Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 1 | require glibc.inc |
| 2 | require glibc-version.inc |
| 3 | |
William A. Kennington III | ac69b48 | 2021-06-02 12:28:27 -0700 | [diff] [blame] | 4 | CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2021-27645" |
| 5 | |
| 6 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022 |
| 7 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023 |
| 8 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024 |
| 9 | # Upstream glibc maintainers dispute there is any issue and have no plans to address it further. |
| 10 | # "this is being treated as a non-security bug and no real threat." |
| 11 | CVE_CHECK_WHITELIST += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024" |
| 12 | |
| 13 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025 |
| 14 | # Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow |
| 15 | # easier access for another. "ASLR bypass itself is not a vulnerability." |
| 16 | # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853 |
| 17 | CVE_CHECK_WHITELIST += "CVE-2019-1010025" |
Andrew Geissler | b7d2861 | 2020-07-24 16:15:54 -0500 | [diff] [blame] | 18 | |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 19 | DEPENDS += "gperf-native bison-native make-native" |
| 20 | |
| 21 | NATIVESDKFIXES ?= "" |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 22 | NATIVESDKFIXES:class-nativesdk = "\ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 23 | file://0003-nativesdk-glibc-Look-for-host-system-ld.so.cache-as-.patch \ |
| 24 | file://0004-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch \ |
| 25 | file://0005-nativesdk-glibc-Raise-the-size-of-arrays-containing-.patch \ |
| 26 | file://0006-nativesdk-glibc-Allow-64-bit-atomics-for-x86.patch \ |
| 27 | file://0007-nativesdk-glibc-Make-relocatable-install-for-locales.patch \ |
Patrick Williams | 0ca19cc | 2021-08-16 14:03:13 -0500 | [diff] [blame] | 28 | file://0008-nativesdk-glibc-Fall-back-to-faccessat-on-faccess2-r.patch \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 29 | " |
| 30 | |
| 31 | SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ |
| 32 | file://etc/ld.so.conf \ |
| 33 | file://generate-supported.mk \ |
| 34 | file://makedbs.sh \ |
| 35 | \ |
| 36 | ${NATIVESDKFIXES} \ |
Patrick Williams | 0ca19cc | 2021-08-16 14:03:13 -0500 | [diff] [blame] | 37 | file://0009-fsl-e500-e5500-e6500-603e-fsqrt-implementation.patch \ |
| 38 | file://0010-ppc-sqrt-Fix-undefined-reference-to-__sqrt_finite.patch \ |
| 39 | file://0011-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \ |
| 40 | file://0012-Quote-from-bug-1443-which-explains-what-the-patch-do.patch \ |
| 41 | file://0013-eglibc-run-libm-err-tab.pl-with-specific-dirs-in-S.patch \ |
| 42 | file://0014-__ieee754_sqrt-f-are-now-inline-functions-and-call-o.patch \ |
| 43 | file://0015-sysdeps-gnu-configure.ac-handle-correctly-libc_cv_ro.patch \ |
| 44 | file://0016-yes-within-the-path-sets-wrong-config-variables.patch \ |
| 45 | file://0017-timezone-re-written-tzselect-as-posix-sh.patch \ |
| 46 | file://0018-Remove-bash-dependency-for-nscd-init-script.patch \ |
| 47 | file://0019-eglibc-Cross-building-and-testing-instructions.patch \ |
| 48 | file://0020-eglibc-Help-bootstrap-cross-toolchain.patch \ |
| 49 | file://0021-eglibc-Resolve-__fpscr_values-on-SH4.patch \ |
| 50 | file://0022-eglibc-Forward-port-cross-locale-generation-support.patch \ |
| 51 | file://0024-localedef-add-to-archive-uses-a-hard-coded-locale-pa.patch \ |
| 52 | file://0025-elf-dl-deps.c-Make-_dl_build_local_scope-breadth-fir.patch \ |
| 53 | file://0026-intl-Emit-no-lines-in-bison-generated-files.patch \ |
Andrew Geissler | 635e0e4 | 2020-08-21 15:58:33 -0500 | [diff] [blame] | 54 | file://0027-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \ |
| 55 | file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \ |
| 56 | file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \ |
| 57 | file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \ |
Andrew Geissler | d159c7f | 2021-09-02 21:05:58 -0500 | [diff] [blame] | 58 | file://0001-CVE-2021-38604.patch \ |
| 59 | file://0002-CVE-2021-38604.patch \ |
| 60 | file://0001-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 61 | " |
| 62 | S = "${WORKDIR}/git" |
| 63 | B = "${WORKDIR}/build-${TARGET_SYS}" |
| 64 | |
| 65 | PACKAGES_DYNAMIC = "" |
| 66 | |
| 67 | # the -isystem in bitbake.conf screws up glibc do_stage |
| 68 | BUILD_CPPFLAGS = "-I${STAGING_INCDIR_NATIVE}" |
| 69 | TARGET_CPPFLAGS = "-I${STAGING_DIR_TARGET}${includedir}" |
| 70 | |
| 71 | GLIBC_BROKEN_LOCALES = "" |
| 72 | |
| 73 | GLIBCPIE ??= "" |
| 74 | |
| 75 | EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \ |
| 76 | --disable-profile \ |
| 77 | --disable-debug --without-gd \ |
| 78 | --enable-clocale=gnu \ |
| 79 | --with-headers=${STAGING_INCDIR} \ |
| 80 | --without-selinux \ |
| 81 | --enable-tunables \ |
| 82 | --enable-bind-now \ |
| 83 | --enable-stack-protector=strong \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 84 | --disable-crypt \ |
| 85 | --with-default-link \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 86 | ${@bb.utils.contains_any('SELECTED_OPTIMIZATION', '-O0 -Og', '--disable-werror', '', d)} \ |
| 87 | ${GLIBCPIE} \ |
| 88 | ${GLIBC_EXTRA_OECONF}" |
| 89 | |
| 90 | EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}" |
| 91 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 92 | EXTRA_OECONF:append:x86 = " --enable-cet" |
| 93 | EXTRA_OECONF:append:x86-64 = " --enable-cet" |
Andrew Geissler | d1e8949 | 2021-02-12 15:35:20 -0600 | [diff] [blame] | 94 | |
Andrew Geissler | 5f35090 | 2021-07-23 13:09:54 -0400 | [diff] [blame] | 95 | PACKAGECONFIG ??= "nscd memory-tagging" |
Andrew Geissler | c3d88e4 | 2020-10-02 09:45:00 -0500 | [diff] [blame] | 96 | PACKAGECONFIG[nscd] = "--enable-nscd,--disable-nscd" |
Andrew Geissler | 0903674 | 2021-06-25 14:25:14 -0500 | [diff] [blame] | 97 | PACKAGECONFIG[memory-tagging] = "--enable-memory-tagging,--disable-memory-tagging" |
Andrew Geissler | c3d88e4 | 2020-10-02 09:45:00 -0500 | [diff] [blame] | 98 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 99 | do_patch:append() { |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 100 | bb.build.exec_func('do_fix_readlib_c', d) |
| 101 | } |
| 102 | |
| 103 | do_fix_readlib_c () { |
| 104 | sed -i -e 's#OECORE_KNOWN_INTERPRETER_NAMES#${EGLIBC_KNOWN_INTERPRETER_NAMES}#' ${S}/elf/readlib.c |
| 105 | } |
| 106 | |
| 107 | do_configure () { |
| 108 | # override this function to avoid the autoconf/automake/aclocal/autoheader |
| 109 | # calls for now |
| 110 | # don't pass CPPFLAGS into configure, since it upsets the kernel-headers |
| 111 | # version check and doesn't really help with anything |
| 112 | (cd ${S} && gnu-configize) || die "failure in running gnu-configize" |
| 113 | find ${S} -name "configure" | xargs touch |
| 114 | CPPFLAGS="" oe_runconf |
| 115 | } |
| 116 | |
| 117 | LDFLAGS += "-fuse-ld=bfd" |
| 118 | do_compile () { |
| 119 | base_do_compile |
| 120 | echo "Adjust ldd script" |
| 121 | if [ -n "${RTLDLIST}" ] |
| 122 | then |
| 123 | prevrtld=`cat ${B}/elf/ldd | grep "^RTLDLIST=" | sed 's#^RTLDLIST="\?\([^"]*\)"\?$#\1#'` |
| 124 | # remove duplicate entries |
| 125 | newrtld=`echo $(printf '%s\n' ${prevrtld} ${RTLDLIST} | LC_ALL=C sort -u)` |
| 126 | echo "ldd \"${prevrtld} ${RTLDLIST}\" -> \"${newrtld}\"" |
| 127 | sed -i ${B}/elf/ldd -e "s#^RTLDLIST=.*\$#RTLDLIST=\"${newrtld}\"#" |
| 128 | fi |
| 129 | } |
| 130 | |
| 131 | require glibc-package.inc |
| 132 | |
| 133 | BBCLASSEXTEND = "nativesdk" |