Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 517393d903089f921915530ffa689a7a1d113420 / . / poky / meta / recipes-core / glibc / glibc_2.36.bb
blob: 3010f783ac9be44413f9271e7c79e48ac32f6ddc [file] [log] [blame]
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]1require glibc.inc
2require glibc-version.inc
3
4CVE_CHECK_IGNORE += "CVE-2020-10029 CVE-2021-27645"
5
6# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
7# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023
8# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024
9# Upstream glibc maintainers dispute there is any issue and have no plans to address it further.
10# "this is being treated as a non-security bug and no real threat."
11CVE_CHECK_IGNORE += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024"
12
13# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025
14# Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow
15# easier access for another. "ASLR bypass itself is not a vulnerability."
16# Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853
17CVE_CHECK_IGNORE += "CVE-2019-1010025"
18
Andrew Geissler87f5cff2022-09-30 13:13:31 -0500[diff] [blame]19# This has been integrated into the 2.36 branch as of c399271 so is now fixed
20CVE_CHECK_IGNORE += "CVE-2022-39046"
21
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]22DEPENDS += "gperf-native bison-native"
23
24NATIVESDKFIXES ?= ""
25NATIVESDKFIXES:class-nativesdk = "\
26 file://0003-nativesdk-glibc-Look-for-host-system-ld.so.cache-as-.patch \
27 file://0004-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch \
28 file://0005-nativesdk-glibc-Raise-the-size-of-arrays-containing-.patch \
29 file://0006-nativesdk-glibc-Allow-64-bit-atomics-for-x86.patch \
30 file://0007-nativesdk-glibc-Make-relocatable-install-for-locales.patch \
31 file://0008-nativesdk-glibc-Fall-back-to-faccessat-on-faccess2-r.patch \
32"
33
34SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
35 file://etc/ld.so.conf \
36 file://generate-supported.mk \
37 file://makedbs.sh \
38 \
39 ${NATIVESDKFIXES} \
40 file://0009-yes-within-the-path-sets-wrong-config-variables.patch \
41 file://0010-eglibc-Cross-building-and-testing-instructions.patch \
42 file://0011-eglibc-Help-bootstrap-cross-toolchain.patch \
43 file://0012-eglibc-Resolve-__fpscr_values-on-SH4.patch \
44 file://0013-eglibc-Forward-port-cross-locale-generation-support.patch \
45 file://0014-localedef-add-to-archive-uses-a-hard-coded-locale-pa.patch \
46 file://0015-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \
47 file://0016-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
48 file://0017-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
49 file://0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
50 file://0019-Replace-echo-with-printf-builtin-in-nscd-init-script.patch \
51 file://0020-sysdeps-gnu-configure.ac-Set-libc_cv_rootsbindir-onl.patch \
52 file://0021-timezone-Make-shell-interpreter-overridable-in-tzsel.patch \
53 file://0022-tzselect.ksh-Use-bin-sh-default-shell-interpreter.patch \
54 file://0023-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \
55 file://0024-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \
56 file://0025-startup-Force-O2.patch \
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame^]57 file://0001-Linux-Add-ppoll-fortify-symbol-for-64-bit-time_t-BZ-.patch \
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]58"
59S = "${WORKDIR}/git"
60B = "${WORKDIR}/build-${TARGET_SYS}"
61
62PACKAGES_DYNAMIC = ""
63
64# the -isystem in bitbake.conf screws up glibc do_stage
65BUILD_CPPFLAGS = "-I${STAGING_INCDIR_NATIVE}"
66TARGET_CPPFLAGS = "-I${STAGING_DIR_TARGET}${includedir}"
67
68GLIBC_BROKEN_LOCALES = ""
69
70GLIBCPIE ??= ""
71
72EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \
73 --disable-profile \
74 --disable-debug --without-gd \
75 --enable-clocale=gnu \
76 --with-headers=${STAGING_INCDIR} \
77 --without-selinux \
78 --enable-tunables \
79 --enable-bind-now \
80 --enable-stack-protector=strong \
81 --disable-crypt \
82 --with-default-link \
83 ${@bb.utils.contains_any('SELECTED_OPTIMIZATION', '-O0 -Og', '--disable-werror', '', d)} \
84 ${GLIBCPIE} \
85 ${GLIBC_EXTRA_OECONF}"
86
87EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}"
88
89EXTRA_OECONF:append:x86 = " ${@bb.utils.contains_any('TUNE_FEATURES', 'i586 c3', '--disable-cet', '--enable-cet', d)}"
90EXTRA_OECONF:append:x86-64 = " --enable-cet"
91
92PACKAGECONFIG ??= "nscd memory-tagging"
93PACKAGECONFIG[nscd] = "--enable-nscd,--disable-nscd"
94PACKAGECONFIG[memory-tagging] = "--enable-memory-tagging,--disable-memory-tagging"
95
96do_patch:append() {
97 bb.build.exec_func('do_fix_readlib_c', d)
98}
99
100do_fix_readlib_c () {
101 sed -i -e 's#OECORE_KNOWN_INTERPRETER_NAMES#${EGLIBC_KNOWN_INTERPRETER_NAMES}#' ${S}/elf/readlib.c
102}
103
104do_configure () {
105# override this function to avoid the autoconf/automake/aclocal/autoheader
106# calls for now
107# don't pass CPPFLAGS into configure, since it upsets the kernel-headers
108# version check and doesn't really help with anything
109 (cd ${S} && gnu-configize) || die "failure in running gnu-configize"
110 find ${S} -name "configure" | xargs touch
111 CPPFLAGS="" oe_runconf
112}
113
114LDFLAGS += "-fuse-ld=bfd"
115do_compile () {
116 base_do_compile
117 echo "Adjust ldd script"
118 if [ -n "${RTLDLIST}" ]
119 then
120 prevrtld=`cat ${B}/elf/ldd | grep "^RTLDLIST=" | sed 's#^RTLDLIST="\?\([^"]*\)"\?$#\1#'`
121 # remove duplicate entries
122 newrtld=`echo $(printf '%s\n' ${prevrtld} ${RTLDLIST} | LC_ALL=C sort -u)`
123 echo "ldd \"${prevrtld} ${RTLDLIST}\" -> \"${newrtld}\""
124 sed -i ${B}/elf/ldd -e "s#^RTLDLIST=.*\$#RTLDLIST=\"${newrtld}\"#"
125 fi
126}
127
128require glibc-package.inc
129
130BBCLASSEXTEND = "nativesdk"