1 |
commit: 1115b22539a40f78cf79a1aa70496fd84d909c00 |
2 |
Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Apr 11 20:53:02 2019 +0000 |
4 |
Commit: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Apr 11 20:53:20 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1115b225 |
7 |
|
8 |
sys-libs/glibc: Remove old |
9 |
|
10 |
Package-Manager: Portage-2.3.62, Repoman-2.3.12 |
11 |
Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org> |
12 |
|
13 |
sys-libs/glibc/Manifest | 2 - |
14 |
.../glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c | 315 -------------------- |
15 |
.../glibc-2.10-hardened-configure-picdefault.patch | 30 -- |
16 |
.../glibc-2.10-hardened-inittls-nosysenter.patch | 274 ------------------ |
17 |
.../glibc/files/2.17/glibc-2.17-hardened-pie.patch | 42 --- |
18 |
.../glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c | 314 -------------------- |
19 |
.../files/2.18/glibc-2.18-gentoo-stack_chk_fail.c | 322 --------------------- |
20 |
.../glibc-2.18-hardened-inittls-nosysenter.patch | 277 ------------------ |
21 |
.../glibc/files/2.20/glibc-2.20-gentoo-chk_fail.c | 299 ------------------- |
22 |
.../files/2.20/glibc-2.20-gentoo-stack_chk_fail.c | 2 - |
23 |
.../glibc-2.20-hardened-inittls-nosysenter.patch | 306 -------------------- |
24 |
sys-libs/glibc/glibc-2.21-r2.ebuild | 149 ---------- |
25 |
12 files changed, 2332 deletions(-) |
26 |
|
27 |
diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest |
28 |
index 94189ff713a..49cc077e29f 100644 |
29 |
--- a/sys-libs/glibc/Manifest |
30 |
+++ b/sys-libs/glibc/Manifest |
31 |
@@ -2,8 +2,6 @@ DIST gcc-4.7.3-r1-multilib-bootstrap.tar.bz2 8064097 BLAKE2B 3cc5c82cd57d0fbd26d |
32 |
DIST gcc-multilib-bootstrap-20180511.tar.xz 2392908 BLAKE2B f3cf614399368acd8908f60d894c6344a2fa09383b30c1633a0682bc668367c8a2f8c6fec2d41b6e2178d709a2bd8db57e8b2ab56ba263c7d56f819c15acd061 SHA512 98c766e913693ab42ff790557acde2a36a8001e2648046a685b21964200df8d4d52d8452d499c0068c6648284d086ce062c2d36e2c6c2fd8aacd232d193f2853 |
33 |
DIST glibc-2.19-patches-9.tar.bz2 24584 BLAKE2B a96e930a5bd20fa75d9f259cc2117fa5ce98072274a24a5823bf877e3739fa4c001a94d7865e065ee0527f3974430d27da8038e042340a451ad2052c62724f26 SHA512 a95b3063ade974a3556480b798b317d33c7423a8cb9e69f67249ffb8b3d3c671d70d2d5f782c1efadc0bec4cc49a96d4fe89911f3dfcd85b459f69f3b4f38f0e |
34 |
DIST glibc-2.19.tar.xz 12083312 BLAKE2B 9dc03346e0f0df4bf009a92d894b0a9f964ff92b7f4c9663cedf1cb6cf90435f28a15539d33791ecf43ee578fa4e26f916af0367651312ef8f9c1c38ce0dafa2 SHA512 9e021fcb3afbb9ace2a0e37fded231a62de861bd766e29d47163a03182e37add718b7acc3963d1c525f9556773e842297725715acde48dcfbaab6e756af1a23d |
35 |
-DIST glibc-2.21-patches-7.tar.bz2 46894 BLAKE2B 5a15a3a5ca515351d5d41baaa59ae6b6d1c353f1500c3b8dcd6da895119c89afee9ef6afaa1e7d617f2cf7b7504635e5733429f65847acaa63c0a7bf8233ee9c SHA512 e4cca3d753c0b9d213c0ed85e3d08cbbf6517862b3a48af987e010abaf5a022b47330040ced183d30b5b934de7587e97b4342e51a6df3d5cfa768bdd8b43b756 |
36 |
-DIST glibc-2.21.tar.xz 12322092 BLAKE2B 1ce2be09787138262b59b56235e20777459e99861c65694b96f63d7faf24da8655882dd23b39c28a8a2d338c50710f76e1e4dc39a3f4ce9736ef2cbf7f99ed5b SHA512 8cded6693618bec115f678fcbd0b77556f97dfa8337608f66e37224aefa55b38765ba61cb4d58beea37b5934e5ec8e30bad58613707388484906f2a0ce77997d |
37 |
DIST glibc-2.22-patches-13.tar.bz2 74479 BLAKE2B 1ab31614e8334508a63c842f503a395ff3ebeaa33d1890eab1d9e2985cb39064960053f2bbf99ec3bdec0ba5a80d259ca6b964fcaed9d99dcb6da84ddb8dd364 SHA512 73517fc1502b0733d67ade1d1ba6168415f5da64f37045fac0b10ef57155bf6dfbe1876e4742d2543fcea0c935c179426f6fbb94f0205968392ef903d2f83897 |
38 |
DIST glibc-2.22.tar.xz 12969072 BLAKE2B 36a2e08cf4c5c9396c414fcf5cf5f32d0a78a61e06a1309fbc5f560bed7a7f25a084f5f5c1097014d0911239c710ac9c06f6b6d603238b9c928dd286ebd05bbf SHA512 a8719f3a4f8aa5fa81711116fdafbea5082c6dfd85bd8c4cdce60571910263ab422b35bb8b55a84d37ccb146442133ba60a84d453ca4a439c8ccd35419bd051b |
39 |
DIST glibc-2.23-patches-8.tar.bz2 304199 BLAKE2B 693e40090dbe43f0e9c1faa0bce75e43d5d3924b40c141f9d00ef147fd285b03e2c3bab6a32d1bf6978ca139c3f071f685d5caf1bffb1cce7e1d1f3c346e5c50 SHA512 470814bbbd9d4ee5fa2dd7570a2e14b0229723e373e801472856fd6c2f089499eddc300f69b49af8ba0edbdca583ee3ca521fdb5c642509717cafea0ad925fd2 |
40 |
|
41 |
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c b/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c |
42 |
deleted file mode 100644 |
43 |
index 37711e8aacb..00000000000 |
44 |
--- a/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c |
45 |
+++ /dev/null |
46 |
@@ -1,315 +0,0 @@ |
47 |
-/* Copyright (C) 2004, 2005 Free Software Foundation, Inc. |
48 |
- This file is part of the GNU C Library. |
49 |
- |
50 |
- The GNU C Library is free software; you can redistribute it and/or |
51 |
- modify it under the terms of the GNU Lesser General Public |
52 |
- License as published by the Free Software Foundation; either |
53 |
- version 2.1 of the License, or (at your option) any later version. |
54 |
- |
55 |
- The GNU C Library is distributed in the hope that it will be useful, |
56 |
- but WITHOUT ANY WARRANTY; without even the implied warranty of |
57 |
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
58 |
- Lesser General Public License for more details. |
59 |
- |
60 |
- You should have received a copy of the GNU Lesser General Public |
61 |
- License along with the GNU C Library; if not, write to the Free |
62 |
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA |
63 |
- 02111-1307 USA. */ |
64 |
- |
65 |
-/* Copyright (C) 2006-2008 Gentoo Foundation Inc. |
66 |
- * License terms as above. |
67 |
- * |
68 |
- * Hardened Gentoo SSP and FORTIFY handler |
69 |
- * |
70 |
- * An SSP failure handler that does not use functions from the rest of |
71 |
- * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures |
72 |
- * no possibility of recursion into the handler. |
73 |
- * |
74 |
- * Direct all bug reports to http://bugs.gentoo.org/ |
75 |
- * |
76 |
- * Re-written from the glibc-2.3 Hardened Gentoo SSP handler |
77 |
- * by Kevin F. Quinn - <kevquinn[@]gentoo.org> |
78 |
- * |
79 |
- * The following people contributed to the glibc-2.3 Hardened |
80 |
- * Gentoo SSP and FORTIFY handler, from which this implementation draws much: |
81 |
- * |
82 |
- * Ned Ludd - <solar[@]gentoo.org> |
83 |
- * Alexander Gabert - <pappy[@]gentoo.org> |
84 |
- * The PaX Team - <pageexec[@]freemail.hu> |
85 |
- * Peter S. Mazinger - <ps.m[@]gmx.net> |
86 |
- * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> |
87 |
- * Robert Connolly - <robert[@]linuxfromscratch.org> |
88 |
- * Cory Visi <cory[@]visi.name> |
89 |
- * Mike Frysinger <vapier[@]gentoo.org> |
90 |
- * Magnus Granberg <zorry[@]ume.nu> |
91 |
- */ |
92 |
- |
93 |
-#include <stdio.h> |
94 |
-#include <stdlib.h> |
95 |
-#include <errno.h> |
96 |
-#include <unistd.h> |
97 |
-#include <signal.h> |
98 |
- |
99 |
-#include <sys/types.h> |
100 |
- |
101 |
-#include <sysdep-cancel.h> |
102 |
-#include <sys/syscall.h> |
103 |
-#include <bp-checks.h> |
104 |
- |
105 |
-#include <kernel-features.h> |
106 |
- |
107 |
-#include <alloca.h> |
108 |
-/* from sysdeps */ |
109 |
-#include <socketcall.h> |
110 |
-/* for the stuff in bits/socket.h */ |
111 |
-#include <sys/socket.h> |
112 |
-#include <sys/un.h> |
113 |
- |
114 |
-/* Sanity check on SYSCALL macro names - force compilation |
115 |
- * failure if the names used here do not exist |
116 |
- */ |
117 |
-#if !defined __NR_socketcall && !defined __NR_socket |
118 |
-# error Cannot do syscall socket or socketcall |
119 |
-#endif |
120 |
-#if !defined __NR_socketcall && !defined __NR_connect |
121 |
-# error Cannot do syscall connect or socketcall |
122 |
-#endif |
123 |
-#ifndef __NR_write |
124 |
-# error Cannot do syscall write |
125 |
-#endif |
126 |
-#ifndef __NR_close |
127 |
-# error Cannot do syscall close |
128 |
-#endif |
129 |
-#ifndef __NR_getpid |
130 |
-# error Cannot do syscall getpid |
131 |
-#endif |
132 |
-#ifndef __NR_kill |
133 |
-# error Cannot do syscall kill |
134 |
-#endif |
135 |
-#ifndef __NR_exit |
136 |
-# error Cannot do syscall exit |
137 |
-#endif |
138 |
-#ifdef SSP_SMASH_DUMPS_CORE |
139 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 1 |
140 |
-# if !defined _KERNEL_NSIG && !defined _NSIG |
141 |
-# error No _NSIG or _KERNEL_NSIG for rt_sigaction |
142 |
-# endif |
143 |
-# if !defined __NR_sigaction && !defined __NR_rt_sigaction |
144 |
-# error Cannot do syscall sigaction or rt_sigaction |
145 |
-# endif |
146 |
-/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size |
147 |
- * of the _kernel_ sigset_t which is not the same as the user sigset_t. |
148 |
- * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for |
149 |
- * some reason. |
150 |
- */ |
151 |
-# ifdef _KERNEL_NSIG |
152 |
-# define _SSP_NSIG _KERNEL_NSIG |
153 |
-# else |
154 |
-# define _SSP_NSIG _NSIG |
155 |
-# endif |
156 |
-#else |
157 |
-# define _SSP_NSIG 0 |
158 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 0 |
159 |
-#endif |
160 |
- |
161 |
-/* Define DO_SIGACTION - default to newer rt signal interface but |
162 |
- * fallback to old as needed. |
163 |
- */ |
164 |
-#ifdef __NR_rt_sigaction |
165 |
-# define DO_SIGACTION(signum, act, oldact) \ |
166 |
- INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) |
167 |
-#else |
168 |
-# define DO_SIGACTION(signum, act, oldact) \ |
169 |
- INLINE_SYSCALL(sigaction, 3, signum, act, oldact) |
170 |
-#endif |
171 |
- |
172 |
-/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ |
173 |
-#if defined(__NR_socket) && defined(__NR_connect) |
174 |
-# define USE_OLD_SOCKETCALL 0 |
175 |
-#else |
176 |
-# define USE_OLD_SOCKETCALL 1 |
177 |
-#endif |
178 |
- |
179 |
-/* stub out the __NR_'s so we can let gcc optimize away dead code */ |
180 |
-#ifndef __NR_socketcall |
181 |
-# define __NR_socketcall 0 |
182 |
-#endif |
183 |
-#ifndef __NR_socket |
184 |
-# define __NR_socket 0 |
185 |
-#endif |
186 |
-#ifndef __NR_connect |
187 |
-# define __NR_connect 0 |
188 |
-#endif |
189 |
-#define DO_SOCKET(result, domain, type, protocol) \ |
190 |
- do { \ |
191 |
- if (USE_OLD_SOCKETCALL) { \ |
192 |
- socketargs[0] = domain; \ |
193 |
- socketargs[1] = type; \ |
194 |
- socketargs[2] = protocol; \ |
195 |
- socketargs[3] = 0; \ |
196 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ |
197 |
- } else \ |
198 |
- result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ |
199 |
- } while (0) |
200 |
-#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ |
201 |
- do { \ |
202 |
- if (USE_OLD_SOCKETCALL) { \ |
203 |
- socketargs[0] = sockfd; \ |
204 |
- socketargs[1] = (unsigned long int)serv_addr; \ |
205 |
- socketargs[2] = addrlen; \ |
206 |
- socketargs[3] = 0; \ |
207 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ |
208 |
- } else \ |
209 |
- result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ |
210 |
- } while (0) |
211 |
- |
212 |
-#ifndef _PATH_LOG |
213 |
-# define _PATH_LOG "/dev/log" |
214 |
-#endif |
215 |
- |
216 |
-static const char path_log[] = _PATH_LOG; |
217 |
- |
218 |
-/* For building glibc with SSP switched on, define __progname to a |
219 |
- * constant if building for the run-time loader, to avoid pulling |
220 |
- * in more of libc.so into ld.so |
221 |
- */ |
222 |
-#ifdef IS_IN_rtld |
223 |
-static char *__progname = "<rtld>"; |
224 |
-#else |
225 |
-extern char *__progname; |
226 |
-#endif |
227 |
- |
228 |
-/* Common handler code, used by chk_fail |
229 |
- * Inlined to ensure no self-references to the handler within itself. |
230 |
- * Data static to avoid putting more than necessary on the stack, |
231 |
- * to aid core debugging. |
232 |
- */ |
233 |
-__attribute__ ((__noreturn__ , __always_inline__)) |
234 |
-static inline void |
235 |
-__hardened_gentoo_chk_fail(char func[], int damaged) |
236 |
-{ |
237 |
-#define MESSAGE_BUFSIZ 256 |
238 |
- static pid_t pid; |
239 |
- static int plen, i; |
240 |
- static char message[MESSAGE_BUFSIZ]; |
241 |
- static const char msg_ssa[] = ": buffer overflow attack"; |
242 |
- static const char msg_inf[] = " in function "; |
243 |
- static const char msg_ssd[] = "*** buffer overflow detected ***: "; |
244 |
- static const char msg_terminated[] = " - terminated\n"; |
245 |
- static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; |
246 |
- static const char msg_unknown[] = "<unknown>"; |
247 |
- static int log_socket, connect_result; |
248 |
- static struct sockaddr_un sock; |
249 |
- static unsigned long int socketargs[4]; |
250 |
- |
251 |
- /* Build socket address |
252 |
- */ |
253 |
- sock.sun_family = AF_UNIX; |
254 |
- i = 0; |
255 |
- while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { |
256 |
- sock.sun_path[i] = path_log[i]; |
257 |
- i++; |
258 |
- } |
259 |
- sock.sun_path[i] = '\0'; |
260 |
- |
261 |
- /* Try SOCK_DGRAM connection to syslog */ |
262 |
- connect_result = -1; |
263 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); |
264 |
- if (log_socket != -1) |
265 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
266 |
- if (connect_result == -1) { |
267 |
- if (log_socket != -1) |
268 |
- INLINE_SYSCALL(close, 1, log_socket); |
269 |
- /* Try SOCK_STREAM connection to syslog */ |
270 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); |
271 |
- if (log_socket != -1) |
272 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
273 |
- } |
274 |
- |
275 |
- /* Build message. Messages are generated both in the old style and new style, |
276 |
- * so that log watchers that are configured for the old-style message continue |
277 |
- * to work. |
278 |
- */ |
279 |
-#define strconcat(str) \ |
280 |
- {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ |
281 |
- {\ |
282 |
- message[plen+i]=str[i];\ |
283 |
- i++;\ |
284 |
- }\ |
285 |
- plen+=i;} |
286 |
- |
287 |
- /* R.Henderson post-gcc-4 style message */ |
288 |
- plen = 0; |
289 |
- strconcat(msg_ssd); |
290 |
- if (__progname != (char *)0) |
291 |
- strconcat(__progname) |
292 |
- else |
293 |
- strconcat(msg_unknown); |
294 |
- strconcat(msg_terminated); |
295 |
- |
296 |
- /* Write out error message to STDERR, to syslog if open */ |
297 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
298 |
- if (connect_result != -1) |
299 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
300 |
- |
301 |
- /* Dr. Etoh pre-gcc-4 style message */ |
302 |
- plen = 0; |
303 |
- if (__progname != (char *)0) |
304 |
- strconcat(__progname) |
305 |
- else |
306 |
- strconcat(msg_unknown); |
307 |
- strconcat(msg_ssa); |
308 |
- strconcat(msg_inf); |
309 |
- if (func != NULL) |
310 |
- strconcat(func) |
311 |
- else |
312 |
- strconcat(msg_unknown); |
313 |
- strconcat(msg_terminated); |
314 |
- /* Write out error message to STDERR, to syslog if open */ |
315 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
316 |
- if (connect_result != -1) |
317 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
318 |
- |
319 |
- /* Direct reports to bugs.gentoo.org */ |
320 |
- plen=0; |
321 |
- strconcat(msg_report); |
322 |
- message[plen++]='\0'; |
323 |
- |
324 |
- /* Write out error message to STDERR, to syslog if open */ |
325 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
326 |
- if (connect_result != -1) |
327 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
328 |
- |
329 |
- if (log_socket != -1) |
330 |
- INLINE_SYSCALL(close, 1, log_socket); |
331 |
- |
332 |
- /* Suicide */ |
333 |
- pid = INLINE_SYSCALL(getpid, 0); |
334 |
- |
335 |
- if (ENABLE_SSP_SMASH_DUMPS_CORE) { |
336 |
- static struct sigaction default_abort_act; |
337 |
- /* Remove any user-supplied handler for SIGABRT, before using it */ |
338 |
- default_abort_act.sa_handler = SIG_DFL; |
339 |
- default_abort_act.sa_sigaction = NULL; |
340 |
- __sigfillset(&default_abort_act.sa_mask); |
341 |
- default_abort_act.sa_flags = 0; |
342 |
- if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) |
343 |
- INLINE_SYSCALL(kill, 2, pid, SIGABRT); |
344 |
- } |
345 |
- |
346 |
- /* Note; actions cannot be added to SIGKILL */ |
347 |
- INLINE_SYSCALL(kill, 2, pid, SIGKILL); |
348 |
- |
349 |
- /* In case the kill didn't work, exit anyway |
350 |
- * The loop prevents gcc thinking this routine returns |
351 |
- */ |
352 |
- while (1) |
353 |
- INLINE_SYSCALL(exit, 0); |
354 |
-} |
355 |
- |
356 |
-__attribute__ ((__noreturn__)) |
357 |
-void __chk_fail(void) |
358 |
-{ |
359 |
- __hardened_gentoo_chk_fail(NULL, 0); |
360 |
-} |
361 |
- |
362 |
|
363 |
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch |
364 |
deleted file mode 100644 |
365 |
index e75ccc788c8..00000000000 |
366 |
--- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch |
367 |
+++ /dev/null |
368 |
@@ -1,30 +0,0 @@ |
369 |
-Prevent default-fPIE from confusing configure into thinking |
370 |
-PIC code is default. This causes glibc to build both PIC and |
371 |
-non-PIC code as normal, which on the hardened compiler generates |
372 |
-PIC and PIE. |
373 |
- |
374 |
-Patch by Kevin F. Quinn <kevquinn@g.o> |
375 |
-Fixed for glibc 2.10 by Magnus Granberg <zorry@×××.nu> |
376 |
- |
377 |
---- configure.in |
378 |
-+++ configure.in |
379 |
-@@ -2145,7 +2145,7 @@ |
380 |
- # error PIC is default. |
381 |
- #endif |
382 |
- EOF |
383 |
--if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then |
384 |
-+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then |
385 |
- libc_cv_pic_default=no |
386 |
- fi |
387 |
- rm -f conftest.*]) |
388 |
---- configure |
389 |
-+++ configure |
390 |
-@@ -7698,7 +7698,7 @@ |
391 |
- # error PIC is default. |
392 |
- #endif |
393 |
- EOF |
394 |
--if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then |
395 |
-+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then |
396 |
- libc_cv_pic_default=no |
397 |
- fi |
398 |
- rm -f conftest.* |
399 |
|
400 |
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch |
401 |
deleted file mode 100644 |
402 |
index cb6d8e3c78b..00000000000 |
403 |
--- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch |
404 |
+++ /dev/null |
405 |
@@ -1,274 +0,0 @@ |
406 |
-When building glibc PIE (which is not something upstream support), |
407 |
-several modifications are necessary to the glibc build process. |
408 |
- |
409 |
-First, any syscalls in PIEs must be of the PIC variant, otherwise |
410 |
-textrels ensue. Then, any syscalls made before the initialisation |
411 |
-of the TLS will fail on i386, as the sysenter variant on i386 uses |
412 |
-the TLS, giving rise to a chicken-and-egg situation. This patch |
413 |
-defines a PIC syscall variant that doesn't use sysenter, even when the sysenter |
414 |
-version is normally used, and uses the non-sysenter version for the brk |
415 |
-syscall that is performed by the TLS initialisation. Further, the TLS |
416 |
-initialisation is moved in this case prior to the initialisation of |
417 |
-dl_osversion, as that requires further syscalls. |
418 |
- |
419 |
-csu/libc-start.c: Move initial TLS initialization to before the |
420 |
-initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined |
421 |
- |
422 |
-csu/libc-tls.c: Use the no-sysenter version of sbrk when |
423 |
-INTERNAL_SYSCALL_NOSYSENTER is defined. |
424 |
- |
425 |
-misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter |
426 |
-version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. |
427 |
- |
428 |
-misc/brk.c: Define a no-sysenter version of brk if |
429 |
-INTERNAL_SYSCALL_NOSYSENTER is defined. |
430 |
- |
431 |
-sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER |
432 |
-Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. |
433 |
- |
434 |
-Patch by Kevin F. Quinn <kevquinn@g.o> |
435 |
-Fixed for 2.10 by Magnus Granberg <zorry@×××.nu> |
436 |
- |
437 |
---- csu/libc-start.c |
438 |
-+++ csu/libc-start.c |
439 |
-@@ -28,6 +28,7 @@ |
440 |
- extern int __libc_multiple_libcs; |
441 |
- |
442 |
- #include <tls.h> |
443 |
-+#include <sysdep.h> |
444 |
- #ifndef SHARED |
445 |
- # include <dl-osinfo.h> |
446 |
- extern void __pthread_initialize_minimal (void); |
447 |
-@@ -129,6 +130,11 @@ |
448 |
- # endif |
449 |
- _dl_aux_init (auxvec); |
450 |
- # endif |
451 |
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER |
452 |
-+ /* Do the initial TLS initialization before _dl_osversion, |
453 |
-+ since the latter uses the uname syscall. */ |
454 |
-+ __pthread_initialize_minimal (); |
455 |
-+# endif |
456 |
- # ifdef DL_SYSDEP_OSCHECK |
457 |
- if (!__libc_multiple_libcs) |
458 |
- { |
459 |
-@@ -138,10 +144,12 @@ |
460 |
- } |
461 |
- # endif |
462 |
- |
463 |
-+# ifndef INTERNAL_SYSCALL_NOSYSENTER |
464 |
- /* Initialize the thread library at least a bit since the libgcc |
465 |
- functions are using thread functions if these are available and |
466 |
- we need to setup errno. */ |
467 |
- __pthread_initialize_minimal (); |
468 |
-+# endif |
469 |
- |
470 |
- /* Set up the stack checker's canary. */ |
471 |
- uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); |
472 |
---- csu/libc-tls.c |
473 |
-+++ csu/libc-tls.c |
474 |
-@@ -23,6 +23,7 @@ |
475 |
- #include <unistd.h> |
476 |
- #include <stdio.h> |
477 |
- #include <sys/param.h> |
478 |
-+#include <sysdep.h> |
479 |
- |
480 |
- |
481 |
- #ifdef SHARED |
482 |
-@@ -29,6 +30,9 @@ |
483 |
- #error makefile bug, this file is for static only |
484 |
- #endif |
485 |
- |
486 |
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER |
487 |
-+extern void *__sbrk_nosysenter (intptr_t __delta); |
488 |
-+#endif |
489 |
- extern ElfW(Phdr) *_dl_phdr; |
490 |
- extern size_t _dl_phnum; |
491 |
- |
492 |
-@@ -141,14 +145,26 @@ |
493 |
- |
494 |
- The initialized value of _dl_tls_static_size is provided by dl-open.c |
495 |
- to request some surplus that permits dynamic loading of modules with |
496 |
-- IE-model TLS. */ |
497 |
-+ IE-model TLS. |
498 |
-+ |
499 |
-+ Where the normal sbrk would use a syscall that needs the TLS (i386) |
500 |
-+ use the special non-sysenter version instead. */ |
501 |
- #if TLS_TCB_AT_TP |
502 |
- tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); |
503 |
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER |
504 |
-+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); |
505 |
-+# else |
506 |
- tlsblock = __sbrk (tcb_offset + tcbsize + max_align); |
507 |
-+# endif |
508 |
- #elif TLS_DTV_AT_TP |
509 |
- tcb_offset = roundup (tcbsize, align ?: 1); |
510 |
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER |
511 |
-+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align |
512 |
-+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
513 |
-+# else |
514 |
- tlsblock = __sbrk (tcb_offset + memsz + max_align |
515 |
- + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
516 |
-+# endif |
517 |
- tlsblock += TLS_PRE_TCB_SIZE; |
518 |
- #else |
519 |
- /* In case a model with a different layout for the TCB and DTV |
520 |
---- misc/sbrk.c |
521 |
-+++ misc/sbrk.c |
522 |
-@@ -18,6 +18,7 @@ |
523 |
- #include <errno.h> |
524 |
- #include <stdint.h> |
525 |
- #include <unistd.h> |
526 |
-+#include <sysdep.h> |
527 |
- |
528 |
- /* Defined in brk.c. */ |
529 |
- extern void *__curbrk; |
530 |
-@@ -29,6 +30,35 @@ |
531 |
- /* Extend the process's data space by INCREMENT. |
532 |
- If INCREMENT is negative, shrink data space by - INCREMENT. |
533 |
- Return start of new space allocated, or -1 for errors. */ |
534 |
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER |
535 |
-+/* This version is used by csu/libc-tls.c whem initialising the TLS |
536 |
-+ if the SYSENTER version requires the TLS (which it does on i386). |
537 |
-+ Obviously using the TLS before it is initialised is broken. */ |
538 |
-+extern int __brk_nosysenter (void *addr); |
539 |
-+void * |
540 |
-+__sbrk_nosysenter (intptr_t increment) |
541 |
-+{ |
542 |
-+ void *oldbrk; |
543 |
-+ |
544 |
-+ /* If this is not part of the dynamic library or the library is used |
545 |
-+ via dynamic loading in a statically linked program update |
546 |
-+ __curbrk from the kernel's brk value. That way two separate |
547 |
-+ instances of __brk and __sbrk can share the heap, returning |
548 |
-+ interleaved pieces of it. */ |
549 |
-+ if (__curbrk == NULL || __libc_multiple_libcs) |
550 |
-+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ |
551 |
-+ return (void *) -1; |
552 |
-+ |
553 |
-+ if (increment == 0) |
554 |
-+ return __curbrk; |
555 |
-+ |
556 |
-+ oldbrk = __curbrk; |
557 |
-+ if (__brk_nosysenter (oldbrk + increment) < 0) |
558 |
-+ return (void *) -1; |
559 |
-+ |
560 |
-+ return oldbrk; |
561 |
-+} |
562 |
-+#endif |
563 |
- void * |
564 |
- __sbrk (intptr_t increment) |
565 |
- { |
566 |
---- sysdeps/unix/sysv/linux/i386/brk.c |
567 |
-+++ sysdeps/unix/sysv/linux/i386/brk.c |
568 |
-@@ -31,6 +31,30 @@ |
569 |
- linker. */ |
570 |
- weak_alias (__curbrk, ___brk_addr) |
571 |
- |
572 |
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER |
573 |
-+/* This version is used by csu/libc-tls.c whem initialising the TLS |
574 |
-+ * if the SYSENTER version requires the TLS (which it does on i386). |
575 |
-+ * Obviously using the TLS before it is initialised is broken. */ |
576 |
-+int |
577 |
-+__brk_nosysenter (void *addr) |
578 |
-+{ |
579 |
-+ void *__unbounded newbrk; |
580 |
-+ |
581 |
-+ INTERNAL_SYSCALL_DECL (err); |
582 |
-+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, |
583 |
-+ __ptrvalue (addr)); |
584 |
-+ |
585 |
-+ __curbrk = newbrk; |
586 |
-+ |
587 |
-+ if (newbrk < addr) |
588 |
-+ { |
589 |
-+ __set_errno (ENOMEM); |
590 |
-+ return -1; |
591 |
-+ } |
592 |
-+ |
593 |
-+ return 0; |
594 |
-+} |
595 |
-+#endif |
596 |
- int |
597 |
- __brk (void *addr) |
598 |
- { |
599 |
---- sysdeps/unix/sysv/linux/i386/sysdep.h |
600 |
-+++ sysdeps/unix/sysv/linux/i386/sysdep.h |
601 |
-@@ -187,7 +187,7 @@ |
602 |
- /* The original calling convention for system calls on Linux/i386 is |
603 |
- to use int $0x80. */ |
604 |
- #ifdef I386_USE_SYSENTER |
605 |
--# ifdef SHARED |
606 |
-+# if defined SHARED || defined __PIC__ |
607 |
- # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET |
608 |
- # else |
609 |
- # define ENTER_KERNEL call *_dl_sysinfo |
610 |
-@@ -358,7 +358,7 @@ |
611 |
- possible to use more than four parameters. */ |
612 |
- #undef INTERNAL_SYSCALL |
613 |
- #ifdef I386_USE_SYSENTER |
614 |
--# ifdef SHARED |
615 |
-+# if defined SHARED || defined __PIC__ |
616 |
- # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
617 |
- ({ \ |
618 |
- register unsigned int resultvar; \ |
619 |
-@@ -384,6 +384,18 @@ |
620 |
- : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ |
621 |
- ASMFMT_##nr(args) : "memory", "cc"); \ |
622 |
- (int) resultvar; }) |
623 |
-+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ |
624 |
-+ ({ \ |
625 |
-+ register unsigned int resultvar; \ |
626 |
-+ EXTRAVAR_##nr \ |
627 |
-+ asm volatile ( \ |
628 |
-+ LOADARGS_NOSYSENTER_##nr \ |
629 |
-+ "movl %1, %%eax\n\t" \ |
630 |
-+ "int $0x80\n\t" \ |
631 |
-+ RESTOREARGS_NOSYSENTER_##nr \ |
632 |
-+ : "=a" (resultvar) \ |
633 |
-+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ |
634 |
-+ (int) resultvar; }) |
635 |
- # else |
636 |
- # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
637 |
- ({ \ |
638 |
-@@ -447,12 +459,20 @@ |
639 |
- |
640 |
- #define LOADARGS_0 |
641 |
- #ifdef __PIC__ |
642 |
--# if defined I386_USE_SYSENTER && defined SHARED |
643 |
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
644 |
- # define LOADARGS_1 \ |
645 |
- "bpushl .L__X'%k3, %k3\n\t" |
646 |
- # define LOADARGS_5 \ |
647 |
- "movl %%ebx, %4\n\t" \ |
648 |
- "movl %3, %%ebx\n\t" |
649 |
-+# define LOADARGS_NOSYSENTER_1 \ |
650 |
-+ "bpushl .L__X'%k2, %k2\n\t" |
651 |
-+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 |
652 |
-+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 |
653 |
-+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 |
654 |
-+# define LOADARGS_NOSYSENTER_5 \ |
655 |
-+ "movl %%ebx, %3\n\t" \ |
656 |
-+ "movl %2, %%ebx\n\t" |
657 |
- # else |
658 |
- # define LOADARGS_1 \ |
659 |
- "bpushl .L__X'%k2, %k2\n\t" |
660 |
-@@ -474,11 +495,18 @@ |
661 |
- |
662 |
- #define RESTOREARGS_0 |
663 |
- #ifdef __PIC__ |
664 |
--# if defined I386_USE_SYSENTER && defined SHARED |
665 |
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
666 |
- # define RESTOREARGS_1 \ |
667 |
- "bpopl .L__X'%k3, %k3\n\t" |
668 |
- # define RESTOREARGS_5 \ |
669 |
- "movl %4, %%ebx" |
670 |
-+# define RESTOREARGS_NOSYSENTER_1 \ |
671 |
-+ "bpopl .L__X'%k2, %k2\n\t" |
672 |
-+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 |
673 |
-+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 |
674 |
-+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 |
675 |
-+# define RESTOREARGS_NOSYSENTER_5 \ |
676 |
-+ "movl %3, %%ebx" |
677 |
- # else |
678 |
- # define RESTOREARGS_1 \ |
679 |
- "bpopl .L__X'%k2, %k2\n\t" |
680 |
|
681 |
diff --git a/sys-libs/glibc/files/2.17/glibc-2.17-hardened-pie.patch b/sys-libs/glibc/files/2.17/glibc-2.17-hardened-pie.patch |
682 |
deleted file mode 100644 |
683 |
index da4fb82539c..00000000000 |
684 |
--- a/sys-libs/glibc/files/2.17/glibc-2.17-hardened-pie.patch |
685 |
+++ /dev/null |
686 |
@@ -1,42 +0,0 @@ |
687 |
-2012-11-11 Magnus Granberg <zorry@g.o> |
688 |
- |
689 |
- #442712 |
690 |
- * Makeconfig (+link): Set to +link-pie. |
691 |
- (+link-static-before-libc): Change $(static-start-installed-name) to |
692 |
- S$(static-start-installed-name). |
693 |
- (+prector): Set to +prectorS. |
694 |
- (+postctor): Set to +postctorS. |
695 |
- |
696 |
---- libc/Makeconfig |
697 |
-+++ libc/Makeconfig |
698 |
-@@ -447,11 +447,12 @@ |
699 |
- $(common-objpfx)libc% $(+postinit),$^) \ |
700 |
- $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) |
701 |
- endif |
702 |
-++link = $(+link-pie) |
703 |
- # Command for statically linking programs with the C library. |
704 |
- ifndef +link-static |
705 |
- +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \ |
706 |
- $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ |
707 |
-- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ |
708 |
-+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ |
709 |
- $(+preinit) $(+prectorT) \ |
710 |
- $(filter-out $(addprefix $(csu-objpfx),start.o \ |
711 |
- $(start-installed-name))\ |
712 |
-@@ -549,11 +550,10 @@ |
713 |
- ifeq ($(elf),yes) |
714 |
- +preinit = $(addprefix $(csu-objpfx),crti.o) |
715 |
- +postinit = $(addprefix $(csu-objpfx),crtn.o) |
716 |
--+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` |
717 |
--+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` |
718 |
--# Variants of the two previous definitions for linking PIE programs. |
719 |
- +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` |
720 |
- +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` |
721 |
-++prector = $(+prectorS) |
722 |
-++postctor = $(+postctorS) |
723 |
- # Variants of the two previous definitions for statically linking programs. |
724 |
- +prectorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginT.o` |
725 |
- +postctorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` |
726 |
- +interp = $(addprefix $(elf-objpfx),interp.os) |
727 |
- endif |
728 |
- csu-objpfx = $(common-objpfx)csu/ |
729 |
|
730 |
diff --git a/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c b/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c |
731 |
deleted file mode 100644 |
732 |
index c1934362f62..00000000000 |
733 |
--- a/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c |
734 |
+++ /dev/null |
735 |
@@ -1,314 +0,0 @@ |
736 |
-/* Copyright (C) 2004, 2005 Free Software Foundation, Inc. |
737 |
- This file is part of the GNU C Library. |
738 |
- |
739 |
- The GNU C Library is free software; you can redistribute it and/or |
740 |
- modify it under the terms of the GNU Lesser General Public |
741 |
- License as published by the Free Software Foundation; either |
742 |
- version 2.1 of the License, or (at your option) any later version. |
743 |
- |
744 |
- The GNU C Library is distributed in the hope that it will be useful, |
745 |
- but WITHOUT ANY WARRANTY; without even the implied warranty of |
746 |
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
747 |
- Lesser General Public License for more details. |
748 |
- |
749 |
- You should have received a copy of the GNU Lesser General Public |
750 |
- License along with the GNU C Library; if not, write to the Free |
751 |
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA |
752 |
- 02111-1307 USA. */ |
753 |
- |
754 |
-/* Copyright (C) 2006-2013 Gentoo Foundation Inc. |
755 |
- * License terms as above. |
756 |
- * |
757 |
- * Hardened Gentoo SSP and FORTIFY handler |
758 |
- * |
759 |
- * An SSP failure handler that does not use functions from the rest of |
760 |
- * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures |
761 |
- * no possibility of recursion into the handler. |
762 |
- * |
763 |
- * Direct all bug reports to http://bugs.gentoo.org/ |
764 |
- * |
765 |
- * Re-written from the glibc-2.3 Hardened Gentoo SSP handler |
766 |
- * by Kevin F. Quinn - <kevquinn[@]gentoo.org> |
767 |
- * |
768 |
- * The following people contributed to the glibc-2.3 Hardened |
769 |
- * Gentoo SSP and FORTIFY handler, from which this implementation draws much: |
770 |
- * |
771 |
- * Ned Ludd - <solar[@]gentoo.org> |
772 |
- * Alexander Gabert - <pappy[@]gentoo.org> |
773 |
- * The PaX Team - <pageexec[@]freemail.hu> |
774 |
- * Peter S. Mazinger - <ps.m[@]gmx.net> |
775 |
- * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> |
776 |
- * Robert Connolly - <robert[@]linuxfromscratch.org> |
777 |
- * Cory Visi <cory[@]visi.name> |
778 |
- * Mike Frysinger <vapier[@]gentoo.org> |
779 |
- * Magnus Granberg <zorry[@]ume.nu> |
780 |
- */ |
781 |
- |
782 |
-#include <stdio.h> |
783 |
-#include <stdlib.h> |
784 |
-#include <errno.h> |
785 |
-#include <unistd.h> |
786 |
-#include <signal.h> |
787 |
- |
788 |
-#include <sys/types.h> |
789 |
- |
790 |
-#include <sysdep-cancel.h> |
791 |
-#include <sys/syscall.h> |
792 |
- |
793 |
-#include <kernel-features.h> |
794 |
- |
795 |
-#include <alloca.h> |
796 |
-/* from sysdeps */ |
797 |
-#include <socketcall.h> |
798 |
-/* for the stuff in bits/socket.h */ |
799 |
-#include <sys/socket.h> |
800 |
-#include <sys/un.h> |
801 |
- |
802 |
-/* Sanity check on SYSCALL macro names - force compilation |
803 |
- * failure if the names used here do not exist |
804 |
- */ |
805 |
-#if !defined __NR_socketcall && !defined __NR_socket |
806 |
-# error Cannot do syscall socket or socketcall |
807 |
-#endif |
808 |
-#if !defined __NR_socketcall && !defined __NR_connect |
809 |
-# error Cannot do syscall connect or socketcall |
810 |
-#endif |
811 |
-#ifndef __NR_write |
812 |
-# error Cannot do syscall write |
813 |
-#endif |
814 |
-#ifndef __NR_close |
815 |
-# error Cannot do syscall close |
816 |
-#endif |
817 |
-#ifndef __NR_getpid |
818 |
-# error Cannot do syscall getpid |
819 |
-#endif |
820 |
-#ifndef __NR_kill |
821 |
-# error Cannot do syscall kill |
822 |
-#endif |
823 |
-#ifndef __NR_exit |
824 |
-# error Cannot do syscall exit |
825 |
-#endif |
826 |
-#ifdef SSP_SMASH_DUMPS_CORE |
827 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 1 |
828 |
-# if !defined _KERNEL_NSIG && !defined _NSIG |
829 |
-# error No _NSIG or _KERNEL_NSIG for rt_sigaction |
830 |
-# endif |
831 |
-# if !defined __NR_sigaction && !defined __NR_rt_sigaction |
832 |
-# error Cannot do syscall sigaction or rt_sigaction |
833 |
-# endif |
834 |
-/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size |
835 |
- * of the _kernel_ sigset_t which is not the same as the user sigset_t. |
836 |
- * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for |
837 |
- * some reason. |
838 |
- */ |
839 |
-# ifdef _KERNEL_NSIG |
840 |
-# define _SSP_NSIG _KERNEL_NSIG |
841 |
-# else |
842 |
-# define _SSP_NSIG _NSIG |
843 |
-# endif |
844 |
-#else |
845 |
-# define _SSP_NSIG 0 |
846 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 0 |
847 |
-#endif |
848 |
- |
849 |
-/* Define DO_SIGACTION - default to newer rt signal interface but |
850 |
- * fallback to old as needed. |
851 |
- */ |
852 |
-#ifdef __NR_rt_sigaction |
853 |
-# define DO_SIGACTION(signum, act, oldact) \ |
854 |
- INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) |
855 |
-#else |
856 |
-# define DO_SIGACTION(signum, act, oldact) \ |
857 |
- INLINE_SYSCALL(sigaction, 3, signum, act, oldact) |
858 |
-#endif |
859 |
- |
860 |
-/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ |
861 |
-#if defined(__NR_socket) && defined(__NR_connect) |
862 |
-# define USE_OLD_SOCKETCALL 0 |
863 |
-#else |
864 |
-# define USE_OLD_SOCKETCALL 1 |
865 |
-#endif |
866 |
- |
867 |
-/* stub out the __NR_'s so we can let gcc optimize away dead code */ |
868 |
-#ifndef __NR_socketcall |
869 |
-# define __NR_socketcall 0 |
870 |
-#endif |
871 |
-#ifndef __NR_socket |
872 |
-# define __NR_socket 0 |
873 |
-#endif |
874 |
-#ifndef __NR_connect |
875 |
-# define __NR_connect 0 |
876 |
-#endif |
877 |
-#define DO_SOCKET(result, domain, type, protocol) \ |
878 |
- do { \ |
879 |
- if (USE_OLD_SOCKETCALL) { \ |
880 |
- socketargs[0] = domain; \ |
881 |
- socketargs[1] = type; \ |
882 |
- socketargs[2] = protocol; \ |
883 |
- socketargs[3] = 0; \ |
884 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ |
885 |
- } else \ |
886 |
- result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ |
887 |
- } while (0) |
888 |
-#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ |
889 |
- do { \ |
890 |
- if (USE_OLD_SOCKETCALL) { \ |
891 |
- socketargs[0] = sockfd; \ |
892 |
- socketargs[1] = (unsigned long int)serv_addr; \ |
893 |
- socketargs[2] = addrlen; \ |
894 |
- socketargs[3] = 0; \ |
895 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ |
896 |
- } else \ |
897 |
- result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ |
898 |
- } while (0) |
899 |
- |
900 |
-#ifndef _PATH_LOG |
901 |
-# define _PATH_LOG "/dev/log" |
902 |
-#endif |
903 |
- |
904 |
-static const char path_log[] = _PATH_LOG; |
905 |
- |
906 |
-/* For building glibc with SSP switched on, define __progname to a |
907 |
- * constant if building for the run-time loader, to avoid pulling |
908 |
- * in more of libc.so into ld.so |
909 |
- */ |
910 |
-#ifdef IS_IN_rtld |
911 |
-static char *__progname = "<rtld>"; |
912 |
-#else |
913 |
-extern char *__progname; |
914 |
-#endif |
915 |
- |
916 |
-/* Common handler code, used by chk_fail |
917 |
- * Inlined to ensure no self-references to the handler within itself. |
918 |
- * Data static to avoid putting more than necessary on the stack, |
919 |
- * to aid core debugging. |
920 |
- */ |
921 |
-__attribute__ ((__noreturn__ , __always_inline__)) |
922 |
-static inline void |
923 |
-__hardened_gentoo_chk_fail(char func[], int damaged) |
924 |
-{ |
925 |
-#define MESSAGE_BUFSIZ 256 |
926 |
- static pid_t pid; |
927 |
- static int plen, i; |
928 |
- static char message[MESSAGE_BUFSIZ]; |
929 |
- static const char msg_ssa[] = ": buffer overflow attack"; |
930 |
- static const char msg_inf[] = " in function "; |
931 |
- static const char msg_ssd[] = "*** buffer overflow detected ***: "; |
932 |
- static const char msg_terminated[] = " - terminated\n"; |
933 |
- static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; |
934 |
- static const char msg_unknown[] = "<unknown>"; |
935 |
- static int log_socket, connect_result; |
936 |
- static struct sockaddr_un sock; |
937 |
- static unsigned long int socketargs[4]; |
938 |
- |
939 |
- /* Build socket address |
940 |
- */ |
941 |
- sock.sun_family = AF_UNIX; |
942 |
- i = 0; |
943 |
- while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { |
944 |
- sock.sun_path[i] = path_log[i]; |
945 |
- i++; |
946 |
- } |
947 |
- sock.sun_path[i] = '\0'; |
948 |
- |
949 |
- /* Try SOCK_DGRAM connection to syslog */ |
950 |
- connect_result = -1; |
951 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); |
952 |
- if (log_socket != -1) |
953 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
954 |
- if (connect_result == -1) { |
955 |
- if (log_socket != -1) |
956 |
- INLINE_SYSCALL(close, 1, log_socket); |
957 |
- /* Try SOCK_STREAM connection to syslog */ |
958 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); |
959 |
- if (log_socket != -1) |
960 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
961 |
- } |
962 |
- |
963 |
- /* Build message. Messages are generated both in the old style and new style, |
964 |
- * so that log watchers that are configured for the old-style message continue |
965 |
- * to work. |
966 |
- */ |
967 |
-#define strconcat(str) \ |
968 |
- {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ |
969 |
- {\ |
970 |
- message[plen+i]=str[i];\ |
971 |
- i++;\ |
972 |
- }\ |
973 |
- plen+=i;} |
974 |
- |
975 |
- /* R.Henderson post-gcc-4 style message */ |
976 |
- plen = 0; |
977 |
- strconcat(msg_ssd); |
978 |
- if (__progname != (char *)0) |
979 |
- strconcat(__progname) |
980 |
- else |
981 |
- strconcat(msg_unknown); |
982 |
- strconcat(msg_terminated); |
983 |
- |
984 |
- /* Write out error message to STDERR, to syslog if open */ |
985 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
986 |
- if (connect_result != -1) |
987 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
988 |
- |
989 |
- /* Dr. Etoh pre-gcc-4 style message */ |
990 |
- plen = 0; |
991 |
- if (__progname != (char *)0) |
992 |
- strconcat(__progname) |
993 |
- else |
994 |
- strconcat(msg_unknown); |
995 |
- strconcat(msg_ssa); |
996 |
- strconcat(msg_inf); |
997 |
- if (func != NULL) |
998 |
- strconcat(func) |
999 |
- else |
1000 |
- strconcat(msg_unknown); |
1001 |
- strconcat(msg_terminated); |
1002 |
- /* Write out error message to STDERR, to syslog if open */ |
1003 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
1004 |
- if (connect_result != -1) |
1005 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
1006 |
- |
1007 |
- /* Direct reports to bugs.gentoo.org */ |
1008 |
- plen=0; |
1009 |
- strconcat(msg_report); |
1010 |
- message[plen++]='\0'; |
1011 |
- |
1012 |
- /* Write out error message to STDERR, to syslog if open */ |
1013 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
1014 |
- if (connect_result != -1) |
1015 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
1016 |
- |
1017 |
- if (log_socket != -1) |
1018 |
- INLINE_SYSCALL(close, 1, log_socket); |
1019 |
- |
1020 |
- /* Suicide */ |
1021 |
- pid = INLINE_SYSCALL(getpid, 0); |
1022 |
- |
1023 |
- if (ENABLE_SSP_SMASH_DUMPS_CORE) { |
1024 |
- static struct sigaction default_abort_act; |
1025 |
- /* Remove any user-supplied handler for SIGABRT, before using it */ |
1026 |
- default_abort_act.sa_handler = SIG_DFL; |
1027 |
- default_abort_act.sa_sigaction = NULL; |
1028 |
- __sigfillset(&default_abort_act.sa_mask); |
1029 |
- default_abort_act.sa_flags = 0; |
1030 |
- if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) |
1031 |
- INLINE_SYSCALL(kill, 2, pid, SIGABRT); |
1032 |
- } |
1033 |
- |
1034 |
- /* Note; actions cannot be added to SIGKILL */ |
1035 |
- INLINE_SYSCALL(kill, 2, pid, SIGKILL); |
1036 |
- |
1037 |
- /* In case the kill didn't work, exit anyway |
1038 |
- * The loop prevents gcc thinking this routine returns |
1039 |
- */ |
1040 |
- while (1) |
1041 |
- INLINE_SYSCALL(exit, 0); |
1042 |
-} |
1043 |
- |
1044 |
-__attribute__ ((__noreturn__)) |
1045 |
-void __chk_fail(void) |
1046 |
-{ |
1047 |
- __hardened_gentoo_chk_fail(NULL, 0); |
1048 |
-} |
1049 |
- |
1050 |
|
1051 |
diff --git a/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-stack_chk_fail.c |
1052 |
deleted file mode 100644 |
1053 |
index 9535c215789..00000000000 |
1054 |
--- a/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-stack_chk_fail.c |
1055 |
+++ /dev/null |
1056 |
@@ -1,322 +0,0 @@ |
1057 |
-/* Copyright (C) 2005 Free Software Foundation, Inc. |
1058 |
- This file is part of the GNU C Library. |
1059 |
- |
1060 |
- The GNU C Library is free software; you can redistribute it and/or |
1061 |
- modify it under the terms of the GNU Lesser General Public |
1062 |
- License as published by the Free Software Foundation; either |
1063 |
- version 2.1 of the License, or (at your option) any later version. |
1064 |
- |
1065 |
- The GNU C Library is distributed in the hope that it will be useful, |
1066 |
- but WITHOUT ANY WARRANTY; without even the implied warranty of |
1067 |
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
1068 |
- Lesser General Public License for more details. |
1069 |
- |
1070 |
- You should have received a copy of the GNU Lesser General Public |
1071 |
- License along with the GNU C Library; if not, write to the Free |
1072 |
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA |
1073 |
- 02111-1307 USA. */ |
1074 |
- |
1075 |
-/* Copyright (C) 2006-2013 Gentoo Foundation Inc. |
1076 |
- * License terms as above. |
1077 |
- * |
1078 |
- * Hardened Gentoo SSP handler |
1079 |
- * |
1080 |
- * An SSP failure handler that does not use functions from the rest of |
1081 |
- * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures |
1082 |
- * no possibility of recursion into the handler. |
1083 |
- * |
1084 |
- * Direct all bug reports to http://bugs.gentoo.org/ |
1085 |
- * |
1086 |
- * Re-written from the glibc-2.3 Hardened Gentoo SSP handler |
1087 |
- * by Kevin F. Quinn - <kevquinn[@]gentoo.org> |
1088 |
- * |
1089 |
- * Fixed to support glibc-2.18 by Magnus Granberg - <zorry[@]gentoo.org> |
1090 |
- * |
1091 |
- * The following people contributed to the glibc-2.3 Hardened |
1092 |
- * Gentoo SSP handler, from which this implementation draws much: |
1093 |
- * |
1094 |
- * Ned Ludd - <solar[@]gentoo.org> |
1095 |
- * Alexander Gabert - <pappy[@]gentoo.org> |
1096 |
- * The PaX Team - <pageexec[@]freemail.hu> |
1097 |
- * Peter S. Mazinger - <ps.m[@]gmx.net> |
1098 |
- * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> |
1099 |
- * Robert Connolly - <robert[@]linuxfromscratch.org> |
1100 |
- * Cory Visi <cory[@]visi.name> |
1101 |
- * Mike Frysinger <vapier[@]gentoo.org> |
1102 |
- */ |
1103 |
- |
1104 |
-#include <errno.h> |
1105 |
-#include <stdlib.h> |
1106 |
-#include <unistd.h> |
1107 |
-#include <signal.h> |
1108 |
- |
1109 |
-#include <sys/types.h> |
1110 |
- |
1111 |
-#include <sysdep-cancel.h> |
1112 |
-#include <sys/syscall.h> |
1113 |
- |
1114 |
-#include <kernel-features.h> |
1115 |
- |
1116 |
-#include <alloca.h> |
1117 |
-/* from sysdeps */ |
1118 |
-#include <socketcall.h> |
1119 |
-/* for the stuff in bits/socket.h */ |
1120 |
-#include <sys/socket.h> |
1121 |
-#include <sys/un.h> |
1122 |
- |
1123 |
- |
1124 |
-/* Sanity check on SYSCALL macro names - force compilation |
1125 |
- * failure if the names used here do not exist |
1126 |
- */ |
1127 |
-#if !defined __NR_socketcall && !defined __NR_socket |
1128 |
-# error Cannot do syscall socket or socketcall |
1129 |
-#endif |
1130 |
-#if !defined __NR_socketcall && !defined __NR_connect |
1131 |
-# error Cannot do syscall connect or socketcall |
1132 |
-#endif |
1133 |
-#ifndef __NR_write |
1134 |
-# error Cannot do syscall write |
1135 |
-#endif |
1136 |
-#ifndef __NR_close |
1137 |
-# error Cannot do syscall close |
1138 |
-#endif |
1139 |
-#ifndef __NR_getpid |
1140 |
-# error Cannot do syscall getpid |
1141 |
-#endif |
1142 |
-#ifndef __NR_kill |
1143 |
-# error Cannot do syscall kill |
1144 |
-#endif |
1145 |
-#ifndef __NR_exit |
1146 |
-# error Cannot do syscall exit |
1147 |
-#endif |
1148 |
-#ifdef SSP_SMASH_DUMPS_CORE |
1149 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 1 |
1150 |
-# if !defined _KERNEL_NSIG && !defined _NSIG |
1151 |
-# error No _NSIG or _KERNEL_NSIG for rt_sigaction |
1152 |
-# endif |
1153 |
-# if !defined __NR_sigaction && !defined __NR_rt_sigaction |
1154 |
-# error Cannot do syscall sigaction or rt_sigaction |
1155 |
-# endif |
1156 |
-/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size |
1157 |
- * of the _kernel_ sigset_t which is not the same as the user sigset_t. |
1158 |
- * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for |
1159 |
- * some reason. |
1160 |
- */ |
1161 |
-# ifdef _KERNEL_NSIG |
1162 |
-# define _SSP_NSIG _KERNEL_NSIG |
1163 |
-# else |
1164 |
-# define _SSP_NSIG _NSIG |
1165 |
-# endif |
1166 |
-#else |
1167 |
-# define _SSP_NSIG 0 |
1168 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 0 |
1169 |
-#endif |
1170 |
- |
1171 |
-/* Define DO_SIGACTION - default to newer rt signal interface but |
1172 |
- * fallback to old as needed. |
1173 |
- */ |
1174 |
-#ifdef __NR_rt_sigaction |
1175 |
-# define DO_SIGACTION(signum, act, oldact) \ |
1176 |
- INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) |
1177 |
-#else |
1178 |
-# define DO_SIGACTION(signum, act, oldact) \ |
1179 |
- INLINE_SYSCALL(sigaction, 3, signum, act, oldact) |
1180 |
-#endif |
1181 |
- |
1182 |
-/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ |
1183 |
-#if defined(__NR_socket) && defined(__NR_connect) |
1184 |
-# define USE_OLD_SOCKETCALL 0 |
1185 |
-#else |
1186 |
-# define USE_OLD_SOCKETCALL 1 |
1187 |
-#endif |
1188 |
-/* stub out the __NR_'s so we can let gcc optimize away dead code */ |
1189 |
-#ifndef __NR_socketcall |
1190 |
-# define __NR_socketcall 0 |
1191 |
-#endif |
1192 |
-#ifndef __NR_socket |
1193 |
-# define __NR_socket 0 |
1194 |
-#endif |
1195 |
-#ifndef __NR_connect |
1196 |
-# define __NR_connect 0 |
1197 |
-#endif |
1198 |
-#define DO_SOCKET(result, domain, type, protocol) \ |
1199 |
- do { \ |
1200 |
- if (USE_OLD_SOCKETCALL) { \ |
1201 |
- socketargs[0] = domain; \ |
1202 |
- socketargs[1] = type; \ |
1203 |
- socketargs[2] = protocol; \ |
1204 |
- socketargs[3] = 0; \ |
1205 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ |
1206 |
- } else \ |
1207 |
- result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ |
1208 |
- } while (0) |
1209 |
-#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ |
1210 |
- do { \ |
1211 |
- if (USE_OLD_SOCKETCALL) { \ |
1212 |
- socketargs[0] = sockfd; \ |
1213 |
- socketargs[1] = (unsigned long int)serv_addr; \ |
1214 |
- socketargs[2] = addrlen; \ |
1215 |
- socketargs[3] = 0; \ |
1216 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ |
1217 |
- } else \ |
1218 |
- result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ |
1219 |
- } while (0) |
1220 |
- |
1221 |
-#ifndef _PATH_LOG |
1222 |
-# define _PATH_LOG "/dev/log" |
1223 |
-#endif |
1224 |
- |
1225 |
-static const char path_log[] = _PATH_LOG; |
1226 |
- |
1227 |
-/* For building glibc with SSP switched on, define __progname to a |
1228 |
- * constant if building for the run-time loader, to avoid pulling |
1229 |
- * in more of libc.so into ld.so |
1230 |
- */ |
1231 |
-#ifdef IS_IN_rtld |
1232 |
-static char *__progname = "<rtld>"; |
1233 |
-#else |
1234 |
-extern char *__progname; |
1235 |
-#endif |
1236 |
- |
1237 |
- |
1238 |
-/* Common handler code, used by stack_chk_fail and __stack_smash_handler |
1239 |
- * Inlined to ensure no self-references to the handler within itself. |
1240 |
- * Data static to avoid putting more than necessary on the stack, |
1241 |
- * to aid core debugging. |
1242 |
- */ |
1243 |
-__attribute__ ((__noreturn__ , __always_inline__)) |
1244 |
-static inline void |
1245 |
-__hardened_gentoo_stack_chk_fail(char func[], int damaged) |
1246 |
-{ |
1247 |
-#define MESSAGE_BUFSIZ 256 |
1248 |
- static pid_t pid; |
1249 |
- static int plen, i; |
1250 |
- static char message[MESSAGE_BUFSIZ]; |
1251 |
- static const char msg_ssa[] = ": stack smashing attack"; |
1252 |
- static const char msg_inf[] = " in function "; |
1253 |
- static const char msg_ssd[] = "*** stack smashing detected ***: "; |
1254 |
- static const char msg_terminated[] = " - terminated\n"; |
1255 |
- static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; |
1256 |
- static const char msg_unknown[] = "<unknown>"; |
1257 |
- static int log_socket, connect_result; |
1258 |
- static struct sockaddr_un sock; |
1259 |
- static unsigned long int socketargs[4]; |
1260 |
- |
1261 |
- /* Build socket address |
1262 |
- */ |
1263 |
- sock.sun_family = AF_UNIX; |
1264 |
- i = 0; |
1265 |
- while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { |
1266 |
- sock.sun_path[i] = path_log[i]; |
1267 |
- i++; |
1268 |
- } |
1269 |
- sock.sun_path[i] = '\0'; |
1270 |
- |
1271 |
- /* Try SOCK_DGRAM connection to syslog */ |
1272 |
- connect_result = -1; |
1273 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); |
1274 |
- if (log_socket != -1) |
1275 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
1276 |
- if (connect_result == -1) { |
1277 |
- if (log_socket != -1) |
1278 |
- INLINE_SYSCALL(close, 1, log_socket); |
1279 |
- /* Try SOCK_STREAM connection to syslog */ |
1280 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); |
1281 |
- if (log_socket != -1) |
1282 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
1283 |
- } |
1284 |
- |
1285 |
- /* Build message. Messages are generated both in the old style and new style, |
1286 |
- * so that log watchers that are configured for the old-style message continue |
1287 |
- * to work. |
1288 |
- */ |
1289 |
-#define strconcat(str) \ |
1290 |
- {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ |
1291 |
- {\ |
1292 |
- message[plen+i]=str[i];\ |
1293 |
- i++;\ |
1294 |
- }\ |
1295 |
- plen+=i;} |
1296 |
- |
1297 |
- /* R.Henderson post-gcc-4 style message */ |
1298 |
- plen = 0; |
1299 |
- strconcat(msg_ssd); |
1300 |
- if (__progname != (char *)0) |
1301 |
- strconcat(__progname) |
1302 |
- else |
1303 |
- strconcat(msg_unknown); |
1304 |
- strconcat(msg_terminated); |
1305 |
- |
1306 |
- /* Write out error message to STDERR, to syslog if open */ |
1307 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
1308 |
- if (connect_result != -1) |
1309 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
1310 |
- |
1311 |
- /* Dr. Etoh pre-gcc-4 style message */ |
1312 |
- plen = 0; |
1313 |
- if (__progname != (char *)0) |
1314 |
- strconcat(__progname) |
1315 |
- else |
1316 |
- strconcat(msg_unknown); |
1317 |
- strconcat(msg_ssa); |
1318 |
- strconcat(msg_inf); |
1319 |
- if (func != NULL) |
1320 |
- strconcat(func) |
1321 |
- else |
1322 |
- strconcat(msg_unknown); |
1323 |
- strconcat(msg_terminated); |
1324 |
- /* Write out error message to STDERR, to syslog if open */ |
1325 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
1326 |
- if (connect_result != -1) |
1327 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
1328 |
- |
1329 |
- /* Direct reports to bugs.gentoo.org */ |
1330 |
- plen=0; |
1331 |
- strconcat(msg_report); |
1332 |
- message[plen++]='\0'; |
1333 |
- |
1334 |
- /* Write out error message to STDERR, to syslog if open */ |
1335 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); |
1336 |
- if (connect_result != -1) |
1337 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
1338 |
- |
1339 |
- if (log_socket != -1) |
1340 |
- INLINE_SYSCALL(close, 1, log_socket); |
1341 |
- |
1342 |
- /* Suicide */ |
1343 |
- pid = INLINE_SYSCALL(getpid, 0); |
1344 |
- |
1345 |
- if (ENABLE_SSP_SMASH_DUMPS_CORE) { |
1346 |
- static struct sigaction default_abort_act; |
1347 |
- /* Remove any user-supplied handler for SIGABRT, before using it */ |
1348 |
- default_abort_act.sa_handler = SIG_DFL; |
1349 |
- default_abort_act.sa_sigaction = NULL; |
1350 |
- __sigfillset(&default_abort_act.sa_mask); |
1351 |
- default_abort_act.sa_flags = 0; |
1352 |
- if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) |
1353 |
- INLINE_SYSCALL(kill, 2, pid, SIGABRT); |
1354 |
- } |
1355 |
- |
1356 |
- /* Note; actions cannot be added to SIGKILL */ |
1357 |
- INLINE_SYSCALL(kill, 2, pid, SIGKILL); |
1358 |
- |
1359 |
- /* In case the kill didn't work, exit anyway |
1360 |
- * The loop prevents gcc thinking this routine returns |
1361 |
- */ |
1362 |
- while (1) |
1363 |
- INLINE_SYSCALL(exit, 0); |
1364 |
-} |
1365 |
- |
1366 |
-__attribute__ ((__noreturn__)) |
1367 |
-void __stack_chk_fail(void) |
1368 |
-{ |
1369 |
- __hardened_gentoo_stack_chk_fail(NULL, 0); |
1370 |
-} |
1371 |
- |
1372 |
-#ifdef ENABLE_OLD_SSP_COMPAT |
1373 |
-__attribute__ ((__noreturn__)) |
1374 |
-void __stack_smash_handler(char func[], int damaged) |
1375 |
-{ |
1376 |
- __hardened_gentoo_stack_chk_fail(func, damaged); |
1377 |
-} |
1378 |
-#endif |
1379 |
|
1380 |
diff --git a/sys-libs/glibc/files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch |
1381 |
deleted file mode 100644 |
1382 |
index 8907ab2c6a3..00000000000 |
1383 |
--- a/sys-libs/glibc/files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch |
1384 |
+++ /dev/null |
1385 |
@@ -1,277 +0,0 @@ |
1386 |
-When building glibc PIE (which is not something upstream support), |
1387 |
-several modifications are necessary to the glibc build process. |
1388 |
- |
1389 |
-First, any syscalls in PIEs must be of the PIC variant, otherwise |
1390 |
-textrels ensue. Then, any syscalls made before the initialisation |
1391 |
-of the TLS will fail on i386, as the sysenter variant on i386 uses |
1392 |
-the TLS, giving rise to a chicken-and-egg situation. This patch |
1393 |
-defines a PIC syscall variant that doesn't use sysenter, even when the sysenter |
1394 |
-version is normally used, and uses the non-sysenter version for the brk |
1395 |
-syscall that is performed by the TLS initialisation. Further, the TLS |
1396 |
-initialisation is moved in this case prior to the initialisation of |
1397 |
-dl_osversion, as that requires further syscalls. |
1398 |
- |
1399 |
-csu/libc-start.c: Move initial TLS initialization to before the |
1400 |
-initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined |
1401 |
- |
1402 |
-csu/libc-tls.c: Use the no-sysenter version of sbrk when |
1403 |
-INTERNAL_SYSCALL_NOSYSENTER is defined. |
1404 |
- |
1405 |
-misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter |
1406 |
-version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. |
1407 |
- |
1408 |
-misc/brk.c: Define a no-sysenter version of brk if |
1409 |
-INTERNAL_SYSCALL_NOSYSENTER is defined. |
1410 |
- |
1411 |
-sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER |
1412 |
-Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. |
1413 |
- |
1414 |
-Patch by Kevin F. Quinn <kevquinn@g.o> |
1415 |
-Fixed for 2.10 by Magnus Granberg <zorry@×××.nu> |
1416 |
-Fixed for 2.18 by Magnus Granberg <zorry@g.o> |
1417 |
- |
1418 |
---- csu/libc-start.c |
1419 |
-+++ csu/libc-start.c |
1420 |
-@@ -28,6 +28,7 @@ |
1421 |
- extern int __libc_multiple_libcs; |
1422 |
- |
1423 |
- #include <tls.h> |
1424 |
-+#include <sysdep.h> |
1425 |
- #ifndef SHARED |
1426 |
- # include <dl-osinfo.h> |
1427 |
- extern void __pthread_initialize_minimal (void); |
1428 |
-@@ -170,7 +170,11 @@ LIBC_START_MAIN (int (*main) (int, char |
1429 |
- GL(dl_phnum) = __ehdr_start.e_phnum; |
1430 |
- } |
1431 |
- } |
1432 |
-- |
1433 |
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER |
1434 |
-+ /* Do the initial TLS initialization before _dl_osversion, |
1435 |
-+ since the latter uses the uname syscall. */ |
1436 |
-+ __pthread_initialize_minimal (); |
1437 |
-+# endif |
1438 |
- # ifdef DL_SYSDEP_OSCHECK |
1439 |
- if (!__libc_multiple_libcs) |
1440 |
- { |
1441 |
-@@ -138,10 +144,12 @@ |
1442 |
- } |
1443 |
- # endif |
1444 |
- |
1445 |
-+# ifndef INTERNAL_SYSCALL_NOSYSENTER |
1446 |
- /* Initialize the thread library at least a bit since the libgcc |
1447 |
- functions are using thread functions if these are available and |
1448 |
- we need to setup errno. */ |
1449 |
- __pthread_initialize_minimal (); |
1450 |
-+# endif |
1451 |
- |
1452 |
- /* Set up the stack checker's canary. */ |
1453 |
- uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); |
1454 |
---- csu/libc-tls.c |
1455 |
-+++ csu/libc-tls.c |
1456 |
-@@ -22,14 +22,17 @@ |
1457 |
- #include <unistd.h> |
1458 |
- #include <stdio.h> |
1459 |
- #include <sys/param.h> |
1460 |
-- |
1461 |
-+#include <sysdep.h> |
1462 |
- |
1463 |
- #ifdef SHARED |
1464 |
- #error makefile bug, this file is for static only |
1465 |
- #endif |
1466 |
- |
1467 |
--dtv_t _dl_static_dtv[2 + TLS_SLOTINFO_SURPLUS]; |
1468 |
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER |
1469 |
-+extern void *__sbrk_nosysenter (intptr_t __delta); |
1470 |
-+#endif |
1471 |
- |
1472 |
-+dtv_t _dl_static_dtv[2 + TLS_SLOTINFO_SURPLUS]; |
1473 |
- |
1474 |
- static struct |
1475 |
- { |
1476 |
-@@ -139,14 +142,26 @@ __libc_setup_tls (size_t tcbsize, size_t |
1477 |
- |
1478 |
- The initialized value of _dl_tls_static_size is provided by dl-open.c |
1479 |
- to request some surplus that permits dynamic loading of modules with |
1480 |
-- IE-model TLS. */ |
1481 |
-+ IE-model TLS. |
1482 |
-+ |
1483 |
-+ Where the normal sbrk would use a syscall that needs the TLS (i386) |
1484 |
-+ use the special non-sysenter version instead. */ |
1485 |
- #if TLS_TCB_AT_TP |
1486 |
- tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); |
1487 |
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER |
1488 |
-+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); |
1489 |
-+# else |
1490 |
- tlsblock = __sbrk (tcb_offset + tcbsize + max_align); |
1491 |
-+#endif |
1492 |
- #elif TLS_DTV_AT_TP |
1493 |
- tcb_offset = roundup (tcbsize, align ?: 1); |
1494 |
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER |
1495 |
-+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align |
1496 |
-+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
1497 |
-+# else |
1498 |
- tlsblock = __sbrk (tcb_offset + memsz + max_align |
1499 |
- + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
1500 |
-+#endif |
1501 |
- tlsblock += TLS_PRE_TCB_SIZE; |
1502 |
- #else |
1503 |
- /* In case a model with a different layout for the TCB and DTV |
1504 |
---- misc/sbrk.c |
1505 |
-+++ misc/sbrk.c |
1506 |
-@@ -18,6 +18,7 @@ |
1507 |
- #include <errno.h> |
1508 |
- #include <stdint.h> |
1509 |
- #include <unistd.h> |
1510 |
-+#include <sysdep.h> |
1511 |
- |
1512 |
- /* Defined in brk.c. */ |
1513 |
- extern void *__curbrk; |
1514 |
-@@ -29,6 +30,35 @@ |
1515 |
- /* Extend the process's data space by INCREMENT. |
1516 |
- If INCREMENT is negative, shrink data space by - INCREMENT. |
1517 |
- Return start of new space allocated, or -1 for errors. */ |
1518 |
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER |
1519 |
-+/* This version is used by csu/libc-tls.c whem initialising the TLS |
1520 |
-+ if the SYSENTER version requires the TLS (which it does on i386). |
1521 |
-+ Obviously using the TLS before it is initialised is broken. */ |
1522 |
-+extern int __brk_nosysenter (void *addr); |
1523 |
-+void * |
1524 |
-+__sbrk_nosysenter (intptr_t increment) |
1525 |
-+{ |
1526 |
-+ void *oldbrk; |
1527 |
-+ |
1528 |
-+ /* If this is not part of the dynamic library or the library is used |
1529 |
-+ via dynamic loading in a statically linked program update |
1530 |
-+ __curbrk from the kernel's brk value. That way two separate |
1531 |
-+ instances of __brk and __sbrk can share the heap, returning |
1532 |
-+ interleaved pieces of it. */ |
1533 |
-+ if (__curbrk == NULL || __libc_multiple_libcs) |
1534 |
-+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ |
1535 |
-+ return (void *) -1; |
1536 |
-+ |
1537 |
-+ if (increment == 0) |
1538 |
-+ return __curbrk; |
1539 |
-+ |
1540 |
-+ oldbrk = __curbrk; |
1541 |
-+ if (__brk_nosysenter (oldbrk + increment) < 0) |
1542 |
-+ return (void *) -1; |
1543 |
-+ |
1544 |
-+ return oldbrk; |
1545 |
-+} |
1546 |
-+#endif |
1547 |
- void * |
1548 |
- __sbrk (intptr_t increment) |
1549 |
- { |
1550 |
---- sysdeps/unix/sysv/linux/i386/brk.c |
1551 |
-+++ sysdeps/unix/sysv/linux/i386/brk.c |
1552 |
-@@ -31,6 +31,29 @@ |
1553 |
- linker. */ |
1554 |
- weak_alias (__curbrk, ___brk_addr) |
1555 |
- |
1556 |
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER |
1557 |
-+/* This version is used by csu/libc-tls.c whem initialising the TLS |
1558 |
-+ * if the SYSENTER version requires the TLS (which it does on i386). |
1559 |
-+ * Obviously using the TLS before it is initialised is broken. */ |
1560 |
-+int |
1561 |
-+__brk_nosysenter (void *addr) |
1562 |
-+{ |
1563 |
-+ void * newbrk; |
1564 |
-+ |
1565 |
-+ INTERNAL_SYSCALL_DECL (err); |
1566 |
-+ newbrk = (void *) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, addr); |
1567 |
-+ |
1568 |
-+ __curbrk = newbrk; |
1569 |
-+ |
1570 |
-+ if (newbrk < addr) |
1571 |
-+ { |
1572 |
-+ __set_errno (ENOMEM); |
1573 |
-+ return -1; |
1574 |
-+ } |
1575 |
-+ |
1576 |
-+ return 0; |
1577 |
-+} |
1578 |
-+#endif |
1579 |
- int |
1580 |
- __brk (void *addr) |
1581 |
- { |
1582 |
---- sysdeps/unix/sysv/linux/i386/sysdep.h |
1583 |
-+++ sysdeps/unix/sysv/linux/i386/sysdep.h |
1584 |
-@@ -187,7 +187,7 @@ |
1585 |
- /* The original calling convention for system calls on Linux/i386 is |
1586 |
- to use int $0x80. */ |
1587 |
- #ifdef I386_USE_SYSENTER |
1588 |
--# ifdef SHARED |
1589 |
-+# if defined SHARED || defined __PIC__ |
1590 |
- # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET |
1591 |
- # else |
1592 |
- # define ENTER_KERNEL call *_dl_sysinfo |
1593 |
-@@ -358,7 +358,7 @@ |
1594 |
- possible to use more than four parameters. */ |
1595 |
- #undef INTERNAL_SYSCALL |
1596 |
- #ifdef I386_USE_SYSENTER |
1597 |
--# ifdef SHARED |
1598 |
-+# if defined SHARED || defined __PIC__ |
1599 |
- # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
1600 |
- ({ \ |
1601 |
- register unsigned int resultvar; \ |
1602 |
-@@ -384,6 +384,18 @@ |
1603 |
- : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ |
1604 |
- ASMFMT_##nr(args) : "memory", "cc"); \ |
1605 |
- (int) resultvar; }) |
1606 |
-+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ |
1607 |
-+ ({ \ |
1608 |
-+ register unsigned int resultvar; \ |
1609 |
-+ EXTRAVAR_##nr \ |
1610 |
-+ asm volatile ( \ |
1611 |
-+ LOADARGS_NOSYSENTER_##nr \ |
1612 |
-+ "movl %1, %%eax\n\t" \ |
1613 |
-+ "int $0x80\n\t" \ |
1614 |
-+ RESTOREARGS_NOSYSENTER_##nr \ |
1615 |
-+ : "=a" (resultvar) \ |
1616 |
-+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ |
1617 |
-+ (int) resultvar; }) |
1618 |
- # else |
1619 |
- # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
1620 |
- ({ \ |
1621 |
-@@ -447,12 +459,20 @@ |
1622 |
- |
1623 |
- #define LOADARGS_0 |
1624 |
- #ifdef __PIC__ |
1625 |
--# if defined I386_USE_SYSENTER && defined SHARED |
1626 |
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
1627 |
- # define LOADARGS_1 \ |
1628 |
- "bpushl .L__X'%k3, %k3\n\t" |
1629 |
- # define LOADARGS_5 \ |
1630 |
- "movl %%ebx, %4\n\t" \ |
1631 |
- "movl %3, %%ebx\n\t" |
1632 |
-+# define LOADARGS_NOSYSENTER_1 \ |
1633 |
-+ "bpushl .L__X'%k2, %k2\n\t" |
1634 |
-+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 |
1635 |
-+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 |
1636 |
-+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 |
1637 |
-+# define LOADARGS_NOSYSENTER_5 \ |
1638 |
-+ "movl %%ebx, %3\n\t" \ |
1639 |
-+ "movl %2, %%ebx\n\t" |
1640 |
- # else |
1641 |
- # define LOADARGS_1 \ |
1642 |
- "bpushl .L__X'%k2, %k2\n\t" |
1643 |
-@@ -474,11 +495,18 @@ |
1644 |
- |
1645 |
- #define RESTOREARGS_0 |
1646 |
- #ifdef __PIC__ |
1647 |
--# if defined I386_USE_SYSENTER && defined SHARED |
1648 |
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) |
1649 |
- # define RESTOREARGS_1 \ |
1650 |
- "bpopl .L__X'%k3, %k3\n\t" |
1651 |
- # define RESTOREARGS_5 \ |
1652 |
- "movl %4, %%ebx" |
1653 |
-+# define RESTOREARGS_NOSYSENTER_1 \ |
1654 |
-+ "bpopl .L__X'%k2, %k2\n\t" |
1655 |
-+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 |
1656 |
-+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 |
1657 |
-+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 |
1658 |
-+# define RESTOREARGS_NOSYSENTER_5 \ |
1659 |
-+ "movl %3, %%ebx" |
1660 |
- # else |
1661 |
- # define RESTOREARGS_1 \ |
1662 |
- "bpopl .L__X'%k2, %k2\n\t" |
1663 |
|
1664 |
diff --git a/sys-libs/glibc/files/2.20/glibc-2.20-gentoo-chk_fail.c b/sys-libs/glibc/files/2.20/glibc-2.20-gentoo-chk_fail.c |
1665 |
deleted file mode 100644 |
1666 |
index a8ab9d8a3e2..00000000000 |
1667 |
--- a/sys-libs/glibc/files/2.20/glibc-2.20-gentoo-chk_fail.c |
1668 |
+++ /dev/null |
1669 |
@@ -1,299 +0,0 @@ |
1670 |
-/* Copyright (C) 2004-2014 Free Software Foundation, Inc. |
1671 |
- Copyright (C) 2006-2014 Gentoo Foundation Inc. |
1672 |
- This file is part of the GNU C Library. |
1673 |
- |
1674 |
- The GNU C Library is free software; you can redistribute it and/or |
1675 |
- modify it under the terms of the GNU Lesser General Public |
1676 |
- License as published by the Free Software Foundation; either |
1677 |
- version 2.1 of the License, or (at your option) any later version. |
1678 |
- |
1679 |
- The GNU C Library is distributed in the hope that it will be useful, |
1680 |
- but WITHOUT ANY WARRANTY; without even the implied warranty of |
1681 |
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
1682 |
- Lesser General Public License for more details. |
1683 |
- |
1684 |
- You should have received a copy of the GNU Lesser General Public |
1685 |
- License along with the GNU C Library; if not, write to the Free |
1686 |
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA |
1687 |
- 02111-1307 USA. */ |
1688 |
- |
1689 |
-/* Hardened Gentoo SSP and FORTIFY handler |
1690 |
- |
1691 |
- A failure handler that does not use functions from the rest of glibc; |
1692 |
- it uses the INTERNAL_SYSCALL methods directly. This helps ensure no |
1693 |
- possibility of recursion into the handler. |
1694 |
- |
1695 |
- Direct all bug reports to http://bugs.gentoo.org/ |
1696 |
- |
1697 |
- People who have contributed significantly to the evolution of this file: |
1698 |
- Ned Ludd - <solar[@]gentoo.org> |
1699 |
- Alexander Gabert - <pappy[@]gentoo.org> |
1700 |
- The PaX Team - <pageexec[@]freemail.hu> |
1701 |
- Peter S. Mazinger - <ps.m[@]gmx.net> |
1702 |
- Yoann Vandoorselaere - <yoann[@]prelude-ids.org> |
1703 |
- Robert Connolly - <robert[@]linuxfromscratch.org> |
1704 |
- Cory Visi <cory[@]visi.name> |
1705 |
- Mike Frysinger <vapier[@]gentoo.org> |
1706 |
- Magnus Granberg <zorry[@]gentoo.org> |
1707 |
- Kevin F. Quinn - <kevquinn[@]gentoo.org> |
1708 |
- */ |
1709 |
- |
1710 |
-#include <errno.h> |
1711 |
-#include <stdio.h> |
1712 |
-#include <stdlib.h> |
1713 |
-#include <unistd.h> |
1714 |
-#include <signal.h> |
1715 |
- |
1716 |
-#include <sys/types.h> |
1717 |
- |
1718 |
-#include <sysdep-cancel.h> |
1719 |
-#include <sys/syscall.h> |
1720 |
- |
1721 |
-#include <kernel-features.h> |
1722 |
- |
1723 |
-#include <alloca.h> |
1724 |
-/* from sysdeps */ |
1725 |
-#include <socketcall.h> |
1726 |
-/* for the stuff in bits/socket.h */ |
1727 |
-#include <sys/socket.h> |
1728 |
-#include <sys/un.h> |
1729 |
- |
1730 |
-/* Sanity check on SYSCALL macro names - force compilation |
1731 |
- * failure if the names used here do not exist |
1732 |
- */ |
1733 |
-#if !defined __NR_socketcall && !defined __NR_socket |
1734 |
-# error Cannot do syscall socket or socketcall |
1735 |
-#endif |
1736 |
-#if !defined __NR_socketcall && !defined __NR_connect |
1737 |
-# error Cannot do syscall connect or socketcall |
1738 |
-#endif |
1739 |
-#ifndef __NR_write |
1740 |
-# error Cannot do syscall write |
1741 |
-#endif |
1742 |
-#ifndef __NR_close |
1743 |
-# error Cannot do syscall close |
1744 |
-#endif |
1745 |
-#ifndef __NR_getpid |
1746 |
-# error Cannot do syscall getpid |
1747 |
-#endif |
1748 |
-#ifndef __NR_kill |
1749 |
-# error Cannot do syscall kill |
1750 |
-#endif |
1751 |
-#ifndef __NR_exit |
1752 |
-# error Cannot do syscall exit |
1753 |
-#endif |
1754 |
-#ifdef SSP_SMASH_DUMPS_CORE |
1755 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 1 |
1756 |
-# if !defined _KERNEL_NSIG && !defined _NSIG |
1757 |
-# error No _NSIG or _KERNEL_NSIG for rt_sigaction |
1758 |
-# endif |
1759 |
-# if !defined __NR_sigaction && !defined __NR_rt_sigaction |
1760 |
-# error Cannot do syscall sigaction or rt_sigaction |
1761 |
-# endif |
1762 |
-/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size |
1763 |
- * of the _kernel_ sigset_t which is not the same as the user sigset_t. |
1764 |
- * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for |
1765 |
- * some reason. |
1766 |
- */ |
1767 |
-# ifdef _KERNEL_NSIG |
1768 |
-# define _SSP_NSIG _KERNEL_NSIG |
1769 |
-# else |
1770 |
-# define _SSP_NSIG _NSIG |
1771 |
-# endif |
1772 |
-#else |
1773 |
-# define _SSP_NSIG 0 |
1774 |
-# define ENABLE_SSP_SMASH_DUMPS_CORE 0 |
1775 |
-#endif |
1776 |
- |
1777 |
-/* Define DO_SIGACTION - default to newer rt signal interface but |
1778 |
- * fallback to old as needed. |
1779 |
- */ |
1780 |
-#ifdef __NR_rt_sigaction |
1781 |
-# define DO_SIGACTION(signum, act, oldact) \ |
1782 |
- INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) |
1783 |
-#else |
1784 |
-# define DO_SIGACTION(signum, act, oldact) \ |
1785 |
- INLINE_SYSCALL(sigaction, 3, signum, act, oldact) |
1786 |
-#endif |
1787 |
- |
1788 |
-/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ |
1789 |
-#if defined(__NR_socket) && defined(__NR_connect) |
1790 |
-# define USE_OLD_SOCKETCALL 0 |
1791 |
-#else |
1792 |
-# define USE_OLD_SOCKETCALL 1 |
1793 |
-#endif |
1794 |
- |
1795 |
-/* stub out the __NR_'s so we can let gcc optimize away dead code */ |
1796 |
-#ifndef __NR_socketcall |
1797 |
-# define __NR_socketcall 0 |
1798 |
-#endif |
1799 |
-#ifndef __NR_socket |
1800 |
-# define __NR_socket 0 |
1801 |
-#endif |
1802 |
-#ifndef __NR_connect |
1803 |
-# define __NR_connect 0 |
1804 |
-#endif |
1805 |
-#define DO_SOCKET(result, domain, type, protocol) \ |
1806 |
- do { \ |
1807 |
- if (USE_OLD_SOCKETCALL) { \ |
1808 |
- socketargs[0] = domain; \ |
1809 |
- socketargs[1] = type; \ |
1810 |
- socketargs[2] = protocol; \ |
1811 |
- socketargs[3] = 0; \ |
1812 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ |
1813 |
- } else \ |
1814 |
- result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ |
1815 |
- } while (0) |
1816 |
-#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ |
1817 |
- do { \ |
1818 |
- if (USE_OLD_SOCKETCALL) { \ |
1819 |
- socketargs[0] = sockfd; \ |
1820 |
- socketargs[1] = (unsigned long int)serv_addr; \ |
1821 |
- socketargs[2] = addrlen; \ |
1822 |
- socketargs[3] = 0; \ |
1823 |
- result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ |
1824 |
- } else \ |
1825 |
- result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ |
1826 |
- } while (0) |
1827 |
- |
1828 |
-#ifndef _PATH_LOG |
1829 |
-# define _PATH_LOG "/dev/log" |
1830 |
-#endif |
1831 |
- |
1832 |
-static const char path_log[] = _PATH_LOG; |
1833 |
- |
1834 |
-/* For building glibc with SSP switched on, define __progname to a |
1835 |
- * constant if building for the run-time loader, to avoid pulling |
1836 |
- * in more of libc.so into ld.so |
1837 |
- */ |
1838 |
-#ifdef IS_IN_rtld |
1839 |
-static const char *__progname = "<ldso>"; |
1840 |
-#else |
1841 |
-extern const char *__progname; |
1842 |
-#endif |
1843 |
- |
1844 |
-#ifdef GENTOO_SSP_HANDLER |
1845 |
-# define ERROR_MSG "stack smashing" |
1846 |
-#else |
1847 |
-# define ERROR_MSG "buffer overflow" |
1848 |
-#endif |
1849 |
- |
1850 |
-/* Common handler code, used by chk_fail |
1851 |
- * Inlined to ensure no self-references to the handler within itself. |
1852 |
- * Data static to avoid putting more than necessary on the stack, |
1853 |
- * to aid core debugging. |
1854 |
- */ |
1855 |
-__attribute__ ((__noreturn__, __always_inline__)) |
1856 |
-static inline void |
1857 |
-__hardened_gentoo_fail(void) |
1858 |
-{ |
1859 |
-#define MESSAGE_BUFSIZ 512 |
1860 |
- static pid_t pid; |
1861 |
- static int plen, i, hlen; |
1862 |
- static char message[MESSAGE_BUFSIZ]; |
1863 |
- /* <11> is LOG_USER|LOG_ERR. A dummy date for loggers to skip over. */ |
1864 |
- static const char msg_header[] = "<11>" __DATE__ " " __TIME__ " glibc-gentoo-hardened-check: "; |
1865 |
- static const char msg_ssd[] = "*** " ERROR_MSG " detected ***: "; |
1866 |
- static const char msg_terminated[] = " terminated; "; |
1867 |
- static const char msg_report[] = "report to " REPORT_BUGS_TO "\n"; |
1868 |
- static const char msg_unknown[] = "<unknown>"; |
1869 |
- static int log_socket, connect_result; |
1870 |
- static struct sockaddr_un sock; |
1871 |
- static unsigned long int socketargs[4]; |
1872 |
- |
1873 |
- /* Build socket address */ |
1874 |
- sock.sun_family = AF_UNIX; |
1875 |
- i = 0; |
1876 |
- while (path_log[i] != '\0' && i < sizeof(sock.sun_path) - 1) { |
1877 |
- sock.sun_path[i] = path_log[i]; |
1878 |
- ++i; |
1879 |
- } |
1880 |
- sock.sun_path[i] = '\0'; |
1881 |
- |
1882 |
- /* Try SOCK_DGRAM connection to syslog */ |
1883 |
- connect_result = -1; |
1884 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); |
1885 |
- if (log_socket != -1) |
1886 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
1887 |
- if (connect_result == -1) { |
1888 |
- if (log_socket != -1) |
1889 |
- INLINE_SYSCALL(close, 1, log_socket); |
1890 |
- /* Try SOCK_STREAM connection to syslog */ |
1891 |
- DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); |
1892 |
- if (log_socket != -1) |
1893 |
- DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); |
1894 |
- } |
1895 |
- |
1896 |
- /* Build message. Messages are generated both in the old style and new style, |
1897 |
- * so that log watchers that are configured for the old-style message continue |
1898 |
- * to work. |
1899 |
- */ |
1900 |
-#define strconcat(str) \ |
1901 |
- ({ \ |
1902 |
- i = 0; \ |
1903 |
- while ((str[i] != '\0') && ((i + plen) < (MESSAGE_BUFSIZ - 1))) { \ |
1904 |
- message[plen + i] = str[i]; \ |
1905 |
- ++i; \ |
1906 |
- } \ |
1907 |
- plen += i; \ |
1908 |
- }) |
1909 |
- |
1910 |
- /* Tersely log the failure */ |
1911 |
- plen = 0; |
1912 |
- strconcat(msg_header); |
1913 |
- hlen = plen; |
1914 |
- strconcat(msg_ssd); |
1915 |
- if (__progname != NULL) |
1916 |
- strconcat(__progname); |
1917 |
- else |
1918 |
- strconcat(msg_unknown); |
1919 |
- strconcat(msg_terminated); |
1920 |
- strconcat(msg_report); |
1921 |
- |
1922 |
- /* Write out error message to STDERR, to syslog if open */ |
1923 |
- INLINE_SYSCALL(write, 3, STDERR_FILENO, message + hlen, plen - hlen); |
1924 |
- if (connect_result != -1) { |
1925 |
- INLINE_SYSCALL(write, 3, log_socket, message, plen); |
1926 |
- INLINE_SYSCALL(close, 1, log_socket); |
1927 |
- } |
1928 |
- |
1929 |
- /* Time to kill self since we have no idea what is going on */ |
1930 |
- pid = INLINE_SYSCALL(getpid, 0); |
1931 |
- |
1932 |
- if (ENABLE_SSP_SMASH_DUMPS_CORE) { |
1933 |
- /* Remove any user-supplied handler for SIGABRT, before using it. */ |
1934 |
-#if 0 |
1935 |
- /* |
1936 |
- * Note: Disabled because some programs catch & process their |
1937 |
- * own crashes. We've already enabled this code path which |
1938 |
- * means we want to let core dumps happen. |
1939 |
- */ |
1940 |
- static struct sigaction default_abort_act; |
1941 |
- default_abort_act.sa_handler = SIG_DFL; |
1942 |
- default_abort_act.sa_sigaction = NULL; |
1943 |
- __sigfillset(&default_abort_act.sa_mask); |
1944 |
- default_abort_act.sa_flags = 0; |
1945 |
- if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) |
1946 |
-#endif |
1947 |
- INLINE_SYSCALL(kill, 2, pid, SIGABRT); |
1948 |
- } |
1949 |
- |
1950 |
- /* SIGKILL is only signal which cannot be caught */ |
1951 |
- INLINE_SYSCALL(kill, 2, pid, SIGKILL); |
1952 |
- |
1953 |
- /* In case the kill didn't work, exit anyway. |
1954 |
- * The loop prevents gcc thinking this routine returns. |
1955 |
- */ |
1956 |
- while (1) |
1957 |
- INLINE_SYSCALL(exit, 1, 137); |
1958 |
-} |
1959 |
- |
1960 |
-__attribute__ ((__noreturn__)) |
1961 |
-#ifdef GENTOO_SSP_HANDLER |
1962 |
-void __stack_chk_fail(void) |
1963 |
-#else |
1964 |
-void __chk_fail(void) |
1965 |
-#endif |
1966 |
-{ |
1967 |
- __hardened_gentoo_fail(); |
1968 |
-} |
1969 |
|
1970 |
diff --git a/sys-libs/glibc/files/2.20/glibc-2.20-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.20/glibc-2.20-gentoo-stack_chk_fail.c |
1971 |
deleted file mode 100644 |
1972 |
index 4a537bb52c5..00000000000 |
1973 |
--- a/sys-libs/glibc/files/2.20/glibc-2.20-gentoo-stack_chk_fail.c |
1974 |
+++ /dev/null |
1975 |
@@ -1,2 +0,0 @@ |
1976 |
-#define GENTOO_SSP_HANDLER |
1977 |
-#include <debug/chk_fail.c> |
1978 |
|
1979 |
diff --git a/sys-libs/glibc/files/2.20/glibc-2.20-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.20/glibc-2.20-hardened-inittls-nosysenter.patch |
1980 |
deleted file mode 100644 |
1981 |
index 35eabe94014..00000000000 |
1982 |
--- a/sys-libs/glibc/files/2.20/glibc-2.20-hardened-inittls-nosysenter.patch |
1983 |
+++ /dev/null |
1984 |
@@ -1,306 +0,0 @@ |
1985 |
-When building glibc PIE (which is not something upstream support), |
1986 |
-several modifications are necessary to the glibc build process. |
1987 |
- |
1988 |
-First, any syscalls in PIEs must be of the PIC variant, otherwise |
1989 |
-textrels ensue. Then, any syscalls made before the initialisation |
1990 |
-of the TLS will fail on i386, as the sysenter variant on i386 uses |
1991 |
-the TLS, giving rise to a chicken-and-egg situation. This patch |
1992 |
-defines a PIC syscall variant that doesn't use sysenter, even when the sysenter |
1993 |
-version is normally used, and uses the non-sysenter version for the brk |
1994 |
-syscall that is performed by the TLS initialisation. Further, the TLS |
1995 |
-initialisation is moved in this case prior to the initialisation of |
1996 |
-dl_osversion, as that requires further syscalls. |
1997 |
- |
1998 |
-csu/libc-start.c: Move initial TLS initialization to before the |
1999 |
-initialisation of dl_osversion, when INTERNAL_SYSCALL_PRE_TLS is defined |
2000 |
- |
2001 |
-csu/libc-tls.c: Use the no-sysenter version of sbrk when |
2002 |
-INTERNAL_SYSCALL_PRE_TLS is defined. |
2003 |
- |
2004 |
-misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter |
2005 |
-version of brk - if INTERNAL_SYSCALL_PRE_TLS is defined. |
2006 |
- |
2007 |
-misc/brk.c: Define a no-sysenter version of brk if |
2008 |
-INTERNAL_SYSCALL_PRE_TLS is defined. |
2009 |
- |
2010 |
-sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_PRE_TLS |
2011 |
-Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. |
2012 |
- |
2013 |
-Patch by Kevin F. Quinn <kevquinn@g.o> |
2014 |
-Fixed for 2.10 by Magnus Granberg <zorry@×××.nu> |
2015 |
-Fixed for 2.18 by Magnus Granberg <zorry@g.o> |
2016 |
-Fixed for 2.20 by Francisco Blas Izquierdo Riera <klondike@g.o> |
2017 |
- |
2018 |
---- a/csu/libc-start.c |
2019 |
-+++ b/csu/libc-start.c |
2020 |
-@@ -28,6 +28,7 @@ |
2021 |
- extern int __libc_multiple_libcs; |
2022 |
- |
2023 |
- #include <tls.h> |
2024 |
-+#include <sysdep.h> |
2025 |
- #ifndef SHARED |
2026 |
- # include <dl-osinfo.h> |
2027 |
- extern void __pthread_initialize_minimal (void); |
2028 |
-@@ -170,6 +171,11 @@ LIBC_START_MAIN (int (*main) (int, char |
2029 |
- } |
2030 |
- } |
2031 |
- |
2032 |
-+# ifdef INTERNAL_SYSCALL_PRE_TLS |
2033 |
-+ /* Do the initial TLS initialization before _dl_osversion, |
2034 |
-+ since the latter uses the uname syscall. */ |
2035 |
-+ __pthread_initialize_minimal (); |
2036 |
-+# endif |
2037 |
- # ifdef DL_SYSDEP_OSCHECK |
2038 |
- if (!__libc_multiple_libcs) |
2039 |
- { |
2040 |
-@@ -138,10 +144,12 @@ |
2041 |
- } |
2042 |
- # endif |
2043 |
- |
2044 |
-+# ifndef INTERNAL_SYSCALL_PRE_TLS |
2045 |
- /* Initialize the thread library at least a bit since the libgcc |
2046 |
- functions are using thread functions if these are available and |
2047 |
- we need to setup errno. */ |
2048 |
- __pthread_initialize_minimal (); |
2049 |
-+# endif |
2050 |
- |
2051 |
- /* Set up the stack checker's canary. */ |
2052 |
- uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); |
2053 |
---- a/csu/libc-tls.c |
2054 |
-+++ b/csu/libc-tls.c |
2055 |
-@@ -22,12 +22,17 @@ |
2056 |
- #include <unistd.h> |
2057 |
- #include <stdio.h> |
2058 |
- #include <sys/param.h> |
2059 |
-+#include <sysdep.h> |
2060 |
- |
2061 |
- |
2062 |
- #ifdef SHARED |
2063 |
- #error makefile bug, this file is for static only |
2064 |
- #endif |
2065 |
- |
2066 |
-+#ifdef INTERNAL_SYSCALL_PRE_TLS |
2067 |
-+extern void *__sbrk_nosysenter (intptr_t __delta); |
2068 |
-+#endif |
2069 |
-+ |
2070 |
- dtv_t _dl_static_dtv[2 + TLS_SLOTINFO_SURPLUS]; |
2071 |
- |
2072 |
- |
2073 |
-@@ -139,20 +144,29 @@ __libc_setup_tls (size_t tcbsize, size_t |
2074 |
- |
2075 |
- The initialized value of _dl_tls_static_size is provided by dl-open.c |
2076 |
- to request some surplus that permits dynamic loading of modules with |
2077 |
-- IE-model TLS. */ |
2078 |
-+ IE-model TLS. |
2079 |
-+ |
2080 |
-+ Where the normal sbrk would use a syscall that needs the TLS (i386) |
2081 |
-+ use the special non-sysenter version instead. */ |
2082 |
-+#ifdef INTERNAL_SYSCALL_PRE_TLS |
2083 |
-+# define __sbrk __sbrk_nosysenter |
2084 |
-+#endif |
2085 |
- #if TLS_TCB_AT_TP |
2086 |
- tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); |
2087 |
- tlsblock = __sbrk (tcb_offset + tcbsize + max_align); |
2088 |
- #elif TLS_DTV_AT_TP |
2089 |
- tcb_offset = roundup (tcbsize, align ?: 1); |
2090 |
- tlsblock = __sbrk (tcb_offset + memsz + max_align |
2091 |
- + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); |
2092 |
- tlsblock += TLS_PRE_TCB_SIZE; |
2093 |
- #else |
2094 |
- /* In case a model with a different layout for the TCB and DTV |
2095 |
- is defined add another #elif here and in the following #ifs. */ |
2096 |
- # error "Either TLS_TCB_AT_TP or TLS_DTV_AT_TP must be defined" |
2097 |
- #endif |
2098 |
-+#ifdef INTERNAL_SYSCALL_PRE_TLS |
2099 |
-+# undef __sbrk |
2100 |
-+#endif |
2101 |
- |
2102 |
- /* Align the TLS block. */ |
2103 |
- tlsblock = (void *) (((uintptr_t) tlsblock + max_align - 1) |
2104 |
---- a/misc/sbrk.c |
2105 |
-+++ b/misc/sbrk.c |
2106 |
-@@ -18,6 +18,7 @@ |
2107 |
- #include <errno.h> |
2108 |
- #include <stdint.h> |
2109 |
- #include <unistd.h> |
2110 |
-+#include <sysdep.h> |
2111 |
- |
2112 |
- /* Defined in brk.c. */ |
2113 |
- extern void *__curbrk; |
2114 |
-@@ -29,6 +30,35 @@ |
2115 |
- /* Extend the process's data space by INCREMENT. |
2116 |
- If INCREMENT is negative, shrink data space by - INCREMENT. |
2117 |
- Return start of new space allocated, or -1 for errors. */ |
2118 |
-+#ifdef INTERNAL_SYSCALL_PRE_TLS |
2119 |
-+/* This version is used by csu/libc-tls.c whem initialising the TLS |
2120 |
-+ if the SYSENTER version requires the TLS (which it does on i386). |
2121 |
-+ Obviously using the TLS before it is initialised is broken. */ |
2122 |
-+extern int __brk_nosysenter (void *addr); |
2123 |
-+void * |
2124 |
-+__sbrk_nosysenter (intptr_t increment) |
2125 |
-+{ |
2126 |
-+ void *oldbrk; |
2127 |
-+ |
2128 |
-+ /* If this is not part of the dynamic library or the library is used via |
2129 |
-+ dynamic loading in a statically linked program update __curbrk from the |
2130 |
-+ kernel's brk value. That way two separate instances of __brk and __sbrk |
2131 |
-+ can share the heap, returning interleaved pieces of it. */ |
2132 |
-+ if (__curbrk == NULL || __libc_multiple_libcs) |
2133 |
-+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ |
2134 |
-+ return (void *) -1; |
2135 |
-+ |
2136 |
-+ if (increment == 0) |
2137 |
-+ return __curbrk; |
2138 |
-+ |
2139 |
-+ oldbrk = __curbrk; |
2140 |
-+ if (__brk_nosysenter (oldbrk + increment) < 0) |
2141 |
-+ return (void *) -1; |
2142 |
-+ |
2143 |
-+ return oldbrk; |
2144 |
-+} |
2145 |
-+#endif |
2146 |
-+ |
2147 |
- void * |
2148 |
- __sbrk (intptr_t increment) |
2149 |
- { |
2150 |
---- a/sysdeps/unix/sysv/linux/i386/brk.c |
2151 |
-+++ b/sysdeps/unix/sysv/linux/i386/brk.c |
2152 |
-@@ -31,6 +31,30 @@ |
2153 |
- linker. */ |
2154 |
- weak_alias (__curbrk, ___brk_addr) |
2155 |
- |
2156 |
-+#ifdef INTERNAL_SYSCALL_PRE_TLS |
2157 |
-+/* This version is used by csu/libc-tls.c whem initialising the TLS |
2158 |
-+ if the SYSENTER version requires the TLS (which it does on i386). |
2159 |
-+ Obviously using the TLS before it is initialised is broken. */ |
2160 |
-+int |
2161 |
-+__brk_nosysenter (void *addr) |
2162 |
-+{ |
2163 |
-+ void *newbrk; |
2164 |
-+ |
2165 |
-+ INTERNAL_SYSCALL_DECL (err); |
2166 |
-+ newbrk = (void *) INTERNAL_SYSCALL_PRE_TLS (brk, err, 1, addr); |
2167 |
-+ |
2168 |
-+ __curbrk = newbrk; |
2169 |
-+ |
2170 |
-+ if (newbrk < addr) |
2171 |
-+ { |
2172 |
-+ __set_errno (ENOMEM); |
2173 |
-+ return -1; |
2174 |
-+ } |
2175 |
-+ |
2176 |
-+ return 0; |
2177 |
-+} |
2178 |
-+#endif |
2179 |
-+ |
2180 |
- int |
2181 |
- __brk (void *addr) |
2182 |
- { |
2183 |
---- a/sysdeps/unix/sysv/linux/i386/sysdep.h |
2184 |
-+++ b/sysdeps/unix/sysv/linux/i386/sysdep.h |
2185 |
-@@ -187,7 +187,7 @@ |
2186 |
- /* The original calling convention for system calls on Linux/i386 is |
2187 |
- to use int $0x80. */ |
2188 |
- #ifdef I386_USE_SYSENTER |
2189 |
--# ifdef SHARED |
2190 |
-+# ifdef __PIC__ |
2191 |
- # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET |
2192 |
- # else |
2193 |
- # define ENTER_KERNEL call *_dl_sysinfo |
2194 |
-@@ -358,7 +358,7 @@ |
2195 |
- possible to use more than four parameters. */ |
2196 |
- #undef INTERNAL_SYSCALL |
2197 |
- #ifdef I386_USE_SYSENTER |
2198 |
--# ifdef SHARED |
2199 |
-+# ifdef __PIC__ |
2200 |
- # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
2201 |
- ({ \ |
2202 |
- register unsigned int resultvar; \ |
2203 |
-@@ -384,6 +384,18 @@ |
2204 |
- : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ |
2205 |
- ASMFMT_##nr(args) : "memory", "cc"); \ |
2206 |
- (int) resultvar; }) |
2207 |
-+# define INTERNAL_SYSCALL_PRE_TLS(name, err, nr, args...) \ |
2208 |
-+ ({ \ |
2209 |
-+ register unsigned int resultvar; \ |
2210 |
-+ EXTRAVAR_##nr \ |
2211 |
-+ asm volatile ( \ |
2212 |
-+ LOADARGS_NOSYSENTER_##nr \ |
2213 |
-+ "movl %1, %%eax\n\t" \ |
2214 |
-+ "int $0x80\n\t" \ |
2215 |
-+ RESTOREARGS_NOSYSENTER_##nr \ |
2216 |
-+ : "=a" (resultvar) \ |
2217 |
-+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ |
2218 |
-+ (int) resultvar; }) |
2219 |
- # else |
2220 |
- # define INTERNAL_SYSCALL(name, err, nr, args...) \ |
2221 |
- ({ \ |
2222 |
-@@ -447,12 +459,20 @@ |
2223 |
- |
2224 |
- #define LOADARGS_0 |
2225 |
- #ifdef __PIC__ |
2226 |
--# if defined I386_USE_SYSENTER && defined SHARED |
2227 |
-+# if defined I386_USE_SYSENTER && defined __PIC__ |
2228 |
- # define LOADARGS_1 \ |
2229 |
- "bpushl .L__X'%k3, %k3\n\t" |
2230 |
- # define LOADARGS_5 \ |
2231 |
- "movl %%ebx, %4\n\t" \ |
2232 |
- "movl %3, %%ebx\n\t" |
2233 |
-+# define LOADARGS_NOSYSENTER_1 \ |
2234 |
-+ "bpushl .L__X'%k2, %k2\n\t" |
2235 |
-+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 |
2236 |
-+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 |
2237 |
-+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 |
2238 |
-+# define LOADARGS_NOSYSENTER_5 \ |
2239 |
-+ "movl %%ebx, %3\n\t" \ |
2240 |
-+ "movl %2, %%ebx\n\t" |
2241 |
- # else |
2242 |
- # define LOADARGS_1 \ |
2243 |
- "bpushl .L__X'%k2, %k2\n\t" |
2244 |
-@@ -474,11 +494,18 @@ |
2245 |
- |
2246 |
- #define RESTOREARGS_0 |
2247 |
- #ifdef __PIC__ |
2248 |
--# if defined I386_USE_SYSENTER && defined SHARED |
2249 |
-+# if defined I386_USE_SYSENTER && defined __PIC__ |
2250 |
- # define RESTOREARGS_1 \ |
2251 |
- "bpopl .L__X'%k3, %k3\n\t" |
2252 |
- # define RESTOREARGS_5 \ |
2253 |
- "movl %4, %%ebx" |
2254 |
-+# define RESTOREARGS_NOSYSENTER_1 \ |
2255 |
-+ "bpopl .L__X'%k2, %k2\n\t" |
2256 |
-+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 |
2257 |
-+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 |
2258 |
-+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 |
2259 |
-+# define RESTOREARGS_NOSYSENTER_5 \ |
2260 |
-+ "movl %3, %%ebx" |
2261 |
- # else |
2262 |
- # define RESTOREARGS_1 \ |
2263 |
- "bpopl .L__X'%k2, %k2\n\t" |
2264 |
---- a/sysdeps/i386/nptl/tls.h |
2265 |
-+++ b/sysdeps/i386/nptl/tls.h |
2266 |
-@@ -189,6 +189,15 @@ |
2267 |
- desc->vals[3] = 0x51; |
2268 |
- } |
2269 |
- |
2270 |
-+/* We have no sysenter until the tls is initialized which is a |
2271 |
-+ problem for PIC. Thus we need to do the right call depending |
2272 |
-+ on the situation. */ |
2273 |
-+#ifndef INTERNAL_SYSCALL_PRE_TLS |
2274 |
-+# define TLS_INIT_SYSCALL INTERNAL_SYSCALL |
2275 |
-+#else |
2276 |
-+# define TLS_INIT_SYSCALL INTERNAL_SYSCALL_PRE_TLS |
2277 |
-+#endif |
2278 |
-+ |
2279 |
- /* Code to initially initialize the thread pointer. This might need |
2280 |
- special attention since 'errno' is not yet available and if the |
2281 |
- operation can cause a failure 'errno' must not be touched. */ |
2282 |
-@@ -209,7 +218,7 @@ |
2283 |
- \ |
2284 |
- /* Install the TLS. */ \ |
2285 |
- INTERNAL_SYSCALL_DECL (err); \ |
2286 |
-- _result = INTERNAL_SYSCALL (set_thread_area, err, 1, &_segdescr.desc); \ |
2287 |
-+ _result = TLS_INIT_SYSCALL (set_thread_area, err, 1, &_segdescr.desc); \ |
2288 |
- \ |
2289 |
- if (_result == 0) \ |
2290 |
- /* We know the index in the GDT, now load the segment register. \ |
2291 |
|
2292 |
diff --git a/sys-libs/glibc/glibc-2.21-r2.ebuild b/sys-libs/glibc/glibc-2.21-r2.ebuild |
2293 |
deleted file mode 100644 |
2294 |
index accbd33c95a..00000000000 |
2295 |
--- a/sys-libs/glibc/glibc-2.21-r2.ebuild |
2296 |
+++ /dev/null |
2297 |
@@ -1,149 +0,0 @@ |
2298 |
-# Copyright 1999-2018 Gentoo Foundation |
2299 |
-# Distributed under the terms of the GNU General Public License v2 |
2300 |
- |
2301 |
-EAPI="4" |
2302 |
- |
2303 |
-inherit toolchain-glibc |
2304 |
- |
2305 |
-DESCRIPTION="GNU libc6 (also called glibc2) C library" |
2306 |
-HOMEPAGE="https://www.gnu.org/software/libc/libc.html" |
2307 |
- |
2308 |
-LICENSE="LGPL-2.1+ BSD HPND ISC inner-net rc PCRE" |
2309 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" |
2310 |
-RESTRICT="strip" # strip ourself #46186 |
2311 |
-EMULTILIB_PKG="true" |
2312 |
- |
2313 |
-# Configuration variables |
2314 |
-RELEASE_VER="" |
2315 |
-case ${PV} in |
2316 |
-9999*) |
2317 |
- EGIT_REPO_URIS="git://sourceware.org/git/glibc.git" |
2318 |
- inherit git-r3 |
2319 |
- ;; |
2320 |
-*) |
2321 |
- RELEASE_VER=${PV} |
2322 |
- ;; |
2323 |
-esac |
2324 |
-GCC_BOOTSTRAP_VER="4.7.3-r1" |
2325 |
-PATCH_VER="7" # Gentoo patchset |
2326 |
-: ${NPTL_KERN_VER:="2.6.32"} # min kernel version nptl requires |
2327 |
- |
2328 |
-IUSE="debug gd hardened multilib nscd selinux systemtap profile suid vanilla headers-only" |
2329 |
- |
2330 |
-# Here's how the cross-compile logic breaks down ... |
2331 |
-# CTARGET - machine that will target the binaries |
2332 |
-# CHOST - machine that will host the binaries |
2333 |
-# CBUILD - machine that will build the binaries |
2334 |
-# If CTARGET != CHOST, it means you want a libc for cross-compiling. |
2335 |
-# If CHOST != CBUILD, it means you want to cross-compile the libc. |
2336 |
-# CBUILD = CHOST = CTARGET - native build/install |
2337 |
-# CBUILD != (CHOST = CTARGET) - cross-compile a native build |
2338 |
-# (CBUILD = CHOST) != CTARGET - libc for cross-compiler |
2339 |
-# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler |
2340 |
-# For install paths: |
2341 |
-# CHOST = CTARGET - install into / |
2342 |
-# CHOST != CTARGET - install into /usr/CTARGET/ |
2343 |
- |
2344 |
-export CBUILD=${CBUILD:-${CHOST}} |
2345 |
-export CTARGET=${CTARGET:-${CHOST}} |
2346 |
-if [[ ${CTARGET} == ${CHOST} ]] ; then |
2347 |
- if [[ ${CATEGORY} == cross-* ]] ; then |
2348 |
- export CTARGET=${CATEGORY#cross-} |
2349 |
- fi |
2350 |
-fi |
2351 |
- |
2352 |
-is_crosscompile() { |
2353 |
- [[ ${CHOST} != ${CTARGET} ]] |
2354 |
-} |
2355 |
- |
2356 |
-# Why SLOT 2.2 you ask yourself while sippin your tea ? |
2357 |
-# Everyone knows 2.2 > 0, duh. |
2358 |
-SLOT="2.2" |
2359 |
- |
2360 |
-# General: We need a new-enough binutils/gcc to match upstream baseline. |
2361 |
-# arch: we need to make sure our binutils/gcc supports TLS. |
2362 |
-DEPEND=">=app-misc/pax-utils-0.1.10 |
2363 |
- !<sys-apps/sandbox-1.6 |
2364 |
- !<sys-apps/portage-2.1.2 |
2365 |
- selinux? ( sys-libs/libselinux )" |
2366 |
-RDEPEND="!sys-kernel/ps3-sources |
2367 |
- sys-apps/gentoo-functions |
2368 |
- selinux? ( sys-libs/libselinux ) |
2369 |
- !sys-libs/nss-db" |
2370 |
- |
2371 |
-if [[ ${CATEGORY} == cross-* ]] ; then |
2372 |
- DEPEND+=" !headers-only? ( |
2373 |
- >=${CATEGORY}/binutils-2.24 |
2374 |
- >=${CATEGORY}/gcc-4.6 |
2375 |
- )" |
2376 |
- [[ ${CATEGORY} == *-linux* ]] && DEPEND+=" ${CATEGORY}/linux-headers" |
2377 |
-else |
2378 |
- DEPEND+=" |
2379 |
- >=sys-devel/binutils-2.24 |
2380 |
- >=sys-devel/gcc-4.6 |
2381 |
- virtual/os-headers" |
2382 |
- RDEPEND+=" vanilla? ( !sys-libs/timezone-data )" |
2383 |
- PDEPEND+=" !vanilla? ( sys-libs/timezone-data )" |
2384 |
-fi |
2385 |
- |
2386 |
-upstream_uris() { |
2387 |
- echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 |
2388 |
-} |
2389 |
-gentoo_uris() { |
2390 |
- local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" |
2391 |
- devspace=${devspace//HTTP/https://dev.gentoo.org/} |
2392 |
- echo mirror://gentoo/$1 ${devspace//URI/$1} |
2393 |
-} |
2394 |
-SRC_URI=$( |
2395 |
- [[ -z ${EGIT_REPO_URIS} ]] && upstream_uris ${P}.tar.xz |
2396 |
- [[ -n ${PATCH_VER} ]] && gentoo_uris ${P}-patches-${PATCH_VER}.tar.bz2 |
2397 |
-) |
2398 |
-SRC_URI+=" ${GCC_BOOTSTRAP_VER:+multilib? ( $(gentoo_uris gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2) )}" |
2399 |
- |
2400 |
-src_unpack() { |
2401 |
- [[ -n ${GCC_BOOTSTRAP_VER} ]] && use multilib && unpack gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2 |
2402 |
- |
2403 |
- toolchain-glibc_src_unpack |
2404 |
-} |
2405 |
- |
2406 |
-src_prepare() { |
2407 |
- toolchain-glibc_src_prepare |
2408 |
- |
2409 |
- cd "${S}" |
2410 |
- |
2411 |
- epatch "${FILESDIR}"/2.19/${PN}-2.19-ia64-gcc-4.8-reloc-hack.patch #503838 |
2412 |
- |
2413 |
- if use hardened ; then |
2414 |
- einfo "Patching to get working PIE binaries on PIE (hardened) platforms" |
2415 |
- tc-enables-pie && epatch "${FILESDIR}"/2.17/glibc-2.17-hardened-pie.patch |
2416 |
- epatch "${FILESDIR}"/2.20/glibc-2.20-hardened-inittls-nosysenter.patch |
2417 |
- |
2418 |
- # We don't enable these for non-hardened as the output is very terse -- |
2419 |
- # it only states that a crash happened. The default upstream behavior |
2420 |
- # includes backtraces and symbols. |
2421 |
- einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" |
2422 |
- cp "${FILESDIR}"/2.20/glibc-2.20-gentoo-stack_chk_fail.c debug/stack_chk_fail.c || die |
2423 |
- cp "${FILESDIR}"/2.20/glibc-2.20-gentoo-chk_fail.c debug/chk_fail.c || die |
2424 |
- |
2425 |
- if use debug ; then |
2426 |
- # Allow SIGABRT to dump core on non-hardened systems, or when debug is requested. |
2427 |
- sed -i \ |
2428 |
- -e '/^CFLAGS-backtrace.c/ iCPPFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ |
2429 |
- -e '/^CFLAGS-backtrace.c/ iCPPFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ |
2430 |
- debug/Makefile || die |
2431 |
- fi |
2432 |
- |
2433 |
- # Build various bits with ssp-all |
2434 |
- sed -i \ |
2435 |
- -e 's:-fstack-protector$:-fstack-protector-all:' \ |
2436 |
- */Makefile || die |
2437 |
- fi |
2438 |
- |
2439 |
- case $(gcc-fullversion) in |
2440 |
- 4.8.[0-3]|4.9.0) |
2441 |
- eerror "You need to switch to a newer compiler; gcc-4.8.[0-3] and gcc-4.9.0 miscompile" |
2442 |
- eerror "glibc. See https://bugs.gentoo.org/547420 for details." |
2443 |
- die "need to switch compilers #547420" |
2444 |
- ;; |
2445 |
- esac |
2446 |
-} |