pool/binutils
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Another SLE patch and updating CVE mentions in .changes

Browse Source 
- Add binutils-maxpagesize.diff for a problem on old code
  streams, where we would generate too large binaries.
- This fixes these CVEs relative to 2.37:
  [bsc#1188374, bsc#1185597] aka (GCC) PR99935 aka CVE-2021-3648
  [bsc#1193929] aka PR28694 aka CVE-2021-45078
  [bsc#1194783] aka (GCC) PR98886 aka CVE-2021-46195
  [bsc#1197592] aka (GCC) PR105039 aka CVE-2022-27943
  [bsc#1202966] aka PR29289 aka CVE-2022-38126
  [bsc#1202967] aka PR29290 aka CVE-2022-38127
  [bsc#1202969] aka CVE-2021-3826

OBS-URL: https://build.opensuse.org/package/show/devel:gcc/binutils?expand=0&rev=424
This commit is contained in:
Michael Matz 2022-10-25 15:43:19 +00:00 committed by Git OBS Bridge
parent 278e829c00
commit 2489107f56
3 changed files with 70 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
binutils-maxpagesize.diff Normal file
View File

@ -0,0 +1,54 @@
commit a2267dbfc9e1dd955f78561c40f00afa9ddbe619
Author: Michael Matz <matz@suse.de>
Date: Thu Oct 20 16:06:57 2022 +0200
x86-64: Use only one default max-page-size
On x86-64 the default ELF_MAXPAGESIZE depends on a configure
option (--disable-separate-code). Since 9833b775
("PR28824, relro security issues") we use max-page-size for relro
alignment (with a short interval, from 31b4d3a ("PR28824, relro
security issues, x86 keep COMMONPAGESIZE relro") to its revert
a1faa5ea, where x86-64 only used COMMONPAGESIZE as relro alignment
target).
But that means that a linker configured with --disable-separate-code
behaves different from one configured with --enable-separate-code
(the default), _even if using "-z {no,}separate-code" option to use
the non-configured behaviour_ . In particular it means that when
configuring with --disable-separate-code the linker will produce
binaries aligned to 2MB pages on disk, and hence generate 2MB
executables for a hello world (and even 6MB when linked with
"-z separate-code").
Generally we can't have constants that ultimately land in static
variables be depending on configure options if those only influence
behaviour that is overridable by command line options.
So, do away with that, make the default MAXPAGESIZE be 4k (as is default
for most x86-64 configs anyway, as most people won't configure with
--disable-separate-code). If people need more they can use the
"-z max-page-size" (with would have been required right now for a
default configure binutils).
bfd/
* elf64-x86-64.c (ELF_MAXPAGESIZE): Don't depend on
DEFAULT_LD_Z_SEPARATE_CODE.
diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c
index f3b54400013..2ae8dffba0f 100644
--- a/bfd/elf64-x86-64.c
+++ b/bfd/elf64-x86-64.c
@@ -5259,11 +5259,7 @@ elf_x86_64_special_sections[]=
#define ELF_ARCH bfd_arch_i386
#define ELF_TARGET_ID X86_64_ELF_DATA
#define ELF_MACHINE_CODE EM_X86_64
-#if DEFAULT_LD_Z_SEPARATE_CODE
-# define ELF_MAXPAGESIZE 0x1000
-#else
-# define ELF_MAXPAGESIZE 0x200000
-#endif
+#define ELF_MAXPAGESIZE 0x1000
#define ELF_COMMONPAGESIZE 0x1000
#define elf_backend_can_gc_sections 1

14
binutils.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Tue Oct 25 14:52:30 UTC 2022 - Michael Matz <matz@suse.com>
- Add binutils-maxpagesize.diff for a problem on old code
streams, where we would generate too large binaries.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Oct 25 12:54:34 UTC 2022 - Andreas Schwab <schwab@suse.de> Tue Oct 25 12:54:34 UTC 2022 - Andreas Schwab <schwab@suse.de>
@ -11,6 +17,14 @@ Mon Oct 17 15:16:23 UTC 2022 - Michael Matz <matz@suse.com>
binutils-add-efi-aarch64-1.diff, binutils-add-efi-aarch64-2.diff, binutils-add-efi-aarch64-1.diff, binutils-add-efi-aarch64-2.diff,
binutils-add-efi-aarch64-3.diff, binutils-fix-keepdebug.diff, binutils-add-efi-aarch64-3.diff, binutils-fix-keepdebug.diff,
binutils-add-z16-name.diff. binutils-add-z16-name.diff.
- This fixes these CVEs relative to 2.37:
[bsc#1188374, bsc#1185597] aka (GCC) PR99935 aka CVE-2021-3648
[bsc#1193929] aka PR28694 aka CVE-2021-45078
[bsc#1194783] aka (GCC) PR98886 aka CVE-2021-46195
[bsc#1197592] aka (GCC) PR105039 aka CVE-2022-27943
[bsc#1202966] aka PR29289 aka CVE-2022-38126
[bsc#1202967] aka PR29290 aka CVE-2022-38127
[bsc#1202969] aka CVE-2021-3826
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Aug 26 13:24:35 UTC 2022 - Michael Matz <matz@suse.com> Fri Aug 26 13:24:35 UTC 2022 - Michael Matz <matz@suse.com>

2
binutils.spec
View File

@ -140,6 +140,7 @@ Patch42: binutils-compat-old-behaviour.diff
Patch43: binutils-revert-hlasm-insns.diff Patch43: binutils-revert-hlasm-insns.diff
Patch44: binutils-revert-rela.diff Patch44: binutils-revert-rela.diff
Patch45: binutils-pr29482.diff Patch45: binutils-pr29482.diff
Patch46: binutils-maxpagesize.diff
Patch100: add-ulp-section.diff Patch100: add-ulp-section.diff
Patch90: cross-avr-nesc-as.patch Patch90: cross-avr-nesc-as.patch
Patch92: cross-avr-omit_section_dynsym.patch Patch92: cross-avr-omit_section_dynsym.patch
@ -264,6 +265,7 @@ cp ld/ldgram.y ld/ldgram.y.orig
%patch44 -p1 %patch44 -p1
%endif %endif
%patch45 -p1 %patch45 -p1
%patch46 -p1
%patch100 -p1 %patch100 -p1
%if "%{TARGET}" == "avr" %if "%{TARGET}" == "avr"
cp gas/config/tc-avr.h gas/config/tc-avr-nesc.h cp gas/config/tc-avr.h gas/config/tc-avr-nesc.h