From: Michael Tremer Date: Fri, 23 Sep 2016 20:13:53 +0000 (+0100) Subject: glibc: Update to 2.24 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4eec3d94d92ca122553c5ef77797227aa56ef128;p=ipfire-3.x.git glibc: Update to 2.24 Requires a patch to build on x86_64: https://sourceware.org/bugzilla/show_bug.cgi?id=20621 Signed-off-by: Michael Tremer --- diff --git a/glibc/glibc.nm b/glibc/glibc.nm index 0653382a1..943bf0ef1 100644 --- a/glibc/glibc.nm +++ b/glibc/glibc.nm @@ -4,8 +4,8 @@ ############################################################################### name = glibc -version = 2.23 -release = 2 +version = 2.24 +release = 1 maintainer = Michael Tremer groups = System/Base @@ -34,6 +34,7 @@ build audit-devel autoconf automake + binutils >= 2.27 gcc >= 4.7 gettext kernel-headers >= %{OPTIMIZED_KERNEL} @@ -44,7 +45,7 @@ build end # Build glibc with custom cflags - GLIBC_FLAGS = -O3 -g -fasynchronous-unwind-tables -DNDEBUG -fPIC -DPIC + GLIBC_FLAGS = -O3 -g -fasynchronous-unwind-tables -DNDEBUG if "%{DISTRO_ARCH}" == "i686" GLIBC_FLAGS += -march=i686 -mtune=generic @@ -111,9 +112,6 @@ build ../%{thisapp}/configure \ %{configure_options} - sed -i config.make \ - -e "s/^build-pic-default=.*/build-pic-default=yes/" - # Our GCC is already passing -fPIC, and that's all we want for the libraries. # LDFLAGS.so is appended to so we don't build shared libraries with # DT_TEXTREL (and to tell us if something goes wrong). For now we only build diff --git a/glibc/patches/glibc-2.11.1-owl-alt-res_randomid.patch b/glibc/patches/glibc-2.11.1-owl-alt-res_randomid.patch deleted file mode 100644 index 969b8dc03..000000000 --- a/glibc/patches/glibc-2.11.1-owl-alt-res_randomid.patch +++ /dev/null @@ -1,317 +0,0 @@ -# Improve res_randomid in the resolver. - ---- a/include/resolv.h -+++ b/include/resolv.h -@@ -31,6 +31,7 @@ extern struct __res_state _res; - # endif - - /* Now define the internal interfaces. */ -+extern unsigned int _shuffle_next (void); - extern int __res_vinit (res_state, int); - extern int __res_maybe_init (res_state, int); - extern void _sethtent (int); ---- a/resolv/Makefile -+++ b/resolv/Makefile -@@ -29,7 +29,7 @@ distribute := ../conf/portability.h mapv4v6addr.h mapv4v6hostent.h \ - Banner res_hconf.h res_debug.h README gai_misc.h ga_test.c - - routines := herror inet_addr inet_ntop inet_pton nsap_addr res_init \ -- res_hconf res_libc res-state -+ res_hconf res_libc res-state shuffle - - tests = tst-aton tst-leaks tst-inet_ntop - xtests = tst-leaks2 ---- a/resolv/res_init.c -+++ b/resolv/res_init.c -@@ -570,7 +570,9 @@ net_mask(in) /* XXX - should really use system's version of this */ - - u_int - res_randomid(void) { -- return 0xffff & __getpid(); -+/* We should probably randomize the port number as well, -+ * but this may be better done in the kernel */ -+ return _shuffle_next(); - } - #ifdef _LIBC - libc_hidden_def (__res_randomid) ---- a/resolv/res_mkquery.c -+++ b/resolv/res_mkquery.c -@@ -120,6 +120,7 @@ res_nmkquery(res_state statp, - return (-1); - memset(buf, 0, HFIXEDSZ); - hp = (HEADER *) buf; -+#ifdef USE_OLD_RANDOMIZE_CODE - /* We randomize the IDs every time. The old code just - incremented by one after the initial randomization which - still predictable if the application does multiple -@@ -137,6 +138,9 @@ res_nmkquery(res_state statp, - } - while ((randombits & 0xffff) == 0); - statp->id = (statp->id + randombits) & 0xffff; -+#else -+ statp->id = res_randomid (); -+#endif - hp->id = statp->id; - hp->opcode = op; - hp->rd = (statp->options & RES_RECURSE) != 0; ---- /dev/null -+++ b/resolv/shuffle.c -@@ -0,0 +1,258 @@ -+/* -+ * Written by Solar Designer and placed in the public domain. -+ */ -+ -+#include -+#include -+#include -+ -+#ifdef __linux__ -+#define DEVICE "/dev/urandom" -+#else -+#undef DEVICE -+#endif -+ -+#if defined(DEVICE) && defined(_LIBC) -+#define CONSERVE_KERNEL_RANDOMNESS -+#else -+#undef CONSERVE_KERNEL_RANDOMNESS -+#endif -+ -+#ifdef DEVICE -+#include -+#endif -+ -+#include -+#include -+#include -+#include -+ -+#ifdef TEST -+#include -+#endif -+ -+#define DIV 0x8000 -+ -+static unsigned char pool[0x100]; -+ -+static struct { -+ unsigned int base, xor; -+ unsigned char s[0x80]; -+} seed_c; -+static unsigned char seed_f[0x100]; -+ -+static struct { -+ unsigned int msb; -+ unsigned int a, b; -+ unsigned int n; -+} state; -+ -+static void pool_update(unsigned int seed) -+{ -+ int i, x; -+ -+ __srandom(seed ^ __random()); -+ for (i = 0; i < sizeof(pool); i++) { -+ x = __random(); -+ pool[i] += (x >> 16) ^ x; -+ } -+} -+ -+#ifdef DEVICE -+static int read_loop(int fd, char *buffer, int count) -+{ -+ int offset, block; -+ -+ offset = 0; -+ while (count > 0) { -+ block = __read(fd, &buffer[offset], count); -+ -+ if (block < 0) { -+ if (errno == EINTR) continue; -+ return block; -+ } -+ if (!block) return offset; -+ -+ offset += block; -+ count -= block; -+ } -+ -+ return offset; -+} -+ -+static int read_random(char *buffer, int count) -+{ -+ int fd; -+#ifdef CONSERVE_KERNEL_RANDOMNESS -+ unsigned int seed[2]; -+ -+ if (count > sizeof(pool)) -+ return -1; -+#endif -+ -+ if ((fd = __open(DEVICE, O_RDONLY)) < 0) -+ return -1; -+ -+#ifdef CONSERVE_KERNEL_RANDOMNESS -+ if (read_loop(fd, (char *)seed, sizeof(seed)) != sizeof(seed)) { -+ __close(fd); -+ return -1; -+ } -+ __close(fd); -+ -+ memset(pool, 'X', sizeof(pool)); -+ pool_update(seed[0]); -+ pool_update(seed[1]); -+ -+ memcpy(buffer, pool, count); -+#else -+ count = read_loop(fd, buffer, count); -+ __close(fd); -+#endif -+ -+ return count; -+} -+#else -+#define read_random(buffer, count) (-1) -+#endif -+ -+static void shuffle_init() -+{ -+ struct timeval tv; -+ -+ if (read_random((char *)seed_f, sizeof(seed_f)) != sizeof(seed_f)) { -+ memset(pool, 'X', sizeof(pool)); -+ pool_update(__getpid()); -+ pool_update(__getppid()); -+ if (!__gettimeofday(&tv, NULL)) { -+ pool_update(tv.tv_sec); -+ pool_update(tv.tv_usec); -+ } -+ -+ memcpy(seed_f, pool, sizeof(seed_f)); -+ } -+ -+ state.msb = 0; -+ state.n = DIV; /* force a reseed() */ -+} -+ -+static void reseed() -+{ -+ struct tms buf; -+ -+ if (read_random((char *)&seed_c, sizeof(seed_c)) != sizeof(seed_c)) { -+ pool_update(__times(&buf)); -+ pool_update(buf.tms_utime); -+ pool_update(buf.tms_stime); -+ -+ memcpy(&seed_c, pool, sizeof(seed_c)); -+ } -+ -+ seed_c.base &= 0x1fff; -+ seed_c.base <<= 3; -+ seed_c.base += DIV + 3; -+ seed_c.xor &= (DIV - 1); -+ state.msb ^= 0x8000; -+ state.a = 1; -+ state.b = 1; -+ state.n = 0; -+} -+ -+/* -+ * Now, time for a puzzle. Think of division by DIV in seed_c.base. -+ * This is not as slow as it might appear: the inner loop needs only -+ * a few iterations per call, on average. -+ */ -+static unsigned int shuffle_1_next() -+{ -+ if (state.n >= DIV - 1) -+ reseed(); -+ -+ if (state.n && state.b <= state.a) { -+ do { -+ state.b = ++state.a; -+ do { -+ state.b *= seed_c.base; -+ state.b %= DIV; -+ } while (state.b > state.a); -+ } while (state.a != state.b); -+ } -+ -+ state.b *= seed_c.base; -+ state.b %= DIV; -+ state.n++; -+ -+ return state.b ^ seed_c.xor; -+} -+ -+/* -+ * The idea behind shuffle_2 is David Wagner's (any bugs are mine, -+ * of course). -+ */ -+static unsigned int shuffle_2(unsigned int x) -+{ -+ unsigned int i, sum; -+ -+ sum = 0; -+ for (i = 0; i < 8; i++) { -+ sum += 0x79b9; -+ x ^= ((unsigned int)seed_c.s[(x ^ sum) & 0x7f]) << 7; -+ x = ((x & 0xff) << 7) | (x >> 8); -+ } -+ -+ return x; -+} -+ -+/* -+ * A full 16-bit permutation. This one can't be re-seeded, but still -+ * makes some attacks quite a bit harder. -+ */ -+static unsigned int shuffle_3(unsigned int x) -+{ -+ unsigned int i, sum; -+ -+ sum = 0; -+ for (i = 0; i < 8; i++) { -+ sum += 0x79b9; -+ x ^= ((unsigned int)seed_f[(x ^ sum) & 0xff]) << 8; -+ x = ((x & 0xff) << 8) | (x >> 8); -+ } -+ -+ return x; -+} -+ -+unsigned int _shuffle_next() -+{ -+ static int initialized = 0; -+ unsigned int pid, x; -+ -+/* This isn't MT-safe, but the resolver itself isn't safe, anyway */ -+ if (!initialized) { -+ shuffle_init(); -+ initialized = 1; -+ } -+ -+/* Make sure the sequence we generate changes after fork() */ -+ pid = __getpid(); -+ -+ x = shuffle_1_next(); -+ x ^= pid & 0x7fff; -+ x = shuffle_2(x); -+ x |= state.msb; -+ x ^= (pid >> 15) & 0xffff; -+ x = shuffle_3(x); -+ -+ return x; -+} -+ -+#ifdef TEST -+int main() -+{ -+ int i; -+ -+ for (i = 0; i < 0xfffe; i++) -+ printf("%u\n", _shuffle_next()); -+ -+ return 0; -+} -+#endif diff --git a/glibc/patches/glibc-2.24-Revert-Avoid-an-extra-branch-to-PLT-for-z-now.patch b/glibc/patches/glibc-2.24-Revert-Avoid-an-extra-branch-to-PLT-for-z-now.patch new file mode 100644 index 000000000..102d38591 --- /dev/null +++ b/glibc/patches/glibc-2.24-Revert-Avoid-an-extra-branch-to-PLT-for-z-now.patch @@ -0,0 +1,84 @@ +From f160cfff59261bb661cf829fdcb5a3f391996280 Mon Sep 17 00:00:00 2001 +From: Michael Tremer +Date: Thu, 22 Sep 2016 16:33:43 +0100 +Subject: [PATCH] Revert "Avoid an extra branch to PLT for -z now" + +This reverts commit 6901def689b5c77465d34f07822989ec67e80c1e. + +glibc won't compile on x86_64 with PIC and BIND_NOW enabled +both at the same time. + +See: https://sourceware.org/bugzilla/show_bug.cgi?id=20621 +--- + config.h.in | 3 --- + configure | 4 ---- + configure.ac | 3 --- + sysdeps/x86_64/sysdep.h | 8 ++------ + 4 files changed, 2 insertions(+), 16 deletions(-) + +diff --git a/config.h.in b/config.h.in +index 8cd08b0..f4ec748 100644 +--- a/config.h.in ++++ b/config.h.in +@@ -94,9 +94,6 @@ + include/libc-symbols.h that avoid PLT slots in the shared objects. */ + #undef NO_HIDDEN + +-/* Define this to disable lazy relocations in DSOs. */ +-#undef BIND_NOW +- + /* AArch64 big endian ABI */ + #undef HAVE_AARCH64_BE + +diff --git a/configure b/configure +index 6ff2527..46015c9 100755 +--- a/configure ++++ b/configure +@@ -3419,10 +3419,6 @@ else + fi + + +-if test "x$bindnow" = xyes; then +- $as_echo "#define BIND_NOW 1" >>confdefs.h +- +-fi + + # Check whether --enable-static-nss was given. + if test "${enable_static_nss+set}" = set; then : +diff --git a/configure.ac b/configure.ac +index 9938ab0..d255b57 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -231,9 +231,6 @@ AC_ARG_ENABLE([bind-now], + [bindnow=$enableval], + [bindnow=no]) + AC_SUBST(bindnow) +-if test "x$bindnow" = xyes; then +- AC_DEFINE(BIND_NOW) +-fi + + dnl On some platforms we cannot use dynamic loading. We must provide + dnl static NSS modules. +diff --git a/sysdeps/x86_64/sysdep.h b/sysdeps/x86_64/sysdep.h +index 75ac747..fbe3560 100644 +--- a/sysdeps/x86_64/sysdep.h ++++ b/sysdeps/x86_64/sysdep.h +@@ -90,13 +90,9 @@ lose: \ + + #undef JUMPTARGET + #ifdef PIC +-# ifdef BIND_NOW +-# define JUMPTARGET(name) *name##@GOTPCREL(%rip) +-# else +-# define JUMPTARGET(name) name##@PLT +-# endif ++#define JUMPTARGET(name) name##@PLT + #else +-# define JUMPTARGET(name) name ++#define JUMPTARGET(name) name + #endif + + /* Local label name for asm code. */ +-- +2.7.4 + diff --git a/glibc/patches/glibc-compile-fix-for-memcpy-ssse3.patch b/glibc/patches/glibc-compile-fix-for-memcpy-ssse3.patch new file mode 100644 index 000000000..1bc1a0641 --- /dev/null +++ b/glibc/patches/glibc-compile-fix-for-memcpy-ssse3.patch @@ -0,0 +1,67 @@ +diff --git a/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S b/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S +index b4890f4..4b717d9 100644 +--- a/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S ++++ b/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S +@@ -48,8 +48,10 @@ + .section .text.ssse3,"ax",@progbits + #if !defined USE_AS_MEMPCPY && !defined USE_AS_MEMMOVE + ENTRY (MEMPCPY_CHK) ++#ifdef _FORTIFY_SOURCE + cmpq %rdx, %rcx + jb HIDDEN_JUMPTARGET (__chk_fail) ++#endif + END (MEMPCPY_CHK) + + ENTRY (MEMPCPY) +@@ -61,8 +63,10 @@ END (MEMPCPY) + + #if !defined USE_AS_BCOPY + ENTRY (MEMCPY_CHK) ++#ifdef _FORTIFY_SOURCE + cmpq %rdx, %rcx + jb HIDDEN_JUMPTARGET (__chk_fail) ++#endif + END (MEMCPY_CHK) + #endif + +diff --git a/sysdeps/x86_64/multiarch/memcpy-ssse3.S b/sysdeps/x86_64/multiarch/memcpy-ssse3.S +index 1ca88c0..a2f140b 100644 +--- a/sysdeps/x86_64/multiarch/memcpy-ssse3.S ++++ b/sysdeps/x86_64/multiarch/memcpy-ssse3.S +@@ -48,8 +48,10 @@ + .section .text.ssse3,"ax",@progbits + #if !defined USE_AS_MEMPCPY && !defined USE_AS_MEMMOVE + ENTRY (MEMPCPY_CHK) ++#ifdef _FORTIFY_SOURCE + cmpq %rdx, %rcx + jb HIDDEN_JUMPTARGET (__chk_fail) ++#endif + END (MEMPCPY_CHK) + + ENTRY (MEMPCPY) +@@ -61,8 +63,10 @@ END (MEMPCPY) + + #if !defined USE_AS_BCOPY + ENTRY (MEMCPY_CHK) ++#ifdef _FORTIFY_SOURCE + cmpq %rdx, %rcx + jb HIDDEN_JUMPTARGET (__chk_fail) ++#endif + END (MEMCPY_CHK) + #endif + +diff --git a/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S b/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S +index 9687df0..2d0abee 100644 +--- a/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S ++++ b/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S +@@ -29,8 +29,10 @@ + .section .text.avx512,"ax",@progbits + #if defined PIC + ENTRY (MEMSET_CHK) ++#ifdef _FORTIFY_SOURCE + cmpq %rdx, %rcx + jb HIDDEN_JUMPTARGET (__chk_fail) ++#endif + END (MEMSET_CHK) + #endif + diff --git a/glibc/patches/glibc-fedora-include-bits-ldbl.patch b/glibc/patches/glibc-fedora-include-bits-ldbl.patch deleted file mode 100644 index 1e5d763b9..000000000 --- a/glibc/patches/glibc-fedora-include-bits-ldbl.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 5eb4509a6651d19c7a28c4506d6aa582c9ee095a Mon Sep 17 00:00:00 2001 -From: Jakub Jelinek -Date: Wed, 1 Feb 2006 09:30:43 +0000 -Subject: [PATCH] 128-bit long double fixes - -* include/bits/stdlib-ldbl.h: New file. -* include/bits/wchar-ldbl.h: New file. - ---- - ChangeLog | 5 +++++ - include/bits/stdlib-ldbl.h | 1 + - include/bits/wchar-ldbl.h | 1 + - 3 files changed, 7 insertions(+), 0 deletions(-) - create mode 100644 include/bits/stdlib-ldbl.h - create mode 100644 include/bits/wchar-ldbl.h - -diff --git a/include/bits/stdlib-ldbl.h b/include/bits/stdlib-ldbl.h -new file mode 100644 -index 0000000..6250949 ---- /dev/null -+++ b/include/bits/stdlib-ldbl.h -@@ -0,0 +1 @@ -+#include -diff --git a/include/bits/wchar-ldbl.h b/include/bits/wchar-ldbl.h -new file mode 100644 -index 0000000..29baa2f ---- /dev/null -+++ b/include/bits/wchar-ldbl.h -@@ -0,0 +1 @@ -+#include