diff --git a/SOURCES/brp-kmod-restore-perms b/SOURCES/brp-kmod-restore-perms index 6fc62f4..6ada4c5 100755 --- a/SOURCES/brp-kmod-restore-perms +++ b/SOURCES/brp-kmod-restore-perms @@ -1,4 +1,4 @@ -#! /bin/bash -efu +#! /bin/bash -f ## A counterpart of brp-kmod-set-exec-bits that restores original kmod ## file permissions diff --git a/SOURCES/brp-kmod-set-exec-bit b/SOURCES/brp-kmod-set-exec-bit index eccd5b4..68876cf 100755 --- a/SOURCES/brp-kmod-set-exec-bit +++ b/SOURCES/brp-kmod-set-exec-bit @@ -1,4 +1,4 @@ -#! /bin/bash -efux +#! /bin/bash -fx ## A hack for making brp-strip taking into account kmod files diff --git a/SOURCES/brp-ldconfig b/SOURCES/brp-ldconfig index 90d0f13..3cb3cc0 100755 --- a/SOURCES/brp-ldconfig +++ b/SOURCES/brp-ldconfig @@ -1,4 +1,4 @@ -#!/bin/sh -efu +#!/bin/sh -f # Force creating of DSO symlinks. # If using normal root, avoid changing anything. diff --git a/SOURCES/brp-mangle-shebangs b/SOURCES/brp-mangle-shebangs index b1496fa..b4341a2 100755 --- a/SOURCES/brp-mangle-shebangs +++ b/SOURCES/brp-mangle-shebangs @@ -1,4 +1,4 @@ -#!/bin/bash -eu +#!/bin/bash # If using normal root, avoid changing anything. if [ -z "$RPM_BUILD_ROOT" -o "$RPM_BUILD_ROOT" = "/" ]; then diff --git a/SOURCES/buildflags.md b/SOURCES/buildflags.md index e495569..abcfcbb 100644 --- a/SOURCES/buildflags.md +++ b/SOURCES/buildflags.md @@ -334,3 +334,44 @@ linker flags: security exploits, redirecting execution). Therefore, it is preferable to turn of lazy binding, although it increases startup time. + +# Support for extension builders + +Some packages include extension builders that allow users to build +extension modules (which are usually written in C and C++) under the +control of a special-purpose build system. This is a common +functionality provided by scripting languages such as Python and Perl. +Traditionally, such extension builders captured the Fedora build flags +when these extension were built. However, these compiler flags are +adjusted for a specific Fedora release and toolchain version and +therefore do not work with a custom toolchain (e.g., different C/C++ +compilers), and users might want to build their own extension modules +with such toolchains. + +The macros `%{extension_cflags}`, `%{extension_cxxflags}`, +`%{extension_fflags}`, `%{extension_ldflags}` contain a subset of +flags that have been adjusted for compatibility with alternative +toolchains, while still preserving some of the compile-time security +hardening that the standard Fedora build flags provide. + +The current set of differences are: + +* No GCC plugins (such as annobin) are activated. +* No GCC spec files (`-specs=` arguments) are used. + +Additional flags may be removed in the future if they prove to be +incompatible with alternative toolchains. + +Extension builders should detect whether they are performing a regular +RPM build (e.g., by looking for an `RPM_OPT_FLAGS` variable). In this +case, they should use the *current* set of Fedora build flags (that +is, the output from `rpm --eval '%{build_cflags}'` and related +commands). Otherwise, when not performing an RPM build, they can +either use hard-coded extension builder flags (thus avoiding a +run-time dependency on `redhat-rpm-config`), or use the current +extension builder flags (with a run-time dependency on +`redhat-rpm-config`). + +As a result, extension modules built for Fedora will use the official +Fedora build flags, while users will still be able to build their own +extension modules with custom toolchains. diff --git a/SOURCES/macros b/SOURCES/macros index 2d082cb..73dc5a2 100644 --- a/SOURCES/macros +++ b/SOURCES/macros @@ -57,6 +57,22 @@ FCFLAGS="${FCFLAGS:-%{build_fflags}}" ; export FCFLAGS ; \ LDFLAGS="${LDFLAGS:-%{build_ldflags}}" ; export LDFLAGS +# Internal-only. Do not use. Expand a variable and strip the flags +# not suitable to extension builders. +%__extension_strip_flags() %{lua: +local name = rpm.expand("%{1}") +local value = " " .. rpm.expand("%{build_" .. name .. "}") +local result = string.gsub(value, "%s+-specs=[^%s]+", " ") +print(result) +} + +# Variants of CFLAGS, CXXFLAGS, FFLAGS, LDFLAGS for use within +# extension builders. +%extension_cflags %{__extension_strip_flags cflags} +%extension_cxxflags %{__extension_strip_flags cxxflags} +%extension_fflags %{__extension_strip_flags fflags} +%extension_ldflags %{__extension_strip_flags ldflags} + # Deprecated names. For backwards compatibility only. %__global_cflags %{build_cflags} %__global_cxxflags %{build_cxxflags} diff --git a/SOURCES/macros.valgrind-srpm b/SOURCES/macros.valgrind-srpm index 2215e55..50b9828 100644 --- a/SOURCES/macros.valgrind-srpm +++ b/SOURCES/macros.valgrind-srpm @@ -1,3 +1,3 @@ # valgrind_arches lists what arches Valgrind works on -%valgrind_arches %{ix86} x86_64 ppc ppc64 ppc64le armv7hl aarch64 +%valgrind_arches %{ix86} x86_64 ppc ppc64 ppc64le armv7hl aarch64 s390x diff --git a/SPECS/redhat-rpm-config.spec b/SPECS/redhat-rpm-config.spec index 927fb96..7f283c9 100644 --- a/SPECS/redhat-rpm-config.spec +++ b/SPECS/redhat-rpm-config.spec @@ -6,7 +6,7 @@ Summary: Red Hat specific rpm configuration files Name: redhat-rpm-config -Version: 116 +Version: 120 Release: 1%{?dist} # No version specified. License: GPL+ @@ -147,7 +147,7 @@ install -p -m 755 -t %{buildroot}%{rrcdir} brp-* install -p -m 755 -t %{buildroot}%{rrcdir} find-* mkdir -p %{buildroot}%{rrcdir}/find-provides.d -install -p -m 644 -t %{buildroot}%{rrcdir}/find-provides.d firmware.prov modalias.prov +install -p -m 755 -t %{buildroot}%{rrcdir}/find-provides.d firmware.prov modalias.prov install -p -m 755 -t %{buildroot}%{rrcdir} brp-* @@ -198,6 +198,19 @@ install -p -m 755 %{SOURCE21} %{buildroot}%{_rpmconfigdir}/kabi.sh %{_rpmconfigdir}/macros.d/macros.kmp %changelog + +* Thu Jul 04 2019 Florian Festi - 120-1 +- Fix permission for various build scripts (#1719363) + +* Tue Jun 04 2019 Florian Festi - 119-1 +- Remove -eu param from shell scripts (#1686413) + +* Mon May 20 2019 Florian Weimer - 118-1 +- Build flags: Add support for extension builders (#1661186) + +* Wed Apr 17 2019 Panu Matilainen - 117-1 +- Add s390x to valgrind supported architectures (#1659106) + * Wed Feb 06 2019 Eugene Syromiatnikov - 116-1 - Forward-port RHEL-specific kmodtool/macros.kmp changes from RHEL 7, update kmodtool script for RHEL 8 (#1658414, #1666162)