From 24e9b8ad8dabcfdff70af1ef52a6ce68034619fd Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Thu, 28 Jun 2018 12:52:51 +0100 Subject: [PATCH] glibc: Update to 2.27 Signed-off-by: Michael Tremer --- glibc/glibc.nm | 5 +- glibc/patches/glibc-2.10.1-arc4random.patch | 541 ------------------ glibc/patches/glibc-2.10.1-pt_pax-1.patch | 40 -- glibc/patches/glibc-2.17-hardened-pie.patch | 42 -- glibc/patches/glibc-arm-hardfloat-3.patch | 20 - .../glibc-compile-fix-for-memcpy-ssse3.patch | 67 --- .../glibc-fedora-__libc_multiple_libcs.patch | 79 --- glibc/patches/glibc-fedora-localedef.patch | 11 - glibc/patches/glibc-fedora-locarchive.patch | 51 -- glibc/patches/glibc-fedora-nscd.patch | 12 - glibc/patches/glibc-rh1070416.patch | 29 - 11 files changed, 3 insertions(+), 894 deletions(-) delete mode 100644 glibc/patches/glibc-2.10.1-arc4random.patch delete mode 100644 glibc/patches/glibc-2.10.1-pt_pax-1.patch delete mode 100644 glibc/patches/glibc-2.17-hardened-pie.patch delete mode 100644 glibc/patches/glibc-arm-hardfloat-3.patch delete mode 100644 glibc/patches/glibc-compile-fix-for-memcpy-ssse3.patch delete mode 100644 glibc/patches/glibc-fedora-__libc_multiple_libcs.patch delete mode 100644 glibc/patches/glibc-fedora-localedef.patch delete mode 100644 glibc/patches/glibc-fedora-locarchive.patch delete mode 100644 glibc/patches/glibc-fedora-nscd.patch delete mode 100644 glibc/patches/glibc-rh1070416.patch diff --git a/glibc/glibc.nm b/glibc/glibc.nm index c17c336a7..2143693dd 100644 --- a/glibc/glibc.nm +++ b/glibc/glibc.nm @@ -4,8 +4,8 @@ ############################################################################### name = glibc -version = 2.26 -release = 3 +version = 2.27 +release = 1 maintainer = Michael Tremer groups = System/Base @@ -34,6 +34,7 @@ build autoconf automake binutils >= 2.27 + bison gcc >= 4.9 gettext kernel-headers >= %{OPTIMIZED_KERNEL} diff --git a/glibc/patches/glibc-2.10.1-arc4random.patch b/glibc/patches/glibc-2.10.1-arc4random.patch deleted file mode 100644 index c877c8c86..000000000 --- a/glibc/patches/glibc-2.10.1-arc4random.patch +++ /dev/null @@ -1,541 +0,0 @@ -Submitted By: Robert Connolly (ashes) -Date: 2006-01-01 -Initial Package Version: 2.3.6 -Upstream Status: Not submitted -Origin: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c -Description: This patch adds the arc4random() and arc4randomII() functions -to Glibc, and hooks so mktemp(3) can use arc4randomII(). - -Also see: -http://www.linuxfromscratch.org/hlfs/ -http://www.linuxfromscratch.org/hints/downloads/files/entropy.txt - -diff -Naur glibc-2.3.6.orig/manual/arc4random.3 glibc-2.3.6/manual/arc4random.3 ---- glibc-2.3.6.orig/manual/arc4random.3 1970-01-01 00:00:00.000000000 +0000 -+++ glibc-2.3.6/manual/arc4random.3 2006-01-01 07:48:48.000000000 +0000 -@@ -0,0 +1,74 @@ -+.TH ARC4RANDOM 3 "February 11, 2005" -+.SH NAME -+arc4random - arc4 random number generator -+.SH SYNOPSIS -+.nf -+.B #include -+.sp -+.I u_int32_t -+.B arc4random(void); -+.sp -+.I u_int32_t -+.B arc4randomII(void); -+.fi -+.SH DESCRIPTION -+The \fBarc4random()\fP function generates a pseudo-random number using the -+ARC4 cipher key stream generator. ARCFOUR uses 8*8 8 bit S-Boxes, and can -+be in about (2**1700) states. -+ -+The \fBarc4random()\fP function is seeded automatically from /dev/urandom, -+or from sysctl \fBurandom\fP if /dev/urandom is not accessible (chroot), or from -+sysctl random.uuid if sysctl \fBurandom\fP is not accessible. \fBgettimeofday(2)\fP -+is always included when initializing the state of \fBarc4random()\fP, this makes -+it impossible to generate the same random sequence twice. \fBarc4random()\fP -+is intended to be safe to use with encryption software to provide entropy. -+ -+The \fBarc4randomII()\fP function is identical to \fBarc4random()\fP except -+that \fBarc4randomII()\fP is seeded automatically from /dev/erandom, and -+sysctl erandom. \fBarc4randomII()\fP is NOT intended for cryptography, but is -+ideal for \fBmktemp(3)\fP, and other functions with a short lifespan. -+\fBarc4randomII()\fP and erandom do not consume any kernel entropy. -+ -+Sysctl urandom, and erandom require a modified kernel. See: -+http://www.linuxfromscratch.org/hlfs/ -+ -+.SH EXAMPLES -+.TP -+Return a random number between 0 and 100. -+.sp -+arc4random() % 100; -+.TP -+Return any random number. -+.sp -+arc4random(); -+.TP -+.nf -+Sample program; this will display a number between 0 and 65536. -+ -+#include -+#include -+ -+int main(void) { -+ int random_number; -+ random_number = arc4random() % 65536; -+ printf("%d\n", random_number); -+ return 0; -+} -+.fi -+.SH "SEE ALSO" -+.BR random (3), -+.BR gettimeofday (2), -+.BR mktemp (3) -+ -+.SH HISTORY -+An algorithm called RC4 was designed by RSA Data Security, Inc. It was -+considered a trade secret, but not trademarked. Because it was a trade -+secret, it obviously could not be patented. A clone of this was posted -+anonymously to USENET and confirmed to be equivalent by several sources -+who had access to the original cipher. Because of the trade secret situation, -+RSA Data Security, Inc. can do nothing about the release of the -+ARC4 algorithm. Since RC4 used to be a trade secret, the cipher is now -+referred to as ARC4 (Another RC4). -+ -+These functions first appeared in OpenBSD 2.1. -+ -diff -Naur glibc-2.3.6.orig/stdlib/Makefile glibc-2.3.6/stdlib/Makefile ---- glibc-2.3.6.orig/stdlib/Makefile 2005-02-16 11:23:58.000000000 +0000 -+++ glibc-2.3.6/stdlib/Makefile 2006-01-01 07:48:48.000000000 +0000 -@@ -27,7 +27,7 @@ - - routines := \ - atof atoi atol atoll \ -- abort \ -+ abort arc4random arc4randomII \ - bsearch qsort msort \ - getenv putenv setenv secure-getenv \ - exit on_exit atexit cxa_atexit cxa_finalize old_atexit \ -diff -Naur glibc-2.3.6.orig/stdlib/Versions glibc-2.3.6/stdlib/Versions ---- glibc-2.3.6.orig/stdlib/Versions 2004-05-03 21:25:53.000000000 +0000 -+++ glibc-2.3.6/stdlib/Versions 2006-01-01 07:50:28.000000000 +0000 -@@ -11,6 +11,8 @@ - - # a* - a64l; abort; abs; atexit; atof; atoi; atol; atoll; -+ arc4random_stir; arc4random_addrandom; arc4random; -+ arc4random_stirII; arc4random_addrandomII; arc4randomII; - - # b* - bsearch; -diff -Naur glibc-2.3.6.orig/stdlib/arc4random.c glibc-2.3.6/stdlib/arc4random.c ---- glibc-2.3.6.orig/stdlib/arc4random.c 1970-01-01 00:00:00.000000000 +0000 -+++ glibc-2.3.6/stdlib/arc4random.c 2006-01-01 07:48:48.000000000 +0000 -@@ -0,0 +1,205 @@ -+/* -+ * Arc4 random number generator for OpenBSD. -+ * Copyright 1996 David Mazieres . -+ * -+ * Modification and redistribution in source and binary forms is -+ * permitted provided that due credit is given to the author and the -+ * OpenBSD project by leaving this copyright notice intact. -+ */ -+ -+/* -+ * This code is derived from section 17.1 of Applied Cryptography, -+ * second edition, which describes a stream cipher allegedly -+ * compatible with RSA Labs "RC4" cipher (the actual description of -+ * which is a trade secret). The same algorithm is used as a stream -+ * cipher called "arcfour" in Tatu Ylonen's ssh package. -+ * -+ * Here the stream cipher has been modified always to include the time -+ * when initializing the state. That makes it impossible to -+ * regenerate the same random sequence twice, so this can't be used -+ * for encryption, but will generate good random numbers. -+ * -+ * RC4 is a registered trademark of RSA Laboratories. -+ */ -+ -+/* -+ * Modified by Robert Connolly from OpenBSD lib/libc/crypt/arc4random.c v1.11. -+ * This is arc4random(3) using urandom. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef __GNUC__ -+#define inline __inline -+#else /* !__GNUC__ */ -+#define inline -+#endif /* !__GNUC__ */ -+ -+struct arc4_stream { -+ u_int8_t i; -+ u_int8_t j; -+ u_int8_t s[256]; -+}; -+ -+static int rs_initialized; -+static struct arc4_stream rs; -+static pid_t arc4_stir_pid; -+ -+static inline u_int8_t arc4_getbyte(struct arc4_stream *); -+ -+static inline void -+arc4_init(struct arc4_stream *as) -+{ -+ int n; -+ -+ for (n = 0; n < 256; n++) -+ as->s[n] = n; -+ as->i = 0; -+ as->j = 0; -+} -+ -+static inline void -+arc4_addrandom(struct arc4_stream *as, u_char *dat, int datlen) -+{ -+ int n; -+ u_int8_t si; -+ -+ as->i--; -+ for (n = 0; n < 256; n++) { -+ as->i = (as->i + 1); -+ si = as->s[as->i]; -+ as->j = (as->j + si + dat[n % datlen]); -+ as->s[as->i] = as->s[as->j]; -+ as->s[as->j] = si; -+ } -+ as->j = as->i; -+} -+ -+static void -+arc4_stir(struct arc4_stream *as) -+{ -+ int n, fd; -+ struct { -+ struct timeval tv; -+ u_int rnd[(128 - sizeof(struct timeval)) / sizeof(u_int)]; -+ } rdat; -+ -+ gettimeofday(&rdat.tv, NULL); -+ -+ /* /dev/urandom is a multithread interface, sysctl is not. */ -+ /* Try to use /dev/urandom before sysctl. */ -+ fd = open("/dev/urandom", O_RDONLY); -+ if (fd != -1) { -+ read(fd, rdat.rnd, sizeof(rdat.rnd)); -+ close(fd); -+ } -+ -+#if defined(SYSCTL_URANDOM) -+ else { -+ /* /dev/urandom failed? Maybe we're in a chroot. */ -+ int mib[]={CTL_KERN, KERN_RANDOM, RANDOM_URANDOM}; -+ u_int i; -+ size_t len; -+ -+ for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i ++) { -+ len = sizeof(u_int); -+ if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1) -+ break; -+ } -+ if (i < sizeof(rdat.rnd) / 4) { -+ /* Sysctl urandom failed? Maybe we're running a vanilla kernel. */ -+ mib[2] = RANDOM_UUID; -+ for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i ++) { -+ len = sizeof(u_int); -+ if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1) -+ break; -+ } -+ } -+ } -+#endif -+ -+ arc4_stir_pid = getpid(); -+ /* -+ * Time to give up. If no entropy could be found then we will just -+ * use gettimeofday. -+ */ -+ arc4_addrandom(as, (void *)&rdat, sizeof(rdat)); -+ -+ /* -+ * Discard early keystream, as per recommendations in: -+ * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps -+ * We discard 256 words. A long word is 4 bytes. -+ */ -+ for (n = 0; n < 256 * 4; n ++) -+ arc4_getbyte(as); -+} -+ -+static inline u_int8_t -+arc4_getbyte(struct arc4_stream *as) -+{ -+ u_int8_t si, sj; -+ -+ as->i = (as->i + 1); -+ si = as->s[as->i]; -+ as->j = (as->j + si); -+ sj = as->s[as->j]; -+ as->s[as->i] = sj; -+ as->s[as->j] = si; -+ return (as->s[(si + sj) & 0xff]); -+} -+ -+static inline u_int32_t -+arc4_getword(struct arc4_stream *as) -+{ -+ u_int32_t val; -+ val = arc4_getbyte(as) << 24; -+ val |= arc4_getbyte(as) << 16; -+ val |= arc4_getbyte(as) << 8; -+ val |= arc4_getbyte(as); -+ return val; -+} -+ -+void -+arc4random_stir(void) -+{ -+ if (!rs_initialized) { -+ arc4_init(&rs); -+ rs_initialized = 1; -+ } -+ arc4_stir(&rs); -+} -+ -+void -+arc4random_addrandom(u_char *dat, int datlen) -+{ -+ if (!rs_initialized) -+ arc4random_stir(); -+ arc4_addrandom(&rs, dat, datlen); -+} -+ -+u_int32_t -+arc4random(void) -+{ -+ if (!rs_initialized || arc4_stir_pid != getpid()) -+ arc4random_stir(); -+ return arc4_getword(&rs); -+} -+ -+#if 0 -+/*-------- Test code --------*/ -+#include -+#include -+ -+int main(void) { -+ int random_number; -+ random_number = arc4random() % 65536; -+ printf("A random number between 0 and 65536 is %d\n", random_number); -+ return 0; -+} -+#endif -diff -Naur glibc-2.3.6.orig/stdlib/arc4randomII.c glibc-2.3.6/stdlib/arc4randomII.c ---- glibc-2.3.6.orig/stdlib/arc4randomII.c 1970-01-01 00:00:00.000000000 +0000 -+++ glibc-2.3.6/stdlib/arc4randomII.c 2006-01-01 07:48:48.000000000 +0000 -@@ -0,0 +1,196 @@ -+/* -+ * Arc4 random number generator for OpenBSD. -+ * Copyright 1996 David Mazieres . -+ * -+ * Modification and redistribution in source and binary forms is -+ * permitted provided that due credit is given to the author and the -+ * OpenBSD project by leaving this copyright notice intact. -+ */ -+ -+/* -+ * This code is derived from section 17.1 of Applied Cryptography, -+ * second edition, which describes a stream cipher allegedly -+ * compatible with RSA Labs "RC4" cipher (the actual description of -+ * which is a trade secret). The same algorithm is used as a stream -+ * cipher called "arcfour" in Tatu Ylonen's ssh package. -+ * -+ * Here the stream cipher has been modified always to include the time -+ * when initializing the state. That makes it impossible to -+ * regenerate the same random sequence twice, so this can't be used -+ * for encryption, but will generate good random numbers. -+ * -+ * RC4 is a registered trademark of RSA Laboratories. -+ */ -+ -+/* -+ * Modified by Robert Connolly from OpenBSD lib/libc/crypt/arc4random.c v1.11. -+ * This is arc4randomII(3) using erandom. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef __GNUC__ -+#define inline __inline -+#else /* !__GNUC__ */ -+#define inline -+#endif /* !__GNUC__ */ -+ -+struct arc4_streamII { -+ u_int8_t i; -+ u_int8_t j; -+ u_int8_t s[256]; -+}; -+ -+static int rs_initializedII; -+static struct arc4_streamII rs; -+static pid_t arc4_stir_pidII; -+ -+static inline u_int8_t arc4_getbyteII(struct arc4_streamII *); -+ -+static inline void -+arc4_initII(struct arc4_streamII *as) -+{ -+ int n; -+ -+ for (n = 0; n < 256; n++) -+ as->s[n] = n; -+ as->i = 0; -+ as->j = 0; -+} -+ -+static inline void -+arc4_addrandomII(struct arc4_streamII *as, u_char *dat, int datlen) -+{ -+ int n; -+ u_int8_t si; -+ -+ as->i--; -+ for (n = 0; n < 256; n++) { -+ as->i = (as->i + 1); -+ si = as->s[as->i]; -+ as->j = (as->j + si + dat[n % datlen]); -+ as->s[as->i] = as->s[as->j]; -+ as->s[as->j] = si; -+ } -+ as->j = as->i; -+} -+ -+static void -+arc4_stirII(struct arc4_streamII *as) -+{ -+ int n, fd; -+ struct { -+ struct timeval tv; -+ u_int rnd[(128 - sizeof(struct timeval)) / sizeof(u_int)]; -+ } rdat; -+ -+ gettimeofday(&rdat.tv, NULL); -+ -+ /* /dev/urandom is a multithread interface, sysctl is not. */ -+ /* Try to use /dev/urandom before sysctl. */ -+ fd = open("/dev/erandom", O_RDONLY); -+ if (fd != -1) { -+ read(fd, rdat.rnd, sizeof(rdat.rnd)); -+ close(fd); -+ } -+ -+#if defined(SYSCTL_ERANDOM) -+ else { -+ /* /dev/urandom failed? Maybe we're in a chroot. */ -+ int mib[]={CTL_KERN, KERN_RANDOM, RANDOM_ERANDOM}; -+ u_int i; -+ size_t len; -+ -+ for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i++) { -+ len = sizeof(u_int); -+ if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1) -+ break; -+ } -+ } -+#endif -+ -+ arc4_stir_pidII = getpid(); -+ /* -+ * Time to give up. If no entropy could be found then we will just -+ * use gettimeofday. -+ */ -+ arc4_addrandomII(as, (void *)&rdat, sizeof(rdat)); -+ -+ /* -+ * Discard early keystream, as per recommendations in: -+ * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps -+ * We discard 256 words. A long word is 4 bytes. -+ */ -+ for (n = 0; n < 256 * 4; n ++) -+ arc4_getbyteII(as); -+} -+ -+static inline u_int8_t -+arc4_getbyteII(struct arc4_streamII *as) -+{ -+ u_int8_t si, sj; -+ -+ as->i = (as->i + 1); -+ si = as->s[as->i]; -+ as->j = (as->j + si); -+ sj = as->s[as->j]; -+ as->s[as->i] = sj; -+ as->s[as->j] = si; -+ return (as->s[(si + sj) & 0xff]); -+} -+ -+static inline u_int32_t -+arc4_getwordII(struct arc4_streamII *as) -+{ -+ u_int32_t val; -+ val = arc4_getbyteII(as) << 24; -+ val |= arc4_getbyteII(as) << 16; -+ val |= arc4_getbyteII(as) << 8; -+ val |= arc4_getbyteII(as); -+ return val; -+} -+ -+void -+arc4random_stirII(void) -+{ -+ if (!rs_initializedII) { -+ arc4_initII(&rs); -+ rs_initializedII = 1; -+ } -+ arc4_stirII(&rs); -+} -+ -+void -+arc4random_addrandomII(u_char *dat, int datlen) -+{ -+ if (!rs_initializedII) -+ arc4random_stirII(); -+ arc4_addrandomII(&rs, dat, datlen); -+} -+ -+u_int32_t -+arc4randomII(void) -+{ -+ if (!rs_initializedII || arc4_stir_pidII != getpid()) -+ arc4random_stirII(); -+ return arc4_getwordII(&rs); -+} -+ -+#if 0 -+/*-------- Test code --------*/ -+#include -+#include -+ -+int main(void) { -+ int random_number; -+ random_number = arc4randomII() % 65536; -+ printf("A random number between 0 and 65536 is %d\n", random_number); -+ return 0; -+} -+#endif -diff -Naur glibc-2.3.6.orig/stdlib/stdlib.h glibc-2.3.6/stdlib/stdlib.h ---- glibc-2.3.6.orig/stdlib/stdlib.h 2005-07-18 01:15:30.000000000 +0000 -+++ glibc-2.3.6/stdlib/stdlib.h 2006-01-01 07:48:48.000000000 +0000 -@@ -572,6 +572,15 @@ - extern int lcong48_r (unsigned short int __param[7], - struct drand48_data *__buffer) - __THROW __nonnull ((1, 2)); -+ -+#define LIBC_HAS_ARC4RANDOM -+u_int32_t arc4random(void); -+void arc4random_stir(void); -+void arc4random_addrandom(unsigned char *, int); -+u_int32_t arc4randomII(void); -+void arc4random_stirII(void); -+void arc4random_addrandomII(unsigned char *, int); -+ - # endif /* Use misc. */ - #endif /* Use SVID or X/Open. */ diff --git a/glibc/patches/glibc-2.10.1-pt_pax-1.patch b/glibc/patches/glibc-2.10.1-pt_pax-1.patch deleted file mode 100644 index 1d6958829..000000000 --- a/glibc/patches/glibc-2.10.1-pt_pax-1.patch +++ /dev/null @@ -1,40 +0,0 @@ -Submitted By: Robert Connolly (ashes) -Date: 2006-10-11 -Initial Package Version: 2.5 -Upstream Status: Not submitted - PaX specific. Will not be accepted upstream. -Origin: http://www.gtlib.cc.gatech.edu/pub/gentoo/gentoo-x86-portage/sys-libs/ \ - glibc/files/2.3.3/glibc-2.3.3_pre20040117-pt_pax.diff -Description: This is needed for Pax. http://pax.grsecurity.net/ -Also see: -http://www.linuxfromscratch.org/hlfs/ - -diff -Naur glibc-2.5.orig/elf/elf.h glibc-2.5/elf/elf.h ---- glibc-2.5.orig/elf/elf.h 2006-07-10 21:54:02.000000000 +0000 -+++ glibc-2.5/elf/elf.h 2006-10-11 21:30:02.000000000 +0000 -@@ -569,6 +569,7 @@ - #define PT_GNU_EH_FRAME 0x6474e550 /* GCC .eh_frame_hdr segment */ - #define PT_GNU_STACK 0x6474e551 /* Indicates stack executability */ - #define PT_GNU_RELRO 0x6474e552 /* Read-only after relocation */ -+#define PT_PAX_FLAGS 0x65041580 /* Indicates PaX flag markings */ - #define PT_LOSUNW 0x6ffffffa - #define PT_SUNWBSS 0x6ffffffa /* Sun Specific segment */ - #define PT_SUNWSTACK 0x6ffffffb /* Stack segment */ -@@ -582,6 +583,18 @@ - #define PF_X (1 << 0) /* Segment is executable */ - #define PF_W (1 << 1) /* Segment is writable */ - #define PF_R (1 << 2) /* Segment is readable */ -+#define PF_PAGEEXEC (1 << 4) /* Enable PAGEEXEC */ -+#define PF_NOPAGEEXEC (1 << 5) /* Disable PAGEEXEC */ -+#define PF_SEGMEXEC (1 << 6) /* Enable SEGMEXEC */ -+#define PF_NOSEGMEXEC (1 << 7) /* Disable SEGMEXEC */ -+#define PF_MPROTECT (1 << 8) /* Enable MPROTECT */ -+#define PF_NOMPROTECT (1 << 9) /* Disable MPROTECT */ -+#define PF_RANDEXEC (1 << 10) /* Enable RANDEXEC */ -+#define PF_NORANDEXEC (1 << 11) /* Disable RANDEXEC */ -+#define PF_EMUTRAMP (1 << 12) /* Enable EMUTRAMP */ -+#define PF_NOEMUTRAMP (1 << 13) /* Disable EMUTRAMP */ -+#define PF_RANDMMAP (1 << 14) /* Enable RANDMMAP */ -+#define PF_NORANDMMAP (1 << 15) /* Disable RANDMMAP */ - #define PF_MASKOS 0x0ff00000 /* OS-specific */ - #define PF_MASKPROC 0xf0000000 /* Processor-specific */ - diff --git a/glibc/patches/glibc-2.17-hardened-pie.patch b/glibc/patches/glibc-2.17-hardened-pie.patch deleted file mode 100644 index da4fb8253..000000000 --- a/glibc/patches/glibc-2.17-hardened-pie.patch +++ /dev/null @@ -1,42 +0,0 @@ -2012-11-11 Magnus Granberg - - #442712 - * Makeconfig (+link): Set to +link-pie. - (+link-static-before-libc): Change $(static-start-installed-name) to - S$(static-start-installed-name). - (+prector): Set to +prectorS. - (+postctor): Set to +postctorS. - ---- libc/Makeconfig -+++ libc/Makeconfig -@@ -447,11 +447,12 @@ - $(common-objpfx)libc% $(+postinit),$^) \ - $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) - endif -++link = $(+link-pie) - # Command for statically linking programs with the C library. - ifndef +link-static - +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prectorT) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -549,11 +550,10 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` --+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` --# Variants of the two previous definitions for linking PIE programs. - +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` - +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` -++prector = $(+prectorS) -++postctor = $(+postctorS) - # Variants of the two previous definitions for statically linking programs. - +prectorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginT.o` - +postctorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/glibc/patches/glibc-arm-hardfloat-3.patch b/glibc/patches/glibc-arm-hardfloat-3.patch deleted file mode 100644 index ff4997e51..000000000 --- a/glibc/patches/glibc-arm-hardfloat-3.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff -Nrup a/elf/dl-load.c b/elf/dl-load.c ---- a/elf/dl-load.c 2012-06-06 13:07:41.727524312 -0600 -+++ b/elf/dl-load.c 2012-06-06 13:11:19.308681002 -0600 -@@ -2093,10 +2093,14 @@ _dl_map_object (struct link_map *loader, - soname = ((const char *) D_PTR (l, l_info[DT_STRTAB]) - + l->l_info[DT_SONAME]->d_un.d_val); - if (strcmp (name, soname) != 0) -- continue; -+#ifdef __arm__ -+ if (strcmp (name, "ld-linux.so.3") -+ || strcmp (soname, "ld-linux-armhf.so.3")) -+#endif -+ continue; - - /* We have a match on a new name -- cache it. */ -- add_name_to_object (l, soname); -+ add_name_to_object (l, name); - l->l_soname_added = 1; - } - diff --git a/glibc/patches/glibc-compile-fix-for-memcpy-ssse3.patch b/glibc/patches/glibc-compile-fix-for-memcpy-ssse3.patch deleted file mode 100644 index 1bc1a0641..000000000 --- a/glibc/patches/glibc-compile-fix-for-memcpy-ssse3.patch +++ /dev/null @@ -1,67 +0,0 @@ -diff --git a/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S b/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S -index b4890f4..4b717d9 100644 ---- a/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S -+++ b/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S -@@ -48,8 +48,10 @@ - .section .text.ssse3,"ax",@progbits - #if !defined USE_AS_MEMPCPY && !defined USE_AS_MEMMOVE - ENTRY (MEMPCPY_CHK) -+#ifdef _FORTIFY_SOURCE - cmpq %rdx, %rcx - jb HIDDEN_JUMPTARGET (__chk_fail) -+#endif - END (MEMPCPY_CHK) - - ENTRY (MEMPCPY) -@@ -61,8 +63,10 @@ END (MEMPCPY) - - #if !defined USE_AS_BCOPY - ENTRY (MEMCPY_CHK) -+#ifdef _FORTIFY_SOURCE - cmpq %rdx, %rcx - jb HIDDEN_JUMPTARGET (__chk_fail) -+#endif - END (MEMCPY_CHK) - #endif - -diff --git a/sysdeps/x86_64/multiarch/memcpy-ssse3.S b/sysdeps/x86_64/multiarch/memcpy-ssse3.S -index 1ca88c0..a2f140b 100644 ---- a/sysdeps/x86_64/multiarch/memcpy-ssse3.S -+++ b/sysdeps/x86_64/multiarch/memcpy-ssse3.S -@@ -48,8 +48,10 @@ - .section .text.ssse3,"ax",@progbits - #if !defined USE_AS_MEMPCPY && !defined USE_AS_MEMMOVE - ENTRY (MEMPCPY_CHK) -+#ifdef _FORTIFY_SOURCE - cmpq %rdx, %rcx - jb HIDDEN_JUMPTARGET (__chk_fail) -+#endif - END (MEMPCPY_CHK) - - ENTRY (MEMPCPY) -@@ -61,8 +63,10 @@ END (MEMPCPY) - - #if !defined USE_AS_BCOPY - ENTRY (MEMCPY_CHK) -+#ifdef _FORTIFY_SOURCE - cmpq %rdx, %rcx - jb HIDDEN_JUMPTARGET (__chk_fail) -+#endif - END (MEMCPY_CHK) - #endif - -diff --git a/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S b/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S -index 9687df0..2d0abee 100644 ---- a/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S -+++ b/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S -@@ -29,8 +29,10 @@ - .section .text.avx512,"ax",@progbits - #if defined PIC - ENTRY (MEMSET_CHK) -+#ifdef _FORTIFY_SOURCE - cmpq %rdx, %rcx - jb HIDDEN_JUMPTARGET (__chk_fail) -+#endif - END (MEMSET_CHK) - #endif - diff --git a/glibc/patches/glibc-fedora-__libc_multiple_libcs.patch b/glibc/patches/glibc-fedora-__libc_multiple_libcs.patch deleted file mode 100644 index 945a9551c..000000000 --- a/glibc/patches/glibc-fedora-__libc_multiple_libcs.patch +++ /dev/null @@ -1,79 +0,0 @@ -# -# Upstream discussions: -# https://sourceware.org/ml/libc-alpha/2014-02/msg00580.html -# -# Based on the following commit: -# -# From 16552c01a66633c9e412984d9d92616bd4e5303c Mon Sep 17 00:00:00 2001 -# From: Andreas Schwab -# Date: Fri, 11 Jun 2010 11:04:11 +0200 -# Subject: [PATCH] Properly set __libc_multiple_libcs -# -# * elf/rtld.c (_dl_starting_up): Always define. -# (dl_main): Always set _dl_starting_up. -# * elf/dl-support.c (_dl_starting_up): Always define. -# * elf/dl-init.c (_dl_init): Always clear _dl_starting_up. -# -# --- -# ChangeLog | 7 +++++++ -# elf/dl-init.c | 4 ---- -# elf/dl-support.c | 2 -- -# elf/rtld.c | 4 ---- -# 4 files changed, 7 insertions(+), 10 deletions(-) -# -diff -urN glibc-2.20-205-ga39208b/elf/dl-init.c glibc-2.20-205-ga39208b.mod/elf/dl-init.c ---- glibc-2.20-205-ga39208b/elf/dl-init.c 2014-11-21 16:08:32.744913590 -0500 -+++ glibc-2.20-205-ga39208b.mod/elf/dl-init.c 2014-11-21 16:09:42.485708197 -0500 -@@ -119,8 +119,6 @@ - while (i-- > 0) - call_init (main_map->l_initfini[i], argc, argv, env); - --#ifndef HAVE_INLINED_SYSCALLS - /* Finished starting up. */ - _dl_starting_up = 0; --#endif - } -diff -urN glibc-2.20-205-ga39208b/elf/dl-support.c glibc-2.20-205-ga39208b.mod/elf/dl-support.c ---- glibc-2.20-205-ga39208b/elf/dl-support.c 2014-11-19 14:35:03.000000000 -0500 -+++ glibc-2.20-205-ga39208b.mod/elf/dl-support.c 2014-11-21 16:09:54.829671843 -0500 -@@ -118,10 +118,8 @@ - .r_nlist = 1, - }; - --#ifndef HAVE_INLINED_SYSCALLS - /* Nonzero during startup. */ - int _dl_starting_up = 1; --#endif - - /* Random data provided by the kernel. */ - void *_dl_random; -diff -urN glibc-2.20-205-ga39208b/elf/rtld.c glibc-2.20-205-ga39208b.mod/elf/rtld.c ---- glibc-2.20-205-ga39208b/elf/rtld.c 2014-11-21 16:08:32.745913587 -0500 -+++ glibc-2.20-205-ga39208b.mod/elf/rtld.c 2014-11-21 16:09:05.614816785 -0500 -@@ -107,7 +107,6 @@ - struct audit_list *next; - } *audit_list; - --#ifndef HAVE_INLINED_SYSCALLS - /* Set nonzero during loading and initialization of executable and - libraries, cleared before the executable's entry point runs. This - must not be initialized to nonzero, because the unused dynamic -@@ -117,7 +116,6 @@ - never be called. */ - int _dl_starting_up = 0; - rtld_hidden_def (_dl_starting_up) --#endif - - /* This is the structure which defines all variables global to ld.so - (except those which cannot be added for some reason). */ -@@ -776,10 +774,8 @@ - /* Process the environment variable which control the behaviour. */ - process_envvars (&mode); - --#ifndef HAVE_INLINED_SYSCALLS - /* Set up a flag which tells we are just starting. */ - _dl_starting_up = 1; --#endif - - if (*user_entry == (ElfW(Addr)) ENTRY_POINT) - { diff --git a/glibc/patches/glibc-fedora-localedef.patch b/glibc/patches/glibc-fedora-localedef.patch deleted file mode 100644 index ee1463a2e..000000000 --- a/glibc/patches/glibc-fedora-localedef.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -Nrup a/localedata/Makefile b/localedata/Makefile ---- a/localedata/Makefile 2012-06-05 07:42:49.000000000 -0600 -+++ b/localedata/Makefile 2012-06-07 12:15:21.776318827 -0600 -@@ -211,6 +211,7 @@ $(INSTALL-SUPPORTED-LOCALES): install-lo - echo -n '...'; \ - input=`echo $$locale | sed 's/\([^.]*\)[^@]*\(.*\)/\1\2/'`; \ - $(LOCALEDEF) --alias-file=../intl/locale.alias \ -+ --no-archive \ - -i locales/$$input -c -f charmaps/$$charset \ - $(addprefix --prefix=,$(install_root)) $$locale; \ - echo ' done'; \ diff --git a/glibc/patches/glibc-fedora-locarchive.patch b/glibc/patches/glibc-fedora-locarchive.patch deleted file mode 100644 index 9a702af55..000000000 --- a/glibc/patches/glibc-fedora-locarchive.patch +++ /dev/null @@ -1,51 +0,0 @@ -This is a part of commit glibc-2.3.3-1492-ga891c7b, -needed for fedora/build-locale-archive.c only. - -diff -Nrup a/ChangeLog.17 b/ChangeLog.17 ---- a/ChangeLog.17 2012-06-05 07:42:49.000000000 -0600 -+++ b/ChangeLog.17 2012-06-07 12:15:21.564319619 -0600 -@@ -11818,6 +11829,10 @@ d2009-10-30 Ulrich Drepper -+ -+ * locale/programs/locarchive.c (add_alias, insert_name): Remove static. -+ - 2007-04-16 Ulrich Drepper - - [BZ #4364] -diff -Nrup a/locale/programs/locarchive.c b/locale/programs/locarchive.c ---- a/locale/programs/locarchive.c 2012-06-05 07:42:49.000000000 -0600 -+++ b/locale/programs/locarchive.c 2012-06-07 12:15:21.585319540 -0600 -@@ -252,9 +252,9 @@ oldlocrecentcmp (const void *a, const vo - /* forward decls for below */ - static uint32_t add_locale (struct locarhandle *ah, const char *name, - locale_data_t data, bool replace); --static void add_alias (struct locarhandle *ah, const char *alias, -- bool replace, const char *oldname, -- uint32_t *locrec_offset_p); -+void add_alias (struct locarhandle *ah, const char *alias, -+ bool replace, const char *oldname, -+ uint32_t *locrec_offset_p); - - - static bool -@@ -635,7 +635,7 @@ close_archive (struct locarhandle *ah) - #include "../../intl/explodename.c" - #include "../../intl/l10nflist.c" - --static struct namehashent * -+struct namehashent * - insert_name (struct locarhandle *ah, - const char *name, size_t name_len, bool replace) - { -@@ -693,7 +693,7 @@ insert_name (struct locarhandle *ah, - return &namehashtab[idx]; - } - --static void -+void - add_alias (struct locarhandle *ah, const char *alias, bool replace, - const char *oldname, uint32_t *locrec_offset_p) - { diff --git a/glibc/patches/glibc-fedora-nscd.patch b/glibc/patches/glibc-fedora-nscd.patch deleted file mode 100644 index a26b9283d..000000000 --- a/glibc/patches/glibc-fedora-nscd.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nrup a/nscd/nscd.conf b/nscd/nscd.conf ---- a/nscd/nscd.conf 2012-06-05 07:42:49.000000000 -0600 -+++ b/nscd/nscd.conf 2012-06-07 12:15:21.818318670 -0600 -@@ -33,7 +33,7 @@ - # logfile /var/log/nscd.log - # threads 4 - # max-threads 32 --# server-user nobody -+ server-user nscd - # stat-user somebody - debug-level 0 - # reload-count 5 diff --git a/glibc/patches/glibc-rh1070416.patch b/glibc/patches/glibc-rh1070416.patch deleted file mode 100644 index 7e4235e28..000000000 --- a/glibc/patches/glibc-rh1070416.patch +++ /dev/null @@ -1,29 +0,0 @@ ---- a/nscd/nscd.service -+++ b/nscd/nscd.service -@@ -2,6 +2,7 @@ - - [Unit] - Description=Name Service Cache Daemon -+After=syslog.target - - [Service] - Type=forking -@@ -17,3 +18,4 @@ - - [Install] - WantedBy=multi-user.target -+Also=nscd.socket -diff --git a/nscd/nscd.socket b/nscd/nscd.socket -new file mode 100644 -index 0000000..7e512d5 ---- /dev/null -+++ b/nscd/nscd.socket -@@ -0,0 +1,8 @@ -+[Unit] -+Description=Name Service Cache Daemon Socket -+ -+[Socket] -+ListenDatagram=/var/run/nscd/socket -+ -+[Install] -+WantedBy=sockets.target -- 2.39.2