Accepting request 931990 from Base:System

- Add ExtraBuildFlags for build flags that cannot be passed to configure. - Add support for livepatches (JSC #SLE-20049). - Generate ipa-clones tarball artifact when livepatching is enabled. - glibc.rpmlintrc: Update for rpmlint2 OBS-URL: https://build.opensuse.org/request/show/931990 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/glibc?expand=0&rev=255
2021-11-21 22:51:15 +00:00 · 2021-11-21 22:51:15 +00:00 · 20afe99d09
commit 20afe99d09
parent 3f40b12ef9 b7416ef011
3 changed files with 72 additions and 14 deletions
--- a/glibc.changes
+++ b/glibc.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Wed Nov 16 17:22:28 UTC 2021 - Giuliano Belinassi <giuliano.belinassi@suse.com>
+
+- Add ExtraBuildFlags for build flags that cannot be passed to configure.
+- Add support for livepatches (JSC #SLE-20049).
+- Generate ipa-clones tarball artifact when livepatching is enabled.
+
+-------------------------------------------------------------------
+Wed Nov 10 13:39:26 UTC 2021 - Andreas Schwab <schwab@suse.de>
+
+- glibc.rpmlintrc: Update for rpmlint2
+
 -------------------------------------------------------------------
 Tue Oct  5 10:58:00 UTC 2021 - Andreas Schwab <schwab@suse.de>

--- a/glibc.rpmlintrc
+++ b/glibc.rpmlintrc
@ -1,23 +1,13 @@
 # glibc-profile is a devel package
-addFilter("glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p.a")
+addFilter("glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p\.a")
 # glibc is not a devel package
-addFilter("glibc\\..* non-devel-file-in-devel-package")
+addFilter("glibc\..* non-devel-file-in-devel-package")
 # getent deliberately uses gethostbyname
 addFilter("binary-or-shlib-calls-gethostbyname /usr/bin/getent")
 # We do need to keep the symtab (see comments in glibc.spec), so this is intented:
 addFilter("unstripped-binary-or-object")
 # ld.so is special:
-addFilter("shared-lib-without-dependency-information /lib.*/ld-2.*\\.so")
-# Handled via glibc_post_upgrade:
-addFilter("postin-without-ldconfig")
-# We will not rename glibc to follow the shlib policy
-addFilter("shlib-policy-missing-suffix")
-# libpthread and libnsl call exit - this is fine
-addFilter("shared-lib-calls-exit")
-# The man-pages package contains a number of man pages for programs that come
-# with glibc, therefore do not warn about them
-addFilter("glibc.*no-manual-page-for-binary (getent|iconv|ldd|ldconfig|locale)")
-addFilter("nscd.*no-manual-page-for-binary nscd")
+addFilter("shared-library-without-dependency-information /usr/lib.*/ld.*\.so")
 # the cross..-devel packages contain everything, in non-std paths, so no
 # ldconfig is wanted or needed (for sle-15 based trees), and we accept
 # the *.so symlinks, and deliver (target) binaries
--- a/glibc.spec
+++ b/glibc.spec
@ -16,6 +16,24 @@
 #


+%if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1550
+%define livepatchable 1
+
+# Set variables for livepatching.
+%define _other %{_topdir}/OTHER
+%define tar_basename glibc-livepatch-%{version}-%{release}
+%define tar_package_name %{tar_basename}.%{_arch}.tar.xz
+%define clones_dest_dir %{tar_basename}/%{_arch}
+%else
+# Unsupported operating system.
+%define livepatchable 0
+%endif
+
+%ifnarch x86_64
+# Unsupported architectures must have livepatch disabled.
+%define livepatchable 0
+%endif
+
 # Run with osc --with=fast_build to have a shorter turnaround
 # It will avoid building some parts of glibc
 %bcond_with    fast_build
@ -61,6 +79,7 @@ ExclusiveArch:  do_not_build
 %define build_main 0
 %define build_utils 1
 %define build_testsuite 0
+%define livepatchable 0
 %endif
 %if "%flavor" == "testsuite"
 %if %{with ringdisabled}
@ -69,6 +88,7 @@ ExclusiveArch:  do_not_build
 %define build_main 0
 %define build_utils 0
 %define build_testsuite 1
+%define livepatchable 0
 %endif
 %if 0%{?cross_arch:1}
 %define build_main 0
@ -613,6 +633,7 @@ BuildFlags+=" -march=i686 -mtune=generic"
 %endif
 BuildCC="%__cc"
 BuildCCplus="%__cxx"
+
 #
 #now overwrite for some architectures
 #
@ -658,6 +679,15 @@ BuildCCplus=%{cross_arch}-suse-linux-g++
 %endif
 %endif

+# Add build flags that cannot be passed to configure.
+ExtraBuildFlags=
+%if %{livepatchable}
+# Append necessary flags for livepatch support, if enabled. Do it on make, else
+# on configure GCC will report that it can't write the ipa-clones to /dev/ and
+# configure will fail to detect that gcc support several flags.
+ExtraBuildFlags+="-fpatchable-function-entry=16,14 -fdump-ipa-clones"
+%endif
+
 #
 # Build base glibc
 #
@ -725,7 +755,7 @@ esac
    exit $rc;
  }

-make %{?_smp_mflags}
+make %{?_smp_mflags} CFLAGS="$BuildFlags $ExtraBuildFlags"
 cd ..

 #
@ -824,6 +854,32 @@ make %{?_smp_mflags} -C cc-base check-abi
 %endif

 %install
+%if %{livepatchable}
+
+# Ipa-clones are files generated by gcc which logs changes made across
+# functions, and we need to know such changes to build livepatches
+# correctly. These files are intended to be used by the livepatch
+# developers and may be retrieved by using `osc getbinaries`.
+#
+# Create list of ipa-clones.
+find . -name "*.ipa-clones" ! -empty | sed 's/^\.\///g' |  sort > ipa-clones.list
+
+# Create ipa-clones destination folder and move clones there.
+mkdir -p ipa-clones/%{clones_dest_dir}
+while read f; do
+  _dest=ipa-clones/%{clones_dest_dir}/$f
+  mkdir -p ${_dest%/*}
+  cp $f $_dest
+done < ipa-clones.list
+
+# Create tarball with ipa-clones.
+tar cfJ %{tar_package_name} -C ipa-clones %{tar_basename}
+
+# Copy tarball to the OTHER folder to store it as artefact.
+cp %{tar_package_name} %{_other}
+
+%endif # livepatchable
+
 %if !%{build_testsuite}

 %if %{with usrmerged}