gentoo auto-resync : 08:10:2024 - 04:26:34

author: V3n3RiX <venerix@koprulu.sector> 2024-10-08 04:26:34 +0100
committer: V3n3RiX <venerix@koprulu.sector> 2024-10-08 04:26:34 +0100
commit: 325837835fc86686829aaa6acace3d3c06c74cea (patch)
tree: 6cc31680e4ce26ab26e863fd7b72d0ffe2d9366f /sys-libs/libseccomp
parent: 7ad61ca2bfc8f8da08d2fb3085e4333dcccb0a64 (diff)
3 files changed, 159 insertions, 0 deletions
diff --git a/sys-libs/libseccomp/Manifest b/sys-libs/libseccomp/Manifest
index f0119e8c3fb3..36fc855d0a97 100644
--- a/sys-libs/libseccomp/Manifest
+++ b/sys-libs/libseccomp/Manifest
@@ -1,4 +1,5 @@
 AUX libseccomp-2.5.3-skip-valgrind.patch 516 BLAKE2B d5dc87fcca8e20b7edd427c434d875c9c3c7aa130a651dbe06c2c648825312e330400f89177afcfe4985fa48e0f95de9937773deb6d3d83da9b2351e6e0488fc SHA512 96053f8ca6abc97ea7c5565c3c25563881e8c0363e9c38fa05836d59b5d9ea1a375f9e072bd5f89a67ddac159c1219be7ed829facd651b3fb8bd5071c89bddcb
+AUX libseccomp-2.5.5-aliasing.patch 1065 BLAKE2B 22b25db6d1ebf6f3f6a54b49341f4457bcad7c3e43d7509241408bc237451e899be8a38ecb9f704826efeccc265b0bc9bc4fe89d3da76707bd2338e0fe146fe0 SHA512 f618af56ebb02e4f8115d84890679cf00f8f5062c181a6cad8a5604316c282b022ba078a61adfd4bc412f79ad805cb35e71e5cc191390502306e515eaf97009b
 AUX libseccomp-2.5.5-arch-syscall-check.patch 1485 BLAKE2B c94cd88060e51e1ba4962fc56603a958bd8fe314adc6d038a271d8f661db1f421026a180d5aa6deccc42422818a95cf8ec46a2a4e961325ef74d342d17f24e2a SHA512 c14f351e9d7dbdf1be43f031cd7a9a5b192b2e358574054aabba1d08a0ccc1cf8f1138b1462d0b7eac899ac801039aa03e748ff52a8020174801b26ee47b69b1
 AUX libseccomp-2.5.5-which-hunt.patch 1779 BLAKE2B 00ac7f24b718f450c258c0d69f600a739360ac6cce45acdca51d413e07396d16ffa50d64fda2744968171e33e3a0e2ac17fa01c6016a95fab6774a4f6c7ba7c4 SHA512 b077a3f1075664fdfec6fecc077bd53685823794f037315a559f205cb6dc78a7d5e720ea4587dfdb605bfbeae79cf964d083157fbfae2085ca1d9e2995015067
 AUX libseccomp-2.6.0-python-shared.patch 778 BLAKE2B 343bcb6c8e8cfc9bab3e0439d391ddfae023587f64f23860c1594cacb60d3af58e031edd5f37ba705bf3da01799ed12ab931a4b9a98e9063922f16cab814d5e6 SHA512 029b1403a3b0af5931833837d9b640d8d9ee172972f927f756137ca51bdbfd3f9cd42657029397fdb2cb727a5065356e05ca196fcb2170484f807bb65cd5a398
@@ -7,6 +8,7 @@ DIST libseccomp-2.5.5-loongarch-r1.patch 119822 BLAKE2B 4aa75c1ac87b2ca25cf6be38
 DIST libseccomp-2.5.5-loongarch64-20231204.patch.xz 41236 BLAKE2B 7831b28c275771bb675b4b5045e657d96c254e69cee7188a19f4812bc83343e0041772c20be1e7392ec88387726b49f34aa670a906b922dba531a0d35e548b1e SHA512 7870e536d834360dfec446493815b675a305f6bec1b79d0caae6fb546d2f694e77ce52e547bbcdb22cda272272bf3d5a427960b4aa76fb987d06ab035298007d
 DIST libseccomp-2.5.5.tar.gz 642445 BLAKE2B d770cee1f3e02fbbcd9f25655b360ab38160ad800e2829a67f2b9da62b095a90be99ac851a67344cf95bd6810a6268da4655dc1d37d996e58239c4999eb41998 SHA512 f630e7a7e53a21b7ccb4d3e7b37616b89aeceba916677c8e3032830411d77a14c2d74dcf594cd193b1acc11f52595072e28316dc44300e54083d5d7b314a38da
 EBUILD libseccomp-2.5.5-r1.ebuild 3273 BLAKE2B cade5d5eca0b4576ffb41debba45ff49e1a36b79f38b7d2fd8add821b174c9e73a7e9b20f07007e70b6b3f1d9e37ff9735ba38dcb300abf985a1c623cfb43528 SHA512 0e406903011d194f42fd1a2f4135759e89ebcc810722e8efefc1c68390e42ef4d9f26fd7df7955bd96faebedf74bbde37e04561d8b6601f2d49f1f21e790827b
+EBUILD libseccomp-2.5.5-r2.ebuild 3327 BLAKE2B 2027d330196acd6f7617310adf72ebf4065e1b0c7bd9ab255970e4aefabcc44e76c5e538c0f1d244e7b92d28973dafe4e3e80547bf32c983de349b9b741898aa SHA512 450970e8cfbdff098e2bf429242d5aa3091d2c350c0ef3acb3a42376223049de71174a82c023d5efb52c3a0122f69d77b79b27fbc258d3a4c620d3bcc87cc407
 EBUILD libseccomp-2.5.5.ebuild 2933 BLAKE2B d2b8b53e01877d343de0b6838b2bf4b3addeec676fbd89fae289788da03fb4b9b7af89e193e17621361bb39e33f77f80393a7807887010016dc7d49120653b1d SHA512 9f911a3647dac012b5cad4c919ba1a286fbc9348320810f7b772125da4250c4d26ae5cb870caf96a45930f3f040296f375b31818e69c0ccee826b497208d7d86
 EBUILD libseccomp-9999.ebuild 2433 BLAKE2B 50afb42077d398c80404844c9d865b2b5760f157c7455f8b74ab666f16ebec647f413649091a4d1406f7b7d5e0b9daf1a0edf4a3ee83f9eb7c495b8817cf06e4 SHA512 c0abf7f041c37df9047fb4e7e9c4632978be2d90c93b5756bdfff9167d2cd11df5065266c23eefd70feb67cf731cb653d6ab9154ae077bcb714c11c38aacea18
 MISC metadata.xml 506 BLAKE2B 44dc13629234226f9314270c05d5c7c87575639fe12282e73697ead63d016ee9b52a89d673be5881bfcbf4d605024ecfcc3e19510581d334a6d5737df6a36b50 SHA512 93b0a53783499eab6b6264867a049830d765ee56d19b0c60e764f6651dff9f0d11efbec0783fdeb17c2c64d3f409bb4b1b1f74f267022775b992b61a1df03100
diff --git a/sys-libs/libseccomp/files/libseccomp-2.5.5-aliasing.patch b/sys-libs/libseccomp/files/libseccomp-2.5.5-aliasing.patch
new file mode 100644
index 000000000000..60190702d381
--- /dev/null
+++ b/sys-libs/libseccomp/files/libseccomp-2.5.5-aliasing.patch
@@ -0,0 +1,30 @@
+https://github.com/seccomp/libseccomp/commit/2847f10dddca72167309c04cd09f326fd3b78e2f
+
+From 2847f10dddca72167309c04cd09f326fd3b78e2f Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sun, 24 Dec 2023 20:38:06 +0100
+Subject: [PATCH] scmp_bpf_sim: fix aliasing UB
+
+See https://github.com/seccomp/libseccomp/pull/425.
+
+Punning sys_data_b between uint32_t* and struct* seccomp_data isn't legal,
+use memcpy to fix the testsuite with Clang 17.
+
+Modern compilers recognise this idiom and optimise it out anyway.
+
+Signed-off-by: Sam James <sam@gentoo.org>
+Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+--- a/tools/scmp_bpf_sim.c
++++ b/tools/scmp_bpf_sim.c
+@@ -182,7 +182,8 @@ static void bpf_execute(const struct bpf_program *prg,
+ 		switch (code) {
+ 		case BPF_LD+BPF_W+BPF_ABS:
+ 			if (k < BPF_SYSCALL_MAX) {
+-				uint32_t val = *((uint32_t *)&sys_data_b[k]);
++				uint32_t val;
++				memcpy(&val, &sys_data_b[k], sizeof(val));
+ 				state.acc = ttoh32(arch, val);
+ 			} else
+ 				exit_error(ERANGE, ip_c);
+
diff --git a/sys-libs/libseccomp/libseccomp-2.5.5-r2.ebuild b/sys-libs/libseccomp/libseccomp-2.5.5-r2.ebuild
new file mode 100644
index 000000000000..3baf6b3db7a2
--- /dev/null
+++ b/sys-libs/libseccomp/libseccomp-2.5.5-r2.ebuild
@@ -0,0 +1,127 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DISTUTILS_EXT=1
+DISTUTILS_OPTIONAL=1
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit distutils-r1 multilib-minimal
+
+DESCRIPTION="High level interface to Linux seccomp filter"
+HOMEPAGE="https://github.com/seccomp/libseccomp"
+
+if [[ ${PV} == *9999 ]] ; then
+	EGIT_REPO_URI="https://github.com/seccomp/libseccomp.git"
+	PRERELEASE="2.6.0"
+	AUTOTOOLS_AUTO_DEPEND=yes
+	inherit autotools git-r3
+else
+	AUTOTOOLS_AUTO_DEPEND=no
+	inherit autotools libtool
+	SRC_URI="https://github.com/seccomp/libseccomp/releases/download/v${PV}/${P}.tar.gz
+		experimental-loong? ( https://github.com/matoro/libseccomp/compare/v${PV}..loongarch-r1.patch
+			-> ${P}-loongarch-r1.patch )"
+	KEYWORDS="-* ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~x86 ~amd64-linux ~x86-linux"
+fi
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+IUSE="experimental-loong python static-libs test"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+# We need newer kernel headers; we don't keep strict control of the exact
+# version here, just be safe and pull in the latest stable ones. bug #551248
+DEPEND="
+	>=sys-kernel/linux-headers-5.15
+	python? ( ${PYTHON_DEPS} )
+"
+RDEPEND="${DEPEND}"
+BDEPEND="
+	${DEPEND}
+	dev-util/gperf
+	experimental-loong? ( ${AUTOTOOLS_DEPEND} )
+	python? (
+		${DISTUTILS_DEPS}
+		dev-python/cython[${PYTHON_USEDEP}]
+	)
+"
+
+PATCHES=(
+	"${FILESDIR}"/libseccomp-python-shared.patch
+	"${FILESDIR}"/libseccomp-2.5.3-skip-valgrind.patch
+	"${FILESDIR}"/libseccomp-2.5.5-which-hunt.patch
+	"${FILESDIR}"/libseccomp-2.5.5-arch-syscall-check.patch
+	"${FILESDIR}"/libseccomp-2.5.5-aliasing.patch
+)
+
+src_prepare() {
+	if use experimental-loong; then
+		PATCHES+=( "${DISTDIR}/${P}-loongarch-r1.patch" )
+	fi
+
+	default
+
+	if [[ ${PV} == *9999 ]] ; then
+		sed -i -e "s/0.0.0/${PRERELEASE}/" configure.ac || die
+	fi
+
+	if use experimental-loong; then
+		# touch generated files to avoid activating maintainer mode
+		# remove when loong-fix-build.patch is no longer necessary
+		touch ./aclocal.m4 ./configure ./configure.h.in || die
+		find . -name Makefile.in -exec touch {} + || die
+	fi
+
+	if [[ ${PV} == *9999 ]] || use experimental-loong; then
+		rm -f "include/seccomp.h" || die
+		eautoreconf
+	else
+		elibtoolize
+	fi
+}
+
+multilib_src_configure() {
+	local myeconfargs=(
+		$(use_enable static-libs static)
+		--disable-python
+	)
+
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_compile() {
+	emake
+
+	if multilib_is_native_abi && use python ; then
+		# setup.py expects libseccomp.so to live in "../.libs"
+		# Copy the python files to the right place for this.
+		rm -r "${BUILD_DIR}"/src/python || die
+		cp -r "${S}"/src/python "${BUILD_DIR}"/src/python || die
+		local -x CPPFLAGS="-I\"${BUILD_DIR}/include\" -I\"${S}/include\" ${CPPFLAGS}"
+
+		# setup.py reads VERSION_RELEASE from the environment
+		local -x VERSION_RELEASE=${PRERELEASE-${PV}}
+
+		pushd "${BUILD_DIR}/src/python" >/dev/null || die
+		distutils-r1_src_compile
+		popd >/dev/null || die
+	fi
+}
+
+multilib_src_install() {
+	emake DESTDIR="${D}" install
+
+	if multilib_is_native_abi && use python ; then
+		distutils-r1_src_install
+	fi
+}
+
+multilib_src_install_all() {
+	find "${ED}" -type f -name "${PN}.la" -delete || die
+
+	einstalldocs
+}
author	V3n3RiX <venerix@koprulu.sector>	2024-10-08 04:26:34 +0100
committer	V3n3RiX <venerix@koprulu.sector>	2024-10-08 04:26:34 +0100
commit	325837835fc86686829aaa6acace3d3c06c74cea (patch)
tree	6cc31680e4ce26ab26e863fd7b72d0ffe2d9366f /sys-libs/libseccomp
parent	7ad61ca2bfc8f8da08d2fb3085e4333dcccb0a64 (diff)