + make -k check + ewarn "make check failed for ${ABI}-${CTARGET}-$1" + return 1 +} + +toolchain-glibc_pkg_preinst() { + # PPC64+others may want to eventually be added to this logic if they + # decide to be multilib compatible and FHS compliant. note that this + # chunk of FHS compliance only applies to 64bit archs where 32bit + # compatibility is a major concern (not IA64, for example). + + # amd64's 2005.0 is the first amd64 profile to not need this code. + # 2005.0 is setup properly, and this is executed as part of the + # 2004.3 -> 2005.0 upgrade script. + # It can be removed after 2004.3 has been purged from portage. + { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks + + # it appears that /lib/tls is sometimes not removed. See bug + # 69258 for more info. + if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && ! { want_nptl && want_linuxthreads; }; then + addwrite "${ROOT}"/$(alt_libdir)/ + ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." + rm -r "${ROOT}"/$(alt_libdir)/tls || die + fi + + # Shouldnt need to keep this updated + [[ -e ${ROOT}/etc/locale.gen ]] && rm -f "${D}"/etc/locale.gen + + # simple test to make sure our new glibc isnt completely broken. + # make sure we don't test with statically built binaries since + # they will fail. also, skip if this glibc is a cross compiler. + [[ ${ROOT} != "/" ]] && return 0 + is_crosscompile && return 0 + local x striptest + for x in date env ls true uname ; do + x=$(type -p ${x}) + [[ -z ${x} ]] && continue + striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) + [[ -z ${striptest} ]] && continue + [[ ${striptest} == *"statically linked"* ]] && continue + "${D}"/$(get_libdir)/ld-*.so \ + --library-path "${D}"/$(get_libdir) \ + ${x} > /dev/null \ + || die "simple run test (${x}) failed" + done +} + +toolchain-glibc_src_install() { + # These should not be set, else the + # zoneinfo do not always get installed ... + unset LANGUAGE LANG LC_ALL + + local GBUILDDIR + if want_linuxthreads ; then + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads + else + GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl + fi + + local install_root=${D} + is_crosscompile && install_root="${install_root}/usr/${CTARGET}" + if want_linuxthreads ; then + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads + einfo "Installing GLIBC ${ABI} with linuxthreads ..." + make PARALLELMFLAGS="${MAKEOPTS}" \ + install_root="${install_root}" \ + install || die + else # nptlonly + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + einfo "Installing GLIBC ${ABI} with NPTL ..." + make PARALLELMFLAGS="${MAKEOPTS}" \ + install_root="${install_root}" \ + install || die + fi + + if is_crosscompile ; then + # punt all the junk not needed by a cross-compiler + cd "${D}"/usr/${CTARGET} || die + rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} + fi + + if want_linuxthreads && want_nptl ; then + einfo "Installing NPTL to $(alt_libdir)/tls/..." + cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl + dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl + + local l src_lib + for l in libc libm librt libpthread libthread_db ; do + # take care of shared lib first ... + l=${l}.so + if [[ -e ${l} ]] ; then + src_lib=${l} + else + src_lib=$(eval echo */${l}) + fi + cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" + fperms a+rx $(alt_libdir)/tls/${l} + dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) + + # then grab the linker script or the symlink ... + if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then + dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} + else + sed \ + -e "s:/${l}:/tls/${l}:g" \ + -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ + "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} + fi + + # then grab the static lib ... + src_lib=${src_lib/%.so/.a} + [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + src_lib=${src_lib/%.a/_nonshared.a} + if [[ -e ${src_lib} ]] ; then + cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" + fi + done + + # use the nptl linker instead of the linuxthreads one as the linuxthreads + # one may lack TLS support and that can be really bad for business + cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" + fi + + # We'll take care of the cache ourselves + rm -f "${D}"/etc/ld.so.cache + + # When cross-compiling for a non-multilib setup, make sure we have + # lib and a proper symlink setup + if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then + cd "${D}"$(alt_libdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + cd "${D}"$(alt_usrlibdir)/.. + mv $(get_libdir) lib || die + ln -s lib $(get_libdir) || die + fi + + ################################################################# + # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # + # Make sure we install some symlink hacks so that when we build + # a 2nd stage cross-compiler, gcc finds the target system + # headers correctly. See gcc/doc/gccinstall.info + if is_crosscompile ; then + dosym usr/include /usr/${CTARGET}/sys-include + return 0 + fi + + # Everything past this point just needs to be done once ... + is_final_abi || return 0 + + # Make sure the non-native interp can be found on multilib systems + if has_multilib_profile ; then + case $(tc-arch) in + amd64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib + dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 + ;; + ppc64) + [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib + dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 + ;; + esac + fi + + # Files for Debian-style locale updating + dodir /usr/share/i18n + sed \ + -e "/^#/d" \ + -e "/SUPPORTED-LOCALES=/d" \ + -e "s: \\\\::g" -e "s:/: :g" \ + "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ + || die "generating /usr/share/i18n/SUPPORTED failed" + cd "${WORKDIR}"/extra/locale + dosbin locale-gen || die + doman *.[0-8] + insinto /etc + doins locale.gen || die + + # Make sure all the ABI's can find the locales and so we only + # have to generate one set + local a + keepdir /usr/$(get_libdir)/locale + for a in $(get_install_abis) ; do + if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then + dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale + fi + done + + if ! has noinfo ${FEATURES} && [[ ${GLIBC_INFOPAGE_VERSION} != "none" ]] ; then + einfo "Installing info pages..." + + make \ + -C "${GBUILDDIR}" \ + PARALLELMFLAGS="${MAKEOPTS}" \ + install_root="${install_root}" \ + info -i || die + fi + + if [[ ${GLIBC_MANPAGE_VERSION} != "none" ]] ; then + einfo "Installing man pages..." + + # Install linuxthreads man pages even if nptl is enabled + cd "${WORKDIR}"/man + doman *.3thr + fi + + cd "${S}" + + # Install misc network config files + insinto /etc + doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die + doins "${WORKDIR}"/extra/etc/*.conf || die + doinitd "${WORKDIR}"/extra/etc/nscd || die + + dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* + + # Prevent overwriting of the /etc/localtime symlink. We'll handle the + # creation of the "factory" symlink in pkg_postinst(). + rm -f "${D}"/etc/localtime +} + +toolchain-glibc_headers_install() { + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers + cd "${GBUILDDIR}" + make install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" + # Copy over headers that are not part of install-headers ... these + # are pretty much taken verbatim from crosstool, see it for more details + insinto $(alt_headers)/bits + doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" + insinto $(alt_headers)/gnu + doins "${S}"/include/gnu/stubs.h || die "doins include gnu" + # Make sure we install the sys-include symlink so that when + # we build a 2nd stage cross-compiler, gcc finds the target + # system headers correctly. See gcc/doc/gccinstall.info + dosym usr/include /usr/${CTARGET}/sys-include +} + +toolchain-glibc_pkg_postinst() { + # Mixing nptlonly and -nptlonly glibc can prove dangerous if libpthread + # isn't removed in unmerge which happens sometimes. See bug #87671 + if ! is_crosscompile && want_linuxthreads && [[ ${ROOT} == "/" ]] ; then + for libdir in $(get_all_libdirs) ; do + for f in "${ROOT}"/${libdir}/libpthread-2.* "${ROOT}"/${libdir}/libpthread-0.6* ; do + if [[ -f ${f} ]] ; then + rm -f ${f} + ldconfig + fi + done + done + fi + + if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then + # Generate fastloading iconv module configuration file. + "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" + fi + + if [[ ! -e ${ROOT}/lib/ld.so.1 ]] && use ppc64 && ! has_multilib_profile ; then + ## SHOULDN'T THIS BE lib64?? + ln -s ld64.so.1 "${ROOT}"/lib/ld.so.1 + fi + + if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then + # Reload init ... + /sbin/telinit U &> /dev/null + + # if the host locales.gen contains no entries, we'll install everything + local locale_list="${ROOT}etc/locale.gen" + if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then + ewarn "Generating all locales; edit /etc/locale.gen to save time/space" + locale_list="${ROOT}usr/share/i18n/SUPPORTED" + fi + local x jobs + for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done + locale-gen -j ${jobs:-1} --config "${locale_list}" + fi + + echo + einfo "Gentoo's glibc no longer includes mdns." + einfo "If you want mdns, emerge the sys-auth/nss-mdns package." + echo + + if want_nptl && want_linuxthreads ; then + einfo "The default behavior of glibc on your system is to use NPTL. If" + einfo "you want to use linuxthreads for a particular program, start it" + einfo "by executing 'LD_ASSUME_KERNEL=${LT_KERNEL_VERSION} <program> [<options>]'" + echo + fi +} + +### SUPPORT FUNCTIONS ### +# We need to be able to set alternative headers for +# compiling for non-native platform +# Will also become useful for testing kernel-headers without screwing up +# the whole system. +# note: intentionally undocumented. +alt_headers() { + if [[ -z ${ALT_HEADERS} ]] ; then + if is_crosscompile ; then + ALT_HEADERS="/usr/${CTARGET}/usr/include" + else + ALT_HEADERS="/usr/include" + fi + fi + echo "${ALT_HEADERS}" +} +alt_build_headers() { + if [[ -z ${ALT_BUILD_HEADERS} ]] ; then + ALT_BUILD_HEADERS=$(alt_headers) + if tc-is-cross-compiler ; then + ALT_BUILD_HEADERS=${ROOT}$(alt_headers) + if [[ ! -e ${ALT_BUILD_HEADERS}/linux/version.h ]] ; then + local header_path=$(echo '#include <linux/version.h>' | $(tc-getCPP ${CTARGET}) ${CFLAGS} 2>&1 | grep -o '[^"]*linux/version.h') + ALT_BUILD_HEADERS=${header_path%/linux/version.h} + fi + fi + fi + echo "${ALT_BUILD_HEADERS}" +} + +alt_libdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/$(get_libdir) + else + echo /$(get_libdir) + fi +} + +alt_usrlibdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/usr/$(get_libdir) + else + echo /usr/$(get_libdir) + fi +} + +setup_flags() { + # Make sure host make.conf doesn't pollute us + if is_crosscompile || tc-is-cross-compiler ; then + CHOST=${CTARGET} strip-unsupported-flags + fi + + # Store our CFLAGS because it's changed depending on which CTARGET + # we are building when pulling glibc on a multilib profile + CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}} + CFLAGS=${CFLAGS_BASE} + CXXFLAGS_BASE=${CXXFLAGS_BASE-${CXXFLAGS}} + CXXFLAGS=${CXXFLAGS_BASE} + ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}} + ASFLAGS=${ASFLAGS_BASE} + + # Over-zealous CFLAGS can often cause problems. What may work for one + # person may not work for another. To avoid a large influx of bugs + # relating to failed builds, we strip most CFLAGS out to ensure as few + # problems as possible. + strip-flags + strip-unsupported-flags + filter-flags -m32 -m64 -mabi=* + + unset CBUILD_OPT CTARGET_OPT + if has_multilib_profile ; then + CTARGET_OPT=$(get_abi_CTARGET) + [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST) + fi + + case $(tc-arch) in + amd64) + # Punt this when amd64's 2004.3 is removed + CFLAGS_x86="-m32" + ;; + ppc) + append-flags "-freorder-blocks" + ;; + sparc) + # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though. + filter-flags "-fcall-used-g7" + append-flags "-fcall-used-g6" + filter-flags "-mvis" + + if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then + case ${ABI} in + sparc64) + filter-flags -Wa,-xarch -Wa,-A + + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparc64b-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9b" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" + else + CTARGET_OPT="sparc64-unknown-linux-gnu" + append-flags "-Wa,-xarch=v9a" + export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a" + fi + ;; + *) + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + else + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + ;; + esac + else + if is-flag "-mcpu=ultrasparc3"; then + CTARGET_OPT="sparcv9b-unknown-linux-gnu" + elif { is_crosscompile && want_nptl; } || is-flag "-mcpu=ultrasparc2" || is-flag "-mcpu=ultrasparc"; then + CTARGET_OPT="sparcv9-unknown-linux-gnu" + fi + fi + ;; + esac + + if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then + CBUILD_OPT=${CTARGET_OPT} + fi + + # Lock glibc at -O2 -- linuxthreads needs it and we want to be + # conservative here. -fno-strict-aliasing is to work around #155906 + filter-flags -O? + append-flags -O2 -fno-strict-aliasing + + # building glibc with SSP is fraught with difficulty, especially + # due to __stack_chk_fail_local which would mean significant changes + # to the glibc build process. See bug #94325 + filter-flags -fstack-protector + + if use hardened && gcc-specs-pie ; then + # Force PIC macro definition for all compilations since they're all + # either -fPIC or -fPIE with the default-PIE compiler. + append-cppflags -DPIC + else + # Don't build -fPIE without the default-PIE compiler and the + # hardened-pie patch + filter-flags -fPIE + fi +} + +check_kheader_version() { + local version=$( + printf '#include <linux/version.h>\nLINUX_VERSION_CODE\n' | \ + $(tc-getCPP ${CTARGET}) -I "$(alt_build_headers)" | \ + tail -n 1 + ) + [[ ${version} -ge "$1" ]] +} + +check_nptl_support() { + local min_kernel_version=$(KV_to_int "${NPTL_KERNEL_VERSION}") + + echo + + ebegin "Checking gcc for __thread support" + if ! eend $(want__thread ; echo $?) ; then + echo + eerror "Could not find a gcc that supports the __thread directive!" + eerror "Please update your binutils/gcc and try again." + die "No __thread support in gcc!" + fi + + if ! is_crosscompile && ! tc-is-cross-compiler ; then + # Building fails on an non-supporting kernel + ebegin "Checking kernel version (>=${NPTL_KERNEL_VERSION})" + if ! eend $([[ $(get_KV) -ge ${min_kernel_version} ]] ; echo $?) ; then + echo + eerror "You need a kernel of at least version ${NPTL_KERNEL_VERSION}" + eerror "for NPTL support!" + die "Kernel version too low!" + fi + fi + + # Building fails with too low linux-headers + ebegin "Checking linux-headers version (>=${NPTL_KERNEL_VERSION})" + if ! eend $(check_kheader_version "${min_kernel_version}" ; echo $?) ; then + echo + eerror "You need linux-headers of at least version ${NPTL_KERNEL_VERSION}" + eerror "for NPTL support!" + die "linux-headers version too low!" + fi + + echo +} + +want_nptl() { + want_tls || return 1 + use nptl || return 1 + + # Only list the arches that cannot do NPTL + case $(tc-arch) in + m68k) return 1;; + sparc) + # >= v9 is needed for nptl. + [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 + ;; + esac + + return 0 +} + +want_linuxthreads() { + ! use nptlonly && return 0 + want_nptl || return 0 + return 1 +} + +want_tls() { + # Archs that can use TLS (Thread Local Storage) + case $(tc-arch) in + sparc) + # 2.3.6 should have tls support on sparc64 + # when using newer binutils + case ${CTARGET/-*} in + sparc64*) return 1 ;; + *) return 0 ;; + esac + ;; + x86) + # requires i486 or better #106556 + [[ ${CTARGET} == i[4567]86* ]] && return 0 + return 1 + ;; + esac + + return 0 +} + +want__thread() { + want_tls || return 1 + + # For some reason --with-tls --with__thread is causing segfaults on sparc32. + [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 + + [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD} + + echo 'extern __thread int i;' > "${T}"/test-__thread.c + $(tc-getCC ${CTARGET}) -c "${T}"/test-__thread.c -o "${T}"/test-__thread.o &> /dev/null + WANT__THREAD=$? + rm -f "${T}"/test-__thread.[co] + + return ${WANT__THREAD} +} + +glibc_do_configure() { + local myconf + + # set addons + pushd "${S}" > /dev/null + local ADDONS=$(echo */configure | sed \ + -e 's:/configure::g' \ + -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ + -e 's: \+$::' \ + -e 's! !,!g' \ + -e 's!^!,!' \ + -e '/^,\*$/d') + popd > /dev/null + + myconf="${myconf} $(use_enable hardened stackguard-randomization)" + if [[ $(<"${T}"/.ssp.compat) == "yes" ]] ; then + myconf="${myconf} --enable-old-ssp-compat" + else + myconf="${myconf} --disable-old-ssp-compat" + fi + + use glibc-omitfp && myconf="${myconf} --enable-omitfp" + + [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" + + if [[ $1 == "linuxthreads" ]] ; then + if want_tls ; then + myconf="${myconf} --with-tls" + + if ! want__thread || use glibc-compat20 || [[ ${LT_KERNEL_VERSION} == 2.[02].* ]] ; then + myconf="${myconf} --without-__thread" + else + myconf="${myconf} --with-__thread" + fi + else + myconf="${myconf} --without-tls --without-__thread" + fi + + myconf="${myconf} --disable-sanity-checks" + myconf="${myconf} --enable-add-ons=ports,linuxthreads${ADDONS}" + myconf="${myconf} --enable-kernel=${LT_KERNEL_VERSION}" + elif [[ $1 == "nptl" ]] ; then + myconf="${myconf} --with-tls --with-__thread" + myconf="${myconf} --enable-add-ons=ports,nptl${ADDONS}" + myconf="${myconf} --enable-kernel=${NPTL_KERNEL_VERSION}" + else + die "invalid pthread option" + fi + + # Since SELinux support is only required for nscd, only enable it if: + # 1. USE selinux + # 2. ! USE build + # 3. only for the primary ABI on multilib systems + if use selinux && ! use build ; then + if use multilib || has_multilib_profile ; then + if is_final_abi ; then + myconf="${myconf} --with-selinux" + else + myconf="${myconf} --without-selinux" + fi + else + myconf="${myconf} --with-selinux" + fi + else + myconf="${myconf} --without-selinux" + fi + + myconf="${myconf} + --without-cvs + --enable-bind-now + --build=${CBUILD_OPT:-${CBUILD}} + --host=${CTARGET_OPT:-${CTARGET}} + $(use_enable profile) + --without-gd + --with-headers=$(alt_build_headers) + --prefix=/usr + --libdir=/usr/$(get_libdir) + --mandir=/usr/share/man + --infodir=/usr/share/info + --libexecdir=/usr/$(get_libdir)/misc/glibc + ${EXTRA_ECONF}" + + # There is no configure option for this and we need to export it + # since the glibc build will re-run configure on itself + export libc_cv_slibdir=/$(get_libdir) + + has_version app-admin/eselect-compiler || export CC=$(tc-getCC ${CTARGET}) + + local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 + mkdir -p "${GBUILDDIR}" + cd "${GBUILDDIR}" + einfo "Configuring GLIBC for $1 with: ${myconf// /\n\t\t}" + "${S}"/configure ${myconf} || die "failed to configure glibc" +} + +fix_lib64_symlinks() { + # the original Gentoo/AMD64 devs decided that since 64bit is the native + # bitdepth for AMD64, lib should be used for 64bit libraries. however, + # this ignores the FHS and breaks multilib horribly... especially + # since it wont even work without a lib64 symlink anyways. *rolls eyes* + # see bug 59710 for more information. + # Travis Tilley <lv@gentoo.org> (08 Aug 2004) + if [ -L ${ROOT}/lib64 ] ; then + ewarn "removing /lib64 symlink and moving lib to lib64..." + ewarn "dont hit ctrl-c until this is done" + addwrite ${ROOT}/ + rm ${ROOT}/lib64 + # now that lib64 is gone, nothing will run without calling ld.so + # directly. luckily the window of brokenness is almost non-existant + use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + # all better :) + ldconfig + ln -s lib64 ${ROOT}/lib + einfo "done! :-)" + einfo "fixed broken lib64/lib symlink in ${ROOT}" + fi + if [ -L ${ROOT}/usr/lib64 ] ; then + addwrite ${ROOT}/usr + rm ${ROOT}/usr/lib64 + mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 + ln -s lib64 ${ROOT}/usr/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" + fi + if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then + addwrite ${ROOT}/usr/X11R6 + rm ${ROOT}/usr/X11R6/lib64 + mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 + ln -s lib64 ${ROOT}/usr/X11R6/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" + fi +} + +# Setup toolchain variables that would be defined in the profiles for these archs. +setup_env() { + # These should not be set, else the zoneinfo do not always get installed ... + unset LANGUAGE LANG LC_ALL + # silly users + unset LD_RUN_PATH + + if is_crosscompile || tc-is-cross-compiler ; then + multilib_env ${CTARGET} + if ! use multilib ; then + MULTILIB_ABIS=${DEFAULT_ABI} + else + MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}} + fi + + # If the user has CFLAGS_<CTARGET> in their make.conf, use that, + # and fall back on CFLAGS. + local VAR=CFLAGS_${CTARGET//[-.]/_} + CFLAGS=${!VAR-${CFLAGS}} + fi + + setup_flags + + export ABI=${ABI:-${DEFAULT_ABI:-default}} + + if is_crosscompile || tc-is-cross-compiler ; then + local VAR=CFLAGS_${ABI} + # We need to export CFLAGS with abi information in them because + # glibc's configure script checks CFLAGS for some targets (like mips) + export CFLAGS="${!VAR} ${CFLAGS}" + fi +} + +### /ECLASS PUNTAGE ### + +if is_crosscompile ; then + SLOT="${CTARGET}-2.2" +else + SLOT="2.2" +fi + +# we'll handle stripping ourself #46186 +RESTRICT="strip" +EMULTILIB_PKG="true" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + nptl? ( >=sys-kernel/linux-headers-${NPTL_KERNEL_VERSION} ) + >=sys-devel/binutils-2.15.94 + >=sys-devel/gcc-config-1.3.12 + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/portage-2.1.2 + selinux? ( !build? ( sys-libs/libselinux ) )" +RDEPEND="selinux? ( !build? ( sys-libs/libselinux ) )" + +if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + + if [[ ${CATEGORY} == *-linux* ]] ; then + DEPEND="${DEPEND} ${CATEGORY}/linux-headers" + fi +else + DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +pkg_setup() { + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if ! is_crosscompile && ! tc-is-cross-compiler ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + fi + + if [[ ${CTARGET} == i386-* ]] ; then + eerror "i386 CHOSTs are no longer supported." + eerror "Chances are you don't actually want/need i386." + eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" + die "please fix your CHOST" + fi + + if use nptlonly && ! use nptl ; then + eerror "If you want nptlonly, add nptl to your USE too ;p" + die "nptlonly without nptl" + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty, which is probably not what you want." + fi + + if ! type -p scanelf > /dev/null ; then + eerror "You do not have pax-utils installed." + die "install pax-utils" + fi + + use hardened && ! gcc-specs-pie && \ + ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" +} + +src_unpack() { + setup_env + + toolchain-glibc_src_unpack + + # Backwards SSP support + cd "${S}" +# For now, we force everyone to have the extra symbols +# einfon "Scanning system for __guard to see if we need SSP compat ... " +# if [[ -n $(scanelf -qyls__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then + echo "yes" > "${T}"/.ssp.compat +# else +# # ok, a quick scan didnt find it, so lets do a deep scan ... +# if [[ -n $(scanelf -qyRlps__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then +# echo "yes" > "${T}"/.ssp.compat +# else +# echo "no" > "${T}"/.ssp.compat +# fi +# fi +# cat "${T}"/.ssp.compat + + # Glibc is stupid sometimes, and doesn't realize that with a + # static C-Only gcc, -lgcc_eh doesn't exist. + # http://sources.redhat.com/ml/libc-alpha/2003-09/msg00100.html + # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html + echo 'int main(){}' > "${T}"/gcc_eh_test.c + if ! $(tc-getCC ${CTARGET}) "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then + sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh" + fi + + cd "${WORKDIR}" + find . -type f '(' -size 0 -o -name "*.orig" ')' -exec rm -f {} \; + find . -name configure -exec touch {} \; + + # Fix permissions on some of the scripts + chmod u+x "${S}"/scripts/*.sh +} + +src_compile() { + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Building multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + src_compile + done + ABI=${OABI} + unset OABI + return 0 + fi + fi + + if just_headers ; then + toolchain-glibc_headers_compile + else + toolchain-glibc_src_compile + fi +} + +src_test() { + local ret=0 + + setup_env + + if [[ -z ${OABI} ]] && has_multilib_profile ; then + OABI=${ABI} + einfo "Testing multilib glibc for ABIs: $(get_install_abis)" + for ABI in $(get_install_abis) ; do + export ABI + einfo " Testing ${ABI} glibc" + src_test + ((ret+=$?)) + done + ABI=${OABI} + unset OABI + [[ ${ret} -ne 0 ]] \ + && die "tests failed" \ + || return 0 + fi + + want_linuxthreads && toolchain-glibc_src_test linuxthreads ; ((ret+=$?)) + want_nptl && toolchain-glibc_src_test nptl ; ((ret+=$?)) + return ${ret} +} + +src_strip() { + # Now, strip everything but the thread libs #46186, as well as the dynamic + # linker, else we cannot set breakpoints in shared libraries due to bugs in + # gdb. Also want to grab stuff in tls subdir. whee. + env \ + -uRESTRICT \ + CHOST=${CTARGET} \ + STRIP_MASK="/*/{,tls/}{ld-,lib{pthread,thread_db}}*" \ + prepallstrip +} + +src_install() { + setup_env + + if [[ -z ${OABI} ]] ; then + local abilist="" + if has_multilib_profile ; then + abilist=$(get_install_abis) + einfo "Installing multilib glibc for ABIs: ${abilist}" + elif is_crosscompile || tc-is-cross-compiler ; then + abilist=${DEFAULT_ABI} + fi + if [[ -n ${abilist} ]] ; then + OABI=${ABI} + for ABI in ${abilist} ; do + export ABI + src_install + done + ABI=${OABI} + unset OABI + src_strip + return 0 + fi + fi + + if just_headers ; then + toolchain-glibc_headers_install + else + toolchain-glibc_src_install + fi + [[ -z ${OABI} ]] && src_strip +} + +pkg_preinst() { + toolchain-glibc_pkg_preinst +} + +pkg_postinst() { + toolchain-glibc_pkg_postinst +} diff --git a/sys-libs/glibc/glibc-2.6.1.ebuild b/sys-libs/glibc/glibc-2.6.1.ebuild new file mode 100644 index 0000000..68db9dc --- /dev/null +++ b/sys-libs/glibc/glibc-2.6.1.ebuild @@ -0,0 +1,330 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2" +KEYWORDS="alpha amd64 arm ia64 ~mips ppc ppc64 sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +RELEASE_VER=$(get_version_component_range 1-3) # major glibc version +BRANCH_UPDATE=$(get_version_component_range 4) # upstream cvs snaps +MANPAGE_VER="" # pregenerated manpages +INFOPAGE_VER="" # pregenerated infopages +PATCH_VER="1.2" # Gentoo patchset +PATCH_GLIBC_VER=${RELEASE_VER} # glibc version in patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LIBIDN_VER=${RELEASE_VER} # version of libidn addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER:-2.6.20} + +IUSE="debug gd hardened multilib selinux glibc-omitfp profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}" +S=${WORKDIR}/glibc-${RELEASE_VER} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + export CTARGET=${CATEGORY/cross-} + fi +fi + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} +alt_libdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/$(get_libdir) + else + echo /$(get_libdir) + fi +} + +if is_crosscompile ; then + SLOT="${CTARGET}-2.2" +else + # Why SLOT 2.2 you ask yourself while sippin your tea ? + # Everyone knows 2.2 > 0, duh. + SLOT="2.2" +fi + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=sys-devel/gcc-config-1.3.12 + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + upstream_uris glibc-${RELEASE_VER}.tar.bz2 + upstream_uris glibc-libidn-${RELEASE_VER}.tar.bz2 + + [[ -n ${PORTS_VER} ]] && upstream_uris glibc-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris glibc-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${PATCH_GLIBC_VER}-patches-${PATCH_VER}.tar.bz2 + [[ -n ${MANPAGE_VER} ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2 + [[ -n ${INFOPAGE_VER} ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 || die + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install 2.6 ; } + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch + epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.6/glibc-2.6-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} + +pkg_setup() { + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + fi + + # users have had a chance to phase themselves, time to give em the boot + if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then + eerror "You still haven't deleted ${ROOT}/etc/locales.build." + eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." + die "lazy upgrader detected" + fi + + if [[ ${CTARGET} == i386-* ]] ; then + eerror "i386 CHOSTs are no longer supported." + eerror "Chances are you don't actually want/need i386." + eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" + die "please fix your CHOST" + fi + + if [[ -n ${LT_VER} ]] ; then + if use nptlonly && ! use nptl ; then + eerror "If you want nptlonly, add nptl to your USE too ;p" + die "nptlonly without nptl" + fi + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty, which is probably not what you want." + fi + + use hardened && ! gcc-specs-pie && \ + ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" +} + +fix_lib64_symlinks() { + # the original Gentoo/AMD64 devs decided that since 64bit is the native + # bitdepth for AMD64, lib should be used for 64bit libraries. however, + # this ignores the FHS and breaks multilib horribly... especially + # since it wont even work without a lib64 symlink anyways. *rolls eyes* + # see bug 59710 for more information. + # Travis Tilley <lv@gentoo.org> (08 Aug 2004) + if [ -L ${ROOT}/lib64 ] ; then + ewarn "removing /lib64 symlink and moving lib to lib64..." + ewarn "dont hit ctrl-c until this is done" + rm ${ROOT}/lib64 + # now that lib64 is gone, nothing will run without calling ld.so + # directly. luckily the window of brokenness is almost non-existant + use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + # all better :) + ldconfig + ln -s lib64 ${ROOT}/lib + einfo "done! :-)" + einfo "fixed broken lib64/lib symlink in ${ROOT}" + fi + if [ -L ${ROOT}/usr/lib64 ] ; then + rm ${ROOT}/usr/lib64 + mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 + ln -s lib64 ${ROOT}/usr/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" + fi + if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then + rm ${ROOT}/usr/X11R6/lib64 + mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 + ln -s lib64 ${ROOT}/usr/X11R6/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" + fi +} + +pkg_preinst() { + # nothing to do if just installing headers + just_headers && return + + # PPC64+others may want to eventually be added to this logic if they + # decide to be multilib compatible and FHS compliant. note that this + # chunk of FHS compliance only applies to 64bit archs where 32bit + # compatibility is a major concern (not IA64, for example). + + # amd64's 2005.0 is the first amd64 profile to not need this code. + # 2005.0 is setup properly, and this is executed as part of the + # 2004.3 -> 2005.0 upgrade script. + # It can be removed after 2004.3 has been purged from portage. + { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks + + # it appears that /lib/tls is sometimes not removed. See bug + # 69258 for more info. + if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then + ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." + rm -r "${ROOT}"/$(alt_libdir)/tls || die + fi + + # Shouldnt need to keep this updated + [[ -e ${ROOT}/etc/locale.gen ]] && rm -f "${D}"/etc/locale.gen + + # simple test to make sure our new glibc isnt completely broken. + # make sure we don't test with statically built binaries since + # they will fail. also, skip if this glibc is a cross compiler. + [[ ${ROOT} != "/" ]] && return 0 + [[ -d ${D}/$(get_libdir) ]] || return 0 + cd / #228809 + local x striptest + for x in date env ls true uname ; do + x=$(type -p ${x}) + [[ -z ${x} ]] && continue + striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) + [[ -z ${striptest} ]] && continue + [[ ${striptest} == *"statically linked"* ]] && continue + "${D}"/$(get_libdir)/ld-*.so \ + --library-path "${D}"/$(get_libdir) \ + ${x} > /dev/null \ + || die "simple run test (${x}) failed" + done +} + +pkg_postinst() { + # nothing to do if just installing headers + just_headers && return + + if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then + # Generate fastloading iconv module configuration file. + "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" + fi + + if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then + # Reload init ... + /sbin/telinit U + + # if the host locales.gen contains no entries, we'll install everything + local locale_list="${ROOT}etc/locale.gen" + if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then + ewarn "Generating all locales; edit /etc/locale.gen to save time/space" + locale_list="${ROOT}usr/share/i18n/SUPPORTED" + fi + local x jobs + for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done + locale-gen -j ${jobs:-1} --config "${locale_list}" + fi +} diff --git a/sys-libs/glibc/glibc-2.7-r2.ebuild b/sys-libs/glibc/glibc-2.7-r2.ebuild new file mode 100644 index 0000000..e87854c --- /dev/null +++ b/sys-libs/glibc/glibc-2.7-r2.ebuild @@ -0,0 +1,344 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2" +KEYWORDS="~amd64 arm hppa ~ia64 ~ppc ppc64 s390 sh ~sparc ~x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +RELEASE_VER=$(get_version_component_range 1-3) # major glibc version +BRANCH_UPDATE=$(get_version_component_range 4) # upstream cvs snaps +MANPAGE_VER="" # pregenerated manpages +INFOPAGE_VER="" # pregenerated infopages +PATCH_VER="1.7" # Gentoo patchset +PATCH_GLIBC_VER=${RELEASE_VER} # glibc version in patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LIBIDN_VER=${RELEASE_VER} # version of libidn addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd glibc-omitfp hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}" +S=${WORKDIR}/glibc-${RELEASE_VER} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + export CTARGET=${CATEGORY/cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} +alt_libdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/$(get_libdir) + else + echo /$(get_libdir) + fi +} + +if is_crosscompile ; then + SLOT="${CTARGET}-2.2" +else + # Why SLOT 2.2 you ask yourself while sippin your tea ? + # Everyone knows 2.2 > 0, duh. + SLOT="2.2" +fi + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=sys-devel/gcc-config-1.3.12 + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + >=sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + upstream_uris glibc-${RELEASE_VER}.tar.bz2 + upstream_uris glibc-libidn-${RELEASE_VER}.tar.bz2 + + [[ -n ${PORTS_VER} ]] && upstream_uris glibc-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris glibc-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${PATCH_GLIBC_VER}-patches-${PATCH_VER}.tar.bz2 + [[ -n ${MANPAGE_VER} ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2 + [[ -n ${INFOPAGE_VER} ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 || die + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch + epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.7/glibc-2.7-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} + +pkg_setup() { + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + + # Check for broken kernels #262698 + cd "${T}" + printf '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n' > kern-clo-test.c + emake kern-clo-test || die + if ! ./kern-clo-test ; then + eerror "Your patched vendor kernel is broken. You need to get an" + eerror "update from whoever is providing the kernel to you." + eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" + die "keeping your system alive, say thank you" + fi + fi + + # users have had a chance to phase themselves, time to give em the boot + if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then + eerror "You still haven't deleted ${ROOT}/etc/locales.build." + eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." + die "lazy upgrader detected" + fi + + if [[ ${CTARGET} == i386-* ]] ; then + eerror "i386 CHOSTs are no longer supported." + eerror "Chances are you don't actually want/need i386." + eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" + die "please fix your CHOST" + fi + + if [[ -n ${LT_VER} ]] ; then + if use nptlonly && ! use nptl ; then + eerror "If you want nptlonly, add nptl to your USE too ;p" + die "nptlonly without nptl" + fi + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty, which is probably not what you want." + fi + + use hardened && ! gcc-specs-pie && \ + ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" + + export LC_ALL=C #252802 +} + +fix_lib64_symlinks() { + # the original Gentoo/AMD64 devs decided that since 64bit is the native + # bitdepth for AMD64, lib should be used for 64bit libraries. however, + # this ignores the FHS and breaks multilib horribly... especially + # since it wont even work without a lib64 symlink anyways. *rolls eyes* + # see bug 59710 for more information. + # Travis Tilley <lv@gentoo.org> (08 Aug 2004) + if [ -L ${ROOT}/lib64 ] ; then + ewarn "removing /lib64 symlink and moving lib to lib64..." + ewarn "dont hit ctrl-c until this is done" + rm ${ROOT}/lib64 + # now that lib64 is gone, nothing will run without calling ld.so + # directly. luckily the window of brokenness is almost non-existant + use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + # all better :) + ldconfig + ln -s lib64 ${ROOT}/lib + einfo "done! :-)" + einfo "fixed broken lib64/lib symlink in ${ROOT}" + fi + if [ -L ${ROOT}/usr/lib64 ] ; then + rm ${ROOT}/usr/lib64 + mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 + ln -s lib64 ${ROOT}/usr/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" + fi + if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then + rm ${ROOT}/usr/X11R6/lib64 + mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 + ln -s lib64 ${ROOT}/usr/X11R6/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" + fi +} + +pkg_preinst() { + # nothing to do if just installing headers + just_headers && return + + # PPC64+others may want to eventually be added to this logic if they + # decide to be multilib compatible and FHS compliant. note that this + # chunk of FHS compliance only applies to 64bit archs where 32bit + # compatibility is a major concern (not IA64, for example). + + # amd64's 2005.0 is the first amd64 profile to not need this code. + # 2005.0 is setup properly, and this is executed as part of the + # 2004.3 -> 2005.0 upgrade script. + # It can be removed after 2004.3 has been purged from portage. + { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks + + # it appears that /lib/tls is sometimes not removed. See bug + # 69258 for more info. + if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then + ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." + rm -r "${ROOT}"/$(alt_libdir)/tls || die + fi + + # Shouldnt need to keep this updated + [[ -e ${ROOT}/etc/locale.gen ]] && rm -f "${D}"/etc/locale.gen + + # simple test to make sure our new glibc isnt completely broken. + # make sure we don't test with statically built binaries since + # they will fail. also, skip if this glibc is a cross compiler. + [[ ${ROOT} != "/" ]] && return 0 + [[ -d ${D}/$(get_libdir) ]] || return 0 + cd / #228809 + local x striptest + for x in date env ls true uname ; do + x=$(type -p ${x}) + [[ -z ${x} ]] && continue + striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) + [[ -z ${striptest} ]] && continue + [[ ${striptest} == *"statically linked"* ]] && continue + "${D}"/$(get_libdir)/ld-*.so \ + --library-path "${D}"/$(get_libdir) \ + ${x} > /dev/null \ + || die "simple run test (${x}) failed" + done +} + +pkg_postinst() { + # nothing to do if just installing headers + just_headers && return + + if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then + # Generate fastloading iconv module configuration file. + "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" + fi + + if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then + # Reload init ... + /sbin/telinit U + + # if the host locales.gen contains no entries, we'll install everything + local locale_list="${ROOT}etc/locale.gen" + if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then + ewarn "Generating all locales; edit /etc/locale.gen to save time/space" + locale_list="${ROOT}usr/share/i18n/SUPPORTED" + fi + local x jobs + for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done + locale-gen -j ${jobs:-1} --config "${locale_list}" + fi +} diff --git a/sys-libs/glibc/glibc-2.8_p20080602-r1.ebuild b/sys-libs/glibc/glibc-2.8_p20080602-r1.ebuild new file mode 100644 index 0000000..2019ff2 --- /dev/null +++ b/sys-libs/glibc/glibc-2.8_p20080602-r1.ebuild @@ -0,0 +1,371 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2" +KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +if [[ ${PV} == *_p* ]] ; then +RELEASE_VER=${PV%_p*} +BRANCH_UPDATE="" +SNAP_VER=${PV#*_p} +else +RELEASE_VER=${PV} +BRANCH_UPDATE="" +SNAP_VER="" +fi +MANPAGE_VER="" # pregenerated manpages +INFOPAGE_VER="" # pregenerated infopages +PATCH_VER="6" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LIBIDN_VER="" # version of libidn addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd glibc-omitfp hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}" +S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + export CTARGET=${CATEGORY/cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} +alt_libdir() { + if is_crosscompile ; then + echo /usr/${CTARGET}/$(get_libdir) + else + echo /$(get_libdir) + fi +} + +if is_crosscompile ; then + SLOT="${CTARGET}-2.2" +else + # Why SLOT 2.2 you ask yourself while sippin your tea ? + # Everyone knows 2.2 > 0, duh. + SLOT="2.2" +fi + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=sys-devel/gcc-config-1.3.12 + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + >=sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + else + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 + [[ -n ${MANPAGE_VER} ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2 + [[ -n ${INFOPAGE_VER} ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 || die + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch + epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.7/glibc-2.7-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} + +maint_pkg_create() { + local base="/usr/local/src/gnu/glibc/glibc-${PV:0:1}_${PV:2:1}" + cd ${base} + local stamp=$(date +%Y%m%d) + local d + for d in libc ports ; do + #(cd ${d} && cvs up) + case ${d} in + libc) tarball="${P}";; + ports) tarball="${PN}-ports-${PV}";; + esac + rm -f ${tarball}* + ln -sf ${d} ${tarball} + tar hcf - ${tarball} --exclude-vcs | lzma > "${T}"/${tarball}.tar.lzma + du -b "${T}"/${tarball}.tar.lzma + done +} + +pkg_setup() { + # prevent native builds from downgrading ... maybe update to allow people + # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) + if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then + if has_version '>'${CATEGORY}/${PF} ; then + eerror "Sanity check to keep you from breaking your system:" + eerror " Downgrading glibc is not supported and a sure way to destruction" + die "aborting to save your system" + fi + + # Check for broken kernels #262698 + cd "${T}" + printf '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n' > kern-clo-test.c + emake kern-clo-test || die + if ! ./kern-clo-test ; then + eerror "Your patched vendor kernel is broken. You need to get an" + eerror "update from whoever is providing the kernel to you." + eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" + die "keeping your system alive, say thank you" + fi + fi + + # users have had a chance to phase themselves, time to give em the boot + if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then + eerror "You still haven't deleted ${ROOT}/etc/locales.build." + eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." + die "lazy upgrader detected" + fi + + if [[ ${CTARGET} == i386-* ]] ; then + eerror "i386 CHOSTs are no longer supported." + eerror "Chances are you don't actually want/need i386." + eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" + die "please fix your CHOST" + fi + + if [[ -n ${LT_VER} ]] ; then + if use nptlonly && ! use nptl ; then + eerror "If you want nptlonly, add nptl to your USE too ;p" + die "nptlonly without nptl" + fi + fi + + if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then + ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." + ewarn "This will result in a 50% performance penalty, which is probably not what you want." + fi + + use hardened && ! gcc-specs-pie && \ + ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" + + export LC_ALL=C #252802 +} + +fix_lib64_symlinks() { + # the original Gentoo/AMD64 devs decided that since 64bit is the native + # bitdepth for AMD64, lib should be used for 64bit libraries. however, + # this ignores the FHS and breaks multilib horribly... especially + # since it wont even work without a lib64 symlink anyways. *rolls eyes* + # see bug 59710 for more information. + # Travis Tilley <lv@gentoo.org> (08 Aug 2004) + if [ -L ${ROOT}/lib64 ] ; then + ewarn "removing /lib64 symlink and moving lib to lib64..." + ewarn "dont hit ctrl-c until this is done" + rm ${ROOT}/lib64 + # now that lib64 is gone, nothing will run without calling ld.so + # directly. luckily the window of brokenness is almost non-existant + use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 + # all better :) + ldconfig + ln -s lib64 ${ROOT}/lib + einfo "done! :-)" + einfo "fixed broken lib64/lib symlink in ${ROOT}" + fi + if [ -L ${ROOT}/usr/lib64 ] ; then + rm ${ROOT}/usr/lib64 + mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 + ln -s lib64 ${ROOT}/usr/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" + fi + if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then + rm ${ROOT}/usr/X11R6/lib64 + mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 + ln -s lib64 ${ROOT}/usr/X11R6/lib + einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" + fi +} + +pkg_preinst() { + # nothing to do if just installing headers + just_headers && return + + # PPC64+others may want to eventually be added to this logic if they + # decide to be multilib compatible and FHS compliant. note that this + # chunk of FHS compliance only applies to 64bit archs where 32bit + # compatibility is a major concern (not IA64, for example). + + # amd64's 2005.0 is the first amd64 profile to not need this code. + # 2005.0 is setup properly, and this is executed as part of the + # 2004.3 -> 2005.0 upgrade script. + # It can be removed after 2004.3 has been purged from portage. + { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks + + # it appears that /lib/tls is sometimes not removed. See bug + # 69258 for more info. + if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then + ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." + rm -r "${ROOT}"/$(alt_libdir)/tls || die + fi + + # simple test to make sure our new glibc isnt completely broken. + # make sure we don't test with statically built binaries since + # they will fail. also, skip if this glibc is a cross compiler. + [[ ${ROOT} != "/" ]] && return 0 + [[ -d ${D}/$(get_libdir) ]] || return 0 + cd / #228809 + local x striptest + for x in date env ls true uname ; do + x=$(type -p ${x}) + [[ -z ${x} ]] && continue + striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) + [[ -z ${striptest} ]] && continue + [[ ${striptest} == *"statically linked"* ]] && continue + "${D}"/$(get_libdir)/ld-*.so \ + --library-path "${D}"/$(get_libdir) \ + ${x} > /dev/null \ + || die "simple run test (${x}) failed" + done +} + +pkg_postinst() { + # nothing to do if just installing headers + just_headers && return + + if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then + # Generate fastloading iconv module configuration file. + "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" + fi + + if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then + # Reload init ... + /sbin/telinit U + + # if the host locales.gen contains no entries, we'll install everything + local locale_list="${ROOT}etc/locale.gen" + if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then + ewarn "Generating all locales; edit /etc/locale.gen to save time/space" + locale_list="${ROOT}usr/share/i18n/SUPPORTED" + fi + local x jobs + for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done + locale-gen -j ${jobs:-1} --config "${locale_list}" + fi +} diff --git a/sys-libs/glibc/glibc-2.9_p20081201-r3.ebuild b/sys-libs/glibc/glibc-2.9_p20081201-r3.ebuild new file mode 100644 index 0000000..0150ae0 --- /dev/null +++ b/sys-libs/glibc/glibc-2.9_p20081201-r3.ebuild @@ -0,0 +1,192 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing + +DESCRIPTION="GNU libc6 (also called glibc2) C library" +HOMEPAGE="http://www.gnu.org/software/libc/libc.html" + +LICENSE="LGPL-2.1+ BSD HPND inner-net" +KEYWORDS="alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +RESTRICT="strip" # strip ourself #46186 +EMULTILIB_PKG="true" + +# Configuration variables +if [[ ${PV} == *_p* ]] ; then +RELEASE_VER=${PV%_p*} +BRANCH_UPDATE="" +SNAP_VER=${PV#*_p} +else +RELEASE_VER=${PV} +BRANCH_UPDATE="" +SNAP_VER="" +fi +PATCH_VER="8" # Gentoo patchset +PORTS_VER=${RELEASE_VER} # version of glibc ports addon +LIBIDN_VER="" # version of libidn addon +LT_VER="" # version of linuxthreads addon +NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires +#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires + +IUSE="debug gd hardened multilib selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl linuxthreads}" +S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER+-${SNAP_VER}} + +# Here's how the cross-compile logic breaks down ... +# CTARGET - machine that will target the binaries +# CHOST - machine that will host the binaries +# CBUILD - machine that will build the binaries +# If CTARGET != CHOST, it means you want a libc for cross-compiling. +# If CHOST != CBUILD, it means you want to cross-compile the libc. +# CBUILD = CHOST = CTARGET - native build/install +# CBUILD != (CHOST = CTARGET) - cross-compile a native build +# (CBUILD = CHOST) != CTARGET - libc for cross-compiler +# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler +# For install paths: +# CHOST = CTARGET - install into / +# CHOST != CTARGET - install into /usr/CTARGET/ + +export CBUILD=${CBUILD:-${CHOST}} +export CTARGET=${CTARGET:-${CHOST}} +if [[ ${CTARGET} == ${CHOST} ]] ; then + if [[ ${CATEGORY} == cross-* ]] ; then + export CTARGET=${CATEGORY#cross-} + fi +fi + +[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} + +is_crosscompile() { + [[ ${CHOST} != ${CTARGET} ]] +} + +# Why SLOT 2.2 you ask yourself while sippin your tea ? +# Everyone knows 2.2 > 0, duh. +SLOT="2.2" + +# General: We need a new-enough binutils for as-needed +# arch: we need to make sure our binutils/gcc supports TLS +DEPEND=">=sys-devel/gcc-3.4.4 + arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) + ppc? ( >=sys-devel/gcc-4.1.0 ) + ppc64? ( >=sys-devel/gcc-4.1.0 ) + >=sys-devel/binutils-2.15.94 + ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} + >=app-misc/pax-utils-0.1.10 + virtual/os-headers + !<sys-apps/sandbox-1.2.18.1-r2 + !<sys-apps/portage-2.1.2 + selinux? ( sys-libs/libselinux )" +RDEPEND="!sys-kernel/ps3-sources + selinux? ( sys-libs/libselinux )" + +if [[ ${CATEGORY} == cross-* ]] ; then + DEPEND="${DEPEND} !crosscompile_opts_headers-only? ( ${CATEGORY}/gcc )" + [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" +else + DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" + RDEPEND="${RDEPEND} sys-libs/timezone-data" +fi + +SRC_URI=$( + upstream_uris() { + echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 + } + gentoo_uris() { + local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" + devspace=${devspace//HTTP/http://dev.gentoo.org/} + echo mirror://gentoo/$1 ${devspace//URI/$1} + } + + TARNAME=${PN} + if [[ -n ${SNAP_VER} ]] ; then + TARNAME="${PN}-${RELEASE_VER}" + [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} + upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 + else + upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 + fi + [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 + [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 + [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 + [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 + [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 +) + +# eblit-include [--skip] <function> [version] +eblit-include() { + local skipable=false + [[ $1 == "--skip" ]] && skipable=true && shift + [[ $1 == pkg_* ]] && skipable=true + + local e v func=$1 ver=$2 + [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" + for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do + e="${FILESDIR}/eblits/${func}${v}.eblit" + if [[ -e ${e} ]] ; then + source "${e}" + return 0 + fi + done + ${skipable} && return 0 + die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" +} + +# eblit-run-maybe <function> +# run the specified function if it is defined +eblit-run-maybe() { + [[ $(type -t "$@") == "function" ]] && "$@" +} + +# eblit-run <function> [version] +# aka: src_unpack() { eblit-run src_unpack ; } +eblit-run() { + eblit-include --skip common "${*:2}" + eblit-include "$@" + eblit-run-maybe eblit-$1-pre + eblit-${PN}-$1 + eblit-run-maybe eblit-$1-post +} + +src_unpack() { eblit-run src_unpack ; } +src_compile() { eblit-run src_compile ; } +src_test() { eblit-run src_test ; } +src_install() { eblit-run src_install ; } + +# FILESDIR might not be available during binpkg install +for x in setup {pre,post}inst ; do + e="${FILESDIR}/eblits/pkg_${x}.eblit" + if [[ -e ${e} ]] ; then + . "${e}" + eval "pkg_${x}() { eblit-run pkg_${x} ; }" + fi +done + +eblit-src_unpack-post() { + if use hardened ; then + cd "${S}" + einfo "Patching to get working PIE binaries on PIE (hardened) platforms" + gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch + epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-configure-picdefault.patch + epatch "${FILESDIR}"/2.7/glibc-2.7-hardened-inittls-nosysenter.patch + + einfo "Installing Hardened Gentoo SSP handler" + cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ + debug/stack_chk_fail.c || die + + if use debug ; then + # When using Hardened Gentoo stack handler, have smashes dump core for + # analysis - debug only, as core could be an information leak + # (paranoia). + sed -i \ + -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ + debug/Makefile \ + || die "Failed to modify debug/Makefile for debug stack handler" + fi + + # Build nscd with ssp-all + sed -i \ + -e 's:-fstack-protector$:-fstack-protector-all:' \ + nscd/Makefile \ + || die "Failed to ensure nscd builds with ssp-all" + fi +} diff --git a/sys-libs/glibc/metadata.xml b/sys-libs/glibc/metadata.xml new file mode 100644 index 0000000..20661e3 --- /dev/null +++ b/sys-libs/glibc/metadata.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="project"> + <email>toolchain@gentoo.org</email> +</maintainer> +<use> + <flag name="debug">When USE=hardened, allow fortify/stack violations to dump core (SIGABRT) and not kill self (SIGKILL)</flag> + <flag name="gd">build memusage and memusagestat tools</flag> + <flag name="glibc-compat20">Enable the glibc-compat addon</flag> + <flag name="glibc-omitfp">Configure with --enable-omitfp which lets the build system determine when it is safe to use -fomit-frame-pointer</flag> + <flag name="linuxthreads">Build linuxthreads support (only for kernels older than linux-2.6)</flag> + <flag name="nptlonly">Disables building the linuxthreads fallback in glibc ebuilds that support building both linuxthread and nptl</flag> + <flag name="nscd">Build, and enable support for, the Name Service Cache Daemon</flag> + <flag name="rpc">Enable obsolete RPC/NIS layers (disabling is experimental -- see bug 381391)</flag> + <flag name="suid">Make internal pt_chown helper setuid -- not needed if using Linux and have /dev/pts mounted with gid=5</flag> + <flag name="systemtap">enable systemtap static probe points</flag> +</use> +<upstream> + <remote-id type="cpe">cpe:/a:gnu:glibc</remote-id> +</upstream> +</pkgmetadata> |