###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2016 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.25
+VER = 2.33
THISAPP = glibc-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
-# Normal build or /tools build.
+# Normal build or $(TOOLS_DIR) build.
#
ifeq "$(ROOT)" ""
TARGET = $(DIR_INFO)/$(THISAPP)
EXTRA_CONFIG = \
--host=$(CROSSTARGET) \
--build=$(BUILDTARGET) \
- --prefix=/tools \
- --with-headers=/tools/include \
+ --prefix=$(TOOLS_DIR) \
+ --with-headers=$(TOOLS_DIR)/include \
libc_cv_forced_unwind=yes \
libc_cv_c_cleanup=yes
endif
-# Enable some extra optimization for the glibc code
-CFLAGS = -O3 -DNDEBUG -fasynchronous-unwind-tables -fPIC -DPIC
-
-ifeq "$(BUILD_ARCH)" "armv7hl"
- CFLAGS += -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=hard
+ifeq "$(BUILD_ARCH)" "aarch64"
+ CFLAGS += -Wno-error=maybe-uninitialized
endif
ifeq "$(BUILD_ARCH)" "i586"
- CFLAGS += -march=i586 -mtune=generic -mno-tls-direct-seg-refs
-endif
-
-# Disable hardware FP for armv5tel
-ifeq "$(BUILD_ARCH)" "armv5tel"
- EXTRA_CONFIG += \
- --without-fp
+ EXTRA_CONFIG += libc_cv_include_x86_isa_level=no
endif
# Add some general configuration flags
EXTRA_CONFIG += \
- --enable-obsolete-rpc \
--disable-profile \
- --enable-kernel=3.2 \
+ --enable-kernel=4.14.0 \
--enable-add-ons \
--without-selinux \
--enable-experimental-malloc \
- --enable-bind-now
+ --enable-bind-now \
+ --disable-crypt
###############################################################################
# Top-level Rules
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 0c9f827298841dbf3bff3060f3d7f19c
+$(DL_FILE)_MD5 = 390bbd889c7e8e8a7041564cb6b27cca
install : $(TARGET)
@rm -rf $(DIR_APP) $(DIR_SRC)/glibc-build && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
@mkdir $(DIR_SRC)/glibc-build
+ # Security Fixes
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.33-use-__pthread_attr_copy-in-mq_notify-bug-27896.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-2.33-librt-fix-null-pointer-dereference-bug-28213.patch
+
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-localedef-no-archive.patch
+
ifneq "$(TOOLCHAIN)" "1"
ifeq "$(BUILD_ARCH)" "x86_64"
cd $(DIR_APP) && sed -i 's|libs -o|libs -L/usr/lib64 -Wl,-dynamic-linker=/lib64/ld-linux-x86-64.so.2 -o|' \
scripts/test-installation.pl
endif
- ifeq "$(BUILD_ARCH)" "armv5tel"
+ ifeq "$(BUILD_ARCH)" "armv6l"
cd $(DIR_APP) && sed -i 's|libs -o|libs -L/usr/lib -Wl,-dynamic-linker=/lib/ld-linux.so.3 -o|' \
scripts/test-installation.pl
endif
cd $(DIR_SRC)/glibc-build && make PARALLELMFLAGS=$(MAKETUNING) \
CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)"
+ cd $(DIR_APP) && sed '/test-installation/s@\$$(PERL)@echo not running@' -i Makefile
+
cd $(DIR_SRC)/glibc-build && make install
ifneq "$(TOOLCHAIN)" "1"
# Creating the locales
mkdir -p /usr/lib/locale
- cd $(DIR_SRC)/glibc-build && make localedata/install-locales
+ cd $(DIR_SRC)/glibc-build && make localedata/install-locales $(MAKETUNING)
# Timezone data will be shipped by tzdata.
rm -rfv /usr/share/zoneinfo
cd $(DIR_APP) && echo "int main() { return 0; }" > dummy.c
cd $(DIR_APP) && $(CROSSTARGET)-gcc dummy.c -o dummy
- # Must be using a runtime linker from /tools
- cd $(DIR_APP) && readelf -l dummy | grep "Requesting program interpreter: /tools"
+ # Must be using a runtime linker from $(TOOLS_DIR)
+ cd $(DIR_APP) && readelf -l dummy | grep "Requesting program interpreter: $(TOOLS_DIR)"
cd $(DIR_APP) && rm -vf dummy dummy.c
endif