diff options
author | Khem Raj <raj.khem@gmail.com> | 2021-04-30 14:52:51 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-08-12 06:26:15 +0100 |
commit | ad454e026632604fd344147639e0b69ee10f11b7 (patch) | |
tree | c8dd131239fc25bffa081c119ed34c57557b5300 /meta/recipes-core/glibc/glibc_2.34.bb | |
parent | 77ce05bd36cf71db9a2cc5b0ebffde7bd11c20f3 (diff) | |
download | poky-ad454e026632604fd344147639e0b69ee10f11b7.tar.gz |
glibc: Upgrade to 2.34 release
bump localedef to get __attr_access_none and __attr_access definitions
replace /bin/bash instead of @BASH@ in ldd as @BASH@ has been substituted with /bin/bash now
package libc_malloc_debug.so.0
Detailed changelog [1]
[1] https://sourceware.org/pipermail/libc-alpha/2021-August/129718.html
(From OE-Core rev: af4e1306a78cf8c508dd911f02c103af81bc1af5)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc/glibc_2.34.bb')
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.34.bb | 132 |
1 files changed, 132 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.34.bb b/meta/recipes-core/glibc/glibc_2.34.bb new file mode 100644 index 0000000000..7ad59115b7 --- /dev/null +++ b/meta/recipes-core/glibc/glibc_2.34.bb | |||
@@ -0,0 +1,132 @@ | |||
1 | require glibc.inc | ||
2 | require glibc-version.inc | ||
3 | |||
4 | CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2021-27645" | ||
5 | |||
6 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022 | ||
7 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023 | ||
8 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024 | ||
9 | # Upstream glibc maintainers dispute there is any issue and have no plans to address it further. | ||
10 | # "this is being treated as a non-security bug and no real threat." | ||
11 | CVE_CHECK_WHITELIST += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024" | ||
12 | |||
13 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025 | ||
14 | # Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow | ||
15 | # easier access for another. "ASLR bypass itself is not a vulnerability." | ||
16 | # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853 | ||
17 | CVE_CHECK_WHITELIST += "CVE-2019-1010025" | ||
18 | |||
19 | DEPENDS += "gperf-native bison-native make-native" | ||
20 | |||
21 | NATIVESDKFIXES ?= "" | ||
22 | NATIVESDKFIXES:class-nativesdk = "\ | ||
23 | file://0003-nativesdk-glibc-Look-for-host-system-ld.so.cache-as-.patch \ | ||
24 | file://0004-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch \ | ||
25 | file://0005-nativesdk-glibc-Raise-the-size-of-arrays-containing-.patch \ | ||
26 | file://0006-nativesdk-glibc-Allow-64-bit-atomics-for-x86.patch \ | ||
27 | file://0007-nativesdk-glibc-Make-relocatable-install-for-locales.patch \ | ||
28 | file://0008-nativesdk-glibc-Fall-back-to-faccessat-on-faccess2-r.patch \ | ||
29 | " | ||
30 | |||
31 | SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ | ||
32 | file://etc/ld.so.conf \ | ||
33 | file://generate-supported.mk \ | ||
34 | file://makedbs.sh \ | ||
35 | \ | ||
36 | ${NATIVESDKFIXES} \ | ||
37 | file://0009-fsl-e500-e5500-e6500-603e-fsqrt-implementation.patch \ | ||
38 | file://0010-ppc-sqrt-Fix-undefined-reference-to-__sqrt_finite.patch \ | ||
39 | file://0011-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \ | ||
40 | file://0012-Quote-from-bug-1443-which-explains-what-the-patch-do.patch \ | ||
41 | file://0013-eglibc-run-libm-err-tab.pl-with-specific-dirs-in-S.patch \ | ||
42 | file://0014-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \ | ||
43 | file://0015-sysdeps-gnu-configure.ac-handle-correctly-libc_cv_ro.patch \ | ||
44 | file://0016-yes-within-the-path-sets-wrong-config-variables.patch \ | ||
45 | file://0017-timezone-re-written-tzselect-as-posix-sh.patch \ | ||
46 | file://0018-Remove-bash-dependency-for-nscd-init-script.patch \ | ||
47 | file://0019-eglibc-Cross-building-and-testing-instructions.patch \ | ||
48 | file://0020-eglibc-Help-bootstrap-cross-toolchain.patch \ | ||
49 | file://0021-eglibc-Resolve-__fpscr_values-on-SH4.patch \ | ||
50 | file://0022-eglibc-Forward-port-cross-locale-generation-support.patch \ | ||
51 | file://0023-Define-DUMMY_LOCALE_T-if-not-defined.patch \ | ||
52 | file://0024-localedef-add-to-archive-uses-a-hard-coded-locale-pa.patch \ | ||
53 | file://0025-elf-dl-deps.c-Make-_dl_build_local_scope-breadth-fir.patch \ | ||
54 | file://0026-intl-Emit-no-lines-in-bison-generated-files.patch \ | ||
55 | file://0027-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \ | ||
56 | file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \ | ||
57 | file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \ | ||
58 | file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \ | ||
59 | " | ||
60 | S = "${WORKDIR}/git" | ||
61 | B = "${WORKDIR}/build-${TARGET_SYS}" | ||
62 | |||
63 | PACKAGES_DYNAMIC = "" | ||
64 | |||
65 | # the -isystem in bitbake.conf screws up glibc do_stage | ||
66 | BUILD_CPPFLAGS = "-I${STAGING_INCDIR_NATIVE}" | ||
67 | TARGET_CPPFLAGS = "-I${STAGING_DIR_TARGET}${includedir}" | ||
68 | |||
69 | GLIBC_BROKEN_LOCALES = "" | ||
70 | |||
71 | GLIBCPIE ??= "" | ||
72 | |||
73 | EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \ | ||
74 | --disable-profile \ | ||
75 | --disable-debug --without-gd \ | ||
76 | --enable-clocale=gnu \ | ||
77 | --with-headers=${STAGING_INCDIR} \ | ||
78 | --without-selinux \ | ||
79 | --enable-tunables \ | ||
80 | --enable-bind-now \ | ||
81 | --enable-stack-protector=strong \ | ||
82 | --enable-stackguard-randomization \ | ||
83 | --disable-crypt \ | ||
84 | --with-default-link \ | ||
85 | ${@bb.utils.contains_any('SELECTED_OPTIMIZATION', '-O0 -Og', '--disable-werror', '', d)} \ | ||
86 | ${GLIBCPIE} \ | ||
87 | ${GLIBC_EXTRA_OECONF}" | ||
88 | |||
89 | EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}" | ||
90 | |||
91 | EXTRA_OECONF:append:x86 = " --enable-cet" | ||
92 | EXTRA_OECONF:append:x86-64 = " --enable-cet" | ||
93 | |||
94 | PACKAGECONFIG ??= "nscd memory-tagging" | ||
95 | PACKAGECONFIG[nscd] = "--enable-nscd,--disable-nscd" | ||
96 | PACKAGECONFIG[memory-tagging] = "--enable-memory-tagging,--disable-memory-tagging" | ||
97 | |||
98 | do_patch:append() { | ||
99 | bb.build.exec_func('do_fix_readlib_c', d) | ||
100 | } | ||
101 | |||
102 | do_fix_readlib_c () { | ||
103 | sed -i -e 's#OECORE_KNOWN_INTERPRETER_NAMES#${EGLIBC_KNOWN_INTERPRETER_NAMES}#' ${S}/elf/readlib.c | ||
104 | } | ||
105 | |||
106 | do_configure () { | ||
107 | # override this function to avoid the autoconf/automake/aclocal/autoheader | ||
108 | # calls for now | ||
109 | # don't pass CPPFLAGS into configure, since it upsets the kernel-headers | ||
110 | # version check and doesn't really help with anything | ||
111 | (cd ${S} && gnu-configize) || die "failure in running gnu-configize" | ||
112 | find ${S} -name "configure" | xargs touch | ||
113 | CPPFLAGS="" oe_runconf | ||
114 | } | ||
115 | |||
116 | LDFLAGS += "-fuse-ld=bfd" | ||
117 | do_compile () { | ||
118 | base_do_compile | ||
119 | echo "Adjust ldd script" | ||
120 | if [ -n "${RTLDLIST}" ] | ||
121 | then | ||
122 | prevrtld=`cat ${B}/elf/ldd | grep "^RTLDLIST=" | sed 's#^RTLDLIST="\?\([^"]*\)"\?$#\1#'` | ||
123 | # remove duplicate entries | ||
124 | newrtld=`echo $(printf '%s\n' ${prevrtld} ${RTLDLIST} | LC_ALL=C sort -u)` | ||
125 | echo "ldd \"${prevrtld} ${RTLDLIST}\" -> \"${newrtld}\"" | ||
126 | sed -i ${B}/elf/ldd -e "s#^RTLDLIST=.*\$#RTLDLIST=\"${newrtld}\"#" | ||
127 | fi | ||
128 | } | ||
129 | |||
130 | require glibc-package.inc | ||
131 | |||
132 | BBCLASSEXTEND = "nativesdk" | ||