6b3195ae62
23514c72b7 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246) d0338312aa syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779) d37c2b20a4 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780) 30e546d76e x86_64: Optimize ffsll function code size. 18876c9ff5 S390: Fix building with --disable-mutli-arch [BZ #31196] 6f68075869 sparc: Fix broken memset for sparc32 [BZ #31068] 0e383d2d4e sparc64: Remove unwind information from signal return stubs [BZ#31244] aac57faf54 sparc: Fix sparc64 memmove length comparison (BZ 31266) 0c5e5bace5 sparc: Remove unwind information from signal return stubs [BZ #31244] b09073e631 arm: Remove wrong ldr from _dl_start_user (BZ 31339) 506e47da1d malloc: Use __get_nprocs on arena_get2 (BZ 30945) ee4806e978 S390: Do not clobber r7 in clone [BZ #31402] 5753cda1ca linux: Use rseq area unconditionally in sched_getcpu (bug 31479) 0518bb0c16 LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf 5456ff5d80 Add HWCAP2_MOPS from Linux 6.5 to AArch64 bits/hwcap.h d8a2b56b4f AArch64: Add support for MOPS memcpy/memmove/memset 25b66e8c4a AArch64: Cleanup ifuncs 1521237c32 AArch64: Cleanup emag memset 156e44845f AArch64: Add memset_zva64 a08ff92294 AArch64: Remove Falkor memcpy 168ae58e6e aarch64: correct CFI in rawmemchr (bug 31113) 1bf17ce978 aarch64: fix check for SVE support in assembler 92da7c2cfe AArch64: Check kernel version for SVE ifuncs 20534f8176 powerpc: Fix ld.so address determination for PCREL mode (bug 31640) e1135387de iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961) 61484011e7 sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574) 78d9f91da6 login: Check default sizes of structs utmp, utmpx, lastlog 68bff88592 login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701) decc9f504a nptl: Fix tst-cancel30 on kernels without ppoll_time64 support 29e20bd122 i386: ulp update for SSE2 --disable-multi-arch configurations 5968aebb86 CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677) 541ea5172a CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678) 2ae9446c1b CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678) 71af8ca864 CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680) e9f05fa1c6 elf: Also compile dl-misc.os with $(rtld-early-cflags) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
103 lines
3.2 KiB
Makefile
103 lines
3.2 KiB
Makefile
#
|
|
# Copyright (C) 2006-2020 OpenWrt.org
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
# See /LICENSE for more information.
|
|
#
|
|
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=glibc
|
|
PKG_VERSION:=2.38
|
|
PKG_RELEASE:=1
|
|
|
|
PKG_SOURCE_PROTO:=git
|
|
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
|
|
PKG_SOURCE_VERSION:=e9f05fa1c62c8044ff025963498063f73eb51c5f
|
|
PKG_MIRROR_HASH:=fd61eb2caea0d4100638b8aa8285b0f1bc23af921c376516307c9ab8ac307739
|
|
PKG_SOURCE_URL:=https://sourceware.org/git/glibc.git
|
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
|
|
PKG_CPE_ID:=cpe:/a:gnu:glibc
|
|
|
|
HOST_BUILD_DIR:=$(BUILD_DIR_TOOLCHAIN)/$(PKG_SOURCE_SUBDIR)
|
|
CUR_BUILD_DIR:=$(HOST_BUILD_DIR)-$(VARIANT)
|
|
PATCH_DIR:=$(PATH_PREFIX)/patches
|
|
|
|
include $(INCLUDE_DIR)/toolchain-build.mk
|
|
|
|
HOST_STAMP_PREPARED:=$(HOST_BUILD_DIR)/.prepared
|
|
HOST_STAMP_CONFIGURED:=$(CUR_BUILD_DIR)/.configured
|
|
HOST_STAMP_BUILT:=$(CUR_BUILD_DIR)/.built
|
|
HOST_STAMP_INSTALLED:=$(TOOLCHAIN_DIR)/stamp/.glibc_$(VARIANT)_installed
|
|
|
|
ifeq ($(ARCH),mips64)
|
|
ifdef CONFIG_MIPS64_ABI_N64
|
|
TARGET_CFLAGS += -mabi=64
|
|
endif
|
|
ifdef CONFIG_MIPS64_ABI_N32
|
|
TARGET_CFLAGS += -mabi=n32
|
|
endif
|
|
ifdef CONFIG_MIPS64_ABI_O32
|
|
TARGET_CFLAGS += -mabi=32
|
|
endif
|
|
endif
|
|
|
|
# -Os miscompiles w. 2.24 gcc5/gcc6
|
|
# only -O2 tested by upstream changeset
|
|
# "Optimize i386 syscall inlining for GCC 5"
|
|
GLIBC_CONFIGURE:= \
|
|
unset LD_LIBRARY_PATH; \
|
|
BUILD_CC="$(HOSTCC)" \
|
|
$(TARGET_CONFIGURE_OPTS) \
|
|
CFLAGS="-O2 $(filter-out -Os,$(call qstrip,$(TARGET_CFLAGS)))" \
|
|
libc_cv_slibdir="/lib" \
|
|
use_ldconfig=no \
|
|
$(HOST_BUILD_DIR)/$(GLIBC_PATH)configure \
|
|
--prefix= \
|
|
--build=$(GNU_HOST_NAME) \
|
|
--host=$(REAL_GNU_TARGET_NAME) \
|
|
--with-headers=$(TOOLCHAIN_DIR)/include \
|
|
--disable-profile \
|
|
--disable-werror \
|
|
--without-gd \
|
|
--without-cvs \
|
|
--enable-add-ons \
|
|
--enable-crypt \
|
|
--$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \
|
|
$(if $(CONFIG_PKG_CC_STACKPROTECTOR_REGULAR),--enable-stack-protector=yes) \
|
|
$(if $(CONFIG_PKG_CC_STACKPROTECTOR_STRONG),--enable-stack-protector=strong) \
|
|
$(if $(CONFIG_PKG_CC_STACKPROTECTOR_ALL),--enable-stack-protector=all) \
|
|
$(if $(CONFIG_PKG_RELRO_FULL),--enable-bind-now) \
|
|
$(if $(CONFIG_PKG_FORTIFY_SOURCE_1),--enable-fortify-source=1) \
|
|
$(if $(CONFIG_PKG_FORTIFY_SOURCE_2),--enable-fortify-source=2) \
|
|
--enable-kernel=5.15.0
|
|
|
|
export libc_cv_ssp=no
|
|
export libc_cv_ssp_strong=no
|
|
export ac_cv_header_cpuid_h=yes
|
|
export HOST_CFLAGS := $(HOST_CFLAGS) -idirafter $(CURDIR)/$(PATH_PREFIX)/include
|
|
|
|
define Host/SetToolchainInfo
|
|
$(SED) 's,^\(LIBC_TYPE\)=.*,\1=$(PKG_NAME),' $(TOOLCHAIN_DIR)/info.mk
|
|
$(SED) 's,^\(LIBC_URL\)=.*,\1=http://www.gnu.org/software/libc/,' $(TOOLCHAIN_DIR)/info.mk
|
|
$(SED) 's,^\(LIBC_VERSION\)=.*,\1=$(PKG_VERSION),' $(TOOLCHAIN_DIR)/info.mk
|
|
$(SED) 's,^\(LIBC_SO_VERSION\)=.*,\1=$(PKG_VERSION),' $(TOOLCHAIN_DIR)/info.mk
|
|
endef
|
|
|
|
define Host/Configure
|
|
mkdir -p $(CUR_BUILD_DIR)
|
|
( cd $(CUR_BUILD_DIR); rm -f config.cache; \
|
|
$(GLIBC_CONFIGURE) \
|
|
);
|
|
endef
|
|
|
|
define Host/Prepare
|
|
$(call Host/Prepare/Default)
|
|
ln -snf $(PKG_SOURCE_SUBDIR) $(BUILD_DIR_TOOLCHAIN)/$(PKG_NAME)
|
|
endef
|
|
|
|
define Host/Clean
|
|
rm -rf $(CUR_BUILD_DIR)* \
|
|
$(BUILD_DIR_TOOLCHAIN)/$(LIBC)-dev \
|
|
$(BUILD_DIR_TOOLCHAIN)/$(PKG_NAME)
|
|
endef
|