From ad454e026632604fd344147639e0b69ee10f11b7 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 30 Apr 2021 14:52:51 -0700 Subject: glibc: Upgrade to 2.34 release bump localedef to get __attr_access_none and __attr_access definitions replace /bin/bash instead of @BASH@ in ldd as @BASH@ has been substituted with /bin/bash now package libc_malloc_debug.so.0 Detailed changelog [1] [1] https://sourceware.org/pipermail/libc-alpha/2021-August/129718.html (From OE-Core rev: af4e1306a78cf8c508dd911f02c103af81bc1af5) Signed-off-by: Khem Raj Signed-off-by: Richard Purdie --- .../recipes-core/glibc/glibc/faccessat2-perm.patch | 31 ---------------------- 1 file changed, 31 deletions(-) delete mode 100644 meta/recipes-core/glibc/glibc/faccessat2-perm.patch (limited to 'meta/recipes-core/glibc/glibc/faccessat2-perm.patch') diff --git a/meta/recipes-core/glibc/glibc/faccessat2-perm.patch b/meta/recipes-core/glibc/glibc/faccessat2-perm.patch deleted file mode 100644 index 2ee7110ca1..0000000000 --- a/meta/recipes-core/glibc/glibc/faccessat2-perm.patch +++ /dev/null @@ -1,31 +0,0 @@ -Older seccomp-based filters used in container frameworks will block faccessat2 -calls as it's a relatively new syscall. This isn't a big problem with -glibc <2.33 but 2.33 will call faccessat2 itself, get EPERM, and thenn be confused -about what to do as EPERM isn't an expected error code. - -This manifests itself as mysterious errors, for example a kernel failing to link. - -The root cause of bad seccomp filters is mostly fixed (systemd 247, Docker 20.10.0) -but we can't expect everyone to upgrade, so add a workaound (originally from -Red Hat) to handle EPERM like ENOSYS and fallback to faccessat(). - -Upstream-Status: Inappropriate -Signed-off-by: Ross Burton - -diff --git a/sysdeps/unix/sysv/linux/faccessat.c b/sysdeps/unix/sysv/linux/faccessat.c -index 56cb6dcc8b4d58d3..5de75032bbc93a2c 100644 ---- a/sysdeps/unix/sysv/linux/faccessat.c -+++ b/sysdeps/unix/sysv/linux/faccessat.c -@@ -34,7 +34,11 @@ faccessat (int fd, const char *file, int mode, int flag) - #if __ASSUME_FACCESSAT2 - return ret; - #else -- if (ret == 0 || errno != ENOSYS) -+ /* Fedora-specific workaround: -+ As a workround for a broken systemd-nspawn that returns -+ EPERM when a syscall is not allowed instead of ENOSYS -+ we must check for EPERM here and fall back to faccessat. */ -+ if (ret == 0 || !(errno == ENOSYS || errno == EPERM)) - return ret; - - if (flag & ~(AT_SYMLINK_NOFOLLOW | AT_EACCESS)) -- cgit v1.2.3-54-g00ecf