3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

68 commits

Author SHA1 Message Date
volth 52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
John Ericson ee4b56edd3 Merge remote-tracking branch 'upstream/master' into staging 2018-05-11 14:36:08 -04:00
John Ericson f18ddabee7 Merge remote-tracking branch 'upstream/master' into lib-float 2018-05-10 18:13:00 -04:00
John Ericson e98814461d glibc: Remove old-style nullable "cross" variable
Much better to just use {build,host}Platform directly.
2018-05-10 18:05:08 -04:00
John Ericson 1fe81a4bcd lib: Clean up float/fpu options
ARM ABIs now have a float field. This is used as a fallback to lessen
our use of `platform.gcc.float`. I didn't know what the MIPs convention
is so I kept using `platform.gcc.float` in that case.
2018-05-10 18:02:00 -04:00
Matthew Justin Bauer eeb016e8f0
Merge branch 'staging' into fix-ncurses-darwin-extensions 2018-05-02 15:40:38 -05:00
John Ericson b9acfb4ecf treewide: isArm -> isAarch32
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.

The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:

```
ISA:             ARMv8   {-A, -R, -M}
                 /    \
Mode:     Aarch32     Aarch64
             |         /   \
Encoding:   A64      A32   T32
```

At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.

The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.

[1]: https://developer.arm.com/products/architecture/a-profile

(cherry picked from commit ba52ae5048)
2018-04-25 15:50:41 -04:00
John Ericson ba52ae5048 treewide: isArm -> isAarch32
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.

The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:

```
ISA:             ARMv8   {-A, -R, -M}
                 /    \
Mode:     Aarch32     Aarch64
             |         /   \
Encoding:   A64      A32   T32
```

At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.

The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.

[1]: https://developer.arm.com/products/architecture/a-profile
2018-04-25 15:28:55 -04:00
Jan Malakhovski 7438083a4d tree-wide: disable doCheck and doInstallCheck where it fails (the trivial part) 2018-04-25 04:18:46 +00:00
Will Dietz c3ab285ce2 glibc: use local copy of patch to fix w/musl
fetchpatch doesn't work with bootstrap fetchurl,
so just use local file like we do for other glibc patches.
2018-04-24 16:57:57 -05:00
Vladimír Čunát 17c4b83d05
Merge #31320: docs and glibc: explicit comments on outputs 2018-04-22 11:55:23 +02:00
Shea Levy 273e58ebd9
glibc: Make 2.27 the default. 2018-03-17 21:58:14 -04:00
Will Dietz 54c4c183dd glibc: make fetchpatch optional ("? null"), just in case. 2018-03-11 11:16:53 -05:00
Will Dietz 82644c15e5 glibc: patch to fix building w/musl-based stdenv
See:
https://sourceware.org/bugzilla/show_bug.cgi?id=21604
2018-03-11 10:53:31 -05:00
Ben Gamari a868bf3797 glibc: Fix cross-compilation of locales 2018-02-13 09:44:26 -06:00
John Ericson 7d0d12e3e0 glibc: Remove two tiny old cross hacks
- Name is already suffixed

 - Env vars are already exported
2018-01-26 21:01:33 -05:00
John Ericson 71f814a889 lib, glibc: Get rid of withTLS
glibc removed the underlying flag in 2011 in
83cd14204559abbb52635006832eaf4d2f42514a [1].

This gets us one step closer to fixing #34274: the cross stdenv for
aarch64-unknown-linux-gnu at least evals now.

Thanks to @Dezgeg for doing all the research for this.

[1]: https://sourceware.org/git/?p=glibc.git;a=commit;h=83cd14204559abbb52635006832eaf4d2f42514a
2018-01-26 23:29:06 +02:00
Vladimír Čunát 990ff97c6d
glibc: 2.26-115 -> 2.26-131 to fix CVE-2018-1000001
/cc https://github.com/NixOS/nixpkgs/issues/33826#issuecomment-357436030
2018-01-14 20:41:43 +01:00
John Ericson 4d2b763817
Merge pull request #26805 from obsidiansystems/cross-elegant
Make cross compilation elegant
2017-12-30 22:58:02 -05:00
John Ericson 5b74540c5b treewide: Use depsBuildBuild for buildPackges.stdenv.cc 2017-12-30 22:04:21 -05:00
Vladimír Čunát 87acb2b9fd
glibc: support RHEL 6 -like kernels again
We lost the support with 2.25 -> 2.26
2017-12-21 21:56:31 +01:00
Vladimír Čunát a139613983
glibc: maintenance 2.26-75 -> 2.26-115 2017-12-20 15:31:13 +01:00
Orivej Desh 035b589245 glibc: support obsolete "compat" in nsswitch.conf
Fixes #31700. See https://bugs.archlinux.org/task/54592.
2017-11-17 06:37:25 +00:00
Ilya Kolpakov e4afe8fc6c glibc: comments on bin not being the first output
The glibc package does not respect a standard convention to put the
executables in the first output which should be as clear as possible
to anyone seeking to use such executables (e.g. `ldd`). This commit
adds a detailed comment a the top of `common.nix` explaining the
deviation from the convention and how to reference the binaries.
2017-11-06 16:47:30 +01:00
Vladimír Čunát 9bb67d5c1e
glibc: 2.25-49 -> 2.26-75
Security: the NEWS claims a couple more CVEs are fixed than what we
patched, though perhaps nothing critical.

I personally don't find DNS fragmentation attacks that interesting
anymore, as it's just about weaker improvements for cases that choose
not to use DNSSEC.

Largest expected caveat: upstream bumped the minimal supportable kernel
to 3.2.0.  That's the oldest kernel still supported upstream, released
in Jan 2012, but most notably RHEL 6 and derivates still use a heavily
patched 2.6.32 kernel and those systems are still supported and in use
(production support is scheduled to last till the end of 2020!).
2017-11-05 19:10:42 +01:00
John Ericson 8bfb247224 glibc: Grab the right linux headers when build != host
In #28519 / 791ce593ce I made linux
headers be intended to be used from the stage stage, as it would be if
it were a library containing headers and code. I forgot to update glibc,
however, so it was incorrectly using headers for the build platform, not
host platform.

This fixes that, basically reverting a small portion of changes I made a
few months ago in 25edc476fd and its
parent.

No native hashes are changed.
2017-09-20 20:57:41 -04:00
Vladimír Čunát bdfc989bba
glibc: remove a fixup; not needed since glibc-2.22 2017-09-02 17:22:37 +02:00
Vladimír Čunát 0f91a1dbd7
glibc: remove patch with blowfish support 2017-09-02 17:22:37 +02:00
Vladimír Čunát 51cf42ad0d
glibc: 2.25 -> 2.25-49
Various fixes within, e.g. mutexes deadlocking sometimes.
https://sourceware.org/git/?p=glibc.git;a=blob;f=NEWS;h=f7057710f14d6c
2017-09-02 17:22:36 +02:00
Tuomas Tynkkynen f9b2d7b4dd Revert "binutils: 2.28 -> 2.29"
This reverts commit 733e20fee4.

Downgrading to 2.28.1, 2.29 is too buggy.
2017-08-17 18:37:04 +03:00
Tim Steinbach 733e20fee4
binutils: 2.28 -> 2.29
Binutils 2.29 no longer allows .semver symbols, which is why
we need to patch glibc to avoid them
2017-07-29 13:23:59 -04:00
rnhmjoj 8fcc92fc69
glibc: fix unaligned __tls_get_addr issue 2017-07-06 13:51:50 +02:00
Franz Pletz 7cfd1c8c1b
glibc: fix i686 build 2017-06-26 02:19:08 +02:00
Franz Pletz 2296bf394e
glibc: patch CVE-2017-1000366 (stack clash) 2017-06-22 00:44:35 +02:00
John Ericson 25edc476fd glibc: Simplify derivation further
No native hashes should be changed with this commit
default.nix's cross hash should also not be changed
2017-05-20 22:17:28 -04:00
John Ericson 7e096024d7 glibc: Fix for cross 2017-05-19 18:44:24 -04:00
John Ericson 8328e3d3a6 glibc: Remove hack around long-fixed bug
https://sourceware.org/bugzilla/show_bug.cgi?id=411 was solved in 2012.
2017-04-25 21:43:15 -04:00
Vladimír Čunát e47ac55a21
glibc: apply the i686 patch only on i686
... to reduce rebuilding. /cc #23177.
2017-04-10 11:18:50 +02:00
Vladimír Čunát c30b12b9a5
glibc: fix i686 crashes via an upstream patch
Fixes #23177.
2017-04-10 11:13:00 +02:00
Vladimír Čunát 09d02f72f6
Re-revert "Merge: glibc: 2.24 -> 2.25"
This reverts commit 55cc7700e9.
I hope most problems have been solved.  /cc #22874.
2017-02-20 21:16:41 +01:00
Vladimír Čunát 55cc7700e9
Revert "Merge: glibc: 2.24 -> 2.25"
This reverts commit 1daf2e26d2, reversing
changes made to c0c50dfcb7.

It seems this is what has been causing all the reliability problems
on Hydra.  I'm currently unable to find why it happens, so I'm forced
to revert the update for now.  Discussion: #22874.
2017-02-16 18:16:06 +01:00
Vladimír Čunát a01f8a4c38
glibc: security 2.24 -> 2.25
https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html

Stripping was failing on libm.a; I don't know why.
2017-02-11 22:14:49 +01:00
Tuomas Tynkkynen 41fd1ed903 glibc: Check that 'cross.float' is defined
Because if we define it, then gcc compilation fails because it doesn't
support --with-float for aarch64.
2017-01-24 22:13:47 +02:00
Franz Pletz 3ba99f83a7
glibc: enable stackprotection hardening
Enables previously manually disabled stackprotector and stackguard
randomization.

From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511811:

    If glibc is built with the --enable-stackguard-randomization option,
    each application gets a random canary value (at runtime) from /dev/urandom.
    If --enable-stackguard-randomization is absent, applications get a static
    canary value of "0xff0a0000". This is very unfortunate, because the
    attacker may be able to bypass the stack protection mechanism, by placing
    those 4 bytes in the canary word, before the actual canary check is
    performed (for example in memcpy-based buffer overflows).
2016-09-12 02:36:11 +02:00
Tuomas Tynkkynen e065baafba glibc: Make one exception for output order
Usages like '${stdenv.cc.libc}/lib/ld-linux-x86-64.so.2' are much more
common than the bin output.
2016-08-29 14:49:52 +03:00
Tuomas Tynkkynen a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Tuomas Tynkkynen d1c7eb8098 glibc: Uncomment 'meta.platforms' 2016-08-28 18:04:09 +03:00
obadz 9744c7768d glibc: 2.23 -> 2.24
- Removed patches that were merged upstream
- Removed --localdir from configureFlags as according to
  https://sourceware.org/bugzilla/show_bug.cgi?id=14259
  it was unused before
2016-08-19 15:05:41 +01:00
Eric Litak 251c97adee fix brace warnings in glibc 2016-05-31 16:28:05 -07:00
Scott R. Parish 64f5845418 glibc: patch 2.23 for CVE-2016-3075, CVE-2016-1234, CVE-2016-3706
This addresses the following security advisories:

+ CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r
+ CVE-2016-1234: glob: buffer overflow with GLOB_ALTDIRFUNC due to incorrect
                 NAME_MAX limit assumption
+ CVE-2016-3706: getaddrinfo: stack overflow in hostent conversion

Patches cherry-picked from glibc's release/2.23/master branch.

The "glob-simplify-interface.patch" was a dependency for
"cve-2016-1234.patch".
2016-05-13 23:47:17 -07:00