[gentoo-commits] repo/gentoo:master commit in: sys-libs/glibc/ - gentoo-commits

From:	"Andreas Hüttel" <dilfridge@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-libs/glibc/
Date:	Fri, 27 Oct 2017 23:30:42
Message-Id:	`1509147019.d93339d7f5bfe90901a8c6921d1c221b54c8302a.dilfridge@gentoo`

1

commit:     d93339d7f5bfe90901a8c6921d1c221b54c8302a

2

Author:     Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>

3

AuthorDate: Fri Oct 27 23:30:07 2017 +0000

4

Commit:     Andreas Hüttel <dilfridge <AT> gentoo <DOT> org>

5

CommitDate: Fri Oct 27 23:30:19 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d93339d7

7

8

sys-libs/glibc: Revision bump to 2.25 patchlevel 12, unkeyworded so far

9

10

Resolves CVE-2017-15670, CVE-2017-15804, CVE-2016-6261

11

12

Bug: https://bugs.gentoo.org/634920

13

Bug: https://bugs.gentoo.org/635010

14

Bug: https://bugs.gentoo.org/635118

15

Package-Manager: Portage-2.3.13, Repoman-2.3.4

16

17

 sys-libs/glibc/Manifest             |   1 +

18

 sys-libs/glibc/glibc-2.25-r9.ebuild | 154 ++++++++++++++++++++++++++++++++++++

19

 2 files changed, 155 insertions(+)

20

21

diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest

22

index 88147f03cd5..d47efc91130 100644

23

--- a/sys-libs/glibc/Manifest

24

+++ b/sys-libs/glibc/Manifest

25

@@ -17,6 +17,7 @@ DIST glibc-2.23.tar.xz 13455260 SHA256 94efeb00e4603c8546209cefb3e1a50a5315c86fa

26

 DIST glibc-2.24-patches-10.tar.bz2 73586 SHA256 d479033b63ff796fea56fb1bde390c442021acd856994b15c983b4a89e46fbbe SHA512 fc9191a85da53a2515bbaab228648936682e04267284049468e0c82284f618ab2907b9247baca701e16edc50640199ff6d8e2a6a93ccbd5a9d3b0eb73cc484ca WHIRLPOOL 7afe94307900a70de2f5e028d8ec9e0f4b06b661ec6493217e51a13d750f891e10b45c0f66d86fa83c16cc3ce539bb257039b33bc3e363469cd03502d956d75e

27

 DIST glibc-2.24.tar.xz 13554048 SHA256 99d4a3e8efd144d71488e478f62587578c0f4e1fa0b4eed47ee3d4975ebeb5d3 SHA512 a4cb28a2c51a0cc029ed69da7cba11931a615ba897235590b4f7fad2eaabec9042f8250eaac2a5860997437a69ab13304f10a634000e52c0336b5593b7969adb WHIRLPOOL be82b47fc73f7e780e8e73a5f58b313d8e861d5ea8c4320f95ef0d8c1e125ff011d61dcfc0380be0e83868bd8c3299de1ea662da7fc8d709050e89b2c126e3eb

28

 DIST glibc-2.25-patches-11.tar.bz2 64221 SHA256 38c76c844238a7bbaecc85b359e67af6a98a1614f3196f25d85f83dec4358e99 SHA512 cbbbca9653f55f0cb3b73c38c979cb439c87b172819f3e999d2b435d59cd2bef2c89f11a398300c53f447ad433ee87f47a0f3e890c78f8694705c788455325dd WHIRLPOOL e61203ac129d7283f3beda1421e1365da58c229bcb6b6a1f8b71755d9ea0e2bfb64b8be69ab7698861a593d4b98ab6163d574f3c215fba0a0d9e6a1b15d2eed5

29

+DIST glibc-2.25-patches-12.tar.bz2 65396 SHA256 60a8901ceab4066661285cdbf7559d3a1f66bf468c5c1a5ecdde7f8ead282d3e SHA512 6af8c304ba70b42dfda294873d9a138d6c98e7a46496e305b2cac99a085d1ad3d00315162d1e1458e651de95e158bd35be74406a3f44fde13182e30baa663fcb WHIRLPOOL 96684d379d65ca6e4da7d397d4b803e0b0516080223de86080d6bbf3cae6a17b9fc8922d6fc2071b3116f35136378d85eb6671c7d9f7cf0f2135b66d1573bb90

30

 DIST glibc-2.25.tar.xz 13873900 SHA256 067bd9bb3390e79aa45911537d13c3721f1d9d3769931a30c2681bfee66f23a0 SHA512 5b7a2418d5b8a1b6a907c6c7fb6477ee2a473151cb45e03d0d4cdd9a33497c90b1ee39e2e7e885e2b25743dcd3747336ef114b4a73eb001da1fd79f29e0f9a6e WHIRLPOOL dc2fafaa4a0e5581268338453838a03ed0c5e7a2af844e8fb7086ab8d3ae48efbdbe6f25db1d089ae669cd2f8b0412f690d965506753d86f8525da2df59b7953

31

 DIST glibc-2.26-patches-2.tar.bz2 68040 SHA256 c40f03059d389fd8b22b54f83c0a669c44a38ee84cc359cb86d8f6dbdd1b957f SHA512 2b54d6e33b29d5ee5e4d4b64f299bf15e22ece5ce6555dafe43fd97ec8a2d9ef0645075ff24dc593ec6f89e02caf40c25a72af93ecd11113fba77268ccf486e2 WHIRLPOOL 59c54cdd2e3e64091dd206ad6b5ff467eff6c0d7f8ef5ab11504a4e6cfe958f762b9de2fbe8b6004a9e19963520a84a493ccf03908a78ea0a452dbc28e0df1e5

32

 DIST glibc-2.26.tar.xz 14682748 SHA256 e54e0a934cd2bc94429be79da5e9385898d2306b9eaf3c92d5a77af96190f6bd SHA512 6ed368523bc55f00976f96c5177f114e3f714b27273d7bffc252812c8b98fb81970403c1f5b5f0a61da678811532fb446530745492d2b49bfefc0d5bd71ce8c0 WHIRLPOOL 9091c3bccc9b590de6b9595aa391ba01091f0c301bd9199d7c48fbeaeeb013ec9c683c68b65b59c5a69e3905b7f842cca1b0a410431967ecb3a1229b8535486f

33

34

diff --git a/sys-libs/glibc/glibc-2.25-r9.ebuild b/sys-libs/glibc/glibc-2.25-r9.ebuild

35

new file mode 100644

36

index 00000000000..89b790eb79c

37

--- /dev/null

38

+++ b/sys-libs/glibc/glibc-2.25-r9.ebuild

39

@@ -0,0 +1,154 @@

40

+# Copyright 1999-2017 Gentoo Foundation

41

+# Distributed under the terms of the GNU General Public License v2

42

+

43

+EAPI="5"

44

+

45

+inherit toolchain-glibc

46

+

47

+DESCRIPTION="GNU libc6 (also called glibc2) C library"

48

+HOMEPAGE="https://www.gnu.org/software/libc/libc.html"

49

+

50

+LICENSE="LGPL-2.1+ BSD HPND ISC inner-net rc PCRE"

51

+#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"

52

+KEYWORDS=""

53

+RESTRICT="strip" # strip ourself #46186

54

+EMULTILIB_PKG="true"

55

+

56

+# Configuration variables

57

+RELEASE_VER=""

58

+case ${PV} in

59

+9999*)

60

+	EGIT_REPO_URIS="git://sourceware.org/git/glibc.git"

61

+	EGIT_SOURCEDIRS="${S}"

62

+	inherit git-2

63

+	;;

64

+*)

65

+	RELEASE_VER=${PV}

66

+	;;

67

+esac

68

+GCC_BOOTSTRAP_VER="4.7.3-r1"

69

+# patches live at https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/src/patchsets/glibc/

70

+PATCH_VER="12"                                  # Gentoo patchset

71

+: ${NPTL_KERN_VER:="2.6.32"}                   # min kernel version nptl requires

72

+

73

+GLIBC_PATCH_EXCLUDE+=" 0005_all_sys-types.h-drop-sys-sysmacros.h-include.patch"

74

+

75

+IUSE="audit caps debug gd hardened multilib nscd +rpc selinux systemtap profile suid vanilla crosscompile_opts_headers-only"

76

+

77

+# Here's how the cross-compile logic breaks down ...

78

+#  CTARGET - machine that will target the binaries

79

+#  CHOST   - machine that will host the binaries

80

+#  CBUILD  - machine that will build the binaries

81

+# If CTARGET != CHOST, it means you want a libc for cross-compiling.

82

+# If CHOST != CBUILD, it means you want to cross-compile the libc.

83

+#  CBUILD = CHOST = CTARGET    - native build/install

84

+#  CBUILD != (CHOST = CTARGET) - cross-compile a native build

85

+#  (CBUILD = CHOST) != CTARGET - libc for cross-compiler

86

+#  CBUILD != CHOST != CTARGET  - cross-compile a libc for a cross-compiler

87

+# For install paths:

88

+#  CHOST = CTARGET  - install into /

89

+#  CHOST != CTARGET - install into /usr/CTARGET/

90

+

91

+export CBUILD=${CBUILD:-${CHOST}}

92

+export CTARGET=${CTARGET:-${CHOST}}

93

+if [[ ${CTARGET} == ${CHOST} ]] ; then

94

+	if [[ ${CATEGORY} == cross-* ]] ; then

95

+		export CTARGET=${CATEGORY#cross-}

96

+	fi

97

+fi

98

+

99

+is_crosscompile() {

100

+	[[ ${CHOST} != ${CTARGET} ]]

101

+}

102

+

103

+# Why SLOT 2.2 you ask yourself while sippin your tea ?

104

+# Everyone knows 2.2 > 0, duh.

105

+SLOT="2.2"

106

+

107

+# General: We need a new-enough binutils/gcc to match upstream baseline.

108

+# arch: we need to make sure our binutils/gcc supports TLS.

109

+COMMON_DEPEND="

110

+	nscd? ( selinux? (

111

+		audit? ( sys-process/audit )

112

+		caps? ( sys-libs/libcap )

113

+	) )

114

+	suid? ( caps? ( sys-libs/libcap ) )

115

+	selinux? ( sys-libs/libselinux )

116

+	systemtap? ( dev-util/systemtap )

117

+"

118

+DEPEND="${COMMON_DEPEND}

119

+	>=app-misc/pax-utils-0.1.10

120

+	!<sys-apps/sandbox-1.6

121

+	!<sys-apps/portage-2.1.2"

122

+RDEPEND="${COMMON_DEPEND}

123

+	!sys-kernel/ps3-sources

124

+	sys-apps/gentoo-functions

125

+	!sys-libs/nss-db"

126

+

127

+if [[ ${CATEGORY} == cross-* ]] ; then

128

+	DEPEND+=" !crosscompile_opts_headers-only? (

129

+		>=${CATEGORY}/binutils-2.24

130

+		>=${CATEGORY}/gcc-4.7

131

+	)"

132

+	[[ ${CATEGORY} == *-linux* ]] && DEPEND+=" ${CATEGORY}/linux-headers"

133

+else

134

+	DEPEND+="

135

+		>=sys-devel/binutils-2.24

136

+		>=sys-devel/gcc-4.7

137

+		virtual/os-headers"

138

+	RDEPEND+=" vanilla? ( !sys-libs/timezone-data )"

139

+	PDEPEND+=" !vanilla? ( sys-libs/timezone-data )"

140

+fi

141

+

142

+upstream_uris() {

143

+	echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1

144

+}

145

+gentoo_uris() {

146

+	local devspace="HTTP~vapier/dist/URI HTTP~dilfridge/distfiles/URI HTTP~tamiko/distfiles/URI HTTP~slyfox/distfiles/URI"

147

+	devspace=${devspace//HTTP/https://dev.gentoo.org/}

148

+	echo mirror://gentoo/$1 ${devspace//URI/$1}

149

+}

150

+SRC_URI=$(

151

+	[[ -z ${EGIT_REPO_URIS} ]] && upstream_uris ${P}.tar.xz

152

+	[[ -n ${PATCH_VER}      ]] && gentoo_uris ${P}-patches-${PATCH_VER}.tar.bz2

153

+)

154

+SRC_URI+=" ${GCC_BOOTSTRAP_VER:+multilib? ( $(gentoo_uris gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2) )}"

155

+

156

+src_unpack() {

157

+	[[ -n ${GCC_BOOTSTRAP_VER} ]] && use multilib && unpack gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2

158

+

159

+	toolchain-glibc_src_unpack

160

+}

161

+

162

+src_prepare() {

163

+	toolchain-glibc_src_prepare

164

+

165

+	cd "${S}"

166

+

167

+	epatch "${FILESDIR}"/2.19/${PN}-2.19-ia64-gcc-4.8-reloc-hack.patch #503838

168

+

169

+	if use hardened ; then

170

+		# We don't enable these for non-hardened as the output is very terse --

171

+		# it only states that a crash happened.  The default upstream behavior

172

+		# includes backtraces and symbols.

173

+		einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler"

174

+		cp "${FILESDIR}"/2.20/glibc-2.20-gentoo-stack_chk_fail.c debug/stack_chk_fail.c || die

175

+		cp "${FILESDIR}"/2.25/glibc-2.25-gentoo-chk_fail.c debug/chk_fail.c || die

176

+

177

+		if use debug ; then

178

+			# Allow SIGABRT to dump core on non-hardened systems, or when debug is requested.

179

+			sed -i \

180

+				-e '/^CFLAGS-backtrace.c/ iCPPFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \

181

+				-e '/^CFLAGS-backtrace.c/ iCPPFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \

182

+				debug/Makefile || die

183

+		fi

184

+	fi

185

+

186

+	case $(gcc-fullversion) in

187

+	4.8.[0-3]|4.9.0)

188

+		eerror "You need to switch to a newer compiler; gcc-4.8.[0-3] and gcc-4.9.0 miscompile"

189

+		eerror "glibc.  See https://bugs.gentoo.org/547420 for details."

190

+		die "need to switch compilers #547420"

191

+		;;

192

+	esac

193

+}

1	commit: d93339d7f5bfe90901a8c6921d1c221b54c8302a
2	Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
3	AuthorDate: Fri Oct 27 23:30:07 2017 +0000
4	Commit: Andreas Hüttel <dilfridge <AT> gentoo <DOT> org>
5	CommitDate: Fri Oct 27 23:30:19 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d93339d7
7
8	sys-libs/glibc: Revision bump to 2.25 patchlevel 12, unkeyworded so far
9
10	Resolves CVE-2017-15670, CVE-2017-15804, CVE-2016-6261
11
12	Bug: https://bugs.gentoo.org/634920
13	Bug: https://bugs.gentoo.org/635010
14	Bug: https://bugs.gentoo.org/635118
15	Package-Manager: Portage-2.3.13, Repoman-2.3.4
16
17	sys-libs/glibc/Manifest \| 1 +
18	sys-libs/glibc/glibc-2.25-r9.ebuild \| 154 ++++++++++++++++++++++++++++++++++++
19	2 files changed, 155 insertions(+)
20
21	diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest
22	index 88147f03cd5..d47efc91130 100644
23	--- a/sys-libs/glibc/Manifest
24	+++ b/sys-libs/glibc/Manifest
25	@@ -17,6 +17,7 @@ DIST glibc-2.23.tar.xz 13455260 SHA256 94efeb00e4603c8546209cefb3e1a50a5315c86fa
26	DIST glibc-2.24-patches-10.tar.bz2 73586 SHA256 d479033b63ff796fea56fb1bde390c442021acd856994b15c983b4a89e46fbbe SHA512 fc9191a85da53a2515bbaab228648936682e04267284049468e0c82284f618ab2907b9247baca701e16edc50640199ff6d8e2a6a93ccbd5a9d3b0eb73cc484ca WHIRLPOOL 7afe94307900a70de2f5e028d8ec9e0f4b06b661ec6493217e51a13d750f891e10b45c0f66d86fa83c16cc3ce539bb257039b33bc3e363469cd03502d956d75e
27	DIST glibc-2.24.tar.xz 13554048 SHA256 99d4a3e8efd144d71488e478f62587578c0f4e1fa0b4eed47ee3d4975ebeb5d3 SHA512 a4cb28a2c51a0cc029ed69da7cba11931a615ba897235590b4f7fad2eaabec9042f8250eaac2a5860997437a69ab13304f10a634000e52c0336b5593b7969adb WHIRLPOOL be82b47fc73f7e780e8e73a5f58b313d8e861d5ea8c4320f95ef0d8c1e125ff011d61dcfc0380be0e83868bd8c3299de1ea662da7fc8d709050e89b2c126e3eb
28	DIST glibc-2.25-patches-11.tar.bz2 64221 SHA256 38c76c844238a7bbaecc85b359e67af6a98a1614f3196f25d85f83dec4358e99 SHA512 cbbbca9653f55f0cb3b73c38c979cb439c87b172819f3e999d2b435d59cd2bef2c89f11a398300c53f447ad433ee87f47a0f3e890c78f8694705c788455325dd WHIRLPOOL e61203ac129d7283f3beda1421e1365da58c229bcb6b6a1f8b71755d9ea0e2bfb64b8be69ab7698861a593d4b98ab6163d574f3c215fba0a0d9e6a1b15d2eed5
29	+DIST glibc-2.25-patches-12.tar.bz2 65396 SHA256 60a8901ceab4066661285cdbf7559d3a1f66bf468c5c1a5ecdde7f8ead282d3e SHA512 6af8c304ba70b42dfda294873d9a138d6c98e7a46496e305b2cac99a085d1ad3d00315162d1e1458e651de95e158bd35be74406a3f44fde13182e30baa663fcb WHIRLPOOL 96684d379d65ca6e4da7d397d4b803e0b0516080223de86080d6bbf3cae6a17b9fc8922d6fc2071b3116f35136378d85eb6671c7d9f7cf0f2135b66d1573bb90
30	DIST glibc-2.25.tar.xz 13873900 SHA256 067bd9bb3390e79aa45911537d13c3721f1d9d3769931a30c2681bfee66f23a0 SHA512 5b7a2418d5b8a1b6a907c6c7fb6477ee2a473151cb45e03d0d4cdd9a33497c90b1ee39e2e7e885e2b25743dcd3747336ef114b4a73eb001da1fd79f29e0f9a6e WHIRLPOOL dc2fafaa4a0e5581268338453838a03ed0c5e7a2af844e8fb7086ab8d3ae48efbdbe6f25db1d089ae669cd2f8b0412f690d965506753d86f8525da2df59b7953
31	DIST glibc-2.26-patches-2.tar.bz2 68040 SHA256 c40f03059d389fd8b22b54f83c0a669c44a38ee84cc359cb86d8f6dbdd1b957f SHA512 2b54d6e33b29d5ee5e4d4b64f299bf15e22ece5ce6555dafe43fd97ec8a2d9ef0645075ff24dc593ec6f89e02caf40c25a72af93ecd11113fba77268ccf486e2 WHIRLPOOL 59c54cdd2e3e64091dd206ad6b5ff467eff6c0d7f8ef5ab11504a4e6cfe958f762b9de2fbe8b6004a9e19963520a84a493ccf03908a78ea0a452dbc28e0df1e5
32	DIST glibc-2.26.tar.xz 14682748 SHA256 e54e0a934cd2bc94429be79da5e9385898d2306b9eaf3c92d5a77af96190f6bd SHA512 6ed368523bc55f00976f96c5177f114e3f714b27273d7bffc252812c8b98fb81970403c1f5b5f0a61da678811532fb446530745492d2b49bfefc0d5bd71ce8c0 WHIRLPOOL 9091c3bccc9b590de6b9595aa391ba01091f0c301bd9199d7c48fbeaeeb013ec9c683c68b65b59c5a69e3905b7f842cca1b0a410431967ecb3a1229b8535486f
33
34	diff --git a/sys-libs/glibc/glibc-2.25-r9.ebuild b/sys-libs/glibc/glibc-2.25-r9.ebuild
35	new file mode 100644
36	index 00000000000..89b790eb79c
37	--- /dev/null
38	+++ b/sys-libs/glibc/glibc-2.25-r9.ebuild
39	@@ -0,0 +1,154 @@
40	+# Copyright 1999-2017 Gentoo Foundation
41	+# Distributed under the terms of the GNU General Public License v2
42	+
43	+EAPI="5"
44	+
45	+inherit toolchain-glibc
46	+
47	+DESCRIPTION="GNU libc6 (also called glibc2) C library"
48	+HOMEPAGE="https://www.gnu.org/software/libc/libc.html"
49	+
50	+LICENSE="LGPL-2.1+ BSD HPND ISC inner-net rc PCRE"
51	+#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
52	+KEYWORDS=""
53	+RESTRICT="strip" # strip ourself #46186
54	+EMULTILIB_PKG="true"
55	+
56	+# Configuration variables
57	+RELEASE_VER=""
58	+case ${PV} in
59	+9999*)
60	+ EGIT_REPO_URIS="git://sourceware.org/git/glibc.git"
61	+ EGIT_SOURCEDIRS="${S}"
62	+ inherit git-2
63	+ ;;
64	+*)
65	+ RELEASE_VER=${PV}
66	+ ;;
67	+esac
68	+GCC_BOOTSTRAP_VER="4.7.3-r1"
69	+# patches live at https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/src/patchsets/glibc/
70	+PATCH_VER="12" # Gentoo patchset
71	+: ${NPTL_KERN_VER:="2.6.32"} # min kernel version nptl requires
72	+
73	+GLIBC_PATCH_EXCLUDE+=" 0005_all_sys-types.h-drop-sys-sysmacros.h-include.patch"
74	+
75	+IUSE="audit caps debug gd hardened multilib nscd +rpc selinux systemtap profile suid vanilla crosscompile_opts_headers-only"
76	+
77	+# Here's how the cross-compile logic breaks down ...
78	+# CTARGET - machine that will target the binaries
79	+# CHOST - machine that will host the binaries
80	+# CBUILD - machine that will build the binaries
81	+# If CTARGET != CHOST, it means you want a libc for cross-compiling.
82	+# If CHOST != CBUILD, it means you want to cross-compile the libc.
83	+# CBUILD = CHOST = CTARGET - native build/install
84	+# CBUILD != (CHOST = CTARGET) - cross-compile a native build
85	+# (CBUILD = CHOST) != CTARGET - libc for cross-compiler
86	+# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler
87	+# For install paths:
88	+# CHOST = CTARGET - install into /
89	+# CHOST != CTARGET - install into /usr/CTARGET/
90	+
91	+export CBUILD=${CBUILD:-${CHOST}}
92	+export CTARGET=${CTARGET:-${CHOST}}
93	+if [[ ${CTARGET} == ${CHOST} ]] ; then
94	+ if [[ ${CATEGORY} == cross-* ]] ; then
95	+ export CTARGET=${CATEGORY#cross-}
96	+ fi
97	+fi
98	+
99	+is_crosscompile() {
100	+ [[ ${CHOST} != ${CTARGET} ]]
101	+}
102	+
103	+# Why SLOT 2.2 you ask yourself while sippin your tea ?
104	+# Everyone knows 2.2 > 0, duh.
105	+SLOT="2.2"
106	+
107	+# General: We need a new-enough binutils/gcc to match upstream baseline.
108	+# arch: we need to make sure our binutils/gcc supports TLS.
109	+COMMON_DEPEND="
110	+ nscd? ( selinux? (
111	+ audit? ( sys-process/audit )
112	+ caps? ( sys-libs/libcap )
113	+ ) )
114	+ suid? ( caps? ( sys-libs/libcap ) )
115	+ selinux? ( sys-libs/libselinux )
116	+ systemtap? ( dev-util/systemtap )
117	+"
118	+DEPEND="${COMMON_DEPEND}
119	+ >=app-misc/pax-utils-0.1.10
120	+ !<sys-apps/sandbox-1.6
121	+ !<sys-apps/portage-2.1.2"
122	+RDEPEND="${COMMON_DEPEND}
123	+ !sys-kernel/ps3-sources
124	+ sys-apps/gentoo-functions
125	+ !sys-libs/nss-db"
126	+
127	+if [[ ${CATEGORY} == cross-* ]] ; then
128	+ DEPEND+=" !crosscompile_opts_headers-only? (
129	+ >=${CATEGORY}/binutils-2.24
130	+ >=${CATEGORY}/gcc-4.7
131	+ )"
132	+ [[ ${CATEGORY} == -linux ]] && DEPEND+=" ${CATEGORY}/linux-headers"
133	+else
134	+ DEPEND+="
135	+ >=sys-devel/binutils-2.24
136	+ >=sys-devel/gcc-4.7
137	+ virtual/os-headers"
138	+ RDEPEND+=" vanilla? ( !sys-libs/timezone-data )"
139	+ PDEPEND+=" !vanilla? ( sys-libs/timezone-data )"
140	+fi
141	+
142	+upstream_uris() {
143	+ echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1
144	+}
145	+gentoo_uris() {
146	+ local devspace="HTTP~vapier/dist/URI HTTP~dilfridge/distfiles/URI HTTP~tamiko/distfiles/URI HTTP~slyfox/distfiles/URI"
147	+ devspace=${devspace//HTTP/https://dev.gentoo.org/}
148	+ echo mirror://gentoo/$1 ${devspace//URI/$1}
149	+}
150	+SRC_URI=$(
151	+ [[ -z ${EGIT_REPO_URIS} ]] && upstream_uris ${P}.tar.xz
152	+ [[ -n ${PATCH_VER} ]] && gentoo_uris ${P}-patches-${PATCH_VER}.tar.bz2
153	+)
154	+SRC_URI+=" ${GCC_BOOTSTRAP_VER:+multilib? ( $(gentoo_uris gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2) )}"
155	+
156	+src_unpack() {
157	+ [[ -n ${GCC_BOOTSTRAP_VER} ]] && use multilib && unpack gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2
158	+
159	+ toolchain-glibc_src_unpack
160	+}
161	+
162	+src_prepare() {
163	+ toolchain-glibc_src_prepare
164	+
165	+ cd "${S}"
166	+
167	+ epatch "${FILESDIR}"/2.19/${PN}-2.19-ia64-gcc-4.8-reloc-hack.patch #503838
168	+
169	+ if use hardened ; then
170	+ # We don't enable these for non-hardened as the output is very terse --
171	+ # it only states that a crash happened. The default upstream behavior
172	+ # includes backtraces and symbols.
173	+ einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler"
174	+ cp "${FILESDIR}"/2.20/glibc-2.20-gentoo-stack_chk_fail.c debug/stack_chk_fail.c \|\| die
175	+ cp "${FILESDIR}"/2.25/glibc-2.25-gentoo-chk_fail.c debug/chk_fail.c \|\| die
176	+
177	+ if use debug ; then
178	+ # Allow SIGABRT to dump core on non-hardened systems, or when debug is requested.
179	+ sed -i \
180	+ -e '/^CFLAGS-backtrace.c/ iCPPFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
181	+ -e '/^CFLAGS-backtrace.c/ iCPPFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
182	+ debug/Makefile \|\| die
183	+ fi
184	+ fi
185	+
186	+ case $(gcc-fullversion) in
187	+ 4.8.[0-3]\|4.9.0)
188	+ eerror "You need to switch to a newer compiler; gcc-4.8.[0-3] and gcc-4.9.0 miscompile"
189	+ eerror "glibc. See https://bugs.gentoo.org/547420 for details."
190	+ die "need to switch compilers #547420"
191	+ ;;
192	+ esac
193	+}

Gentoo Archives: gentoo-commits