From 5b369144fa9621c0f73c168caa6a3dad0db426a6a551c0eb28f4a8973836df28 Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Tue, 16 Nov 2021 14:09:48 +0000 Subject: [PATCH 1/3] Accepting request 931775 from home:Andreas_Schwab:Factory - glibc.rpmlintrc: Update for rpmlint2 OBS-URL: https://build.opensuse.org/request/show/931775 OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=605 --- glibc.changes | 5 +++++ glibc.rpmlintrc | 16 +++------------- 2 files changed, 8 insertions(+), 13 deletions(-) diff --git a/glibc.changes b/glibc.changes index 9e37861..29e5279 100644 --- a/glibc.changes +++ b/glibc.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Nov 10 13:39:26 UTC 2021 - Andreas Schwab + +- glibc.rpmlintrc: Update for rpmlint2 + ------------------------------------------------------------------- Tue Oct 5 10:58:00 UTC 2021 - Andreas Schwab diff --git a/glibc.rpmlintrc b/glibc.rpmlintrc index c6ca5a1..9e1b3aa 100644 --- a/glibc.rpmlintrc +++ b/glibc.rpmlintrc @@ -1,23 +1,13 @@ # glibc-profile is a devel package -addFilter("glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p.a") +addFilter("glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p\.a") # glibc is not a devel package -addFilter("glibc\\..* non-devel-file-in-devel-package") +addFilter("glibc\..* non-devel-file-in-devel-package") # getent deliberately uses gethostbyname addFilter("binary-or-shlib-calls-gethostbyname /usr/bin/getent") # We do need to keep the symtab (see comments in glibc.spec), so this is intented: addFilter("unstripped-binary-or-object") # ld.so is special: -addFilter("shared-lib-without-dependency-information /lib.*/ld-2.*\\.so") -# Handled via glibc_post_upgrade: -addFilter("postin-without-ldconfig") -# We will not rename glibc to follow the shlib policy -addFilter("shlib-policy-missing-suffix") -# libpthread and libnsl call exit - this is fine -addFilter("shared-lib-calls-exit") -# The man-pages package contains a number of man pages for programs that come -# with glibc, therefore do not warn about them -addFilter("glibc.*no-manual-page-for-binary (getent|iconv|ldd|ldconfig|locale)") -addFilter("nscd.*no-manual-page-for-binary nscd") +addFilter("shared-library-without-dependency-information /usr/lib.*/ld.*\.so") # the cross..-devel packages contain everything, in non-std paths, so no # ldconfig is wanted or needed (for sle-15 based trees), and we accept # the *.so symlinks, and deliver (target) binaries From 95c3ec44db9988a7f31af75412eebbf5fcce7fb68b8f29c52c1567f809d9df9c Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Wed, 17 Nov 2021 15:17:26 +0000 Subject: [PATCH 2/3] Accepting request 931976 from home:gbelinassi - Add ExtraBuildFlags for build flags that cannot be passed to configure. ------------------( below changes from previous sr )--------------------------- - Pass livepatchable flags directly to make. - Add optional support for livepatches (JSC #SLE-20049). - Generate ipa-clones tarball artifact when livepatch support is enabled. Userspace Livepatching allows your application to be updated without restarting. For a library to be livepatchable, it has to be compiled with special flags (-fpatchable-functions-entry=X,Y). To aid the development of livepatches, ipa-clones are also generated in the build process and packed into a livepatch-devel package. This package is meant to be used by developers during their workflow: these files contains log of changes that gcc did in the compiled code that may change code layout, which must be accounted when developing a livepatch. For instance, livepatching a function which is inlined requires livepatching every function that calls it. Tools that use such files already exists in kernel-livepatching and we aim porting them to userspace livepatching as well. OBS-URL: https://build.opensuse.org/request/show/931976 OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=606 --- glibc.changes | 7 +++++++ glibc.spec | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 64 insertions(+), 1 deletion(-) diff --git a/glibc.changes b/glibc.changes index 29e5279..01954db 100644 --- a/glibc.changes +++ b/glibc.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Nov 16 17:22:28 UTC 2021 - Giuliano Belinassi + +- Add ExtraBuildFlags for build flags that cannot be passed to configure. +- Add support for livepatches (JSC #SLE-20049). +- Generate ipa-clones tarball artifact when livepatching is enabled. + ------------------------------------------------------------------- Wed Nov 10 13:39:26 UTC 2021 - Andreas Schwab diff --git a/glibc.spec b/glibc.spec index 377a67d..ed58601 100644 --- a/glibc.spec +++ b/glibc.spec @@ -16,6 +16,24 @@ # +%if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1550 +%define livepatchable 1 + +# Set variables for livepatching. +%define _other %{_topdir}/OTHER +%define tar_basename glibc-livepatch-%{version}-%{release} +%define tar_package_name %{tar_basename}.%{_arch}.tar.xz +%define clones_dest_dir %{tar_basename}/%{_arch} +%else +# Unsupported operating system. +%define livepatchable 0 +%endif + +%ifnarch x86_64 +# Unsupported architectures must have livepatch disabled. +%define livepatchable 0 +%endif + # Run with osc --with=fast_build to have a shorter turnaround # It will avoid building some parts of glibc %bcond_with fast_build @@ -61,6 +79,7 @@ ExclusiveArch: do_not_build %define build_main 0 %define build_utils 1 %define build_testsuite 0 +%define livepatchable 0 %endif %if "%flavor" == "testsuite" %if %{with ringdisabled} @@ -69,6 +88,7 @@ ExclusiveArch: do_not_build %define build_main 0 %define build_utils 0 %define build_testsuite 1 +%define livepatchable 0 %endif %if 0%{?cross_arch:1} %define build_main 0 @@ -613,6 +633,7 @@ BuildFlags+=" -march=i686 -mtune=generic" %endif BuildCC="%__cc" BuildCCplus="%__cxx" + # #now overwrite for some architectures # @@ -658,6 +679,15 @@ BuildCCplus=%{cross_arch}-suse-linux-g++ %endif %endif +# Add build flags that cannot be passed to configure. +ExtraBuildFlags= +%if %{livepatchable} +# Append necessary flags for livepatch support, if enabled. Do it on make, else +# on configure GCC will report that it can't write the ipa-clones to /dev/ and +# configure will fail to detect that gcc support several flags. +ExtraBuildFlags+="-fpatchable-function-entry=16,14 -fdump-ipa-clones" +%endif + # # Build base glibc # @@ -725,7 +755,7 @@ esac exit $rc; } -make %{?_smp_mflags} +make %{?_smp_mflags} CFLAGS="$BuildFlags $ExtraBuildFlags" cd .. # @@ -824,6 +854,32 @@ make %{?_smp_mflags} -C cc-base check-abi %endif %install +%if %{livepatchable} + +# Ipa-clones are files generated by gcc which logs changes made across +# functions, and we need to know such changes to build livepatches +# correctly. These files are intended to be used by the livepatch +# developers and may be retrieved by using `osc getbinaries`. +# +# Create list of ipa-clones. +find . -name "*.ipa-clones" ! -empty | sed 's/^\.\///g' | sort > ipa-clones.list + +# Create ipa-clones destination folder and move clones there. +mkdir -p ipa-clones/%{clones_dest_dir} +while read f; do + _dest=ipa-clones/%{clones_dest_dir}/$f + mkdir -p ${_dest%/*} + cp $f $_dest +done < ipa-clones.list + +# Create tarball with ipa-clones. +tar cfJ %{tar_package_name} -C ipa-clones %{tar_basename} + +# Copy tarball to the OTHER folder to store it as artifact. +cp %{tar_package_name} %{_other} + +%endif # livepatchable + %if !%{build_testsuite} %if %{with usrmerged} From b7416ef0114058a7aba9ca9797ac69b973dfdc880d36a0d9b46ee9d74db7a3ef Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Wed, 17 Nov 2021 15:21:04 +0000 Subject: [PATCH 3/3] OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=607 --- glibc.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/glibc.spec b/glibc.spec index ed58601..cea999f 100644 --- a/glibc.spec +++ b/glibc.spec @@ -875,7 +875,7 @@ done < ipa-clones.list # Create tarball with ipa-clones. tar cfJ %{tar_package_name} -C ipa-clones %{tar_basename} -# Copy tarball to the OTHER folder to store it as artifact. +# Copy tarball to the OTHER folder to store it as artefact. cp %{tar_package_name} %{_other} %endif # livepatchable