glibc: add patches from LFS (upstream patches)

The upstream patch addresses CVE-2015-7547

srcpkgs/glibc/patches/glibc-2.22-fhs-1.patch

@@ -0,0 +1,72 @@
+Submitted By:            Armin K. <krejzi at email dot com>
+Date:                    2013-02-11
+Initial Package Version: 2.17
+Upstream Status:         Not Applicable
+Origin:                  Self
+Description:             This patch removes references to /var/db directory which is not part
+                         of FHS and replaces them with more suitable directories in /var
+                         hierarchy - /var/cache/nscd for nscd and /var/lib/nss_db for nss_db.
+
+--- Makeconfig	2012-12-25 04:02:13.000000000 +0100
++++ Makeconfig	2013-02-11 01:32:32.500667439 +0100
+@@ -250,7 +250,7 @@
+ 
+ # Directory for the database files and Makefile for nss_db.
+ ifndef vardbdir
+-vardbdir = $(localstatedir)/db
++vardbdir = $(localstatedir)/lib/nss_db
+ endif
+ inst_vardbdir = $(install_root)$(vardbdir)
+ 
+--- nscd/nscd.h	2012-12-25 04:02:13.000000000 +0100
++++ nscd/nscd.h	2013-02-11 01:32:32.500667439 +0100
+@@ -112,11 +112,11 @@
+ 
+ 
+ /* Paths of the file for the persistent storage.  */
+-#define _PATH_NSCD_PASSWD_DB	"/var/db/nscd/passwd"
+-#define _PATH_NSCD_GROUP_DB	"/var/db/nscd/group"
+-#define _PATH_NSCD_HOSTS_DB	"/var/db/nscd/hosts"
+-#define _PATH_NSCD_SERVICES_DB	"/var/db/nscd/services"
+-#define _PATH_NSCD_NETGROUP_DB	"/var/db/nscd/netgroup"
++#define _PATH_NSCD_PASSWD_DB	"/var/cache/nscd/passwd"
++#define _PATH_NSCD_GROUP_DB	"/var/cache/nscd/group"
++#define _PATH_NSCD_HOSTS_DB	"/var/cache/nscd/hosts"
++#define _PATH_NSCD_SERVICES_DB	"/var/cache/nscd/services"
++#define _PATH_NSCD_NETGROUP_DB	"/var/cache/nscd/netgroup"
+ 
+ /* Path used when not using persistent storage.  */
+ #define _PATH_NSCD_XYZ_DB_TMP	"/var/run/nscd/dbXXXXXX"
+--- nss/db-Makefile	2012-12-25 04:02:13.000000000 +0100
++++ nss/db-Makefile	2013-02-11 01:32:32.500667439 +0100
+@@ -22,7 +22,7 @@
+ 		       /etc/rpc /etc/services /etc/shadow /etc/gshadow \
+ 		       /etc/netgroup)
+ 
+-VAR_DB = /var/db
++VAR_DB = /var/lib/nss_db
+ 
+ AWK = awk
+ MAKEDB = makedb --quiet
+--- sysdeps/generic/paths.h	2012-12-25 04:02:13.000000000 +0100
++++ sysdeps/generic/paths.h	2013-02-11 01:32:32.500667439 +0100
+@@ -68,7 +68,7 @@
+ /* Provide trailing slash, since mostly used for building pathnames. */
+ #define	_PATH_DEV	"/dev/"
+ #define	_PATH_TMP	"/tmp/"
+-#define	_PATH_VARDB	"/var/db/"
++#define	_PATH_VARDB	"/var/lib/nss_db/"
+ #define	_PATH_VARRUN	"/var/run/"
+ #define	_PATH_VARTMP	"/var/tmp/"
+ 
+--- sysdeps/unix/sysv/linux/paths.h	2012-12-25 04:02:13.000000000 +0100
++++ sysdeps/unix/sysv/linux/paths.h	2013-02-11 01:32:32.504000831 +0100
+@@ -68,7 +68,7 @@
+ /* Provide trailing slash, since mostly used for building pathnames. */
+ #define	_PATH_DEV	"/dev/"
+ #define	_PATH_TMP	"/tmp/"
+-#define	_PATH_VARDB	"/var/db/"
++#define	_PATH_VARDB	"/var/lib/nss_db/"
+ #define	_PATH_VARRUN	"/var/run/"
+ #define	_PATH_VARTMP	"/var/tmp/"
+ 

srcpkgs/glibc/patches/glibc-2.22-largefile-1.patch

@@ -0,0 +1,67 @@
+Submitted By:            Bruce Dubbs <bdubbs at linuxfromscratch dot org>
+Date:                    2015-11-06
+Initial Package Version: 2.22
+Upstream Status:         Committted
+Origin:                  Upstream Git
+Description:             This patch fixes a problem when an application accesses
+                         files greater than 2 GB.
+
+X-Git-Url: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff_plain;f=io%2Ftest-lfs.c;h=b6ebae403c850bc0db852121af930d6f6ebab86d;hp=539c2a2b14c3f7876a03e87678d4bc32ec9993d0;hb=561a9f11a974a447acb3dd03550a05df701a900e;hpb=19742d3d5f8fb0cdc95b20c32fbee503d1048286
+
+diff --git a/io/test-lfs.c b/io/test-lfs.c
+index 539c2a2..b6ebae4 100644
+--- io/test-lfs.c
++++ io/test-lfs.c
+@@ -144,7 +144,7 @@ test_ftello (void)
+ int
+ do_test (int argc, char *argv[])
+ {
+-  int ret;
++  int ret, fd2;
+   struct stat64 statbuf;
+ 
+   ret = lseek64 (fd, TWO_GB+100, SEEK_SET);
+@@ -195,6 +195,25 @@ do_test (int argc, char *argv[])
+     error (EXIT_FAILURE, 0, "stat reported size %lld instead of %lld.",
+ 	   (long long int) statbuf.st_size, (TWO_GB + 100 + 5));
+ 
++  fd2 = openat64 (AT_FDCWD, name, O_RDWR);
++  if (fd2 == -1)
++    {
++      if (errno == ENOSYS)
++	{
++	  /* Silently ignore this test.  */
++	  error (0, 0, "openat64 is not supported");
++	}
++      else
++	error (EXIT_FAILURE, errno, "openat64 failed to open big file");
++    }
++  else
++    {
++      ret = close (fd2);
++
++      if (ret == -1)
++	error (EXIT_FAILURE, errno, "error closing file");
++    }
++
+   test_ftello ();
+ 
+   return 0;
+X-Git-Url: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff_plain;f=sysdeps%2Funix%2Fsysv%2Flinux%2Fopenat.c;h=ad8e31d6cfc6d30104894a0c6df0ed37b205bb66;hp=677712330e8a01fc39c873b11a07224e5e73ee14;hb=561a9f11a974a447acb3dd03550a05df701a900e;hpb=19742d3d5f8fb0cdc95b20c32fbee503d1048286
+
+diff --git a/sysdeps/unix/sysv/linux/openat.c b/sysdeps/unix/sysv/linux/openat.c
+index 6777123..ad8e31d 100644
+--- sysdeps/unix/sysv/linux/openat.c
++++ sysdeps/unix/sysv/linux/openat.c
+@@ -68,6 +68,11 @@ __OPENAT (int fd, const char *file, int oflag, ...)
+       va_end (arg);
+     }
+ 
++  /* We have to add the O_LARGEFILE flag for openat64.  */
++#ifdef MORE_OFLAGS
++  oflag |= MORE_OFLAGS;
++#endif
++
+   return SYSCALL_CANCEL (openat, fd, file, oflag, mode);
+ }
+ libc_hidden_def (__OPENAT)

srcpkgs/glibc/patches/glibc-2.22-upstream_i386_fix-1.patch

@@ -0,0 +1,55 @@
+Submitted By:            Bruce Dubbs <bdubbs at linuxfromscratch dot org>
+Date:                    2015-08-23
+Initial Package Version: 2.22
+Upstream Status:         In repository
+Origin:                  https://github.molgen.mpg.de/git-mirror/glibc
+Description:             This patch fixes a build problem on 32-bit systems.
+
+commit a08e80d1143f6b0386d5bc8cc7b8ed576091dbf3
+Author: Andrew Senkevich <andrew.senkevich@intel.com>
+Date:   Wed Aug 19 16:54:28 2015 +0300
+
+        [BZ #18796]
+        * scripts/test-installation.pl: Don't add -lmvec to build options if
+        libmvec wasn't built.
+
+diff --git a/scripts/test-installation.pl b/scripts/test-installation.pl
+index cac1562..79b2b3e 100755
+--- scripts/test-installation.pl
++++ scripts/test-installation.pl
+@@ -80,16 +80,25 @@ arglist: while (@ARGV) {
+ # We expect none or one argument.
+ if ($#ARGV == -1) {
+     $soversions="soversions.mk";
++    $config="config.make";
+ } elsif ($#ARGV == 0) {
+     if (-d $ARGV[0]) {
+       $soversions = "$ARGV[0]/soversions.mk";
++      $config = "$ARGV[0]/config.make";
+     } else {
+-      $soversions = $ARGV[0];
++      $soversions = $dir = $ARGV[0];
++      $dir =~ s!/?[^/]*/*$!!;
++      $config = $dir . "/config.make";
+     }
+ } else {
+     die "Wrong number of arguments.";
+ }
+ 
++if (system ("grep -q \"build-mathvec = yes\" $config") == 0) {
++    $build_mathvec = 1;
++} else {
++    $build_mathvec = 0;
++}
+ 
+ # Read names and versions of all shared libraries that are part of
+ # glibc
+@@ -111,6 +120,8 @@ while (<SOVERSIONS>) {
+     # - libthread_db since it contains unresolved references
+     # - it's just a test NSS module
+     # - We don't provide the libgcc so we don't test it
++    # - libmvec if it wasn't built
++    next if ($build_mathvec == 0 && $name eq "mvec");
+     if ($name ne "nss_ldap" && $name ne "db1"
+ 	&& !($name =~/^nss1_/) && $name ne "thread_db"
+ 	&& $name ne "nss_test1" && $name ne "libgcc_s") {

srcpkgs/glibc/template

@@ -1,7 +1,7 @@
 # Template file for 'glibc'
 pkgname=glibc
 version=2.22
-revision=3
+revision=4
 bootstrap=yes
 short_desc="The GNU C library"
 maintainer="Juan RP <xtraeme@voidlinux.eu>"