diff --git a/glibc.changes b/glibc.changes index 9e37861..01954db 100644 --- a/glibc.changes +++ b/glibc.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Wed Nov 16 17:22:28 UTC 2021 - Giuliano Belinassi + +- Add ExtraBuildFlags for build flags that cannot be passed to configure. +- Add support for livepatches (JSC #SLE-20049). +- Generate ipa-clones tarball artifact when livepatching is enabled. + +------------------------------------------------------------------- +Wed Nov 10 13:39:26 UTC 2021 - Andreas Schwab + +- glibc.rpmlintrc: Update for rpmlint2 + ------------------------------------------------------------------- Tue Oct 5 10:58:00 UTC 2021 - Andreas Schwab diff --git a/glibc.rpmlintrc b/glibc.rpmlintrc index c6ca5a1..9e1b3aa 100644 --- a/glibc.rpmlintrc +++ b/glibc.rpmlintrc @@ -1,23 +1,13 @@ # glibc-profile is a devel package -addFilter("glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p.a") +addFilter("glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p\.a") # glibc is not a devel package -addFilter("glibc\\..* non-devel-file-in-devel-package") +addFilter("glibc\..* non-devel-file-in-devel-package") # getent deliberately uses gethostbyname addFilter("binary-or-shlib-calls-gethostbyname /usr/bin/getent") # We do need to keep the symtab (see comments in glibc.spec), so this is intented: addFilter("unstripped-binary-or-object") # ld.so is special: -addFilter("shared-lib-without-dependency-information /lib.*/ld-2.*\\.so") -# Handled via glibc_post_upgrade: -addFilter("postin-without-ldconfig") -# We will not rename glibc to follow the shlib policy -addFilter("shlib-policy-missing-suffix") -# libpthread and libnsl call exit - this is fine -addFilter("shared-lib-calls-exit") -# The man-pages package contains a number of man pages for programs that come -# with glibc, therefore do not warn about them -addFilter("glibc.*no-manual-page-for-binary (getent|iconv|ldd|ldconfig|locale)") -addFilter("nscd.*no-manual-page-for-binary nscd") +addFilter("shared-library-without-dependency-information /usr/lib.*/ld.*\.so") # the cross..-devel packages contain everything, in non-std paths, so no # ldconfig is wanted or needed (for sle-15 based trees), and we accept # the *.so symlinks, and deliver (target) binaries diff --git a/glibc.spec b/glibc.spec index 377a67d..cea999f 100644 --- a/glibc.spec +++ b/glibc.spec @@ -16,6 +16,24 @@ # +%if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1550 +%define livepatchable 1 + +# Set variables for livepatching. +%define _other %{_topdir}/OTHER +%define tar_basename glibc-livepatch-%{version}-%{release} +%define tar_package_name %{tar_basename}.%{_arch}.tar.xz +%define clones_dest_dir %{tar_basename}/%{_arch} +%else +# Unsupported operating system. +%define livepatchable 0 +%endif + +%ifnarch x86_64 +# Unsupported architectures must have livepatch disabled. +%define livepatchable 0 +%endif + # Run with osc --with=fast_build to have a shorter turnaround # It will avoid building some parts of glibc %bcond_with fast_build @@ -61,6 +79,7 @@ ExclusiveArch: do_not_build %define build_main 0 %define build_utils 1 %define build_testsuite 0 +%define livepatchable 0 %endif %if "%flavor" == "testsuite" %if %{with ringdisabled} @@ -69,6 +88,7 @@ ExclusiveArch: do_not_build %define build_main 0 %define build_utils 0 %define build_testsuite 1 +%define livepatchable 0 %endif %if 0%{?cross_arch:1} %define build_main 0 @@ -613,6 +633,7 @@ BuildFlags+=" -march=i686 -mtune=generic" %endif BuildCC="%__cc" BuildCCplus="%__cxx" + # #now overwrite for some architectures # @@ -658,6 +679,15 @@ BuildCCplus=%{cross_arch}-suse-linux-g++ %endif %endif +# Add build flags that cannot be passed to configure. +ExtraBuildFlags= +%if %{livepatchable} +# Append necessary flags for livepatch support, if enabled. Do it on make, else +# on configure GCC will report that it can't write the ipa-clones to /dev/ and +# configure will fail to detect that gcc support several flags. +ExtraBuildFlags+="-fpatchable-function-entry=16,14 -fdump-ipa-clones" +%endif + # # Build base glibc # @@ -725,7 +755,7 @@ esac exit $rc; } -make %{?_smp_mflags} +make %{?_smp_mflags} CFLAGS="$BuildFlags $ExtraBuildFlags" cd .. # @@ -824,6 +854,32 @@ make %{?_smp_mflags} -C cc-base check-abi %endif %install +%if %{livepatchable} + +# Ipa-clones are files generated by gcc which logs changes made across +# functions, and we need to know such changes to build livepatches +# correctly. These files are intended to be used by the livepatch +# developers and may be retrieved by using `osc getbinaries`. +# +# Create list of ipa-clones. +find . -name "*.ipa-clones" ! -empty | sed 's/^\.\///g' | sort > ipa-clones.list + +# Create ipa-clones destination folder and move clones there. +mkdir -p ipa-clones/%{clones_dest_dir} +while read f; do + _dest=ipa-clones/%{clones_dest_dir}/$f + mkdir -p ${_dest%/*} + cp $f $_dest +done < ipa-clones.list + +# Create tarball with ipa-clones. +tar cfJ %{tar_package_name} -C ipa-clones %{tar_basename} + +# Copy tarball to the OTHER folder to store it as artefact. +cp %{tar_package_name} %{_other} + +%endif # livepatchable + %if !%{build_testsuite} %if %{with usrmerged}