glibc: Upgrade to 2.34 release

bump localedef to get __attr_access_none and __attr_access definitions replace /bin/bash instead of @BASH@ in ldd as @BASH@ has been substituted with /bin/bash now package libc_malloc_debug.so.0 Detailed changelog [1] [1] https://sourceware.org/pipermail/libc-alpha/2021-August/129718.html (From OE-Core rev: af4e1306a78cf8c508dd911f02c103af81bc1af5) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Khem Raj <raj.khem@gmail.com> 2021-04-30 14:52:51 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-08-12 06:26:15 +0100
commit: ad454e026632604fd344147639e0b69ee10f11b7 (patch)
tree: c8dd131239fc25bffa081c119ed34c57557b5300 /meta/recipes-core/glibc/glibc_2.34.bb
parent: 77ce05bd36cf71db9a2cc5b0ebffde7bd11c20f3 (diff)
download: poky-ad454e026632604fd344147639e0b69ee10f11b7.tar.gz
1 files changed, 132 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.34.bb b/meta/recipes-core/glibc/glibc_2.34.bb
new file mode 100644
index 0000000000..7ad59115b7
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc_2.34.bb
@@ -0,0 +1,132 @@
+require glibc.inc
+require glibc-version.inc
+CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2021-27645"
+# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
+# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023
+# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024
+# Upstream glibc maintainers dispute there is any issue and have no plans to address it further.
+# "this is being treated as a non-security bug and no real threat."
+CVE_CHECK_WHITELIST += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024"
+# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025
+# Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow
+# easier access for another. "ASLR bypass itself is not a vulnerability."
+# Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853
+CVE_CHECK_WHITELIST += "CVE-2019-1010025"
+DEPENDS += "gperf-native bison-native make-native"
+NATIVESDKFIXES ?= ""
+NATIVESDKFIXES:class-nativesdk = "\
+           file://0003-nativesdk-glibc-Look-for-host-system-ld.so.cache-as-.patch \
+           file://0004-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch \
+           file://0005-nativesdk-glibc-Raise-the-size-of-arrays-containing-.patch \
+           file://0006-nativesdk-glibc-Allow-64-bit-atomics-for-x86.patch \
+           file://0007-nativesdk-glibc-Make-relocatable-install-for-locales.patch \
+           file://0008-nativesdk-glibc-Fall-back-to-faccessat-on-faccess2-r.patch \
+"
+SRC_URI =  "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
+           file://etc/ld.so.conf \
+           file://generate-supported.mk \
+           file://makedbs.sh \
+           \
+           ${NATIVESDKFIXES} \
+           file://0009-fsl-e500-e5500-e6500-603e-fsqrt-implementation.patch \
+           file://0010-ppc-sqrt-Fix-undefined-reference-to-__sqrt_finite.patch \
+           file://0011-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \
+           file://0012-Quote-from-bug-1443-which-explains-what-the-patch-do.patch \
+           file://0013-eglibc-run-libm-err-tab.pl-with-specific-dirs-in-S.patch \
+           file://0014-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \
+           file://0015-sysdeps-gnu-configure.ac-handle-correctly-libc_cv_ro.patch \
+           file://0016-yes-within-the-path-sets-wrong-config-variables.patch \
+           file://0017-timezone-re-written-tzselect-as-posix-sh.patch \
+           file://0018-Remove-bash-dependency-for-nscd-init-script.patch \
+           file://0019-eglibc-Cross-building-and-testing-instructions.patch \
+           file://0020-eglibc-Help-bootstrap-cross-toolchain.patch \
+           file://0021-eglibc-Resolve-__fpscr_values-on-SH4.patch \
+           file://0022-eglibc-Forward-port-cross-locale-generation-support.patch \
+           file://0023-Define-DUMMY_LOCALE_T-if-not-defined.patch \
+           file://0024-localedef-add-to-archive-uses-a-hard-coded-locale-pa.patch \
+           file://0025-elf-dl-deps.c-Make-_dl_build_local_scope-breadth-fir.patch \
+           file://0026-intl-Emit-no-lines-in-bison-generated-files.patch \
+           file://0027-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \
+           file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
+           file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
+           file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
+           "
+S = "${WORKDIR}/git"
+B = "${WORKDIR}/build-${TARGET_SYS}"
+PACKAGES_DYNAMIC = ""
+# the -isystem in bitbake.conf screws up glibc do_stage
+BUILD_CPPFLAGS = "-I${STAGING_INCDIR_NATIVE}"
+TARGET_CPPFLAGS = "-I${STAGING_DIR_TARGET}${includedir}"
+GLIBC_BROKEN_LOCALES = ""
+GLIBCPIE ??= ""
+EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \
+                --disable-profile \
+                --disable-debug --without-gd \
+                --enable-clocale=gnu \
+                --with-headers=${STAGING_INCDIR} \
+                --without-selinux \
+                --enable-tunables \
+                --enable-bind-now \
+                --enable-stack-protector=strong \
+                --enable-stackguard-randomization \
+                --disable-crypt \
+                --with-default-link \
+                ${@bb.utils.contains_any('SELECTED_OPTIMIZATION', '-O0 -Og', '--disable-werror', '', d)} \
+                ${GLIBCPIE} \
+                ${GLIBC_EXTRA_OECONF}"
+EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}"
+EXTRA_OECONF:append:x86 = " --enable-cet"
+EXTRA_OECONF:append:x86-64 = " --enable-cet"
+PACKAGECONFIG ??= "nscd memory-tagging"
+PACKAGECONFIG[nscd] = "--enable-nscd,--disable-nscd"
+PACKAGECONFIG[memory-tagging] = "--enable-memory-tagging,--disable-memory-tagging"
+do_patch:append() {
+    bb.build.exec_func('do_fix_readlib_c', d)
+}
+do_fix_readlib_c () {
+        sed -i -e 's#OECORE_KNOWN_INTERPRETER_NAMES#${EGLIBC_KNOWN_INTERPRETER_NAMES}#' ${S}/elf/readlib.c
+}
+do_configure () {
+# override this function to avoid the autoconf/automake/aclocal/autoheader
+# calls for now
+# don't pass CPPFLAGS into configure, since it upsets the kernel-headers
+# version check and doesn't really help with anything
+        (cd ${S} && gnu-configize) || die "failure in running gnu-configize"
+        find ${S} -name "configure" | xargs touch
+        CPPFLAGS="" oe_runconf
+}
+LDFLAGS += "-fuse-ld=bfd"
+do_compile () {
+        base_do_compile
+        echo "Adjust ldd script"
+        if [ -n "${RTLDLIST}" ]
+        then
+                prevrtld=`cat ${B}/elf/ldd | grep "^RTLDLIST=" | sed 's#^RTLDLIST="\?\([^"]*\)"\?$#\1#'`
+                # remove duplicate entries
+                newrtld=`echo $(printf '%s\n' ${prevrtld} ${RTLDLIST} | LC_ALL=C sort -u)`
+                echo "ldd \"${prevrtld} ${RTLDLIST}\" -> \"${newrtld}\""
+                sed -i ${B}/elf/ldd -e "s#^RTLDLIST=.*\$#RTLDLIST=\"${newrtld}\"#"
+        fi
+}
+require glibc-package.inc
+BBCLASSEXTEND = "nativesdk"
author	Khem Raj <raj.khem@gmail.com>	2021-04-30 14:52:51 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-08-12 06:26:15 +0100
commit	ad454e026632604fd344147639e0b69ee10f11b7 (patch)
tree	c8dd131239fc25bffa081c119ed34c57557b5300 /meta/recipes-core/glibc/glibc_2.34.bb
parent	77ce05bd36cf71db9a2cc5b0ebffde7bd11c20f3 (diff)
download	poky-ad454e026632604fd344147639e0b69ee10f11b7.tar.gz

diff --git a/meta/recipes-core/glibc/glibc_2.34.bb b/meta/recipes-core/glibc/glibc_2.34.bb new file mode 100644 index 0000000000..7ad59115b7 --- /dev/null +++ b/meta/recipes-core/glibc/glibc_2.34.bb
@@ -0,0 +1,132 @@
	1	require glibc.inc
	2	require glibc-version.inc
	3
	4	CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2021-27645"
	5
	6	# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
	7	# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023
	8	# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024
	9	# Upstream glibc maintainers dispute there is any issue and have no plans to address it further.
	10	# "this is being treated as a non-security bug and no real threat."
	11	CVE_CHECK_WHITELIST += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024"
	12
	13	# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025
	14	# Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow
	15	# easier access for another. "ASLR bypass itself is not a vulnerability."
	16	# Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853
	17	CVE_CHECK_WHITELIST += "CVE-2019-1010025"
	18
	19	DEPENDS += "gperf-native bison-native make-native"
	20
	21	NATIVESDKFIXES ?= ""
	22	NATIVESDKFIXES:class-nativesdk = "\
	23	file://0003-nativesdk-glibc-Look-for-host-system-ld.so.cache-as-.patch \
	24	file://0004-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch \
	25	file://0005-nativesdk-glibc-Raise-the-size-of-arrays-containing-.patch \
	26	file://0006-nativesdk-glibc-Allow-64-bit-atomics-for-x86.patch \
	27	file://0007-nativesdk-glibc-Make-relocatable-install-for-locales.patch \
	28	file://0008-nativesdk-glibc-Fall-back-to-faccessat-on-faccess2-r.patch \
	29	"
	30
	31	SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
	32	file://etc/ld.so.conf \
	33	file://generate-supported.mk \
	34	file://makedbs.sh \
	35	\
	36	${NATIVESDKFIXES} \
	37	file://0009-fsl-e500-e5500-e6500-603e-fsqrt-implementation.patch \
	38	file://0010-ppc-sqrt-Fix-undefined-reference-to-__sqrt_finite.patch \
	39	file://0011-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \
	40	file://0012-Quote-from-bug-1443-which-explains-what-the-patch-do.patch \
	41	file://0013-eglibc-run-libm-err-tab.pl-with-specific-dirs-in-S.patch \
	42	file://0014-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \
	43	file://0015-sysdeps-gnu-configure.ac-handle-correctly-libc_cv_ro.patch \
	44	file://0016-yes-within-the-path-sets-wrong-config-variables.patch \
	45	file://0017-timezone-re-written-tzselect-as-posix-sh.patch \
	46	file://0018-Remove-bash-dependency-for-nscd-init-script.patch \
	47	file://0019-eglibc-Cross-building-and-testing-instructions.patch \
	48	file://0020-eglibc-Help-bootstrap-cross-toolchain.patch \
	49	file://0021-eglibc-Resolve-__fpscr_values-on-SH4.patch \
	50	file://0022-eglibc-Forward-port-cross-locale-generation-support.patch \
	51	file://0023-Define-DUMMY_LOCALE_T-if-not-defined.patch \
	52	file://0024-localedef-add-to-archive-uses-a-hard-coded-locale-pa.patch \
	53	file://0025-elf-dl-deps.c-Make-_dl_build_local_scope-breadth-fir.patch \
	54	file://0026-intl-Emit-no-lines-in-bison-generated-files.patch \
	55	file://0027-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \
	56	file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
	57	file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
	58	file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
	59	"
	60	S = "${WORKDIR}/git"
	61	B = "${WORKDIR}/build-${TARGET_SYS}"
	62
	63	PACKAGES_DYNAMIC = ""
	64
	65	# the -isystem in bitbake.conf screws up glibc do_stage
	66	BUILD_CPPFLAGS = "-I${STAGING_INCDIR_NATIVE}"
	67	TARGET_CPPFLAGS = "-I${STAGING_DIR_TARGET}${includedir}"
	68
	69	GLIBC_BROKEN_LOCALES = ""
	70
	71	GLIBCPIE ??= ""
	72
	73	EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \
	74	--disable-profile \
	75	--disable-debug --without-gd \
	76	--enable-clocale=gnu \
	77	--with-headers=${STAGING_INCDIR} \
	78	--without-selinux \
	79	--enable-tunables \
	80	--enable-bind-now \
	81	--enable-stack-protector=strong \
	82	--enable-stackguard-randomization \
	83	--disable-crypt \
	84	--with-default-link \
	85	${@bb.utils.contains_any('SELECTED_OPTIMIZATION', '-O0 -Og', '--disable-werror', '', d)} \
	86	${GLIBCPIE} \
	87	${GLIBC_EXTRA_OECONF}"
	88
	89	EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}"
	90
	91	EXTRA_OECONF:append:x86 = " --enable-cet"
	92	EXTRA_OECONF:append:x86-64 = " --enable-cet"
	93
	94	PACKAGECONFIG ??= "nscd memory-tagging"
	95	PACKAGECONFIG[nscd] = "--enable-nscd,--disable-nscd"
	96	PACKAGECONFIG[memory-tagging] = "--enable-memory-tagging,--disable-memory-tagging"
	97
	98	do_patch:append() {
	99	bb.build.exec_func('do_fix_readlib_c', d)
	100	}
	101
	102	do_fix_readlib_c () {
	103	sed -i -e 's#OECORE_KNOWN_INTERPRETER_NAMES#${EGLIBC_KNOWN_INTERPRETER_NAMES}#' ${S}/elf/readlib.c
	104	}
	105
	106	do_configure () {
	107	# override this function to avoid the autoconf/automake/aclocal/autoheader
	108	# calls for now
	109	# don't pass CPPFLAGS into configure, since it upsets the kernel-headers
	110	# version check and doesn't really help with anything
	111	(cd ${S} && gnu-configize) \|\| die "failure in running gnu-configize"
	112	find ${S} -name "configure" \| xargs touch
	113	CPPFLAGS="" oe_runconf
	114	}
	115
	116	LDFLAGS += "-fuse-ld=bfd"
	117	do_compile () {
	118	base_do_compile
	119	echo "Adjust ldd script"
	120	if [ -n "${RTLDLIST}" ]
	121	then
	122	prevrtld=`cat ${B}/elf/ldd \| grep "^RTLDLIST=" \| sed 's#^RTLDLIST="\?\([^"]*\)"\?$#\1#'`
	123	# remove duplicate entries
	124	newrtld=`echo $(printf '%s\n' ${prevrtld} ${RTLDLIST} \| LC_ALL=C sort -u)`
	125	echo "ldd \"${prevrtld} ${RTLDLIST}\" -> \"${newrtld}\""
	126	sed -i ${B}/elf/ldd -e "s#^RTLDLIST=.*\$#RTLDLIST=\"${newrtld}\"#"
	127	fi
	128	}
	129
	130	require glibc-package.inc
	131
	132	BBCLASSEXTEND = "nativesdk"