Add sys-libs/glibc-2.25-r8

3 files changed, 530 insertions, 0 deletions

diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest
index 8d7b65ca..1e4a774e 100644
--- a/sys-libs/glibc/Manifest
+++ b/sys-libs/glibc/Manifest
@@ -10,6 +10,7 @@ AUX 2.19/glibc-2.19-ia64-gcc-4.8-reloc-hack.patch 1360 SHA256 f0d8bb004f598375b6
 AUX 2.20/glibc-2.20-gentoo-chk_fail.c 8978 SHA256 f9cc426b0fb21de1dc11bb36e43bca8e1b3114fe78f8b343f672a951a82c742e SHA512 5cb529ac9d18a315f25fd48a3a80a529924bee0588074c97e6df7dbe8568a67f786363c41da6300ea55818369e3609ed4315b2e2104f8a8b4f1266ba43076eda WHIRLPOOL 2d38c19a20226fc4687037b8bb19025065f039ddaa62466879ca98765c8899e64b147dd148565304419ed1a98fbe1f8403710b22c930b08a19bddba7e79b0f1d
 AUX 2.20/glibc-2.20-gentoo-stack_chk_fail.c 55 SHA256 ec73e74297b5eade591bfb3a2999989e2a7aa80752140048ffa67349635f05e7 SHA512 4dfec1bd17007b826110dcb73d09331a58b7a892c87de55b94480b14c28686442c567725b610082813411cf9911e180835a400a54ea704fe80f81cfba966a989 WHIRLPOOL b2b338a50f7895c530a71a19e4582bd0116a0b9d13b2e1505f0566924557493849f93cefb2c0ad1719ef684321e145129e0f72cfc9aa85a44ea7ebf910e7304c
 AUX 2.20/glibc-2.20-hardened-inittls-nosysenter.patch 9951 SHA256 992fb70b9b62674d94ef8938297a3f2591b3121495987d927f5a44c1d8788658 SHA512 a8302ee2963bd791be859233223b17cd154afbf04c13c046956bb1140d748272d7bcb3a6167ce8b61573ebcffe906dff064308374d2910656b8fad18480fe422 WHIRLPOOL b8753d6f1301650b91b5cf4f342de22010d819deb2bf4da27aac33d7540e15a140b8a7a4c5e111faba320873ed5784b22f6add29181fbaef14c3e9504b1b838f
+AUX 2.25/glibc-2.25-gentoo-chk_fail.c 9068 SHA256 cf8ba550579c9891bb0dd415df38fddc897ec0ff47f6b30ea935f0b34633106b SHA512 4503002b0e2cee0b6efc4599152d24fcff330157d4e35992a77d0d83a2decc4cf2da2b8645a44d90d428a1d82300a4fd8d13c5937b7c89f368c12b3c9139be6f WHIRLPOOL 1ac8777a52bb26fb9930720879d2e1d7c1b8e8c8bafaa611cca385c36301d67698b296032e66e20663c5ddc62e87220d172ceeef08b4fbfc63159f0f7b6ec099
 AUX 2.6/glibc-2.6-gentoo-stack_chk_fail.c 9545 SHA256 1410ded812be80d452eada5f9d6b9bd7bdb504c14f01cc27dce3e36b6f92b92a SHA512 360b77df2d19d14060e19e763878297bf042eccd5206ce4829a33c78c982b59b46144116d237a7cac73a22dd6cb4987c8dd50f1d16003baa22c2cb2942d2cbdf WHIRLPOOL 44e14dacdd258c46201a44c2c6aae4d975b960a914c24e49f2b39dae960636512049daa052d3cd8e8d93819d263327c28eac947efdb5d9e240d1bc6e9964016f
 AUX eblits/common.eblit 10979 SHA256 e36296dda2336f87875e7592b7ba997acdc5357c3b85a75265996f10dcc16600 SHA512 caed85afb3378f3be2bcb328cc67983da1caa87d04334fceef0a2a68e5297ff9577de98956be56884ed92ef97423d19e33c2b7d222a2b2c7f1c8288903611190 WHIRLPOOL ac24e9b0ab14da991a883048fcd0ca731d9260214ee83dfa606c52c63455be764f224e15fd3f9b6f9e10b8e34de4d531eb621ad12fec39919e6e240de5d859f3
 AUX eblits/pkg_postinst.eblit 1014 SHA256 010fb5397c21da846fa9575455956b6f55908cb700826dbb449be14c7721f1ad SHA512 b618f8f149690f52cb204e76c29f4cc1d91ed25f604d0377af47eae6797ebec2cb167140060ef99821f1363f87cbca00288c6c67cd4d80e28fc83a22bb842ca0 WHIRLPOOL 058bd46026b77c9e881112bfca2efe83fb66a9ea33ba8cc0556842013839f5cba60390f487b4e524016a1720ccab734e55cc9ca555369169a10daf56d24e0a73
@@ -40,6 +41,8 @@ DIST glibc-2.22.tar.xz 12969072 SHA256 eb731406903befef1d8f878a46be75ef862b9056a
 DIST glibc-2.23-patches-7.tar.bz2 315221 SHA256 97ef9e370ce9b09d8e9b9f6239f7ef94dd837d29b7bfc1404438c63da1d534ac SHA512 c0d0cab0a370acef0b085b0ab09ce868425a12bbb371d0a9ff91dc83a74a0d8d3b541d10c44650b00b7cb155f8ac1f87764e6a6bd9d6bae8a9a904b4df1650ef WHIRLPOOL 128ea1a2eeaad3d95cdf1054d10232a34e8f88d10ed8907a67d9ff02734243d20b21595ca3698a4861d9c65e2a59aedbcf8e399bd1ed879dba1556ce2995ad9b
 DIST glibc-2.23-patches-8.tar.bz2 304199 SHA256 6110777176abfb8d287d82804d98e007c255db6040a1beca589a212772c90482 SHA512 470814bbbd9d4ee5fa2dd7570a2e14b0229723e373e801472856fd6c2f089499eddc300f69b49af8ba0edbdca583ee3ca521fdb5c642509717cafea0ad925fd2 WHIRLPOOL 1ef9a431d67d7669f34f7db21185d50ddd6dc82c549a9ff274f0b98454417f4098ee771bfe10073be12d3c153ee46ff36e40b46ecb31844ab09791ae29b49074
 DIST glibc-2.23.tar.xz 13455260 SHA256 94efeb00e4603c8546209cefb3e1a50a5315c86fa9b078b6fad758e187ce13e9 SHA512 b82953388cd028e174cb08f082557bbce0dad8b67b17d31b29f90102fd52a51e03d591448ecb64882a1c1d5303afffc7f6ede85cee4c784a9284fbc9b4ad26cf WHIRLPOOL 7c7e3bf55a89a04bac917b9ca5a1cbb1613f22c427d2766f114b5a36f9635856005b823852ef5d3b73462b577fe4e5865e68e7b64633d48a95fa1e5eaa831a71
+DIST glibc-2.25-patches-11.tar.bz2 64221 SHA256 38c76c844238a7bbaecc85b359e67af6a98a1614f3196f25d85f83dec4358e99 SHA512 cbbbca9653f55f0cb3b73c38c979cb439c87b172819f3e999d2b435d59cd2bef2c89f11a398300c53f447ad433ee87f47a0f3e890c78f8694705c788455325dd WHIRLPOOL e61203ac129d7283f3beda1421e1365da58c229bcb6b6a1f8b71755d9ea0e2bfb64b8be69ab7698861a593d4b98ab6163d574f3c215fba0a0d9e6a1b15d2eed5
+DIST glibc-2.25.tar.xz 13873900 SHA256 067bd9bb3390e79aa45911537d13c3721f1d9d3769931a30c2681bfee66f23a0 SHA512 5b7a2418d5b8a1b6a907c6c7fb6477ee2a473151cb45e03d0d4cdd9a33497c90b1ee39e2e7e885e2b25743dcd3747336ef114b4a73eb001da1fd79f29e0f9a6e WHIRLPOOL dc2fafaa4a0e5581268338453838a03ed0c5e7a2af844e8fb7086ab8d3ae48efbdbe6f25db1d089ae669cd2f8b0412f690d965506753d86f8525da2df59b7953
 EBUILD glibc-2.17.ebuild 9868 SHA256 299508b4797c935349c500d35b3c0e917287b367db55357a9fb10b9e03d403a2 SHA512 78cee52cc1d0499afdc889c205d3affe7eb41f8214099abd9a68e37c20692fe52c7172be4c4010cb1ad4f8d92af81a8668972752b49960604109d58cce166841 WHIRLPOOL 2aaa77633f4462a556ce4c5fe3d90705711779d30db0e5f8d68d4c49b8f6c254a748a7723fe956c4c63458477a46b37b0203417025e68d2e7473c3deef042480
 EBUILD glibc-2.19-r1.ebuild 9781 SHA256 2ae4be63575708265bc5bb1a9dfd7da08469f4edbb6574a92334d1199302935b SHA512 51f56c39b2401d5d1d464625fd636ca62cfcb1c2410a8177a1a7c9a5439e3c43d4eb5f1db214848500f63b0404a29611a4627f05cd3867d42c0192539d14cfc5 WHIRLPOOL e5606ba3b6f5ee66e1c7df9ecde86a377e76a3293929643d297df2c08497a3dfe327de8a153489144d3faccdc99680e859bc4210908e77def4566ed108ecf71c
 EBUILD glibc-2.20-r2.ebuild 9344 SHA256 be4d9024e306778a1d26dccac4a11865b3420a31e2c75a69ff58e548001b2d8c SHA512 0fa30fd1bf896124541c648ee744e399b3f04f50730986a433ce83a29b33345643615a389d8ff688d915f19eb4c160f3cbcd132cd8d78b0a6b32efbf171c81ad WHIRLPOOL 20fcebb59236d6f264a5a358cc856f2024409a351bf42d55ecad4c859638aee3cff9f5f5e15745a8a0cf70873fe1f086feb0c46b283fc83d7f47b63d68bdce5a
@@ -49,3 +52,4 @@ EBUILD glibc-2.21-r2.ebuild 7803 SHA256 666533a30d5bbefb934af83bdee2827f6663617a
 EBUILD glibc-2.22-r4.ebuild 9363 SHA256 67bee8419cc0542bea3d480d969fa455bbee5f6ee71bf7ae0cd5c8baa582b376 SHA512 5e3722abc69f34da394ecdee3adad991a2cc1fc191e88846389ddbb080d691843d907044f245626d76732c0f1ab1328148ed30cf3b339f22232b2035dd48e65c WHIRLPOOL 723c8319d370b5bbb824caf7db9c8c5153c7427b993392a661acc961d2fc52ef517526dedeeb5c822a9e5865def77fe4a1121006d4fefc414e964e0999fe109c
 EBUILD glibc-2.23-r3.ebuild 7735 SHA256 0641cde2e00a4ade51293b7e22a3ad7e8eff2060c5c9836a27cb98b7e72a2c91 SHA512 e25e9a22da6f502051a618b39ba39a8b56f5d7fae20db1e72325e70d3e01a80e984007e15e5d02f86a8f233c8e694e5df4315c6b050556165bcdb18405ddc3f4 WHIRLPOOL 4bfc9647a5b204afb215cf491f3b6474f503afdd08e49ac8909916bc68a525b60b570a3df7dd305741cbd406a4da20cc2c76645871f447549e7861d2d6dc54af
 EBUILD glibc-2.23-r4.ebuild 7856 SHA256 dbde0163fb246c1aba79091094182cfc6dedbb103935ee83a2c8b57176a40459 SHA512 dda7f365b0356e37e74f38d56406bc9486b43985ed3a9d4d51d43a17ca77edff81336391bd7636e7632f38b7df0128b6bdecc2707d1a87f9825bc6c83df62189 WHIRLPOOL 77f2910c6770b152deb99d1866083ff8b5ef9aa1df0976b84a29a92d62a3f1c72b77d3fb4a7b336cb7d3e7de858c5df8ddfd2b5efc873bedc9bb6265681ed52d
+EBUILD glibc-2.25-r8.ebuild 8076 SHA256 9e8df3a46951bd59a2b610f24ccbe86d05ca437c832533973139d6a871736a5c SHA512 10f411c3298792a88f0f67991c6b48341b710e4d8103ec68a2948b0ee289ac4e10045558975483273370013a8c23f6785d55e060a1b10de5014b710c19dc3427 WHIRLPOOL f7e1205a4ca38f65a39cdd242f2e9ec5e4f7cdeedd6edcd564e41f6bebb1531691721e940375842ac950183802491081222cf42489e01ed337c1f0ba866cdb8d
diff --git a/sys-libs/glibc/files/2.25/glibc-2.25-gentoo-chk_fail.c b/sys-libs/glibc/files/2.25/glibc-2.25-gentoo-chk_fail.c
new file mode 100644
index 00000000..2ef96b75
--- /dev/null
+++ b/sys-libs/glibc/files/2.25/glibc-2.25-gentoo-chk_fail.c
@@ -0,0 +1,303 @@
+/* Copyright (C) 2004-2014 Free Software Foundation, Inc.
+   Copyright (C) 2006-2014 Gentoo Foundation Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+/* Hardened Gentoo SSP and FORTIFY handler
+
+   A failure handler that does not use functions from the rest of glibc;
+   it uses the INTERNAL_SYSCALL methods directly.  This helps ensure no
+   possibility of recursion into the handler.
+
+   Direct all bug reports to http://bugs.gentoo.org/
+
+   People who have contributed significantly to the evolution of this file:
+   Ned Ludd - <solar[@]gentoo.org>
+   Alexander Gabert - <pappy[@]gentoo.org>
+   The PaX Team - <pageexec[@]freemail.hu>
+   Peter S. Mazinger - <ps.m[@]gmx.net>
+   Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
+   Robert Connolly - <robert[@]linuxfromscratch.org>
+   Cory Visi <cory[@]visi.name>
+   Mike Frysinger <vapier[@]gentoo.org>
+   Magnus Granberg <zorry[@]gentoo.org>
+   Kevin F. Quinn - <kevquinn[@]gentoo.org>
+ */
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <signal.h>
+
+#include <sys/types.h>
+
+#include <sysdep-cancel.h>
+#include <sys/syscall.h>
+
+#include <kernel-features.h>
+
+#include <alloca.h>
+/* from sysdeps */
+#include <socketcall.h>
+/* for the stuff in bits/socket.h */
+#include <sys/socket.h>
+#include <sys/un.h>
+
+/* Sanity check on SYSCALL macro names - force compilation
+ * failure if the names used here do not exist
+ */
+#if !defined __NR_socketcall && !defined __NR_socket
+# error Cannot do syscall socket or socketcall
+#endif
+#if !defined __NR_socketcall && !defined __NR_connect
+# error Cannot do syscall connect or socketcall
+#endif
+#ifndef __NR_write
+# error Cannot do syscall write
+#endif
+#ifndef __NR_close
+# error Cannot do syscall close
+#endif
+#ifndef __NR_getpid
+# error Cannot do syscall getpid
+#endif
+#ifndef __NR_kill
+# error Cannot do syscall kill
+#endif
+#ifndef __NR_exit
+# error Cannot do syscall exit
+#endif
+#ifdef SSP_SMASH_DUMPS_CORE
+# define ENABLE_SSP_SMASH_DUMPS_CORE 1
+# if !defined _KERNEL_NSIG && !defined _NSIG
+#  error No _NSIG or _KERNEL_NSIG for rt_sigaction
+# endif
+# if !defined __NR_sigaction && !defined __NR_rt_sigaction
+#  error Cannot do syscall sigaction or rt_sigaction
+# endif
+/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t.
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for
+ * some reason.
+ */
+# ifdef _KERNEL_NSIG
+#  define _SSP_NSIG _KERNEL_NSIG
+# else
+#  define _SSP_NSIG _NSIG
+# endif
+#else
+# define _SSP_NSIG 0
+# define ENABLE_SSP_SMASH_DUMPS_CORE 0
+#endif
+
+/* Define DO_SIGACTION - default to newer rt signal interface but
+ * fallback to old as needed.
+ */
+#ifdef __NR_rt_sigaction
+# define DO_SIGACTION(signum, act, oldact) \
+	INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8)
+#else
+# define DO_SIGACTION(signum, act, oldact) \
+	INLINE_SYSCALL(sigaction, 3, signum, act, oldact)
+#endif
+
+/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */
+#if defined(__NR_socket) && defined(__NR_connect)
+# define USE_OLD_SOCKETCALL 0
+#else
+# define USE_OLD_SOCKETCALL 1
+#endif
+
+/* stub out the __NR_'s so we can let gcc optimize away dead code */
+#ifndef __NR_socketcall
+# define __NR_socketcall 0
+#endif
+#ifndef __NR_socket
+# define __NR_socket 0
+#endif
+#ifndef __NR_connect
+# define __NR_connect 0
+#endif
+#define DO_SOCKET(result, domain, type, protocol) \
+	do { \
+		if (USE_OLD_SOCKETCALL) { \
+			socketargs[0] = domain; \
+			socketargs[1] = type; \
+			socketargs[2] = protocol; \
+			socketargs[3] = 0; \
+			result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \
+		} else \
+			result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \
+	} while (0)
+#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \
+	do { \
+		if (USE_OLD_SOCKETCALL) { \
+			socketargs[0] = sockfd; \
+			socketargs[1] = (unsigned long int)serv_addr; \
+			socketargs[2] = addrlen; \
+			socketargs[3] = 0; \
+			result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \
+		} else \
+			result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \
+	} while (0)
+
+#ifndef _PATH_LOG
+# define _PATH_LOG "/dev/log"
+#endif
+
+static const char path_log[] = _PATH_LOG;
+
+/* For building glibc with SSP switched on, define __progname to a
+ * constant if building for the run-time loader, to avoid pulling
+ * in more of libc.so into ld.so
+ */
+#ifdef IS_IN_rtld
+static const char *__progname = "<ldso>";
+#else
+extern const char *__progname;
+#endif
+
+#ifdef GENTOO_SSP_HANDLER
+# define ERROR_MSG "stack smashing"
+#else
+# define ERROR_MSG "buffer overflow"
+#endif
+
+/* Common handler code, used by chk_fail
+ * Inlined to ensure no self-references to the handler within itself.
+ * Data static to avoid putting more than necessary on the stack,
+ * to aid core debugging.
+ */
+__attribute__ ((__noreturn__, __always_inline__))
+static inline void
+__hardened_gentoo_fail(void)
+{
+#define MESSAGE_BUFSIZ 512
+	static pid_t pid;
+	static int plen, i, hlen;
+	static char message[MESSAGE_BUFSIZ];
+	/* <11> is LOG_USER|LOG_ERR. A dummy date for loggers to skip over. */
+	static const char msg_header[] = "<11>" __DATE__ " " __TIME__ " glibc-gentoo-hardened-check: ";
+	static const char msg_ssd[] = "*** " ERROR_MSG " detected ***: ";
+	static const char msg_terminated[] = " terminated; ";
+	static const char msg_report[] = "report to " REPORT_BUGS_TO "\n";
+	static const char msg_unknown[] = "<unknown>";
+	static int log_socket, connect_result;
+	static struct sockaddr_un sock;
+	static unsigned long int socketargs[4];
+
+	/* Build socket address */
+	sock.sun_family = AF_UNIX;
+	i = 0;
+	while (path_log[i] != '\0' && i < sizeof(sock.sun_path) - 1) {
+		sock.sun_path[i] = path_log[i];
+		++i;
+	}
+	sock.sun_path[i] = '\0';
+
+	/* Try SOCK_DGRAM connection to syslog */
+	connect_result = -1;
+	DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0);
+	if (log_socket != -1)
+		DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+	if (connect_result == -1) {
+		if (log_socket != -1)
+			INLINE_SYSCALL(close, 1, log_socket);
+		/* Try SOCK_STREAM connection to syslog */
+		DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0);
+		if (log_socket != -1)
+			DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+	}
+
+	/* Build message.  Messages are generated both in the old style and new style,
+	 * so that log watchers that are configured for the old-style message continue
+	 * to work.
+	 */
+#define strconcat(str) \
+	({ \
+		i = 0; \
+		while ((str[i] != '\0') && ((i + plen) < (MESSAGE_BUFSIZ - 1))) { \
+			message[plen + i] = str[i]; \
+			++i; \
+		} \
+		plen += i; \
+	})
+
+	/* Tersely log the failure */
+	plen = 0;
+	strconcat(msg_header);
+	hlen = plen;
+	strconcat(msg_ssd);
+	if (__progname != NULL)
+		strconcat(__progname);
+	else
+		strconcat(msg_unknown);
+	strconcat(msg_terminated);
+	strconcat(msg_report);
+
+	/* Write out error message to STDERR, to syslog if open */
+	INLINE_SYSCALL(write, 3, STDERR_FILENO, message + hlen, plen - hlen);
+	if (connect_result != -1) {
+		INLINE_SYSCALL(write, 3, log_socket, message, plen);
+		INLINE_SYSCALL(close, 1, log_socket);
+	}
+
+	/* Time to kill self since we have no idea what is going on */
+	pid = INLINE_SYSCALL(getpid, 0);
+
+	if (ENABLE_SSP_SMASH_DUMPS_CORE) {
+		/* Remove any user-supplied handler for SIGABRT, before using it. */
+#if 0
+		/*
+		 * Note: Disabled because some programs catch & process their
+		 * own crashes.  We've already enabled this code path which
+		 * means we want to let core dumps happen.
+		 */
+		static struct sigaction default_abort_act;
+		default_abort_act.sa_handler = SIG_DFL;
+		default_abort_act.sa_sigaction = NULL;
+		__sigfillset(&default_abort_act.sa_mask);
+		default_abort_act.sa_flags = 0;
+		if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0)
+#endif
+			INLINE_SYSCALL(kill, 2, pid, SIGABRT);
+	}
+
+	/* SIGKILL is only signal which cannot be caught */
+	INLINE_SYSCALL(kill, 2, pid, SIGKILL);
+
+	/* In case the kill didn't work, exit anyway.
+	 * The loop prevents gcc thinking this routine returns.
+	 */
+	while (1)
+		INLINE_SYSCALL(exit, 1, 137);
+}
+
+__attribute__ ((__noreturn__))
+#ifdef GENTOO_SSP_HANDLER
+void __stack_chk_fail(void)
+#else
+void __chk_fail(void)
+#endif
+{
+	__hardened_gentoo_fail();
+}
+
+#ifdef GENTOO_SSP_HANDLER
+strong_alias (__stack_chk_fail, __stack_chk_fail_local)
+#endif
diff --git a/sys-libs/glibc/glibc-2.25-r8.ebuild b/sys-libs/glibc/glibc-2.25-r8.ebuild
new file mode 100644
index 00000000..097386df
--- /dev/null
+++ b/sys-libs/glibc/glibc-2.25-r8.ebuild
@@ -0,0 +1,223 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+
+inherit toolchain-glibc
+
+DESCRIPTION="GNU libc6 (also called glibc2) C library"
+HOMEPAGE="https://www.gnu.org/software/libc/libc.html"
+
+LICENSE="LGPL-2.1+ BSD HPND ISC inner-net rc PCRE"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86"
+RESTRICT="strip" # strip ourself #46186
+EMULTILIB_PKG="true"
+
+# Configuration variables
+RELEASE_VER=""
+case ${PV} in
+9999*)
+	EGIT_REPO_URIS="git://sourceware.org/git/glibc.git"
+	EGIT_SOURCEDIRS="${S}"
+	inherit git-2
+	;;
+*)
+	RELEASE_VER=${PV}
+	;;
+esac
+GCC_BOOTSTRAP_VER="4.7.3-r1"
+# patches live at https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/src/patchsets/glibc/
+PATCH_VER="11"                                  # Gentoo patchset
+: ${NPTL_KERN_VER:="2.6.32"}                   # min kernel version nptl requires
+
+GLIBC_PATCH_EXCLUDE+=" 0005_all_sys-types.h-drop-sys-sysmacros.h-include.patch"
+
+IUSE="audit caps debug gd hardened multilib nscd +rpc selinux systemtap profile suid vanilla crosscompile_opts_headers-only"
+
+# Here's how the cross-compile logic breaks down ...
+#  CTARGET - machine that will target the binaries
+#  CHOST   - machine that will host the binaries
+#  CBUILD  - machine that will build the binaries
+# If CTARGET != CHOST, it means you want a libc for cross-compiling.
+# If CHOST != CBUILD, it means you want to cross-compile the libc.
+#  CBUILD = CHOST = CTARGET    - native build/install
+#  CBUILD != (CHOST = CTARGET) - cross-compile a native build
+#  (CBUILD = CHOST) != CTARGET - libc for cross-compiler
+#  CBUILD != CHOST != CTARGET  - cross-compile a libc for a cross-compiler
+# For install paths:
+#  CHOST = CTARGET  - install into /
+#  CHOST != CTARGET - install into /usr/CTARGET/
+
+export CBUILD=${CBUILD:-${CHOST}}
+export CTARGET=${CTARGET:-${CHOST}}
+if [[ ${CTARGET} == ${CHOST} ]] ; then
+	if [[ ${CATEGORY} == cross-* ]] ; then
+		export CTARGET=${CATEGORY#cross-}
+	fi
+fi
+
+is_crosscompile() {
+	[[ ${CHOST} != ${CTARGET} ]]
+}
+
+# Why SLOT 2.2 you ask yourself while sippin your tea ?
+# Everyone knows 2.2 > 0, duh.
+SLOT="2.2"
+
+# General: We need a new-enough binutils/gcc to match upstream baseline.
+# arch: we need to make sure our binutils/gcc supports TLS.
+COMMON_DEPEND="
+	nscd? ( selinux? (
+		audit? ( sys-process/audit )
+		caps? ( sys-libs/libcap )
+	) )
+	suid? ( caps? ( sys-libs/libcap ) )
+	selinux? ( sys-libs/libselinux )
+	systemtap? ( dev-util/systemtap )
+"
+DEPEND="${COMMON_DEPEND}
+	>=app-misc/pax-utils-0.1.10
+	!<sys-apps/sandbox-1.6
+	!<sys-apps/portage-2.1.2"
+RDEPEND="${COMMON_DEPEND}
+	!sys-kernel/ps3-sources
+	sys-apps/gentoo-functions
+	!sys-libs/nss-db"
+
+if [[ ${CATEGORY} == cross-* ]] ; then
+	DEPEND+=" !crosscompile_opts_headers-only? (
+		>=${CATEGORY}/binutils-2.24
+		>=${CATEGORY}/gcc-4.7
+	)"
+	[[ ${CATEGORY} == *-linux* ]] && DEPEND+=" ${CATEGORY}/linux-headers"
+else
+	DEPEND+="
+		>=sys-devel/binutils-2.24
+		>=sys-devel/gcc-4.7
+		virtual/os-headers"
+	RDEPEND+=" vanilla? ( !sys-libs/timezone-data )"
+	PDEPEND+=" !vanilla? ( sys-libs/timezone-data )"
+fi
+
+upstream_uris() {
+	echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1
+}
+gentoo_uris() {
+	local devspace="HTTP~vapier/dist/URI HTTP~dilfridge/distfiles/URI HTTP~tamiko/distfiles/URI HTTP~slyfox/distfiles/URI"
+	devspace=${devspace//HTTP/https://dev.gentoo.org/}
+	echo mirror://gentoo/$1 ${devspace//URI/$1}
+}
+SRC_URI=$(
+	[[ -z ${EGIT_REPO_URIS} ]] && upstream_uris ${P}.tar.xz
+	[[ -n ${PATCH_VER}      ]] && gentoo_uris ${P}-patches-${PATCH_VER}.tar.bz2
+)
+SRC_URI+=" ${GCC_BOOTSTRAP_VER:+multilib? ( $(gentoo_uris gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2) )}"
+
+src_unpack() {
+	[[ -n ${GCC_BOOTSTRAP_VER} ]] && use multilib && unpack gcc-${GCC_BOOTSTRAP_VER}-multilib-bootstrap.tar.bz2
+
+	toolchain-glibc_src_unpack
+}
+
+src_prepare() {
+	case $(gcc-fullversion) in
+	4.8.[0-3]|4.9.0)
+		eerror "You need to switch to a newer compiler; gcc-4.8.[0-3] and gcc-4.9.0 miscompile"
+		eerror "glibc.  See https://bugs.gentoo.org/547420 for details."
+		die "need to switch compilers #547420"
+		;;
+	esac
+
+	toolchain-glibc_src_prepare
+
+	cd "${S}"
+
+	epatch "${FILESDIR}"/2.19/${PN}-2.19-ia64-gcc-4.8-reloc-hack.patch #503838
+
+	if use hardened ; then
+		# We don't enable these for non-hardened as the output is very terse --
+		# it only states that a crash happened.  The default upstream behavior
+		# includes backtraces and symbols.
+		einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler"
+		cp "${FILESDIR}"/2.20/glibc-2.20-gentoo-stack_chk_fail.c debug/stack_chk_fail.c || die
+		cp "${FILESDIR}"/2.25/glibc-2.25-gentoo-chk_fail.c debug/chk_fail.c || die
+
+		if use debug ; then
+			# Allow SIGABRT to dump core on non-hardened systems, or when debug is requested.
+			sed -i \
+				-e '/^CFLAGS-backtrace.c/ iCPPFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
+				-e '/^CFLAGS-backtrace.c/ iCPPFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
+				debug/Makefile || die
+		fi
+	fi
+
+
+	if ! [[ "${ARCH}" == "amd64" ]]; then
+		einfo "Architecture is not 'amd64' - no updates for x32 ABI required"
+	else
+		einfo "Architecture is 'amd64' - adjusting default paths for potential custom x32 ABI library paths"
+
+		local LD32="$( get_abi_LIBDIR x86 )"
+		local LDx32="$( get_abi_LIBDIR x32 )"
+		local LD64="$( get_abi_LIBDIR amd64 )"
+		local -i LD32l LDx32l LD64l
+		(( LD32l = ${#LD32} + 1 ))
+		(( LDx32l = ${#LDx32} + 1 ))
+		(( LD64l = ${#LD64} + 1 ))
+
+		# In order for this to work, LD64 and LDx32 must share a common root of
+		# LD32.  If this is not the case, then sysdeps/unix/sysv/linux/x86_64/dl-cache.h
+		# will need to be re-implemented.
+
+		local LDx32s="${LDx32#${LD32}}"
+		local LD64s="${LD64#${LD32}}"
+
+		einfo "Using the following libdir paths:"
+		einfo "  32-bit libraries in '${LD32}'"
+		einfo "  Long-mode 32-bit libraries in '${LDx32}'"
+		einfo "  64-bit libraries in '${LD64}'"
+
+		cd "${S}"
+
+		sed -i \
+			-e "s:/libx32:/${LDx32:-libx32}:g" \
+				sysdeps/unix/sysv/linux/x86_64/x32/configure \
+			|| die 'configure patch failed'
+
+		sed -i \
+			-e "/FLAG_ELF_LIBC6/{s:/lib/:/${LD32:-lib}/:}" \
+			-e "/FLAG_ELF_LIBC6/{s:/libx32/:/${LDx32:-libx32}/:}" \
+			-e "/FLAG_ELF_LIBC6/{s:/lib64/:/${LD64:-lib64}/:}" \
+				sysdeps/unix/sysv/linux/x86_64/ldconfig.h \
+			|| die 'known_interpreter_names replacement failed'
+
+		#      if (len >= 6 && ! memcmp (path + len - 6, "/lib64", 6))   \
+		#        {                                                       \
+		#          len -= 2;                                             \
+		#
+		#      else if (len >= 7                                         \
+		#               && ! memcmp (path + len - 7, "/libx32", 7))      \
+		#        {                                                       \
+		#          len -= 3;                                             \
+		#
+		#      if (len >= 4 && ! memcmp (path + len - 4, "/lib", 4))     \
+		#        {                                                       \
+		#          memcpy (path + len, "64", 3);                         \
+		#          add_dir (path);                                       \
+		#          memcpy (path + len, "x32", 4);                                \
+		sed -i \
+			-e "/ memcmp /{s:len >= 6 :len >= ${LD64l} : ; s: 6, \"/lib64\", 6): ${LD64l}, \"/${LD64:-lib64}\", ${LD64l}):}" \
+			-e "/len -= 2;/{s:len -= 2;:len -= ${#LD64s};:}" \
+			-e "/else if (len >= 7/{s:len >= 7:len >= ${LDx32l}:}" \
+			-e "/ memcmp /{s: 7, \"/libx32\", 7): ${LDx32l}, \"/${LDx32:-libx32}\", ${LDx32l}):}" \
+			-e "/len -= 3;/{s:len -= 3;:len -= ${#LDx32s};:}" \
+			-e "/ memcmp /{s:len >= 4 :len >= ${LD32l} : ; s: 4, \"/lib\", 4): ${LD32l}, \"/${LD32:-lib}\", ${LD32l}):}" \
+			-e "/memcpy /{s:len, \"64\", 3):len, \"${LD64s}\", $(( ${#LD64s} + 1 ))):}" \
+			-e "/memcpy /{s:len, \"x32\", 4):len, \"${LDx32s}\", $(( ${#LDx32s} + 1 ))):}" \
+				sysdeps/unix/sysv/linux/x86_64/dl-cache.h \
+			|| die 'dl-cache.h modification failed'
+
+		einfo "dl-cache.h now contains:"
+		cat sysdeps/unix/sysv/linux/x86_64/dl-cache.h
+	fi
+}