[gentoo-commits] repo/gentoo:master commit in: sys-libs/libcap/, sys-libs/libcap/files/

["Sam James" <sam@gentoo.org>]

commit:     8b27cb9d5856f9461666b7e40bc047522ab91aed
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 20 08:28:30 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Nov 20 08:29:41 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b27cb9d

sys-libs/libcap: backport alignment fixes

This fixes a segfault in the test suite for abi_x86_32 and musl.

Closes: https://bugs.gentoo.org/820071
Thanks-to: Arsen Arsenovic <arsen <AT> aarsen.me>
Thanks-to: Andrew G. Morgan <morgan <AT> kernel.org>
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../files/libcap-2.60-libcap-alignment.patch       | 105 +++++++++++++++++++++
 sys-libs/libcap/libcap-2.60-r1.ebuild              |  89 +++++++++++++++++
 2 files changed, 194 insertions(+)

diff --git a/sys-libs/libcap/files/libcap-2.60-libcap-alignment.patch b/sys-libs/libcap/files/libcap-2.60-libcap-alignment.patch
new file mode 100644
index 000000000000..6081c7dc76e6
--- /dev/null
+++ b/sys-libs/libcap/files/libcap-2.60-libcap-alignment.patch
@@ -0,0 +1,105 @@
+https://bugs.gentoo.org/820071
+https://git.kernel.org/pub/scm/libs/libcap/libcap.git/patch/?id=c234bf90839f19e0332b586335411cb626a25a18
+https://git.kernel.org/pub/scm/libs/libcap/libcap.git/patch/?id=e9414f540a82b5348a12cfaddff229241564e1f3
+
+From: "Andrew G. Morgan" <morgan@kernel.org>
+Date: Sat, 13 Nov 2021 20:38:18 -0800
+Subject: Work around a __i386__ compilation issue for runnable .so files.
+
+This was reported by Sam James and debugged with respect to:
+
+  https://bugs.gentoo.org/show_bug.cgi?id=820071
+
+Modern versions of glibc employ SSE instructions that require the
+stack to be aligned to 16 bytes in order to execute movaps and
+friends to stack stored memory. The ABI for x86_64 requires this
+alignment so we'd not seen this issue before being cc:d into the
+bug.
+
+Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
+--- a/libcap/execable.h
++++ b/libcap/execable.h
+@@ -74,20 +74,26 @@ static void __execable_parse_args(int *argc_p, char ***argv_p)
+  * Note, to avoid any runtime confusion, SO_MAIN is a void static
+  * function.
+  */
++#if defined(__i386__)
++#define __SO_FORCE_ARG_ALIGNMENT  __attribute__((force_align_arg_pointer))
++#else
++#define __SO_FORCE_ARG_ALIGNMENT
++#endif /* def __i386 */
+ 
+-#define SO_MAIN						        \
+-static void __execable_main(int, char**);                       \
+-extern void __so_start(void);		                	\
+-void __so_start(void)                                           \
+-{                                                               \
+-    int argc;                                                   \
+-    char **argv;                                                \
+-    __execable_parse_args(&argc, &argv);                        \
++#define SO_MAIN							\
++static void __execable_main(int, char**);			\
++extern void __so_start(void);					\
++__SO_FORCE_ARG_ALIGNMENT					\
++void __so_start(void)						\
++{								\
++    int argc;							\
++    char **argv;						\
++    __execable_parse_args(&argc, &argv);			\
+     __execable_main(argc, argv);				\
+-    if (argc != 0) {                                            \
+-	free(argv[0]);                                          \
+-	free(argv);                                             \
+-    }                                                           \
+-    exit(0);                                                    \
+-}                                                               \
++    if (argc != 0) {						\
++	free(argv[0]);						\
++	free(argv);						\
++    }								\
++    exit(0);							\
++}								\
+ static void __execable_main
+
+From: "Andrew G. Morgan" <morgan@kernel.org>
+Date: Sun, 14 Nov 2021 20:38:30 -0800
+Subject: Work around musl not hard-coding the ABI for Linux x86_64.
+
+There seems to be a subtle difference between glibc and musl over
+whether or not a runnable *.so needs to start out with its stack
+aligned to 16 bytes or not. Since Linux ABIs for x86 (both 32 and
+64 bit varieties) require 16 byte alignment, just force it on both
+these architectures.
+
+This addresses:
+
+  https://bugzilla.kernel.org/show_bug.cgi?id=215009
+
+Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
+--- a/libcap/execable.h
++++ b/libcap/execable.h
+@@ -71,15 +71,19 @@ static void __execable_parse_args(int *argc_p, char ***argv_p)
+ }
+ 
+ /*
+- * Note, to avoid any runtime confusion, SO_MAIN is a void static
+- * function.
++ * Linux x86 ABI requires the stack be 16 byte aligned. Keep things
++ * simple and just force it.
+  */
+-#if defined(__i386__)
++#if defined(__i386__) || defined(__x86_64__)
+ #define __SO_FORCE_ARG_ALIGNMENT  __attribute__((force_align_arg_pointer))
+ #else
+ #define __SO_FORCE_ARG_ALIGNMENT
+-#endif /* def __i386 */
++#endif /* def some x86 */
+ 
++/*
++ * Note, to avoid any runtime confusion, SO_MAIN is a void static
++ * function.
++ */
+ #define SO_MAIN							\
+ static void __execable_main(int, char**);			\
+ extern void __so_start(void);					\
+cgit 1.2.3-1.el7

diff --git a/sys-libs/libcap/libcap-2.60-r1.ebuild b/sys-libs/libcap/libcap-2.60-r1.ebuild
new file mode 100644
index 000000000000..658d67d374c6
--- /dev/null
+++ b/sys-libs/libcap/libcap-2.60-r1.ebuild
@@ -0,0 +1,89 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit multilib-minimal toolchain-funcs pam usr-ldscript
+
+DESCRIPTION="POSIX 1003.1e capabilities"
+HOMEPAGE="https://sites.google.com/site/fullycapable/"
+SRC_URI="https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/${P}.tar.xz"
+
+# it's available under either of the licenses
+LICENSE="|| ( GPL-2 BSD )"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="pam static-libs tools"
+
+# While the build system optionally uses gperf, we don't DEPEND on it because
+# the build automatically falls back when it's unavailable.  #604802
+PDEPEND="pam? ( sys-libs/pam[${MULTILIB_USEDEP}] )"
+DEPEND="${PDEPEND}
+	sys-kernel/linux-headers"
+BDEPEND="tools? ( dev-lang/go )"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2.38-no_perl.patch
+	"${FILESDIR}"/${PN}-2.25-ignore-RAISE_SETFCAP-install-failures.patch
+	"${FILESDIR}"/${PN}-2.60-libcap-alignment.patch
+)
+
+QA_FLAGS_IGNORED="sbin/captree" # go binaries don't use LDFLAGS
+
+src_prepare() {
+	default
+	multilib_copy_sources
+}
+
+run_emake() {
+	local args=(
+		AR="$(tc-getAR)"
+		CC="$(tc-getCC)"
+		OBJCOPY="$(tc-getOBJCOPY)"
+		RANLIB="$(tc-getRANLIB)"
+		exec_prefix="${EPREFIX}"
+		lib_prefix="${EPREFIX}/usr"
+		lib="$(get_libdir)"
+		prefix="${EPREFIX}/usr"
+		PAM_CAP="$(usex pam yes no)"
+		DYNAMIC=yes
+		GOLANG="$(multilib_native_usex tools yes no)"
+	)
+	emake "${args[@]}" "$@"
+}
+
+src_configure() {
+	tc-export_build_env BUILD_CC
+	multilib-minimal_src_configure
+}
+
+multilib_src_compile() {
+	run_emake
+}
+
+multilib_src_test() {
+	run_emake test
+}
+
+multilib_src_install() {
+	# no configure, needs explicit install line #444724#c3
+	run_emake DESTDIR="${D}" install
+
+	gen_usr_ldscript -a cap
+	gen_usr_ldscript -a psx
+	if ! use static-libs ; then
+		rm "${ED}"/usr/$(get_libdir)/lib{cap,psx}.a || die
+	fi
+
+	# install pam plugins ourselves
+	rm -rf "${ED}"/usr/$(get_libdir)/security || die
+
+	if use pam ; then
+		dopammod pam_cap/pam_cap.so
+		dopamsecurity '' pam_cap/capability.conf
+	fi
+}
+
+multilib_src_install_all() {
+	dodoc CHANGELOG README doc/capability.notes
+}