]>
Commit | Line | Data |
---|---|---|
cd1a2927 | 1 | ############################################################################### |
cd1a2927 | 2 | # # |
70df8302 | 3 | # IPFire.org - A linux based firewall # |
aafdd71b | 4 | # Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> # |
70df8302 MT |
5 | # # |
6 | # This program is free software: you can redistribute it and/or modify # | |
cd1a2927 | 7 | # it under the terms of the GNU General Public License as published by # |
70df8302 | 8 | # the Free Software Foundation, either version 3 of the License, or # |
cd1a2927 MT |
9 | # (at your option) any later version. # |
10 | # # | |
70df8302 | 11 | # This program is distributed in the hope that it will be useful, # |
cd1a2927 MT |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
70df8302 | 17 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # |
cd1a2927 | 18 | # # |
cd1a2927 MT |
19 | ############################################################################### |
20 | ||
21 | ############################################################################### | |
22 | # Definitions | |
23 | ############################################################################### | |
24 | ||
25 | include Config | |
26 | ||
3bca8ae1 | 27 | VER = 2.38 |
cd1a2927 | 28 | |
dd714b8a | 29 | THISAPP = glibc-$(VER) |
65a75e0d | 30 | DL_FILE = $(THISAPP).tar.xz |
7a98bae5 | 31 | DL_FROM = $(URL_IPFIRE) |
cd1a2927 | 32 | DIR_APP = $(DIR_SRC)/$(THISAPP) |
cd1a2927 | 33 | |
6c4cc7ea | 34 | # Normal build or $(TOOLS_DIR) build. |
cd1a2927 MT |
35 | # |
36 | ifeq "$(ROOT)" "" | |
37 | TARGET = $(DIR_INFO)/$(THISAPP) | |
af4bfa79 | 38 | EXTRA_CONFIG = \ |
2435f0cb | 39 | --build=$(BUILDTARGET) \ |
af4bfa79 | 40 | --prefix=/usr \ |
dfa795eb MT |
41 | --libexecdir=/usr/lib/glibc \ |
42 | --enable-stack-protector=strong | |
cd1a2927 MT |
43 | else |
44 | TARGET = $(DIR_INFO)/$(THISAPP)-tools | |
af4bfa79 | 45 | EXTRA_CONFIG = \ |
12788f63 MT |
46 | --host=$(CROSSTARGET) \ |
47 | --build=$(BUILDTARGET) \ | |
6c4cc7ea | 48 | --prefix=$(TOOLS_DIR) \ |
fd34a1c8 | 49 | --with-headers=$(TOOLS_DIR)/include |
44bfc406 | 50 | endif |
de57b780 | 51 | |
44bfc406 MT |
52 | ifeq "$(BUILD_ARCH)" "aarch64" |
53 | CFLAGS += -Wno-error=maybe-uninitialized | |
cd1a2927 MT |
54 | endif |
55 | ||
af4bfa79 MT |
56 | # Add some general configuration flags |
57 | EXTRA_CONFIG += \ | |
58 | --disable-profile \ | |
3bca8ae1 | 59 | --enable-kernel=5.4.0 \ |
af4bfa79 MT |
60 | --enable-add-ons \ |
61 | --without-selinux \ | |
62 | --enable-experimental-malloc \ | |
65a75e0d | 63 | --enable-bind-now \ |
3bca8ae1 MT |
64 | --enable-fortify-source \ |
65 | --disable-crypt \ | |
66 | --disable-build-nscd \ | |
67 | --disable-nscd | |
af4bfa79 | 68 | |
cf557eca MT |
69 | ifeq "$(BUILD_ARCH)" "x86_64" |
70 | EXTRA_CONFIG += --enable-cet | |
71 | endif | |
72 | ||
173a4d54 MT |
73 | ifeq "$(BUILD_ARCH)" "aarch64" |
74 | EXTRA_CONFIG += --enable-memory-tagging | |
75 | endif | |
76 | ||
cd1a2927 MT |
77 | ############################################################################### |
78 | # Top-level Rules | |
79 | ############################################################################### | |
80 | ||
ce346d23 | 81 | objects = $(DL_FILE) |
cd1a2927 MT |
82 | |
83 | $(DL_FILE) = $(DL_FROM)/$(DL_FILE) | |
84 | ||
3bca8ae1 | 85 | $(DL_FILE)_BLAKE2 = f9b039f0ef98a7dd8e1cba228ed10286b9e4fbe4dd89af4d26fa5c4e4cf266f19c2746b44d797ce54739d86499e74cf334aaf311bcf6e30120fd7748453e653f |
cd1a2927 MT |
86 | |
87 | install : $(TARGET) | |
88 | ||
89 | check : $(patsubst %,$(DIR_CHK)/%,$(objects)) | |
90 | ||
91 | download :$(patsubst %,$(DIR_DL)/%,$(objects)) | |
92 | ||
9a7e4d85 | 93 | b2 : $(subst %,%_BLAKE2,$(objects)) |
cd1a2927 MT |
94 | |
95 | ############################################################################### | |
9a7e4d85 | 96 | # Downloading, checking, b2sum |
cd1a2927 MT |
97 | ############################################################################### |
98 | ||
99 | $(patsubst %,$(DIR_CHK)/%,$(objects)) : | |
100 | @$(CHECK) | |
101 | ||
102 | $(patsubst %,$(DIR_DL)/%,$(objects)) : | |
103 | @$(LOAD) | |
104 | ||
9a7e4d85 PM |
105 | $(subst %,%_BLAKE2,$(objects)) : |
106 | @$(B2SUM) | |
cd1a2927 MT |
107 | |
108 | ############################################################################### | |
109 | # Installation Details | |
110 | ############################################################################### | |
111 | ||
112 | $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) | |
113 | @$(PREBUILD) | |
6b9f806e | 114 | @rm -rf $(DIR_APP) $(DIR_SRC)/glibc-build && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) |
cd1a2927 | 115 | @mkdir $(DIR_SRC)/glibc-build |
12788f63 | 116 | |
b9215da1 MT |
117 | # Patches from upstream |
118 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0001-stdlib-Improve-tst-realpath-compatibility-with-sourc.patch | |
119 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0002-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch | |
120 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0003-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch | |
121 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0004-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch | |
122 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0005-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch | |
123 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0006-i686-Fix-build-with-disable-multiarch.patch | |
124 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0007-malloc-Enable-merging-of-remainders-in-memalign-bug-.patch | |
125 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0008-malloc-Remove-bin-scanning-from-memalign-bug-30723.patch | |
126 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0009-sysdeps-tst-bz21269-fix-test-parameter.patch | |
127 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0010-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch | |
128 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0011-sysdeps-tst-bz21269-fix-Wreturn-type.patch | |
129 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0012-io-Fix-record-locking-contants-for-powerpc64-with-__.patch | |
130 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0013-libio-Fix-oversized-__io_vtables.patch | |
131 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0014-elf-Do-not-run-constructors-for-proxy-objects.patch | |
132 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0015-elf-Always-call-destructors-in-reverse-constructor-o.patch | |
133 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0016-elf-Remove-unused-l_text_end-field-from-struct-link_.patch | |
134 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0017-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch | |
135 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0018-NEWS-Add-the-2.38.1-bug-list.patch | |
136 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0019-CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch | |
137 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0020-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch | |
138 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0021-iconv-restore-verbosity-with-unrecognized-encoding-n.patch | |
139 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0022-string-Fix-tester-build-with-fortify-enable-with-gcc.patch | |
140 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0023-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch | |
141 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0024-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch | |
142 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0025-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch | |
143 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0026-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch | |
144 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.38/0027-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch | |
145 | ||
15a2c03f MT |
146 | cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-localedef-no-archive.patch |
147 | ||
dc7d6b20 MT |
148 | ifneq "$(TOOLCHAIN)" "1" |
149 | ifeq "$(BUILD_ARCH)" "x86_64" | |
81aa9714 MT |
150 | cd $(DIR_APP) && sed -i 's|libs -o|libs -L/usr/lib64 -Wl,-dynamic-linker=/lib64/ld-linux-x86-64.so.2 -o|' \ |
151 | scripts/test-installation.pl | |
dc7d6b20 | 152 | endif |
51f9e7ac | 153 | endif |
9b0ff0a0 | 154 | |
12788f63 MT |
155 | cd $(DIR_SRC)/glibc-build && \ |
156 | CFLAGS="$(CFLAGS) -fno-asynchronous-unwind-tables" \ | |
157 | $(DIR_APP)/configure $(EXTRA_CONFIG) | |
3a317084 | 158 | |
12788f63 | 159 | cd $(DIR_SRC)/glibc-build && make PARALLELMFLAGS=$(MAKETUNING) \ |
c51823b2 | 160 | CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" |
3a317084 | 161 | |
65a75e0d MT |
162 | cd $(DIR_APP) && sed '/test-installation/s@\$$(PERL)@echo not running@' -i Makefile |
163 | ||
6b9f806e | 164 | cd $(DIR_SRC)/glibc-build && make install |
cd1a2927 | 165 | |
b7093f17 | 166 | ifneq "$(TOOLCHAIN)" "1" |
12788f63 | 167 | # Creating the locales |
cd1a2927 | 168 | mkdir -p /usr/lib/locale |
6ef219bb | 169 | cd $(DIR_SRC)/glibc-build && make localedata/install-locales $(MAKETUNING) |
c1c60dbb MT |
170 | |
171 | # Timezone data will be shipped by tzdata. | |
172 | rm -rfv /usr/share/zoneinfo | |
cd1a2927 | 173 | endif |
dc7d6b20 | 174 | |
fe2adb0c MT |
175 | ifeq "$(TOOLCHAIN)" "1" |
176 | # Test the linker in toolchain | |
177 | cd $(DIR_APP) && echo "int main() { return 0; }" > dummy.c | |
178 | cd $(DIR_APP) && $(CROSSTARGET)-gcc dummy.c -o dummy | |
179 | ||
6c4cc7ea MT |
180 | # Must be using a runtime linker from $(TOOLS_DIR) |
181 | cd $(DIR_APP) && readelf -l dummy | grep "Requesting program interpreter: $(TOOLS_DIR)" | |
fe2adb0c MT |
182 | cd $(DIR_APP) && rm -vf dummy dummy.c |
183 | endif | |
184 | ||
cd1a2927 MT |
185 | @rm -rf $(DIR_APP) $(DIR_SRC)/glibc-build |
186 | @$(POSTBUILD) |