diff options
| author | Alyssa Ross <hi@alyssa.is> | 2022-12-06 19:57:55 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2023-02-08 13:48:30 +0000 |
| commit | bf3aadfdd39aa197e18bade671fab6726349ffa4 (patch) | |
| tree | 698567af766ed441d757b57a7b21e68d4a342a2b /nixpkgs/pkgs/development/libraries/glibc/common.nix | |
| parent | f4afc5a01d9539ce09e47494e679c51f80723d07 (diff) | |
| parent | 99665eb45f58d959d2cb9e49ddb960c79d596f33 (diff) | |
| download | nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.gz nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.bz2 nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.lz nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.xz nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.zst nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.zip | |
Merge commit '99665eb45f58d959d2cb9e49ddb960c79d596f33'
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/glibc/common.nix')
| -rw-r--r-- | nixpkgs/pkgs/development/libraries/glibc/common.nix | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/nixpkgs/pkgs/development/libraries/glibc/common.nix b/nixpkgs/pkgs/development/libraries/glibc/common.nix index ffec9972d287..6ed0a4d4da0f 100644 --- a/nixpkgs/pkgs/development/libraries/glibc/common.nix +++ b/nixpkgs/pkgs/development/libraries/glibc/common.nix @@ -43,9 +43,9 @@ } @ args: let - version = "2.33"; - patchSuffix = "-117"; - sha256 = "sha256-LiVWAA4QXb1X8Layoy/yzxc73k8Nhd/8z9i35RoGd/8="; + version = "2.35"; + patchSuffix = "-163"; + sha256 = "sha256-USNzL2tnzNMZMF79OZlx1YWSEivMKmUYob0lEN0M9S4="; in assert withLinuxHeaders -> linuxHeaders != null; @@ -62,14 +62,14 @@ stdenv.mkDerivation ({ patches = [ /* No tarballs for stable upstream branch, only https://sourceware.org/git/glibc.git and using git would complicate bootstrapping. - $ git fetch --all -p && git checkout origin/release/2.33/master && git describe - glibc-2.33-117-g55446dd8a2 - $ git show --minimal --reverse glibc-2.33.. | gzip -9n --rsyncable - > 2.33-master.patch.gz + $ git fetch --all -p && git checkout origin/release/2.35/master && git describe + glibc-2.35-210-ge123f08ad5 + $ git show --minimal --reverse glibc-2.35.. | gzip -9n --rsyncable - > 2.35-master.patch.gz To compare the archive contents zdiff can be used. - $ zdiff -u 2.33-master.patch.gz ../nixpkgs/pkgs/development/libraries/glibc/2.33-master.patch.gz + $ zdiff -u 2.35-master.patch.gz ../nixpkgs/pkgs/development/libraries/glibc/2.35-master.patch.gz */ - ./2.33-master.patch.gz + ./2.35-master.patch.gz /* Allow NixOS and Nix to handle the locale-archive. */ ./nix-locale-archive.patch @@ -115,16 +115,12 @@ stdenv.mkDerivation ({ sha256 = "091bk3kyrx1gc380gryrxjzgcmh1ajcj8s2rjhp2d2yzd5mpd5ps"; }) - /* Provide utf-8 locales by default, so we can use it in stdenv without depending on our large locale-archive. */ - (fetchurl { - url = "https://salsa.debian.org/glibc-team/glibc/raw/49767c9f7de4828220b691b29de0baf60d8a54ec/debian/patches/localedata/locale-C.diff"; - sha256 = "0irj60hs2i91ilwg5w7sqrxb695c93xg0ik7yhhq9irprd7fidn4"; - }) - ./fix-x64-abi.patch /* https://github.com/NixOS/nixpkgs/pull/137601 */ ./nix-nss-open-files.patch + + ./0001-Revert-Remove-all-usage-of-BASH-or-BASH-in-installed.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ./fix-rpc-types-musl-conflicts.patch ++ lib.optional stdenv.buildPlatform.isDarwin ./darwin-cross-build.patch; @@ -138,6 +134,10 @@ stdenv.mkDerivation ({ # nscd needs libgcc, and we don't want it dynamically linked # because we don't want it to depend on bootstrap-tools libs. echo "LDFLAGS-nscd += -static-libgcc" >> nscd/Makefile + + # Ensure that `__nss_files_fopen` can still be wrapped by `libredirect`. + sed -i -e '/libc_hidden_def (__nss_files_fopen)/d' nss/nss_files_fopen.c + sed -i -e '/libc_hidden_proto (__nss_files_fopen)/d' include/nss_files.h '' # FIXME: find a solution for infinite recursion in cross builds. # For now it's hopefully acceptable that IDN from libc doesn't reliably work. @@ -157,7 +157,7 @@ stdenv.mkDerivation ({ [ "-C" "--enable-add-ons" "--sysconfdir=/etc" - "--enable-stackguard-randomization" + "--enable-stack-protector=strong" "--enable-bind-now" (lib.withFeatureAs withLinuxHeaders "headers" "${linuxHeaders}/include") (lib.enableFeature profilingLibraries "profile") @@ -167,6 +167,9 @@ stdenv.mkDerivation ({ # and on aarch64 with binutils 2.30 or later. # https://sourceware.org/glibc/wiki/PortStatus "--enable-static-pie" + ] ++ lib.optionals stdenv.hostPlatform.isx86 [ + # Enable Intel Control-flow Enforcement Technology (CET) support + "--enable-cet" ] ++ lib.optionals withLinuxHeaders [ "--enable-kernel=3.2.0" # can't get below with glibc >= 2.26 ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ @@ -188,8 +191,10 @@ stdenv.mkDerivation ({ installFlags = [ "sysconfdir=$(out)/etc" ]; + # out as the first output is an exception exclusive to glibc outputs = [ "out" "bin" "dev" "static" ]; + strictDeps = true; depsBuildBuild = [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ bison python3Minimal ] ++ extraNativeBuildInputs; buildInputs = [ linuxHeaders ] ++ lib.optionals withGd [ gd libpng ] ++ extraBuildInputs; |