diff options
author | P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com> | 2023-07-08 01:05:27 +0300 |
---|---|---|
committer | P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com> | 2023-12-31 16:58:43 +0300 |
commit | 7f53998bd3726c808abf8b0c4950e25db29d9ea2 (patch) | |
tree | 72543541bb498087ff726a8996bddebfe87229ac /meta-openbmc-mods/meta-common/recipes-support/libcap | |
parent | 9ad1806592d6c8e3111b9c26db1882f2af49d64c (diff) | |
download | openbmc-7f53998bd3726c808abf8b0c4950e25db29d9ea2.tar.xz |
Update to internal 1-1.11-1
Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-support/libcap')
4 files changed, 175 insertions, 0 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch b/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch new file mode 100644 index 000000000..05c771ac1 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch @@ -0,0 +1,32 @@ +Ensure the XATTR_NAME_CAPS is defined when it is used + +Upstream-Status: Pending + +VFS_CAP_U32 can not ensure that XATTR_NAME_CAPS is defined, and failed to build +libcap-native in old release, like CentOS release 6.7 (Final), with the blow +error: + cap_file.c: In function ‘cap_get_fd’: + cap_file.c:199: error: ‘XATTR_NAME_CAPS’ undeclared (first use in this function) + cap_file.c:199: error: (Each undeclared identifier is reported only once + +Signed-off-by: Roy Li <rongqing.li@windriver.com> +--- + libcap/cap_file.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libcap/cap_file.c b/libcap/cap_file.c +index 40756ea..e27ca80 100644 +--- a/libcap/cap_file.c ++++ b/libcap/cap_file.c +@@ -25,7 +25,7 @@ extern int fremovexattr(int, const char *); + + #include "libcap.h" + +-#ifdef VFS_CAP_U32 ++#if defined (VFS_CAP_U32) && defined (XATTR_NAME_CAPS) + + #if VFS_CAP_U32 != __CAP_BLKS + # error VFS representation of capabilities is not the same size as kernel +-- +2.8.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch b/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch new file mode 100644 index 000000000..2ac1e6e56 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch @@ -0,0 +1,34 @@ +From 709aa8e156415215b0bb034d05b2aa2f44be044e Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Thu, 14 Oct 2021 15:57:36 +0800 +Subject: [PATCH] nativesdk-libcap: Raise the size of arrays containing dl + paths + +This patch puts the dynamic loader path in the binaries, SYSTEM_DIRS strings +and lengths as well as ld.so.cache path in the dynamic loader to specific +sections in memory. The sections that contain paths have been allocated a 4096 +byte section, which is the maximum path length in linux. This will allow the +relocating script to parse the ELF binary, detect the section and easily replace +the strings in a certain path. + +Upstream-Status: Inappropriate [SDK specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> + +--- + libcap/execable.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libcap/execable.h b/libcap/execable.h +index fee17b4..5bb0c55 100644 +--- a/libcap/execable.h ++++ b/libcap/execable.h +@@ -23,7 +23,7 @@ + #endif + #define __EXECABLE_H + +-const char __execable_dl_loader[] __attribute((section(".interp"))) = ++const char __execable_dl_loader[4096] __attribute((section(".interp"))) = + SHARED_LOADER ; + + static void __execable_parse_args(int *argc_p, char ***argv_p) diff --git a/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0002-tests-do-not-run-target-executables.patch b/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0002-tests-do-not-run-target-executables.patch new file mode 100644 index 000000000..20346cf2f --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-support/libcap/files/0002-tests-do-not-run-target-executables.patch @@ -0,0 +1,30 @@ +From 10212b6d4e8843feffbeab5336342d97f3a46bb2 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Fri, 20 Dec 2019 16:54:05 +0100 +Subject: [PATCH] tests: do not run target executables + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> + +--- + tests/Makefile | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/tests/Makefile b/tests/Makefile +index ecb7d1b..8950c73 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -61,13 +61,11 @@ endif + + # unprivileged + run_psx_test: psx_test +- ./psx_test + + psx_test: psx_test.c $(DEPS) + $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $< -o $@ $(LINKEXTRA) $(LIBPSXLIB) + + run_libcap_psx_test: libcap_psx_test +- ./libcap_psx_test + + libcap_psx_test: libcap_psx_test.c $(DEPS) + $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $< -o $@ $(LINKEXTRA) $(LIBCAPLIB) $(LIBPSXLIB) diff --git a/meta-openbmc-mods/meta-common/recipes-support/libcap/libcap_2.69.bb b/meta-openbmc-mods/meta-common/recipes-support/libcap/libcap_2.69.bb new file mode 100644 index 000000000..92fa766d3 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-support/libcap/libcap_2.69.bb @@ -0,0 +1,79 @@ +SUMMARY = "Library for getting/setting POSIX.1e capabilities" +DESCRIPTION = "A library providing the API to access POSIX capabilities. \ +These allow giving various kinds of specific privileges to individual \ +users, without giving them full root permissions." +HOMEPAGE = "http://sites.google.com/site/fullycapable/" +# no specific GPL version required +LICENSE = "BSD-3-Clause | GPL-2.0-only" +LIC_FILES_CHKSUM_PAM = "file://pam_cap/License;md5=905326f41d3d1f8df21943f9a4ed6b50" +LIC_FILES_CHKSUM = "file://License;md5=2965a646645b72ecee859b43c592dcaa \ + ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${LIC_FILES_CHKSUM_PAM}', '', d)} \ + " + +DEPENDS = "hostperl-runtime-native gperf-native" + +SRC_URI = "${KERNELORG_MIRROR}/linux/libs/security/linux-privs/${BPN}2/${BPN}-${PV}.tar.xz \ + file://0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch \ + file://0002-tests-do-not-run-target-executables.patch \ + " +SRC_URI:append:class-nativesdk = " \ + file://0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch \ + " +SRC_URI[sha256sum] = "f311f8f3dad84699d0566d1d6f7ec943a9298b28f714cae3c931dfd57492d7eb" + +UPSTREAM_CHECK_URI = "https://www.kernel.org/pub/linux/libs/security/linux-privs/${BPN}2/" + +inherit lib_package + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" +PACKAGECONFIG:class-native ??= "" + +PACKAGECONFIG[pam] = "PAM_CAP=yes,PAM_CAP=no,libpam" + +EXTRA_OEMAKE = " \ + INDENT= \ + lib='${baselib}' \ + RAISE_SETFCAP=no \ + DYNAMIC=yes \ + USE_GPERF=yes \ +" + +EXTRA_OEMAKE:append:class-target = " SYSTEM_HEADERS=${STAGING_INCDIR}" + +do_compile() { + unset CFLAGS BUILD_CFLAGS + oe_runmake \ + ${PACKAGECONFIG_CONFARGS} \ + AR="${AR}" \ + CC="${CC}" \ + RANLIB="${RANLIB}" \ + OBJCOPY="${OBJCOPY}" \ + COPTS="${CFLAGS}" \ + BUILD_COPTS="${BUILD_CFLAGS}" +} + +do_install() { + oe_runmake install \ + ${PACKAGECONFIG_CONFARGS} \ + DESTDIR="${D}" \ + prefix="${prefix}" \ + SBINDIR="${sbindir}" +} + +do_install:append() { + # Move the library to base_libdir + install -d ${D}${base_libdir} + if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then + mv ${D}${libdir}/libcap* ${D}${base_libdir} + if [ -d ${D}${libdir}/security ]; then + mv ${D}${libdir}/security ${D}${base_libdir} + fi + fi +} + +FILES:${PN}-dev += "${base_libdir}/*.so" + +# pam files +FILES:${PN} += "${base_libdir}/security/*.so" + +BBCLASSEXTEND = "native nativesdk" |