Accepting request 1070768 from home:gbelinassi
- Enable livepatching support on x86_64. OBS-URL: https://build.opensuse.org/request/show/1070768 OBS-URL: https://build.opensuse.org/package/show/Linux-PAM/pam?expand=0&rev=272
This commit is contained in:
Git OBS Bridge
parent
7d61bc6b2a
commit
b0799e0d72
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 10 18:27:09 UTC 2023 - Giuliano Belinassi <giuliano.belinassi@suse.com>
|
||||
|
||||
- Enable livepatching support on x86_64.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 24 08:38:04 UTC 2023 - Valentin Lefebvre <valentin.lefebvre@suse.com>
|
||||
|
||||
|
||||
51
pam.spec
51
pam.spec
@ -15,6 +15,26 @@
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
%if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1550
|
||||
# Enable livepatching support for SLE15-SP4 onwards. It requires
|
||||
# compiler support introduced there.
|
||||
%define livepatchable 1
|
||||
|
||||
# Set variables for livepatching.
|
||||
%define _other %{_topdir}/OTHER
|
||||
%define tar_basename pam-livepatch-%{version}-%{release}
|
||||
%define tar_package_name %{tar_basename}.%{_arch}.tar.xz
|
||||
%define clones_dest_dir %{tar_basename}/%{_arch}
|
||||
%else
|
||||
# Unsupported operating system.
|
||||
%define livepatchable 0
|
||||
%endif
|
||||
|
||||
%ifnarch x86_64
|
||||
# Unsupported architectures must have livepatch disabled.
|
||||
%define livepatchable 0
|
||||
%endif
|
||||
|
||||
%bcond_with debug
|
||||
|
||||
%define flavor @BUILD_FLAVOR@%{nil}
|
||||
@ -184,6 +204,9 @@ export CFLAGS="%{optflags}"
|
||||
%if !%{with debug}
|
||||
CFLAGS="$CFLAGS -DNDEBUG"
|
||||
%endif
|
||||
%if %{livepatchable}
|
||||
CFLAGS="$CFLAGS -fpatchable-function-entry=16,14 -fdump-ipa-clones"
|
||||
%endif
|
||||
%configure \
|
||||
--includedir=%{_includedir}/security \
|
||||
--docdir=%{_docdir}/pam \
|
||||
@ -197,6 +220,33 @@ CFLAGS="$CFLAGS -DNDEBUG"
|
||||
%endif
|
||||
|
||||
%make_build
|
||||
|
||||
%if %{livepatchable}
|
||||
|
||||
# Ipa-clones are files generated by gcc which logs changes made across
|
||||
# functions, and we need to know such changes to build livepatches
|
||||
# correctly. These files are intended to be used by the livepatch
|
||||
# developers and may be retrieved by using `osc getbinaries`.
|
||||
#
|
||||
# Create list of ipa-clones.
|
||||
find . -name "*.ipa-clones" ! -empty | sed 's/^\.\///g' | sort > ipa-clones.list
|
||||
|
||||
# Create ipa-clones destination folder and move clones there.
|
||||
mkdir -p ipa-clones/%{clones_dest_dir}
|
||||
while read f; do
|
||||
_dest=ipa-clones/%{clones_dest_dir}/$f
|
||||
mkdir -p ${_dest%/*}
|
||||
cp $f $_dest
|
||||
done < ipa-clones.list
|
||||
|
||||
# Create tar package with the clone files.
|
||||
tar cfJ %{tar_package_name} -C ipa-clones %{tar_basename}
|
||||
|
||||
# Copy tar package to the OTHERS folder
|
||||
cp %{tar_package_name} %{_other}
|
||||
|
||||
%endif # livepatchable
|
||||
|
||||
gcc -fwhole-program -fpie -pie -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE %{optflags} -I%{_builddir}/Linux-PAM-%{version}/libpam/include %{SOURCE10} -o %{_builddir}/unix2_chkpwd -L%{_builddir}/Linux-PAM-%{version}/libpam/.libs -lpam
|
||||
|
||||
%if %{build_main}
|
||||
@ -213,6 +263,7 @@ mkdir -p %{buildroot}/sbin
|
||||
mkdir -p -m 755 %{buildroot}%{_libdir}
|
||||
# For compat reasons
|
||||
mkdir -p %{buildroot}%{_distconfdir}/pam.d
|
||||
|
||||
%make_install
|
||||
/sbin/ldconfig -n %{buildroot}%{libdir}
|
||||
# Install documentation
|
||||
|
||||
Loading…
Reference in New Issue
Block a user