Accepting request 344876 from devel:openSUSE:Factory

Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/344876
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shim?expand=0&rev=46

shim-bsc950569-fix-cryptlib-va-functions.patch

@@ -0,0 +1,283 @@
+From b74c635bfd5d131f2848ce2cd2ffc838dc616ee8 Mon Sep 17 00:00:00 2001
+From: Gary Ching-Pang Lin <glin@suse.com>
+Date: Tue, 27 Oct 2015 12:00:13 +0800
+Subject: [PATCH] Cryptlib: Define the va functions for EFIAPI
+
+It turned out that my previous crash fix(*) was wrong.
+We actually always used the gcc built-in va functions instead of
+the "real" va functions for EFIAPI, and we are just lucky that
+ERR_add_error_data didn't crash before.
+
+This commit copies the va functions from MdePkg/Include/Base.h
+in edk2 and introdues NO_BUILTIN_VA_FUNCS for x86_64, so that all
+the x86_64 build will adopt the new va functions. For safety,
+I also added EFIAPI to all the functions which use va_* to avoid
+the potential trouble.
+
+(*) a7f4b26cc35204165bd04e75c34e8e7aa2a87ecc
+
+Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
+---
+ Cryptlib/Include/OpenSslSupport.h     | 75 +++++++++++++++++++++++++++++++++++
+ Cryptlib/Include/openssl/bio.h        |  8 ++++
+ Cryptlib/Include/openssl/err.h        |  4 --
+ Cryptlib/Makefile                     |  2 +-
+ Cryptlib/OpenSSL/Makefile             |  3 +-
+ Cryptlib/OpenSSL/crypto/bio/b_print.c |  8 ++++
+ Cryptlib/OpenSSL/crypto/cryptlib.c    |  4 ++
+ Cryptlib/OpenSSL/crypto/cryptlib.h    |  4 ++
+ Cryptlib/OpenSSL/crypto/err/err.c     |  4 --
+ Makefile                              |  1 +
+ 10 files changed, 103 insertions(+), 10 deletions(-)
+
+diff --git a/Cryptlib/Include/OpenSslSupport.h b/Cryptlib/Include/OpenSslSupport.h
+index e5e1adc..004c3e8 100644
+--- a/Cryptlib/Include/OpenSslSupport.h
++++ b/Cryptlib/Include/OpenSslSupport.h
+@@ -47,6 +47,9 @@ typedef VOID  *FILE;
+ #define va_arg    VA_ARG
+ #define va_start  VA_START
+ #define va_end    VA_END
++
++# if !defined(NO_BUILTIN_VA_FUNCS)
++
+ typedef __builtin_va_list VA_LIST;
+ 
+ #define VA_START(Marker, Parameter)  __builtin_va_start (Marker, Parameter)
+@@ -57,6 +60,78 @@ typedef __builtin_va_list VA_LIST;
+ 
+ #define VA_COPY(Dest, Start)         __builtin_va_copy (Dest, Start)
+ 
++# else
++
++#define _INT_SIZE_OF(n) ((sizeof (n) + sizeof (UINTN) - 1) &~(sizeof (UINTN) - 1))
++///
++/// Variable used to traverse the list of arguments. This type can vary by
++/// implementation and could be an array or structure.
++///
++typedef CHAR8 *VA_LIST;
++
++/**
++  Retrieves a pointer to the beginning of a variable argument list, based on
++  the name of the parameter that immediately precedes the variable argument list.
++
++  This function initializes Marker to point to the beginning of the variable
++  argument list that immediately follows Parameter.  The method for computing the
++  pointer to the next argument in the argument list is CPU-specific following the
++  EFIAPI ABI.
++
++  @param   Marker       The VA_LIST used to traverse the list of arguments.
++  @param   Parameter    The name of the parameter that immediately precedes
++                        the variable argument list.
++
++  @return  A pointer to the beginning of a variable argument list.
++
++**/
++#define VA_START(Marker, Parameter) (Marker = (VA_LIST) ((UINTN) & (Parameter) + _INT_SIZE_OF (Parameter)))
++
++/**
++  Returns an argument of a specified type from a variable argument list and updates
++  the pointer to the variable argument list to point to the next argument.
++
++  This function returns an argument of the type specified by TYPE from the beginning
++  of the variable argument list specified by Marker.  Marker is then updated to point
++  to the next argument in the variable argument list.  The method for computing the
++  pointer to the next argument in the argument list is CPU-specific following the EFIAPI ABI.
++
++  @param   Marker   VA_LIST used to traverse the list of arguments.
++  @param   TYPE     The type of argument to retrieve from the beginning
++                    of the variable argument list.
++
++  @return  An argument of the type specified by TYPE.
++
++**/
++#define VA_ARG(Marker, TYPE)   (*(TYPE *) ((Marker += _INT_SIZE_OF (TYPE)) - _INT_SIZE_OF (TYPE)))
++
++/**
++  Terminates the use of a variable argument list.
++
++  This function initializes Marker so it can no longer be used with VA_ARG().
++  After this macro is used, the only way to access the variable argument list is
++  by using VA_START() again.
++
++  @param   Marker   VA_LIST used to traverse the list of arguments.
++
++**/
++#define VA_END(Marker)      (Marker = (VA_LIST) 0)
++
++/**
++  Initializes a VA_LIST as a copy of an existing VA_LIST.
++
++  This macro initializes Dest as a copy of Start, as if the VA_START macro had been applied to Dest
++  followed by the same sequence of uses of the VA_ARG macro as had previously been used to reach
++  the present state of Start.
++
++  @param   Dest   VA_LIST used to traverse the list of arguments.
++  @param   Start  VA_LIST used to traverse the list of arguments.
++
++**/
++#define VA_COPY(Dest, Start)  ((void)((Dest) = (Start)))
++
++# endif
++
+ #else // __CC_ARM
+ #define va_start(Marker, Parameter)   __va_start(Marker, Parameter)
+ #define va_arg(Marker, TYPE)          __va_arg(Marker, TYPE)
+diff --git a/Cryptlib/Include/openssl/bio.h b/Cryptlib/Include/openssl/bio.h
+index 561ae2f..69bd48c 100644
+--- a/Cryptlib/Include/openssl/bio.h
++++ b/Cryptlib/Include/openssl/bio.h
+@@ -787,11 +787,19 @@ void BIO_copy_next_retry(BIO *b);
+ # else
+ #  define __bio_h__attr__(x)
+ # endif
++# if defined(OPENSSL_SYS_UEFI)
++int EFIAPI BIO_printf(BIO *bio, const char *format, ...)
++# else
+ int BIO_printf(BIO *bio, const char *format, ...)
++# endif
+ __bio_h__attr__((__format__(__printf__, 2, 3)));
+ int BIO_vprintf(BIO *bio, const char *format, va_list args)
+ __bio_h__attr__((__format__(__printf__, 2, 0)));
++# if defined(OPENSSL_SYS_UEFI)
++int EFIAPI BIO_snprintf(char *buf, size_t n, const char *format, ...)
++# else
+ int BIO_snprintf(char *buf, size_t n, const char *format, ...)
++# endif
+ __bio_h__attr__((__format__(__printf__, 3, 4)));
+ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
+ __bio_h__attr__((__format__(__printf__, 3, 0)));
+diff --git a/Cryptlib/Include/openssl/err.h b/Cryptlib/Include/openssl/err.h
+index da589f8..bbfdb95 100644
+--- a/Cryptlib/Include/openssl/err.h
++++ b/Cryptlib/Include/openssl/err.h
+@@ -352,11 +352,7 @@ void EFIAPI ERR_add_error_data(int num, ...);
+ void ERR_add_error_data(int num, ...);
+ #endif
+ 
+-#if defined(OPENSSL_SYS_UEFI)
+-void EFIAPI ERR_add_error_vdata(int num, va_list args);
+-#else
+ void ERR_add_error_vdata(int num, va_list args);
+-#endif
+ void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+ void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
+ void ERR_load_ERR_strings(void);
+diff --git a/Cryptlib/Makefile b/Cryptlib/Makefile
+index 9a92304..c9cf379 100644
+--- a/Cryptlib/Makefile
++++ b/Cryptlib/Makefile
+@@ -7,7 +7,7 @@ CFLAGS		= -ggdb -O0 -I. -fno-stack-protector -fno-strict-aliasing -fpic -fshort-
+ 
+ ifeq ($(ARCH),x86_64)
+ 	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
+-		-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
++		-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI -DNO_BUILTIN_VA_FUNCS
+ endif
+ ifeq ($(ARCH),ia32)
+ 	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32
+diff --git a/Cryptlib/OpenSSL/Makefile b/Cryptlib/OpenSSL/Makefile
+index ab6e7dd..f8055fd 100644
+--- a/Cryptlib/OpenSSL/Makefile
++++ b/Cryptlib/OpenSSL/Makefile
+@@ -7,7 +7,8 @@ CFLAGS		= -ggdb -O0 -I. -I.. -I../Include/ -Icrypto -fno-stack-protector -fno-st
+ 
+ ifeq ($(ARCH),x86_64)
+ 	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
+-		-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI -DSIXTY_FOUR_BIT_LONG
++		-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI -DSIXTY_FOUR_BIT_LONG \
++		-DNO_BUILTIN_VA_FUNCS
+ endif
+ ifeq ($(ARCH),ia32)
+ 	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
+diff --git a/Cryptlib/OpenSSL/crypto/bio/b_print.c b/Cryptlib/OpenSSL/crypto/bio/b_print.c
+index 9091d56..4695827 100644
+--- a/Cryptlib/OpenSSL/crypto/bio/b_print.c
++++ b/Cryptlib/OpenSSL/crypto/bio/b_print.c
+@@ -751,7 +751,11 @@ doapr_outch(char **sbuffer,
+ 
+ /***************************************************************************/
+ 
++#if defined(OPENSSL_SYS_UEFI)
++int EFIAPI BIO_printf(BIO *bio, const char *format, ...)
++#else
+ int BIO_printf(BIO *bio, const char *format, ...)
++#endif
+ {
+     va_list args;
+     int ret;
+@@ -795,7 +799,11 @@ int BIO_vprintf(BIO *bio, const char *format, va_list args)
+  * closely related to BIO_printf, and we need *some* name prefix ... (XXX the
+  * function should be renamed, but to what?)
+  */
++#if defined(OPENSSL_SYS_UEFI)
++int EFIAPI BIO_snprintf(char *buf, size_t n, const char *format, ...)
++#else
+ int BIO_snprintf(char *buf, size_t n, const char *format, ...)
++#endif
+ {
+     va_list args;
+     int ret;
+diff --git a/Cryptlib/OpenSSL/crypto/cryptlib.c b/Cryptlib/OpenSSL/crypto/cryptlib.c
+index ca0e3cc..0a59342 100644
+--- a/Cryptlib/OpenSSL/crypto/cryptlib.c
++++ b/Cryptlib/OpenSSL/crypto/cryptlib.c
+@@ -962,7 +962,11 @@ void OPENSSL_showfatal(const char *fmta, ...)
+         MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONSTOP);
+ }
+ #else
++# if defined(OPENSSL_SYS_UEFI)
++void EFIAPI OPENSSL_showfatal(const char *fmta, ...)
++# else
+ void OPENSSL_showfatal(const char *fmta, ...)
++# endif
+ {
+     va_list ap;
+ 
+diff --git a/Cryptlib/OpenSSL/crypto/cryptlib.h b/Cryptlib/OpenSSL/crypto/cryptlib.h
+index fba180a..7ca4c99 100644
+--- a/Cryptlib/OpenSSL/crypto/cryptlib.h
++++ b/Cryptlib/OpenSSL/crypto/cryptlib.h
+@@ -100,7 +100,11 @@ extern "C" {
+ 
+ void OPENSSL_cpuid_setup(void);
+ extern unsigned int OPENSSL_ia32cap_P[];
++# if defined(OPENSSL_SYS_UEFI)
++void EFIAPI OPENSSL_showfatal(const char *fmta, ...);
++# else
+ void OPENSSL_showfatal(const char *fmta, ...);
++# endif
+ void *OPENSSL_stderr(void);
+ extern int OPENSSL_NONPIC_relocated;
+ 
+diff --git a/Cryptlib/OpenSSL/crypto/err/err.c b/Cryptlib/OpenSSL/crypto/err/err.c
+index 108b83a..f98cce6 100644
+--- a/Cryptlib/OpenSSL/crypto/err/err.c
++++ b/Cryptlib/OpenSSL/crypto/err/err.c
+@@ -1085,11 +1085,7 @@ void ERR_add_error_data(int num, ...)
+     va_end(args);
+ }
+ 
+-#if defined(OPENSSL_SYS_UEFI)
+-void EFIAPI ERR_add_error_vdata(int num, va_list args)
+-#else
+ void ERR_add_error_vdata(int num, va_list args)
+-#endif
+ {
+     int i, n, s;
+     char *str, *p, *a;
+diff --git a/Makefile b/Makefile
+index 2449fe4..b36e2a3 100644
+--- a/Makefile
++++ b/Makefile
+@@ -42,6 +42,7 @@ ifeq ($(ARCH),x86_64)
+ 	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
+ 		-maccumulate-outgoing-args \
+ 		-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
++		-DNO_BUILTIN_VA_FUNCS \
+ 		"-DEFI_ARCH=L\"x64\"" \
+ 		"-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/x64-$(VERSION)$(RELEASE)/\""
+ endif
+-- 
+2.6.2
+

shim-change-debug-file-path.patch

@@ -8,19 +8,16 @@ Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
  Makefile | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-diff --git a/Makefile b/Makefile
-index 48e2a7d..081c9a8 100644
---- a/Makefile
-+++ b/Makefile
-@@ -43,7 +43,7 @@ ifeq ($(ARCH),x86_64)
- 		-maccumulate-outgoing-args \
+Index: shim-0.9/Makefile
+===================================================================
+--- shim-0.9.orig/Makefile
++++ shim-0.9/Makefile
+@@ -44,7 +44,7 @@ ifeq ($(ARCH),x86_64)
  		-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
+ 		-DNO_BUILTIN_VA_FUNCS \
  		"-DEFI_ARCH=L\"x64\"" \
 -		"-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/x64-$(VERSION)$(RELEASE)/\""
 +		"-DDEBUGDIR=L\"/usr/lib/debug/usr/lib64/efi/shim.debug\""
  endif
  ifeq ($(ARCH),ia32)
  	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
--- 
-2.1.4
-

shim-fix-mokmanager-sections.patch

@@ -1,53 +0,0 @@
-From fa7e46558ebdafeb7b5f4a3b843f309a678d4365 Mon Sep 17 00:00:00 2001
-From: Gary Ching-Pang Lin <glin@suse.com>
-Date: Mon, 10 Nov 2014 17:19:58 +0800
-Subject: [PATCH] Fix objcopy parameters to include .rel and .rela
-
-This is a quick hack for the old objcopy.
-
-The asterisks support in objcopy was added in 2.24. For the distro
-with the older objcopy, some sections would be ignored and this could
-crash the program.
-
-Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
----
- Makefile | 12 ++++--------
- 1 file changed, 4 insertions(+), 8 deletions(-)
-
-diff --git a/Makefile b/Makefile
-index 412496b..a791bcc 100644
---- a/Makefile
-+++ b/Makefile
-@@ -9,7 +9,6 @@ LD		= $(CROSS_COMPILE)ld
- OBJCOPY		= $(CROSS_COMPILE)objcopy
- 
- ARCH		= $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
--OBJCOPY_GTE224  = $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.* //g' | cut -f1-2 -d.` \>= 2.24)
- 
- SUBDIRS		= Cryptlib lib
- 
-@@ -142,17 +141,14 @@ endif
- FORMAT		?= --target efi-app-$(ARCH)
- 
- %.efi: %.so
--ifneq ($(OBJCOPY_GTE224),1)
--	$(error objcopy >= 2.24 is required)
--endif
- 	$(OBJCOPY) -j .text -j .sdata -j .data \
--		-j .dynamic -j .dynsym  -j .rel* \
--		-j .rela* -j .reloc -j .eh_frame \
-+		-j .dynamic -j .dynsym  -j .rel \
-+		-j .rela -j .reloc -j .eh_frame \
- 		-j .vendor_cert \
- 		$(FORMAT)  $^ $@
- 	$(OBJCOPY) -j .text -j .sdata -j .data \
--		-j .dynamic -j .dynsym  -j .rel* \
--		-j .rela* -j .reloc -j .eh_frame \
-+		-j .dynamic -j .dynsym  -j .rel \
-+		-j .rela -j .reloc -j .eh_frame \
- 		-j .debug_info -j .debug_abbrev -j .debug_aranges \
- 		-j .debug_line -j .debug_str -j .debug_ranges \
- 		-j .note.gnu.build-id \
--- 
-2.1.4
-

shim-opensuse-cert-prompt.patch

@@ -1,7 +1,7 @@
-From 83b991190b82da422cff4e357e045ff993ecaa9d Mon Sep 17 00:00:00 2001
+From 6718680400c48e463aac6ceef2a3238f2a0e1d57 Mon Sep 17 00:00:00 2001
 From: Gary Ching-Pang Lin <glin@suse.com>
 Date: Tue, 18 Feb 2014 17:29:19 +0800
-Subject: [PATCH 1/3] Show the build-in certificate prompt
+Subject: [PATCH 1/4] Show the build-in certificate prompt
 
 This is an openSUSE-only patch.
 
@@ -140,10 +140,10 @@ index 4c6bdc5..4e8ed3a 100644
 2.1.4
 
 
-From bde21fc34f6c1293a4233e704d9890a14f4bff19 Mon Sep 17 00:00:00 2001
+From 60e38ea2418c8e77a5e85cb833de7a3967be1343 Mon Sep 17 00:00:00 2001
 From: Gary Ching-Pang Lin <glin@suse.com>
 Date: Thu, 20 Feb 2014 16:57:08 +0800
-Subject: [PATCH 2/3] Support revoking the openSUSE cert
+Subject: [PATCH 2/4] Support revoking the openSUSE cert
 
 This is an openSUSE-only patch.
 
@@ -309,10 +309,10 @@ index 4e8ed3a..8848e6a 100644
 2.1.4
 
 
-From 3d22ec8e64253ec7edc4133d6122539f006c792e Mon Sep 17 00:00:00 2001
+From fd62fb657674e9cb63f2bd814c6c8c50acf2c6aa Mon Sep 17 00:00:00 2001
 From: Gary Ching-Pang Lin <glin@suse.com>
 Date: Fri, 7 Mar 2014 16:17:20 +0800
-Subject: [PATCH 3/3] Delete openSUSE_Verify the right way
+Subject: [PATCH 3/4] Delete openSUSE_Verify the right way
 
 This is an openSUSE-only patch.
 
@@ -340,3 +340,35 @@ index 68d4099..c7f2b65 100644
 -- 
 2.1.4
 
+
+From 2014c6b629a4c5543d0531f59303dbd7bcdd4051 Mon Sep 17 00:00:00 2001
+From: Gary Ching-Pang Lin <glin@suse.com>
+Date: Mon, 19 Oct 2015 16:36:14 +0800
+Subject: [PATCH 4/4] Don't pass NULL to set MokListRT
+
+This is an openSUSE-only patch.
+
+Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
+---
+ shim.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/shim.c b/shim.c
+index 8848e6a..7a21bb2 100644
+--- a/shim.c
++++ b/shim.c
+@@ -1768,6 +1768,11 @@ EFI_STATUS mirror_mok_list()
+ 		FullData = Data;
+ 	}
+ 
++	if (FullDataSize == 0) {
++		/* openSUSE_Verify isn't set and no other MOK exists. */
++		return EFI_SUCCESS;
++	}
++
+ 	efi_status = uefi_call_wrapper(RT->SetVariable, 5, L"MokListRT",
+ 				       &shim_lock_guid,
+ 				       EFI_VARIABLE_BOOTSERVICE_ACCESS
+-- 
+2.1.4
+

shim.changes

@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Mon Nov  9 08:22:43 UTC 2015 - glin@suse.com
+
+- Add shim-bsc950569-fix-cryptlib-va-functions.patch to fix the
+  definition of va functions to avoid the potential crash
+  (bsc#950569)
+- Update shim-opensuse-cert-prompt.patch to avoid setting NULL to
+  MokListRT (bsc#950801)
+- Drop shim-fix-mokmanager-sections.patch as we are using the
+  newer binutils now
+- Refresh shim-change-debug-file-path.patch
+
 -------------------------------------------------------------------
 Thu Oct  8 06:49:43 UTC 2015 - jsegitz@novell.com
 

shim.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package shim
 #
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -44,12 +44,12 @@ Source11:       strip_signature.sh
 Source12:       signature-sles.asc
 # PATCH-FIX-SUSE shim-only-os-name.patch glin@suse.com -- Only include the OS name in version.c
 Patch1:         shim-only-os-name.patch
-# PATCH-FIX-UPSTREAM shim-fix-mokmanager-sections.patch glin@suse.com -- Fix the objcopy parameters for the EFI files
-Patch3:         shim-fix-mokmanager-sections.patch
 # PATCH-FIX-UPSTREAM shim-update-openssl-1.0.2d.patch glin@suse.com -- Update openssl to 1.0.2d
 Patch4:         shim-update-openssl-1.0.2d.patch
 # PATCH-FIX-UPSTREAM shim-gcc5.patch glin@suse.com -- Specify the gnu89 standard
 Patch5:         shim-gcc5.patch
+# PATCH-FIX-UPSTREAM shim-bsc950569-fix-cryptlib-va-functions.patch bsc#950569 glin@suse.com -- Fix the definition of the va functions to avoid the potential crash
+Patch6:         shim-bsc950569-fix-cryptlib-va-functions.patch
 # PATCH-FIX-OPENSUSE shim-change-debug-file-path.patch glin@suse.com -- Change the default debug file path
 Patch50:        shim-change-debug-file-path.patch
 # PATCH-FIX-OPENSUSE shim-opensuse-cert-prompt.patch glin@suse.com -- Show the prompt to ask whether the user trusts openSUSE certificate or not
@@ -90,9 +90,9 @@ Authors:
 %prep
 %setup -q
 %patch1 -p1
-%patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 %patch50 -p1
 %patch100 -p1
 %build