From patchwork Tue Nov 19 21:10:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 8253 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4XtHH31WJTz3wx0 for ; Tue, 19 Nov 2024 21:11:27 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XtHH111Bgz4g8; Tue, 19 Nov 2024 21:11:25 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4XtHH05J2Qz34CD; Tue, 19 Nov 2024 21:11:24 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4XtHGp2X0fz347r for ; Tue, 19 Nov 2024 21:11:14 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4XtHGn6jHTzys; Tue, 19 Nov 2024 21:11:13 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1732050674; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=h0c0XKArEuQC6AwJQV3WGvVpDKmjR7Lfu/xWVReLJZs=; b=9hSw+w8jC4mg7UBagsMyT6coE5ORNV7qH94T1nhfuJN9I9P7Yxjj+Bfc4x6U35jPIUrW9N hAIRGKPN0gjpySAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1732050674; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=h0c0XKArEuQC6AwJQV3WGvVpDKmjR7Lfu/xWVReLJZs=; b=hvNYixP3A4BKGj4ztgeSjofXk4jS+TUHo/ekyCEVENyrcb7bv49O2ke7RqQ1QUaRACpWZj hdDfu7QfiV2a1+CAKMEfjRAjH8AXmZMwceDYSnrcpT8cF9L4h4YP38gt0AdweLgHtrxUY/ OoUE0rfygS/eTkRdZn8HgQsyziHdnb8Z/+sqV9cE+3Ya9+5MygEojHM6tyNblX1fKjx8+5 0M9gl0FgGUXtjtRsMGoS9Kmv4vUQ7NiBMXSIkTK6RU9OYoezZnxmazxOsAE4W6Pd4roud1 /DPIWXYcL4whmBaF1sz8H64dyqJMJkTaf78CX0snQ17tyhQi19pRnwkpJioRow== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] libcap: Update to version 2.72 Date: Tue, 19 Nov 2024 22:10:55 +0100 Message-ID: <20241119211106.2194373-7-adolf.belka@ipfire.org> In-Reply-To: <20241119211106.2194373-1-adolf.belka@ipfire.org> References: <20241119211106.2194373-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: UR2WXWJB33ZYAHKHPTXZNJXEX6EQVHOF X-Message-ID-Hash: UR2WXWJB33ZYAHKHPTXZNJXEX6EQVHOF X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from version 2.70 to 2.72 - Update of rootfile - Changelog 2.72 ERRATA: Failed to support more modern Linux architectures including arm64. Fix provided by Xi Ruoyao. This specific release is devoted to a wholesale rewrite of libpsx to operate on native Linux threads (aka LWP = Light Weight Processes). Given the potential for misbehavior, we're isolating this release to that change. Should some issue(s) arise, and folk need to roll back, this will hopefully make downstream packagers' lives a bit easier: skip this release altogether. This addresses LCAP-CR-23-102 (SEVERITY) NONE from the libcap-2.69 security audit. This addresses Bug 217476. This addresses C++ std::thread libpsx support. This addresses Bug 218607 reported by Vini Ipsmaker. Included a test case for this: contrib/bug218607/ This now allows the PSX mechanism to apply to threads launched by loaded .so plugins. This addresses Bug 219174 reported by Stas Sergeev. Included a test case for this: tests/b219174.c The rewrite has significantly reduced the need for any odd linking of the -lpsx library. Namely, if code makes use of the psx_syscall*() functions, there is no need for anything other than -lpsx on the link line. Updated a whole lot of documentation that warned folk about the -wrap=pthread_create linking need not being needed any more. (Bug 219456) Linking -lcap and -lpsx still requires some extra care. Updated cap_get_proc(3) manual page to explain. Was unable to figure out how to work around the pre-go1.16.* bug related to cgo and interrupt handling while thread exit with the rewritten libpsx code. Decided to abandon full support for earlier versions of Go. Explanation is Bug 219478 which points to old Go bug. Transitioned key used for signing Go package tags to use the 0D23D34C577B08C4082CFD76430C5CFF993116B1 key. Very tiny documentation change for the cap package to try again to get a runnable example to show up on the pkg.go.dev website. 2.71 Reduce the need for CAP_SETPCAP in IAB setting to the specific instances in which the kernel requires it. This addresses Bug 219169 reported by Christopher Head. Resolve subtle libpsx linker flag issue related to -Bsymbolic-functions. This addresses Bug 219169 reported by Stas Sergeev. Add new GPG signing key. At this stage, none of the older keys have been retired. This addresses Bug 218860 requested by David Runge at Arch Linux. Key details: $ gpg --fingerprint 0D23D34C577B08C4082CFD76430C5CFF993116B1 pub ed25519 2024-10-26 [SC] 0D23 D34C 577B 08C4 082C FD76 430C 5CFF 9931 16B1 uid [ultimate] Andrew G. Morgan (2024+ libcap signing key) sub cv25519 2024-10-26 [E] Expand use of various $(xFLAGS) to building simple binaries in the build tree. Requested by Pierre-Clément Tosi. Numerous documentation updates and clarifications. Added a programming example to the cap package documentation. Exploring how to embed viewer runnable content in the automatically generated online pkg.go.dev documentation. Work around a longstanding glibc segfault annoyance for in-build-tree testing. Signed-off-by: Adolf Belka --- config/rootfiles/common/libcap | 4 ++-- lfs/libcap | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/config/rootfiles/common/libcap b/config/rootfiles/common/libcap index ea90c7564..82754304e 100644 --- a/config/rootfiles/common/libcap +++ b/config/rootfiles/common/libcap @@ -6,10 +6,10 @@ sbin/setcap #usr/include/sys/psx_syscall.h #usr/lib/libcap.so usr/lib/libcap.so.2 -usr/lib/libcap.so.2.70 +usr/lib/libcap.so.2.72 #usr/lib/libpsx.so #usr/lib/libpsx.so.2 -usr/lib/libpsx.so.2.70 +usr/lib/libpsx.so.2.72 #usr/lib/pkgconfig/libcap.pc #usr/lib/pkgconfig/libpsx.pc #usr/lib/security diff --git a/lfs/libcap b/lfs/libcap index 51e32f9c6..c4a50b2c7 100644 --- a/lfs/libcap +++ b/lfs/libcap @@ -24,7 +24,7 @@ include Config -VER = 2.70 +VER = 2.72 THISAPP = libcap-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 77b72acee53032117ea481e3380d1b497f9264b6193b9523542508c7c3e46070248ca4ed910d35809ce6e52caa60cbb31edb125c47221627eeda35c61bd0914b +$(DL_FILE)_BLAKE2 = 2c854fd9a714ab1daae3831829b4b7a890a0894953ba88ae1e190274e7fc635275ce4bf2c668b390ba8196248cb1f953fafb3a9af3907e688c1ab40774f7c6e0 install : $(TARGET)