[uClibc] PATCH: My patches adapted to current cvs

Peter S. Mazinger ps.m at gmx.net
Mon Nov 8 16:33:08 UTC 2004 

On Mon, 8 Nov 2004, Joakim Tjernlund wrote:

> > On Mon, 8 Nov 2004, Joakim Tjernlund wrote:
> > 
> > > > On Behalf Of Peter S. Mazinger
> > > > Hello!
> > > > 
> > > > The attached tarball includes all the patches I consider going into 0.9.27
> > > > Apply them in the following order.
> > > > 1. asflags
> > > > Replaces all CFLAGS w/ ASFLAGS, if an object is built from assembler code.
> > > > The current functionality is not changed in any way.
> > > > I have left the usage of SFLAGS as it was (in context), these should be 
> > > > considered to be replaced w/ ASFLAGS+= and use ASFLAGS instead as compile 
> > > > option
> > > > 
> > > > 2. pie-correction
> > > > Removes the conditions to create the Scrt1.o file (the files are created 
> > > > on x86/ppc/frv all the time), and use the option only to build ldd/iconv 
> > > > as PIE executables.
> > > > The current functionality is not changed in any way.
> > > > 
> > > > 3. pie_support-has_pie
> > > > Renames UCLIBC_PIE_SUPPORT option to UCLIBC_BUILD_PIE
> > > > The current functionality is not changed, but due to the option name 
> > > > change, buildroot's configs have to adapted
> > > > 
> > > > 4. ssp-correction
> > > > Corrects the usage of the SSP_FLAGS
> > > > If UCLIBC_PROPOLICE is not enabled, the current functionality is not 
> > > > changed in any way. If the option is enabled, all libs and execs are built 
> > > > w/ -fstack-protector and -fstack-protector-all enabling full protection, 
> > > > unless it is not possible for some reason (libc/ldso)
> > > > 
> > > > 5. propolice-has_ssp
> > > > The UCLIBC_PROPOLICE option is splitted to UCLIBC_HAS_SSP and 
> > > > UCLIBC_BUILD_SSP, meaning:
> > > > HAS_SSP: add ssp.c to libc
> > > > BUILD_SSP: build all the libs/execs w/ max. ssp protection
> > > > Current functionality is not changed, but due to the option name change, 
> > > > buildroot's configs have to be adapted
> > > > 
> > > > 6. sec
> > > > Adds a security submenu to menuconfig, moving PIE and SSP related options 
> > > > there and adds UCLIBC_BUILD_RELRO and UCLIBC_BUILD_NOW options, meaning 
> > > > build all w/ -z relro, resp. build all w/ -z now.
> > > > The new options default to n.
> > > > The current functionality is not changed.
> > > > Maybe it would be better to also add a common security option, and if that 
> > > > one is disabled, all the others in the submenu are disabled as well (if 
> > > > future changes are done within this submenu, those not setting the common 
> > > > security option won't see any change, the build systems won't have to 
> > > > change/adapt configs)
> > > > 
> > > > 7. main
> > > > Part of Jocke's .protected main patch
> > > > 
> > > > 8. zdefs
> > > > Adds zdefs commonly to all LDFLAGS (can only be used in conjunction 
> > > > w/ patch 7. 
> > > > on x86, else libc will fail to build)
> > > > 
> > > > 9. fgets_unlocked
> > > > adds extern fgets_unlocked where needed
> > > > 
> > > > 10. no_dl_do_copy_reloc
> > > > disables dl_do_copy_reloc, it's not used
> > > > 
> > > > 11. nocache
> > > > This patch was already sent to the list, and was not accepted, because it 
> > > > has too many ifdefs, it makes ld.so smaller if ld.so.cache support is 
> > > > disabled. Maybe someone can reorganize it, so that fewer ifdefs are used.
> > > > Does not influence the current functionality.
> > > > 
> > > > 12. getent
> > > > Shell script that simulates glibc's getent binary where possible. Please 
> > > > consider adding it to docs or debian.
> > > > 
> > > > Peter
> > > 
> > > After a quick look I think 1-6 are OK and could probably go in. Need Eriks
> > > blessing first though.
> > > 
> > > 7 and 8: OK, if Erik is OK with this. I am not sure that nothing bad will happen.
> > > 
> > > 9. No comment, I have no idea as to why this is needed.
> > 
> > only to get rid of a warning about implicit use, when the .c file is 
> > compiled.
> 
> hmm, you also change fgets_unlocked to __fgets_unlocked

than use only w/o __ ;)
> 
> > 
> > > 
> > > 10. Sure, will do.
> > 
> > what about 11 ;)
> 
> Forgot that one :) Will look closer a rainy day. Can't find the time to
> do that now.
> 
> > 
> > > 
> > > 12. No comment, I have no idea as to why this is needed.
> > 
> > many packages make use of getent instead of grepping passwd/group to check 
> > for existence of a user/group in post-install-scripts 
> > (rpms/debs/tbz2/tgz). 
> > They use it because the user/group db could be located on an ldap or 
> > nis server and getent from glibc is ldap/nis aware. uclibc does not 
> > support (yet) ldap and won't support nis, so this simulates the glibc 
> > getent binary based on passwd/group/aliases/hosts/networks and so on... 
> > and allows it to be used as drop in replacement. Currently gentoo makes 
> > use of it, and I am using it w/ my rpms.
> 
> OK, but I will leave this to Erik.
> 
> 

-- 
Peter S. Mazinger <ps dot m at gmx dot net>           ID: 0xA5F059F2
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08  BB6E C389 975E A5F0 59F2

More information about the uClibc mailing list