diff --git a/.gitignore b/.gitignore index f28cb05..6aac4df 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,10 @@ /elfutils-0.185.tar.bz2 /elfutils-0.186.tar.bz2 /elfutils-0.187.tar.bz2 +/elfutils-0.188.tar.bz2 +/elfutils-0.189.tar.bz2 +/elfutils-0.190.tar.bz2 +/elfutils-0.191.tar.bz2 +/elfutils-0.192.tar.bz2 +/elfutils-0.193.tar.bz2 +/elfutils-0.194.tar.bz2 diff --git a/elfutils-0.187-csh-profile.patch b/elfutils-0.187-csh-profile.patch deleted file mode 100644 index 6f26815..0000000 --- a/elfutils-0.187-csh-profile.patch +++ /dev/null @@ -1,28 +0,0 @@ -commit f1252e4dbe781f75d806ce0b990779548eeeb7a9 -Author: Mark Wielaard -Date: Tue May 3 17:48:55 2022 +0200 - - config: Move the 2>/dev/null inside the sh -c '' quotes for profile.csh. - - csh/tcsh would warn about "Ambiguous output redirect" if not done inside - the sh -c command. - - Fix-by: наб - - https://bugzilla.redhat.com/show_bug.cgi?id=2080957 - - Signed-off-by: Mark Wielaard - -diff --git a/config/profile.csh.in b/config/profile.csh.in -index 012e243a..74c20c99 100644 ---- a/config/profile.csh.in -+++ b/config/profile.csh.in -@@ -6,7 +6,7 @@ - - if (! $?DEBUGINFOD_URLS) then - set prefix="@prefix@" -- set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls; :' "@sysconfdir@/debuginfod" 2>/dev/null | tr '\n' ' '` -+ set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls 2>/dev/null; :' "@sysconfdir@/debuginfod" | tr '\n' ' '` - if ( "$DEBUGINFOD_URLS" != "" ) then - setenv DEBUGINFOD_URLS "$DEBUGINFOD_URLS" - else diff --git a/elfutils-0.187-debuginfod-client-fd-leak.patch b/elfutils-0.187-debuginfod-client-fd-leak.patch deleted file mode 100644 index 2f6b78b..0000000 --- a/elfutils-0.187-debuginfod-client-fd-leak.patch +++ /dev/null @@ -1,98 +0,0 @@ -commit 59158656f3b0b99d8784ddc82c15778813000edc -Author: Frank Ch. Eigler -Date: Wed May 4 10:26:42 2022 -0400 - - PR29117: fix fd leak in debuginfod client for cache-miss files - - Correct a nasty fd leak and a few less nasty leaks in the debuginfod - client code. The nasty one impacts long-lived apps such as debuginfod - servers. - - Signed-off-by: Mark Wielaard - Signed-off-by: Frank Ch. Eigler - -diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c -index ea6e461a..521972e4 100644 ---- a/debuginfod/debuginfod-client.c -+++ b/debuginfod/debuginfod-client.c -@@ -243,7 +243,13 @@ debuginfod_config_cache(char *config_path, - return -errno; - - if (dprintf(fd, "%ld", cache_config_default_s) < 0) -- return -errno; -+ { -+ int ret = -errno; -+ close (fd); -+ return ret; -+ } -+ -+ close (fd); - } - - long cache_config; -@@ -284,7 +290,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path) - return -errno; - - if (dprintf(fd, "%ld", cache_clean_default_interval_s) < 0) -- return -errno; -+ { -+ int ret = -errno; -+ close (fd); -+ return ret; -+ } -+ -+ close (fd); - - /* init max age config file. */ - if (stat(maxage_path, &st) != 0 -@@ -292,8 +304,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path) - return -errno; - - if (dprintf(fd, "%ld", cache_default_max_unused_age_s) < 0) -- return -errno; -+ { -+ int ret = -errno; -+ close (fd); -+ return ret; -+ } - -+ close (fd); - return 0; - } - -@@ -812,18 +829,17 @@ debuginfod_query_server (debuginfod_client *c, - has passed since the last attempt. */ - time_t cache_miss; - time_t target_mtime = st.st_mtime; -+ -+ close(fd); /* no need to hold onto the negative-hit file descriptor */ -+ - rc = debuginfod_config_cache(cache_miss_path, - cache_miss_default_s, &st); - if (rc < 0) -- { -- close(fd); -- goto out; -- } -+ goto out; - - cache_miss = (time_t)rc; - if (time(NULL) - target_mtime <= cache_miss) - { -- close(fd); - rc = -ENOENT; - goto out; - } -diff --git a/debuginfod/debuginfod-find.c b/debuginfod/debuginfod-find.c -index 3e8ab203..f60b5463 100644 ---- a/debuginfod/debuginfod-find.c -+++ b/debuginfod/debuginfod-find.c -@@ -231,6 +231,8 @@ main(int argc, char** argv) - fprintf(stderr, "Server query failed: %s\n", strerror(-rc)); - return 1; - } -+ else -+ close (rc); - - printf("%s\n", cache_name); - free (cache_name); diff --git a/elfutils-0.187-mhd_epoll.patch b/elfutils-0.187-mhd_epoll.patch deleted file mode 100644 index fbbbdac..0000000 --- a/elfutils-0.187-mhd_epoll.patch +++ /dev/null @@ -1,51 +0,0 @@ -commit 28f9d86ea89f88b24f1d12c8e9d5ddc3f77da194 -Author: Mark Wielaard -Date: Fri May 6 00:29:28 2022 +0200 - - debuginfod: Use MHD_USE_EPOLL for libmicrohttpd version 0.9.51 or higher - - Also disable MHD_USE_THREAD_PER_CONNECTION when using MHD_USE_EPOLL. - - https://sourceware.org/bugzilla/show_bug.cgi?id=29123 - - Signed-off-by: Mark Wielaard - -diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx -index c02540f1..d4f47bf7 100644 ---- a/debuginfod/debuginfod.cxx -+++ b/debuginfod/debuginfod.cxx -@@ -1,6 +1,6 @@ - /* Debuginfo-over-http server. - Copyright (C) 2019-2021 Red Hat, Inc. -- Copyright (C) 2021 Mark J. Wielaard -+ Copyright (C) 2021, 2022 Mark J. Wielaard - This file is part of elfutils. - - This file is free software; you can redistribute it and/or modify -@@ -3899,7 +3899,14 @@ main (int argc, char *argv[]) - } - } - -- unsigned int mhd_flags = ((connection_pool -+ /* Note that MHD_USE_EPOLL and MHD_USE_THREAD_PER_CONNECTION don't -+ work together. */ -+ unsigned int use_epoll = 0; -+#if MHD_VERSION >= 0x00095100 -+ use_epoll = MHD_USE_EPOLL; -+#endif -+ -+ unsigned int mhd_flags = ((connection_pool || use_epoll - ? 0 : MHD_USE_THREAD_PER_CONNECTION) - #if MHD_VERSION >= 0x00095300 - | MHD_USE_INTERNAL_POLLING_THREAD -@@ -3907,9 +3914,7 @@ main (int argc, char *argv[]) - | MHD_USE_SELECT_INTERNALLY - #endif - | MHD_USE_DUAL_STACK --#ifdef MHD_USE_EPOLL -- | MHD_USE_EPOLL --#endif -+ | use_epoll - #if MHD_VERSION >= 0x00095200 - | MHD_USE_ITC - #endif diff --git a/elfutils-0.187-mhd_no_dual_stack.patch b/elfutils-0.187-mhd_no_dual_stack.patch deleted file mode 100644 index 3f38e36..0000000 --- a/elfutils-0.187-mhd_no_dual_stack.patch +++ /dev/null @@ -1,118 +0,0 @@ -commit ba675ed25a26fd425ffd19b02cf18babf4291b4f -Author: Mark Wielaard -Date: Thu May 5 23:59:57 2022 +0200 - - debuginfod: Try without MHD_USE_DUAL_STACK if MHD_start_daemon fails - - On a systems that have ipv6 disabled debuginfod doesn't start up - anymore because libhttpd MHD_USE_DUAL_STACK only works if it can - open an ipv6 socket. If MHD_start_daemon with MHD_USE_DUAL_STACK - fails try again without that flag set. - - https://sourceware.org/bugzilla/show_bug.cgi?id=29122 - - Signed-off-by: Mark Wielaard - -diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx -index 4aaf41c0..c02540f1 100644 ---- a/debuginfod/debuginfod.cxx -+++ b/debuginfod/debuginfod.cxx -@@ -3899,40 +3899,67 @@ main (int argc, char *argv[]) - } - } - -- // Start httpd server threads. Use a single dual-homed pool. -- MHD_Daemon *d46 = MHD_start_daemon ((connection_pool ? 0 : MHD_USE_THREAD_PER_CONNECTION) -+ unsigned int mhd_flags = ((connection_pool -+ ? 0 : MHD_USE_THREAD_PER_CONNECTION) - #if MHD_VERSION >= 0x00095300 -- | MHD_USE_INTERNAL_POLLING_THREAD -+ | MHD_USE_INTERNAL_POLLING_THREAD - #else -- | MHD_USE_SELECT_INTERNALLY -+ | MHD_USE_SELECT_INTERNALLY - #endif -+ | MHD_USE_DUAL_STACK - #ifdef MHD_USE_EPOLL -- | MHD_USE_EPOLL -+ | MHD_USE_EPOLL - #endif -- | MHD_USE_DUAL_STACK - #if MHD_VERSION >= 0x00095200 -- | MHD_USE_ITC -+ | MHD_USE_ITC - #endif -- | MHD_USE_DEBUG, /* report errors to stderr */ -- http_port, -- NULL, NULL, /* default accept policy */ -- handler_cb, NULL, /* handler callback */ -- MHD_OPTION_EXTERNAL_LOGGER, error_cb, NULL, -- (connection_pool ? MHD_OPTION_THREAD_POOL_SIZE : MHD_OPTION_END), -- (connection_pool ? (int)connection_pool : MHD_OPTION_END), -- MHD_OPTION_END); -+ | MHD_USE_DEBUG); /* report errors to stderr */ - -+ // Start httpd server threads. Use a single dual-homed pool. -+ MHD_Daemon *d46 = MHD_start_daemon (mhd_flags, http_port, -+ NULL, NULL, /* default accept policy */ -+ handler_cb, NULL, /* handler callback */ -+ MHD_OPTION_EXTERNAL_LOGGER, -+ error_cb, NULL, -+ (connection_pool -+ ? MHD_OPTION_THREAD_POOL_SIZE -+ : MHD_OPTION_END), -+ (connection_pool -+ ? (int)connection_pool -+ : MHD_OPTION_END), -+ MHD_OPTION_END); -+ -+ MHD_Daemon *d4 = NULL; - if (d46 == NULL) - { -- sqlite3 *database = db; -- sqlite3 *databaseq = dbq; -- db = dbq = 0; // for signal_handler not to freak -- sqlite3_close (databaseq); -- sqlite3_close (database); -- error (EXIT_FAILURE, 0, "cannot start http server at port %d", http_port); -- } -+ // Cannot use dual_stack, use ipv4 only -+ mhd_flags &= ~(MHD_USE_DUAL_STACK); -+ d4 = MHD_start_daemon (mhd_flags, http_port, -+ NULL, NULL, /* default accept policy */ -+ handler_cb, NULL, /* handler callback */ -+ MHD_OPTION_EXTERNAL_LOGGER, -+ error_cb, NULL, -+ (connection_pool -+ ? MHD_OPTION_THREAD_POOL_SIZE -+ : MHD_OPTION_END), -+ (connection_pool -+ ? (int)connection_pool -+ : MHD_OPTION_END), -+ MHD_OPTION_END); -+ if (d4 == NULL) -+ { -+ sqlite3 *database = db; -+ sqlite3 *databaseq = dbq; -+ db = dbq = 0; // for signal_handler not to freak -+ sqlite3_close (databaseq); -+ sqlite3_close (database); -+ error (EXIT_FAILURE, 0, "cannot start http server at port %d", -+ http_port); -+ } - -- obatched(clog) << "started http server on IPv4 IPv6 " -+ } -+ obatched(clog) << "started http server on" -+ << (d4 != NULL ? " IPv4 " : " IPv4 IPv6 ") - << "port=" << http_port << endl; - - // add maxigroom sql if -G given -@@ -4053,6 +4080,7 @@ main (int argc, char *argv[]) - - /* Stop all the web service threads. */ - if (d46) MHD_stop_daemon (d46); -+ if (d4) MHD_stop_daemon (d4); - - if (! passive_p) - { diff --git a/elfutils-0.194-alloc-jobs.patch b/elfutils-0.194-alloc-jobs.patch new file mode 100644 index 0000000..cabf590 --- /dev/null +++ b/elfutils-0.194-alloc-jobs.patch @@ -0,0 +1,135 @@ +From f66135f16fe44182a3fc5b651d7e5071c936217d Mon Sep 17 00:00:00 2001 +From: Aaron Merey +Date: Mon, 27 Oct 2025 22:00:12 -0400 +Subject: [PATCH] readelf: Allocate job_data one-by-one as needed + +Currently, job_data is stored in an array whose size is equal to the +number of debug sections (.debug_*, .eh_frame, .gdb_index, etc.). + +This size may be too small if a binary contains multiple debug sections +with the same name. For example an ET_REL binary compiled with -ggdb3 +can contain multiple .debug_macro sections. + +Fix this by allocating job_data on the fly when preparing to read a +debug section. This supports an arbitrary number of debug sections +while also avoiding unnecessary memory allocation. + +https://sourceware.org/bugzilla/show_bug.cgi?id=33580 + +Signed-off-by: Aaron Merey +--- + src/readelf.c | 49 +++++++++++++++++++++++++------------------------ + 1 file changed, 25 insertions(+), 24 deletions(-) + +diff --git a/src/readelf.c b/src/readelf.c +index ee6c203d..a2d17358 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -12200,7 +12200,8 @@ getone_dwflmod (Dwfl_Module *dwflmod, + return DWARF_CB_OK; + } + +-typedef struct { ++typedef struct Job_Data { ++ struct Job_Data *next; + Dwfl_Module *dwflmod; + Ebl *ebl; + GElf_Ehdr *ehdr; +@@ -12230,7 +12231,7 @@ do_job (void *data, FILE *out) + If thread safety is not supported or the maximum number of threads is set + to 1, then immediately call START_ROUTINE with the given arguments. */ + static void +-schedule_job (job_data jdata[], size_t idx, ++schedule_job (job_data **jdatalist, + void (*start_routine) (Dwfl_Module *, Ebl *, GElf_Ehdr *, + Elf_Scn *, GElf_Shdr *, Dwarf *, FILE *), + Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, Elf_Scn *scn, +@@ -12239,21 +12240,24 @@ schedule_job (job_data jdata[], size_t idx, + #ifdef USE_LOCKS + if (max_threads > 1) + { +- /* Add to the job queue. */ +- jdata[idx].dwflmod = dwflmod; +- jdata[idx].ebl = ebl; +- jdata[idx].ehdr = ehdr; +- jdata[idx].scn = *scn; +- jdata[idx].shdr = *shdr; +- jdata[idx].dbg = dbg; +- jdata[idx].fp = start_routine; ++ job_data *jdata = xmalloc (sizeof (job_data)); ++ ++ jdata->dwflmod = dwflmod; ++ jdata->ebl = ebl; ++ jdata->ehdr = ehdr; ++ jdata->scn = *scn; ++ jdata->shdr = *shdr; ++ jdata->dbg = dbg; ++ jdata->fp = start_routine; ++ jdata->next = *jdatalist; ++ *jdatalist = jdata; + +- add_job (do_job, (void *) &jdata[idx]); ++ add_job (do_job, (void *) jdata); + } + else + start_routine (dwflmod, ebl, ehdr, scn, shdr, dbg, stdout); + #else +- (void) jdata; (void) idx; ++ (void) jdatalist; + + start_routine (dwflmod, ebl, ehdr, scn, shdr, dbg, stdout); + #endif +@@ -12431,8 +12435,7 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + if (unlikely (elf_getshdrstrndx (ebl->elf, &shstrndx) < 0)) + error_exit (0, _("cannot get section header string table index")); + +- ssize_t num_jobs = 0; +- job_data *jdata = NULL; ++ job_data *jdatalist = NULL; + + /* If the .debug_info section is listed as implicitly required then + we must make sure to handle it before handling any other debug +@@ -12531,13 +12534,6 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + if (name == NULL) + continue; + +- if (jdata == NULL) +- { +- jdata = calloc (ndebug_sections, sizeof (*jdata)); +- if (jdata == NULL) +- error_exit (0, _("failed to allocate job data")); +- } +- + int n; + for (n = 0; n < ndebug_sections; ++n) + { +@@ -12561,10 +12557,9 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + { + if (((print_debug_sections | implicit_debug_sections) + & debug_sections[n].bitmask)) +- schedule_job (jdata, num_jobs++, debug_sections[n].fp, ++ schedule_job (&jdatalist, debug_sections[n].fp, + dwflmod, ebl, ehdr, scn, shdr, dbg); + +- assert (num_jobs <= ndebug_sections); + break; + } + } +@@ -12579,7 +12574,13 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + + dwfl_end (skel_dwfl); + free (skel_name); +- free (jdata); ++ ++ while (jdatalist != NULL) ++ { ++ job_data *jdata = jdatalist; ++ jdatalist = jdatalist->next; ++ free (jdata); ++ } + + /* Turn implicit and/or explicit back on in case we go over another file. */ + if (implicit_info) +-- +2.51.0 + diff --git a/elfutils-0.194-fix-const.patch b/elfutils-0.194-fix-const.patch new file mode 100644 index 0000000..085f899 --- /dev/null +++ b/elfutils-0.194-fix-const.patch @@ -0,0 +1,301 @@ +From 4a5cf8be906d5991e7527e69e3f2ceaa74811301 Mon Sep 17 00:00:00 2001 +From: Andreas Schwab +Date: Mon, 24 Nov 2025 13:46:16 +0100 +Subject: [PATCH] Fix const-correctness issues + +These were uncovered by the C23 const-preserving library macros. +--- + debuginfod/debuginfod-client.c | 2 +- + libcpu/riscv_disasm.c | 52 +++++++++++++++++----------------- + libdw/dwarf_getsrclines.c | 6 ++-- + src/readelf.c | 8 +++--- + 4 files changed, 34 insertions(+), 34 deletions(-) + +diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c +index c0ff5967..c5bc8a4f 100644 +--- a/debuginfod/debuginfod-client.c ++++ b/debuginfod/debuginfod-client.c +@@ -3104,7 +3104,7 @@ int debuginfod_add_http_header (debuginfod_client *client, const char* header) + /* Sanity check header value is of the form Header: Value. + It should contain at least one colon that isn't the first or + last character. */ +- char *colon = strchr (header, ':'); /* first colon */ ++ const char *colon = strchr (header, ':'); /* first colon */ + if (colon == NULL /* present */ + || colon == header /* not at beginning - i.e., have a header name */ + || *(colon + 1) == '\0') /* not at end - i.e., have a value */ +diff --git a/libcpu/riscv_disasm.c b/libcpu/riscv_disasm.c +index 0dee842a..749d4567 100644 +--- a/libcpu/riscv_disasm.c ++++ b/libcpu/riscv_disasm.c +@@ -77,7 +77,7 @@ static const char *regnames[32] = + "a6", "a7", "s2", "s3", "s4", "s5", "s6", "s7", + "s8", "s9", "s10", "s11", "t3", "t4", "t5", "t6" + }; +-#define REG(nr) ((char *) regnames[nr]) ++#define REG(nr) regnames[nr] + #define REGP(nr) REG (8 + (nr)) + + +@@ -88,7 +88,7 @@ static const char *fregnames[32] = + "fa6", "fa7", "fs2", "fs3", "fs4", "fs5", "fs6", "fs7", + "fs8", "fs9", "fs10", "fs11", "ft8", "ft9", "ft10", "ft11" + }; +-#define FREG(nr) ((char *) fregnames[nr]) ++#define FREG(nr) fregnames[nr] + #define FREGP(nr) FREG (8 + (nr)) + + +@@ -163,12 +163,12 @@ riscv_disasm (Ebl *ebl, + break; + } + +- char *mne = NULL; ++ const char *mne = NULL; + /* Max length is 24, which is "illegal", so we print it as + "0x<48 hex chars>" + See: No instruction encodings defined for these sizes yet, below */ + char mnebuf[50]; +- char *op[5] = { NULL, NULL, NULL, NULL, NULL }; ++ const char *op[5] = { NULL, NULL, NULL, NULL, NULL }; + char immbuf[32]; + size_t len; + char *strp = NULL; +@@ -400,7 +400,7 @@ riscv_disasm (Ebl *ebl, + { + "sub", "xor", "or", "and", "subw", "addw", NULL, NULL + }; +- mne = (char *) arithmne[((first >> 10) & 0x4) | ((first >> 5) & 0x3)]; ++ mne = arithmne[((first >> 10) & 0x4) | ((first >> 5) & 0x3)]; + } + op[0] = op[1] = REGP ((first >> 7) & 0x7); + break; +@@ -572,7 +572,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, NULL, "flw", "fld", "flq", NULL, NULL, NULL + }; +- mne = (char *) (idx == 0x00 ? loadmne[func] : floadmne[func]); ++ mne = idx == 0x00 ? loadmne[func] : floadmne[func]; + break; + case 0x03: + // MISC-MEM +@@ -595,8 +595,8 @@ riscv_disasm (Ebl *ebl, + uint32_t succ = (word >> 24) & 0xf; + if (pred != 0xf || succ != 0xf) + { +- op[0] = (char *) order[succ]; +- op[1] = (char *) order[pred]; ++ op[0] = order[succ]; ++ op[1] = order[pred]; + } + mne = "fence"; + } +@@ -614,7 +614,7 @@ riscv_disasm (Ebl *ebl, + "addi", NULL, "slti", "sltiu", "xori", NULL, "ori", "andi" + }; + func = (word >> 12) & 0x7; +- mne = (char *) opimmmne[func]; ++ mne = opimmmne[func]; + if (mne == NULL) + { + const uint64_t shiftmask = ebl->class == ELFCLASS32 ? 0x1f : 0x3f; +@@ -697,7 +697,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, NULL, "fsw", "fsd", "fsq", NULL, NULL, NULL + }; +- mne = (char *) (idx == 0x08 ? storemne[func] : fstoremne[func]); ++ mne = idx == 0x08 ? storemne[func] : fstoremne[func]; + break; + case 0x0b: + // AMO +@@ -778,7 +778,7 @@ riscv_disasm (Ebl *ebl, + } + else + { +- mne = (char *) (idx == 0x0c ? arithmne2[func] : arithmne3[func]); ++ mne = idx == 0x0c ? arithmne2[func] : arithmne3[func]; + op[1] = REG (rs1); + op[2] = REG (rs2); + } +@@ -811,7 +811,7 @@ riscv_disasm (Ebl *ebl, + op[2] = FREG (rs2); + op[3] = FREG (rs3); + if (rm != 0x7) +- op[4] = (char *) rndmode[rm]; ++ op[4] = rndmode[rm]; + } + break; + case 0x14: +@@ -839,7 +839,7 @@ riscv_disasm (Ebl *ebl, + op[1] = FREG (rs1); + op[2] = FREG (rs2); + if (rm != 0x7) +- op[3] = (char *) rndmode[rm]; ++ op[3] = rndmode[rm]; + } + else if (func == 0x1c && width != 2 && rs2 == 0 && rm <= 1) + { +@@ -950,7 +950,7 @@ riscv_disasm (Ebl *ebl, + } + mne = mnebuf; + if (rm != 0x7 && (func == 0x18 || width == 0 || rs2 >= 2)) +- op[2] = (char *) rndmode[rm]; ++ op[2] = rndmode[rm]; + } + else if (func == 0x0b && rs2 == 0) + { +@@ -961,7 +961,7 @@ riscv_disasm (Ebl *ebl, + *cp = '\0'; + mne = mnebuf; + if (rm != 0x7) +- op[2] = (char *) rndmode[rm]; ++ op[2] = rndmode[rm]; + } + else if (func == 0x05 && rm < 2) + { +@@ -1007,7 +1007,7 @@ riscv_disasm (Ebl *ebl, + "beq", "bne", NULL, NULL, "blt", "bge", "bltu", "bgeu" + }; + func = (word >> 12) & 0x7; +- mne = (char *) branchmne[func]; ++ mne = branchmne[func]; + if (rs1 == 0 && func == 5) + { + op[0] = op[1]; +@@ -1035,7 +1035,7 @@ riscv_disasm (Ebl *ebl, + else if (func == 5 || func == 7) + { + // binutils use these opcodes and the reverse parameter order +- char *tmp = op[0]; ++ const char *tmp = op[0]; + op[0] = op[1]; + op[1] = tmp; + mne = func == 5 ? "ble" : "bleu"; +@@ -1103,7 +1103,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, "frflags", "frrm", "frsr", + }; +- mne = (char *) unprivrw[csr - 0x000]; ++ mne = unprivrw[csr - 0x000]; + } + else if (csr >= 0xc00 && csr <= 0xc03) + { +@@ -1111,7 +1111,7 @@ riscv_disasm (Ebl *ebl, + { + "rdcycle", "rdtime", "rdinstret" + }; +- mne = (char *) unprivrolow[csr - 0xc00]; ++ mne = unprivrolow[csr - 0xc00]; + } + op[0] = REG ((word >> 7) & 0x1f); + } +@@ -1128,7 +1128,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, "fsflagsi", "fsrmi", NULL + }; +- mne = (char *) ((word & 0x4000) == 0 ? unprivrs : unprivrsi)[csr - 0x000]; ++ mne = ((word & 0x4000) == 0 ? unprivrs : unprivrsi)[csr - 0x000]; + + if ((word & 0x4000) == 0) + op[0] = REG ((word >> 15) & 0x1f); +@@ -1259,12 +1259,12 @@ riscv_disasm (Ebl *ebl, + if (rd != 0) + op[last++] = REG (rd); + struct known_csrs key = { csr, NULL }; +- struct known_csrs *found = bsearch (&key, known, +- sizeof (known) / sizeof (known[0]), +- sizeof (known[0]), +- compare_csr); ++ const struct known_csrs *found = bsearch (&key, known, ++ sizeof (known) / sizeof (known[0]), ++ sizeof (known[0]), ++ compare_csr); + if (found) +- op[last] = (char *) found->name; ++ op[last] = found->name; + else + { + snprintf (addrbuf, sizeof (addrbuf), "0x%" PRIx32, csr); +@@ -1289,7 +1289,7 @@ riscv_disasm (Ebl *ebl, + else if (instr == 3 && rd == 0) + mne = "csrc"; + else +- mne = (char *) mnecsr[instr]; ++ mne = mnecsr[instr]; + } + break; + default: +diff --git a/libdw/dwarf_getsrclines.c b/libdw/dwarf_getsrclines.c +index be10cdee..76db2929 100644 +--- a/libdw/dwarf_getsrclines.c ++++ b/libdw/dwarf_getsrclines.c +@@ -364,7 +364,7 @@ read_srcfiles (Dwarf *dbg, + const unsigned char *dirp = linep; + while (dirp < lineendp && *dirp != 0) + { +- uint8_t *endp = memchr (dirp, '\0', lineendp - dirp); ++ const uint8_t *endp = memchr (dirp, '\0', lineendp - dirp); + if (endp == NULL) + goto invalid_data; + ++ndirs; +@@ -440,7 +440,7 @@ read_srcfiles (Dwarf *dbg, + for (unsigned int n = 1; n < ndirlist; n++) + { + dirarray[n].dir = (char *) linep; +- uint8_t *endp = memchr (linep, '\0', lineendp - linep); ++ const uint8_t *endp = memchr (linep, '\0', lineendp - linep); + assert (endp != NULL); // Checked above when calculating ndirlist. + dirarray[n].len = endp - linep; + linep = endp + 1; +@@ -927,7 +927,7 @@ read_srclines (Dwarf *dbg, + case DW_LNE_define_file: + { + char *fname = (char *) linep; +- uint8_t *endp = memchr (linep, '\0', lineendp - linep); ++ const uint8_t *endp = memchr (linep, '\0', lineendp - linep); + if (endp == NULL) + goto invalid_data; + size_t fnamelen = endp - linep; +diff --git a/src/readelf.c b/src/readelf.c +index a2d17358..fbdf8c71 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -8269,7 +8269,7 @@ attr_callback (Dwarf_Attribute *attrp, void *arg) + valuestr = dwarf_filesrc (files, num, NULL, NULL); + if (valuestr != NULL) + { +- char *filename = strrchr (valuestr, '/'); ++ const char *filename = strrchr (valuestr, '/'); + if (filename != NULL) + valuestr = filename + 1; + } +@@ -9033,7 +9033,7 @@ print_form_data (Dwarf *dbg, int form, const unsigned char *readp, + Dwarf_Off str_offsets_base, FILE *out) + { + Dwarf_Word val; +- unsigned char *endp; ++ const unsigned char *endp; + Elf_Data *data; + char *str; + switch (form) +@@ -9530,7 +9530,7 @@ print_debug_line_section (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, + { + while (linep < lineendp && *linep != 0) + { +- unsigned char *endp = memchr (linep, '\0', lineendp - linep); ++ const unsigned char *endp = memchr (linep, '\0', lineendp - linep); + if (unlikely (endp == NULL)) + goto invalid_unit; + +@@ -9764,7 +9764,7 @@ print_debug_line_section (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, + case DW_LNE_define_file: + { + char *fname = (char *) linep; +- unsigned char *endp = memchr (linep, '\0', ++ const unsigned char *endp = memchr (linep, '\0', + lineendp - linep); + if (unlikely (endp == NULL)) + goto invalid_unit; +-- +2.52.0 + diff --git a/elfutils-debuginfod.sysusers b/elfutils-debuginfod.sysusers new file mode 100644 index 0000000..18c2561 --- /dev/null +++ b/elfutils-debuginfod.sysusers @@ -0,0 +1 @@ +u debuginfod - "elfutils debuginfo server" /var/cache/debuginfod - diff --git a/elfutils.spec b/elfutils.spec index 34908c8..803a824 100644 --- a/elfutils.spec +++ b/elfutils.spec @@ -1,23 +1,31 @@ +# Rebuild --with static to enable static subpackages +# This is *not* supported by elfutils maintainers +%bcond_with static + Name: elfutils -Version: 0.187 -%global baserelease 4 +Version: 0.194 +%global baserelease 2 Release: %{baserelease}%{?dist} URL: http://elfutils.org/ %global source_url ftp://sourceware.org/pub/elfutils/%{version}/ -License: GPLv3+ and (GPLv2+ or LGPLv3+) and GFDL +License: GPL-3.0-or-later AND (GPL-2.0-or-later OR LGPL-3.0-or-later) AND GFDL-1.3-no-invariants-or-later Source: %{?source_url}%{name}-%{version}.tar.bz2 +Source1: elfutils-debuginfod.sysusers Summary: A collection of utilities and DSOs to handle ELF files and DWARF data # Needed for isa specific Provides and Requires. %global depsuffix %{?_isa}%{!?_isa:-%{_arch}} +# eu-stacktrace currently only supports x86_64 +%ifarch x86_64 +%global enable_stacktrace 1 +%else +%global enable_stacktrace 0 +%endif + Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} Requires: elfutils-libs%{depsuffix} = %{version}-%{release} -%if 0%{?rhel} >= 8 || 0%{?fedora} >= 20 -Recommends: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} -%else Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} -%endif BuildRequires: gcc # For libstdc++ demangle support @@ -38,6 +46,8 @@ BuildRequires: pkgconfig(libmicrohttpd) >= 0.9.33 BuildRequires: pkgconfig(libcurl) >= 7.29.0 BuildRequires: pkgconfig(sqlite3) >= 3.7.17 BuildRequires: pkgconfig(libarchive) >= 3.1.2 +# For debugindod metadata query +BuildRequires: pkgconfig(json-c) >= 0.11 # For tests need to bunzip2 test files. BuildRequires: bzip2 @@ -47,6 +57,21 @@ BuildRequires: iproute BuildRequires: procps BuildRequires: bsdtar BuildRequires: curl +# For run-debuginfod-response-headers.sh test case +BuildRequires: socat +# For run-debuginfod-find-metadata.sh +BuildRequires: jq + +# For debuginfod rpm IMA verification +BuildRequires: rpm-devel +BuildRequires: ima-evm-utils-devel +BuildRequires: openssl-devel +BuildRequires: rpm-sign + +# For eu-stacktrace +%if %{enable_stacktrace} +BuildRequires: sysprof-capture-devel +%endif BuildRequires: automake BuildRequires: autoconf @@ -55,24 +80,28 @@ BuildRequires: gettext-devel %global _gnu %{nil} %global _program_prefix eu- -%global provide_yama_scope 0 +%global provide_yama_scope 0 %if 0%{?fedora} >= 22 || 0%{?rhel} >= 7 -%global provide_yama_scope 1 +%global provide_yama_scope 1 +%endif + +%global with_sysusers 0 + +%if 0%{?fedora} >= 32 || 0%{?rhel} >= 9 +%global with_sysusers 1 %endif # Patches # For s390x... FDO package notes are bogus. Patch1: elfutils-0.186-fdo-swap.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=2080957 -Patch2: elfutils-0.187-csh-profile.patch -# https://sourceware.org/bugzilla/show_bug.cgi?id=29117 -Patch3: elfutils-0.187-debuginfod-client-fd-leak.patch -# https://sourceware.org/bugzilla/show_bug.cgi?id=29122 -Patch4: elfutils-0.187-mhd_no_dual_stack.patch -# https://sourceware.org/bugzilla/show_bug.cgi?id=29123 -Patch5: elfutils-0.187-mhd_epoll.patch + +# Prevent assert failure in readelf for some -ggdb3 binaries. +Patch2: elfutils-0.194-alloc-jobs.patch + +# Fix const warning from newer GCC. +Patch3: elfutils-0.194-fix-const.patch %description Elfutils is a collection of utilities, including stack (to show @@ -84,7 +113,7 @@ elfcompress (to compress or decompress ELF sections). %package libs Summary: Libraries to handle compiled objects -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-libs%{depsuffix} = %{version}-%{release} %endif @@ -107,7 +136,7 @@ libraries. %package devel Summary: Development libraries to handle compiled objects -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-devel%{depsuffix} = %{version}-%{release} %endif @@ -118,7 +147,6 @@ Recommends: elfutils-debuginfod-client-devel%{depsuffix} = %{version}-%{release} %else Requires: elfutils-debuginfod-client-devel%{depsuffix} = %{version}-%{release} %endif -Obsoletes: elfutils-devel-static < 0.180-5 %description devel The elfutils-devel package contains the libraries to create @@ -126,9 +154,24 @@ applications for handling compiled objects. libdw provides access to the DWARF debugging information. libasm provides a programmable assembler interface. +%if %{with static} +%package devel-static +Summary: Static archives to handle compiled objects +License: GPL-2.0-or-later OR LGPL-3.0-or-later +%if 0%{!?_isa:1} +Provides: elfutils-devel-static%{depsuffix} = %{version}-%{release} +%endif +Requires: elfutils-devel%{depsuffix} = %{version}-%{release} +Requires: elfutils-libelf-devel-static%{depsuffix} = %{version}-%{release} + +%description devel-static +The elfutils-devel-static package contains the static archives +with the code to handle compiled objects. +%endif + %package libelf Summary: Library to read and write ELF files -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-libelf%{depsuffix} = %{version}-%{release} %endif @@ -142,13 +185,12 @@ elfutils package use it also to generate new ELF files. %package libelf-devel Summary: Development support for libelf -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-libelf-devel%{depsuffix} = %{version}-%{release} %endif Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} Obsoletes: libelf-devel <= 0.8.2-2 -Obsoletes: elfutils-libelf-devel-static < 0.180-5 %description libelf-devel The elfutils-libelf-devel package contains the libraries to create @@ -156,10 +198,25 @@ applications for handling compiled objects. libelf allows you to access the internals of the ELF object file format, so you can see the different sections of an ELF file. +%if %{with static} +%package libelf-devel-static +Summary: Static archive of libelf +License: GPL-2.0-or-later OR LGPL-3.0-or-later +%if 0%{!?_isa:1} +Provides: elfutils-libelf-devel-static%{depsuffix} = %{version}-%{release} +%endif +Requires: elfutils-libelf-devel%{depsuffix} = %{version}-%{release} +Requires: libzstd-static%{depsuffix} + +%description libelf-devel-static +The elfutils-libelf-static package contains the static archive +for libelf. +%endif + %if %{provide_yama_scope} %package default-yama-scope Summary: Default yama attach scope sysctl setting -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later Provides: default-yama-scope BuildArch: noarch # For the sysctl_apply macro we need systemd as build requires. @@ -193,7 +250,7 @@ profiling) of processes. %package debuginfod-client Summary: Library and command line client for build-id HTTP ELF/DWARF server -License: GPLv3+ and (GPLv2+ or LGPLv3+) +License: GPL-3.0-or-later AND (GPL-2.0-or-later OR LGPL-3.0-or-later) %if 0%{!?_isa:1} Provides: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} %endif @@ -203,7 +260,7 @@ Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} %package debuginfod-client-devel Summary: Libraries and headers to build debuginfod client applications -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-debuginfod-client-devel%{depsuffix} = %{version}-%{release} %endif @@ -211,16 +268,23 @@ Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} %package debuginfod Summary: HTTP ELF/DWARF file server addressed by build-id -License: GPLv3+ +License: GPL-3.0-or-later Requires: elfutils-libs%{depsuffix} = %{version}-%{release} Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} BuildRequires: systemd +%if %{with_sysusers} +BuildRequires: systemd-rpm-macros +%endif BuildRequires: make Requires(post): systemd Requires(preun): systemd Requires(postun): systemd +%if %{with_sysusers} +%{?sysusers_requires_compat} +%else Requires(pre): shadow-utils +%endif # To extract .deb files with a bsdtar (= libarchive) subshell Requires: bsdtar @@ -261,7 +325,19 @@ RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat" trap 'cat config.log' EXIT -%configure CFLAGS="$RPM_OPT_FLAGS" --enable-debuginfod-urls=https://debuginfod.fedoraproject.org/ +# dist_debuginfod_url is defined in macros.dist. Fedora and CentOS have +# URLs pointing to their respective servers. RHEL and Amazon Linux do +# not configure a default server. +%configure CFLAGS="$RPM_OPT_FLAGS" \ +%if "%{?dist_debuginfod_url}" + --enable-debuginfod \ + --enable-debuginfod-urls="%{dist_debuginfod_url}" \ +%endif +%if %{enable_stacktrace} + --enable-stacktrace \ +%endif + --enable-debuginfod-ima-verification \ + --enable-debuginfod-ima-cert-path=%{_sysconfdir}/keys/ima trap '' EXIT %make_build @@ -269,8 +345,10 @@ trap '' EXIT %make_install chmod +x ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib*.so* +%if %{without static} # We don't want the static libraries rm ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib{elf,dw,asm}.a +%endif %find_lang %{name} @@ -283,6 +361,10 @@ install -Dm0644 config/debuginfod.sysconfig ${RPM_BUILD_ROOT}%{_sysconfdir}/sysc mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite +%if %{with_sysusers} +install -Dm0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/elfutils-debuginfod.conf +%endif + %check # Record some build root versions in build.log uname -r; rpm -q binutils gcc glibc || true @@ -329,7 +411,11 @@ fi %{_bindir}/eu-ranlib %{_bindir}/eu-readelf %{_bindir}/eu-size +%{_bindir}/eu-srcfiles %{_bindir}/eu-stack +%if %{enable_stacktrace} +%{_bindir}/eu-stacktrace +%endif %{_bindir}/eu-strings %{_bindir}/eu-strip %{_bindir}/eu-unstrip @@ -352,10 +438,17 @@ fi %{_includedir}/elfutils/libdwfl.h %{_includedir}/elfutils/libdwelf.h %{_includedir}/elfutils/version.h +%{_includedir}/elfutils/libdwfl_stacktrace.h %{_libdir}/libasm.so %{_libdir}/libdw.so %{_libdir}/pkgconfig/libdw.pc +%if %{with static} +%files devel-static +%{_libdir}/libdw.a +%{_libdir}/libasm.a +%endif + %files -f %{name}.lang libelf %license COPYING-GPLV2 COPYING-LGPLV3 %{_libdir}/libelf-%{version}.so @@ -368,6 +461,15 @@ fi %{_libdir}/libelf.so %{_libdir}/pkgconfig/libelf.pc %{_mandir}/man3/elf_*.3* +%{_mandir}/man3/elf32_*.3* +%{_mandir}/man3/elf64_*.3* +%{_mandir}/man3/gelf_*.3* +%{_mandir}/man3/libelf.3* + +%if %{with static} +%files libelf-devel-static +%{_libdir}/libelf.a +%endif %if %{provide_yama_scope} %files default-yama-scope @@ -381,7 +483,10 @@ fi %{_mandir}/man1/debuginfod-find.1* %{_mandir}/man7/debuginfod*.7* %config(noreplace) %{_sysconfdir}/profile.d/* +%if "%{?dist_debuginfod_url}" %config(noreplace) %{_sysconfdir}/debuginfod/* +%config(noreplace) %{_datadir}/fish/vendor_conf.d/* +%endif %files debuginfod-client-devel %{_libdir}/pkgconfig/libdebuginfod.pc @@ -393,18 +498,25 @@ fi %{_bindir}/debuginfod %config(noreplace) %{_sysconfdir}/sysconfig/debuginfod %{_unitdir}/debuginfod.service -%{_sysconfdir}/sysconfig/debuginfod -%{_mandir}/man8/debuginfod.8* +%if %{with_sysusers} +%{_sysusersdir}/elfutils-debuginfod.conf +%endif +%{_mandir}/man8/debuginfod*.8* + %dir %attr(0700,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod %ghost %attr(0600,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod/debuginfod.sqlite %pre debuginfod +%if %{with_sysusers} +%sysusers_create_compat %{SOURCE1} +%else getent group debuginfod >/dev/null || groupadd -r debuginfod getent passwd debuginfod >/dev/null || \ useradd -r -g debuginfod -d /var/cache/debuginfod -s /sbin/nologin \ -c "elfutils debuginfo server" debuginfod exit 0 +%endif %post debuginfod %systemd_post debuginfod.service @@ -413,6 +525,173 @@ exit 0 %systemd_postun_with_restart debuginfod.service %changelog +* Tue Dec 09 2025 Aaron Merey - 0.194-2 +- Add elfutils-0.194-fix-const.patch + +* Tue Oct 28 2025 Aaron Merey - 0.194-1 +- Upgrade to upstream elfutils 0.194 +- Add elfutils-0.194-alloc-jobs.patch + +* Wed Jul 23 2025 Fedora Release Engineering - 0.193-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Mon Apr 28 2025 Aaron Merey - 0.193-1 +- Upgrade to upstream elfutils 0.193 +- Drop upstreamed patches + elfutils-0.192-ATOMIC_VAR_INIT.patch + elfutils-0.192-libelf-static.patch + elfutils-0.192-fix-configure-conditional.patch + elfutils-0.192-more-dwarf5-lang.patch + elfutils-0.192-fix-zsh-profile.patch + elfutils-0.192-stacktrace-lto.patch + elfutils-0.192-imasig-fail-free.patch + elfutils-0.192-strip-ignore-non-ET_REL.patch + +* Sun Feb 23 2025 Mark Wielaard - 0.192-9 +- Add elfutils-0.192-imasig-fail-free.patch + +* Thu Jan 16 2025 Fedora Release Engineering - 0.192-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Mon Dec 2 2024 Mark Wielaard - 0.192-7 +- Add elfutils-0.192-ATOMIC_VAR_INIT.patch +- Add elfutils-0.192-more-dwarf5-lang.patch + +* Tue Nov 12 2024 Aaron Merey - 0.192-6 +- Add elfutils-0.192-strip-ignore-non-ET_REL.patch +- Set debuginfod IMA cert path + +* Tue Oct 29 2024 Aaron Merey - 0.192-5 +- Enable debuginfod IMA verification +- Add elfutils-0.192-fix-configure-conditional.patch +- Add elfutils-0.192-fix-zsh-profile.patch + +* Thu Oct 24 2024 Mark Wielaard - 0.192-4 +- Add elfutils-0.192-stacktrace-lto.patch +- Enable eu-stacktrace on x86_64 + +* Tue Oct 22 2024 Aaron Merey - 0.192-3 +- Add elfutils-0.192-libelf-static.patch + +* Mon Oct 21 2024 Aaron Merey - 0.192-2 +- Add BuildRequires for json-c + +* Mon Oct 21 2024 Aaron Merey - 0.192-1 +- Upgrade to upstream elfutils 0.192 +- Drop upstreamed patches + Add elfutils-0.190-profile-empty-urls.patch + Add elfutils-0.190-riscv-flatten.patch + +* Wed Jul 17 2024 Fedora Release Engineering - 0.191-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Apr 22 2024 Aaron Merey - 0.191-7 +- Capitalize SPDX booleans. + +* Fri Apr 19 2024 Mark Wielaard - 0.191-6 +- eu-srcfiles directly links to libdebuginfod.so so explicitly + Require elfutils-debuginfod-client not just Recommends. + +* Wed Mar 27 2024 Mark Wielaard - 0.191-5 +- Add elfutils-0.190-profile-empty-urls.patch + +* Wed Mar 20 2024 Mark Wielaard - 0.191-4 +- Add elfutils-0.190-riscv-flatten.patch + +* Fri Mar 15 2024 Michel Lind - 0.191-3 +- Add feature flag for reenabling elfutils-libelf-devel-static and elfutils-devel-static +- Add dependency on libzstd-static for elfutils-libelf-devel-static + +* Mon Mar 4 2024 Aaron Merey - 0.191-2 +- Update SPDX license. + +* Mon Mar 4 2024 Aaron Merey - 0.191-1 +- Upgrade to upstream elfutils 0.191 +- Drop upstreamed patches + elfutils-0.190-fix-core-noncontig.patch + elfutils-0.190-gcc-14.patch + elfutils-0.190-remove-ET_REL-unstrip-test.patch +- Drop testcore-noncontig.bz2 + +* Wed Jan 24 2024 Fedora Release Engineering - 0.190-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 0.190-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Tue Nov 28 2023 Aaron Merey - 0.190-4 +- Add elfutils-0.190-remove-ET_REL-unstrip-test.patch + +* Fri Nov 24 2023 Aaron Merey - 0.190-3 +- Add elfutils-0.190-fix-core-noncontig.patch + +* Fri Nov 3 2023 Mark Wielaard - 0.190-2 +- Update Fedora license tags to spdx license tags + +* Fri Nov 3 2023 Mark Wielaard - 0.190-1 +- Upgrade to upstream elfutils 0.190 +- Add eu-srcfiles +- Drop upstreamed patches + elfutils-0.189-relr.patch + elfutils-0.189-debuginfod_config_cache-double-close.patch + elfutils-0.189-elf_getdata_rawchunk.patch + elfutils-0.189-elfcompress.patch + elfutils-0.189-c99-compat.patch +- Only package debuginfod-client-config.7 manpage for debuginfod-client + +* Thu Aug 24 2023 Mark Wielaard - 0.189-6 +- Update elfutils-0.189-relr.patch + +* Wed Aug 23 2023 Mark Wielaard - 0.189-5 +- Add elfutils-0.189-relr.patch + +* Wed Jul 19 2023 Fedora Release Engineering - 0.189-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jun 22 2023 Mark Wielaard - 0.189-3 +- Add elfutils-0.189-elf_getdata_rawchunk.patch +- Add elfutils-0.189-debuginfod_config_cache-double-close.patch + +* Sat Apr 22 2023 Mark Wielaard - 0.189-2 +- Add elfutils-0.189-c99-compat.patch +- Add elfutils-0.189-elfcompress.patch + +* Fri Mar 3 2023 Mark Wielaard - 0.189-1 +- Upgrade to upsteam elfutils 0.189. + +* Fri Jan 27 2023 Mark Wielaard - 0.188-5 +- Add elfutils-0.188-deprecated-CURLINFO.patch, + elfutils-0.188-CURL_AT_LEAST_VERSION.patch and + elfutils-0.188-CURLOPT_PROTOCOLS_STR.patch + +* Thu Jan 19 2023 Fedora Release Engineering - 0.188-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Mon Nov 7 2022 Mark Wielaard - 0.188-3 +- Add elfutils-0.188-compile-warnings.patch +- Add elfutils-0.188-debuginfod-client-lifetime.patch + +* Wed Nov 2 2022 Mark Wielaard - 0.188-2 +- Add elfutils-0.188-static-extract_section.patch. + +* Wed Nov 2 2022 Mark Wielaard - 0.188-1 +- Upgrade to upsteam elfutils 0.188. + +* Wed Oct 5 2022 Amit Shah - 0.187-9 +- Auto-configure debuginfod_url based on macros.dist + +* Wed Aug 24 2022 Debarshi Ray - 0.187-8 +- Use %%sysusers_requires_compat to match %%sysusers_create_compat + +* Wed Jul 27 2022 Amit Shah - 0.187-7 +- Allow building without default debuginfod URL + +* Thu Jul 21 2022 Fedora Release Engineering - 0.187-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue Jun 14 2022 Mark Wielaard - 0.187-5 +- Add sysuser support for creating the debuginfod user + * Fri May 6 2022 Mark Wielaard - 0.187-4 - Add elfutils-0.187-mhd_no_dual_stack.patch - Add elfutils-0.187-mhd_epoll.patch @@ -453,6 +732,9 @@ exit 0 - Add elfutils-0.186-fdo-swap.patch - Add elfutils-0.186-ppc64le-error-return-workaround.patch +* Thu Jan 20 2022 Fedora Release Engineering - 0.186-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + * Wed Nov 10 2021 Mark Wielaard - 0.186-1 - Upgrade to upstream 0.186 - debuginfod-client: Default $DEBUGINFOD_URLS is computed from diff --git a/gating.yaml b/gating.yaml index 4fab4ec..f2f9f20 100644 --- a/gating.yaml +++ b/gating.yaml @@ -5,6 +5,7 @@ decision_context: bodhi_update_push_stable subject_type: koji_build rules: - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.rpminspect.static-analysis} --- !Policy product_versions: - rhel-9 diff --git a/sources b/sources index 808d95e..bd25645 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (elfutils-0.187.tar.bz2) = a9b9e32b503b8b50a62d4e4001097ed2721d3475232a6380e6b9853bd1647aec016440c0ca7ceb950daf1144f8db9814ab43cf33cc0ebef7fc91e9e775c9e874 +SHA512 (elfutils-0.194.tar.bz2) = 5d00502f61b92643bf61dc61da4ddded36c423466388d992bcd388c5208761b8ed9db1a01492c085cd0984eef30c08f895a8e307e78e0df8df40b56ae35b78a5 diff --git a/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile b/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile index 03e071d..332e11f 100644 --- a/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile +++ b/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile @@ -54,7 +54,7 @@ $(METADATA): Makefile @echo "TestTime: 48h" >> $(METADATA) @echo "RunFor: elfutils" >> $(METADATA) @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: bash" >> $(METADATA) + @echo "Requires: bash bash-debuginfo" >> $(METADATA) @echo "Priority: Normal" >> $(METADATA) @echo "License: GPLv2+" >> $(METADATA) @echo "Confidential: no" >> $(METADATA) diff --git a/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf b/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf index 896cbd2..eb1809c 100644 --- a/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf +++ b/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf @@ -2,15 +2,15 @@ summary: GNU-Attribute-notes-not-recognized description: | Bug summary: elfutils doesn't recognize GNU Attribute notes Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1650125 -contact: -- Martin Cermak +contact: Martin Cermak component: -- elfutils + - elfutils test: ./runtest.sh framework: beakerlib recommend: -- elfutils -- bash + - elfutils + - bash + - bash-debuginfo duration: 48h extra-summary: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized extra-task: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized diff --git a/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh b/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh index d60f5ac..aaa6c89 100755 --- a/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh +++ b/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh @@ -32,12 +32,35 @@ PACKAGE="elfutils" rlJournalStart rlPhaseStartTest - # Rely on that /bin/bash is annobin-annotated per - # - https://fedoraproject.org/wiki/Toolchain/Watermark - # - https://fedoraproject.org/wiki/Changes/Annobin - # Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8. - set -o pipefail - rlRun "eu-readelf -n /bin/bash | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50" + # Rely on that /bin/bash is annobin-annotated per + # - https://fedoraproject.org/wiki/Toolchain/Watermark + # - https://fedoraproject.org/wiki/Changes/Annobin + # Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8. + f="/bin/bash" + + # Annobin notes originally used to reside in the binary itself. + # Later on they moved to debuginfo. + # Let's see if we can chase down needed debuginfo somewhere... + + # Attempt getting the needed file using debuginfod + export DEBUGINFOD_URLS=https://debuginfod.fedoraproject.org/ + rlRun "f=\"$f $(debuginfod-find debuginfo /bin/bash)\"" + + # Attempt getting the needed file by traditional means + rlRun "debuginfo-install -y bash" + rlRun "buildid=$(eu-readelf -n /bin/bash | awk '/Build ID:/ {print $NF}')" + for i in $(rpm -ql bash-debuginfo); do + test -f $i || continue + if eu-readelf -n $i | fgrep $buildid; then + rlRun "f=\"$f $i\"" + fi + done + + set -o pipefail + export f + # Check if eu-readelf can read the notes from at least one of files + # that can possibly contain it... + rlRun "(for i in $f; do eu-readelf -n $i; done ) | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50" rlPhaseEnd rlJournalPrintText rlJournalEnd diff --git a/tests/Regression/eu-elfcompress-breaks-hard-links/bubble.c b/tests/Regression/eu-elfcompress-breaks-hard-links/bubble.c new file mode 100644 index 0000000..f8b643a --- /dev/null +++ b/tests/Regression/eu-elfcompress-breaks-hard-links/bubble.c @@ -0,0 +1,4 @@ +int main() +{ + return 0; +} diff --git a/tests/Regression/eu-elfcompress-breaks-hard-links/main.fmf b/tests/Regression/eu-elfcompress-breaks-hard-links/main.fmf new file mode 100644 index 0000000..a34c573 --- /dev/null +++ b/tests/Regression/eu-elfcompress-breaks-hard-links/main.fmf @@ -0,0 +1,15 @@ +summary: eu-elfcompress-breaks-hard-links +description: '' +link: + - relates: https://bugzilla.redhat.com/show_bug.cgi?id=2188064 +contact: Martin Cermak +component: + - elfutils +test: ./runtest.sh +framework: beakerlib +recommend: + - elfutils + - gcc +duration: 1h +extra-summary: /tools/elfutils/Regression/eu-elfcompress-breaks-hard-links +extra-task: /tools/elfutils/Regression/eu-elfcompress-breaks-hard-links diff --git a/tests/Regression/eu-elfcompress-breaks-hard-links/runtest.sh b/tests/Regression/eu-elfcompress-breaks-hard-links/runtest.sh new file mode 100755 index 0000000..7709a74 --- /dev/null +++ b/tests/Regression/eu-elfcompress-breaks-hard-links/runtest.sh @@ -0,0 +1,55 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /tools/elfutils/Regression/eu-elfcompress-breaks-hard-links +# Description: eu-elfcompress-breaks-hard-links +# Author: Martin Cermak +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2023 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="elfutils" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TMP=$(mktemp -d)" + rlRun "cp bubble.c $TMP/" + rlRun "pushd $TMP" + rlPhaseEnd + + rlPhaseStartTest + rlRun "gcc -o a.out -g bubble.c" + rlRun "ln a.out a.lnk" + rlRun "eu-elfcompress -q -p -t none a.lnk" + rlRun "i0=$(stat -c '%i' a.out)" + rlRun "i1=$(stat -c '%i' a.lnk)" + rlRun "test $i0 -eq $i1" + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -r $TMP" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/Sanity/elfutils-debuginfod/body.sh b/tests/Sanity/elfutils-debuginfod/body.sh new file mode 100755 index 0000000..1f93014 --- /dev/null +++ b/tests/Sanity/elfutils-debuginfod/body.sh @@ -0,0 +1,81 @@ +#!/bin/bash + +set -xeo pipefail + + +export DEBUGINFOD_VERBOSE=1 +export DEBUGINFOD_CACHE_PATH=$HOME/.debuginfod_client_cache/ + +# Initial cleanup +systemctl stop debuginfod +rm -rf ~/.cache/debuginfod_client +rm -rf /usr/src/my_extra_rpms $DEBUGINFOD_CACHE_PATH +mkdir $DEBUGINFOD_CACHE_PATH +journalctl -g debuginfod -f & +logger=$! + +# Set up a delay. A delay of 3 worked for me reliably for manual testing. +DELAY=120 + +# Clean up after possible previous failed (=> unfinished) run of this testcase +rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache + +# Check the config file is there +cat /etc/sysconfig/debuginfod + +# Make sure the config file doesn't contain unwanted relicts +# from possible previous failed run of this testcase +fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | (! fgrep /usr/src/my_extra_rpms) + +# Add some directory to the DEBUGINFOD_PATH and configure it +# within /etc/sysconfig/debuginfod +mkdir -p /usr/src/my_extra_rpms +sed -i 's/DEBUGINFOD_PATHS="[^"]*/\0\ \/usr\/src\/my_extra_rpms/' /etc/sysconfig/debuginfod +fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | fgrep /usr/src/my_extra_rpms + +# Note the DEBUGINFOD_PORT in the sysconfig file +# and use it to export the server URL for the client to use +source /etc/sysconfig/debuginfod +export DEBUGINFOD_URLS="localhost:$DEBUGINFOD_PORT" + +# Get the build-id from some installed binary and make sure +# it isn't found +buildid=$(eu-unstrip -n -e /usr/bin/true | cut -f2 -d\ | cut -f1 -d@) +! debuginfod-find executable $buildid + +# Start the service +systemctl start debuginfod + +# Give it some time to index +sleep $DELAY + +# Now the binary should be found +debuginfod-find executable $buildid + +# Take a small debuginfo rpm and make sure you know the buildid of +# some .debug file in to the directory you created and added to +# the DEBUGINFO_PATH in the config file. +cp sshpass-debuginfo-1.09-2.fc35.x86_64.rpm /usr/src/my_extra_rpms + +# Make sure the denuginfo can't be found yet +# Related: +# - https://bugzilla.redhat.com/show_bug.cgi?id=2023454 +# - https://sourceware.org/bugzilla/show_bug.cgi?id=28240 +! debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c +echo 0 > $DEBUGINFOD_CACHE_PATH/cache_miss_s + +# Tell debuginfod to start indexing immediately +debuginfod_pid=$(systemctl status debuginfod | fgrep PID | grep -Po '\d+') +kill -SIGUSR1 $debuginfod_pid + +# Give it some time to index +sleep $DELAY + +# Try to find the debug file with the known buildid +debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c + +# Clean up +rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache + +# Kill the logger +kill $logger diff --git a/tests/Sanity/elfutils-debuginfod/main.fmf b/tests/Sanity/elfutils-debuginfod/main.fmf new file mode 100644 index 0000000..dcdc35d --- /dev/null +++ b/tests/Sanity/elfutils-debuginfod/main.fmf @@ -0,0 +1,14 @@ +summary: elfutils-debuginfod +description: '' +contact: Martin Cermak +component: +- elfutils +test: ./runtest.sh +framework: beakerlib +recommend: +- elfutils +- elfutils-debuginfod +- elfutils-debuginfod-client +duration: 48h +extra-summary: /tools/elfutils/Sanity/elfutils-debuginfod +extra-task: /tools/elfutils/Sanity/elfutils-debuginfod diff --git a/tests/Sanity/elfutils-debuginfod/runtest.sh b/tests/Sanity/elfutils-debuginfod/runtest.sh new file mode 100755 index 0000000..1ae097e --- /dev/null +++ b/tests/Sanity/elfutils-debuginfod/runtest.sh @@ -0,0 +1,54 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /tools/elfutils/Sanity/elfutils-debuginfod +# Description: elfutils-debuginfod +# Author: Martin Cermak +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2019 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="elfutils" + +rlJournalStart + rlPhaseStartSetup + for p in elfutils-debuginfod elfutils-debuginfod-client; do + rlAssertRpm $p + done + rlRun "TMPD=$(mktemp -d)" + rlRun "cp body.sh sshpass-debuginfo-1.09-2.fc35.x86_64.rpm $TMPD" + rlRun "pushd $TMPD" + rlFileBackup /etc/sysconfig/debuginfod + rlPhaseEnd + + rlPhaseStartTest + rlRun "./body.sh" + rlPhaseEnd + + rlPhaseStartCleanup + rlFileRestore + rlRun "popd" + rlRun "rm -r $TMPD" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/Sanity/elfutils-debuginfod/sshpass-debuginfo-1.09-2.fc35.x86_64.rpm b/tests/Sanity/elfutils-debuginfod/sshpass-debuginfo-1.09-2.fc35.x86_64.rpm new file mode 100644 index 0000000..3ae7fe1 Binary files /dev/null and b/tests/Sanity/elfutils-debuginfod/sshpass-debuginfo-1.09-2.fc35.x86_64.rpm differ diff --git a/tests/Sanity/yama-scope/main.fmf b/tests/Sanity/yama-scope/main.fmf new file mode 100644 index 0000000..7b08cd2 --- /dev/null +++ b/tests/Sanity/yama-scope/main.fmf @@ -0,0 +1,16 @@ +summary: yama-scope +description: | + Bug summary: Enable provide_yama_scope for rhel >= 7.4 + Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1455514 +contact: Martin Cermak +component: +- elfutils +test: ./runtest.sh +framework: beakerlib +recommend: +- elfutils +duration: 48h +link: +- relates: https://bugzilla.redhat.com/show_bug.cgi?id=1455514 +extra-summary: /tools/elfutils/Sanity/yama-scope +extra-task: /tools/elfutils/Sanity/yama-scope diff --git a/tests/Sanity/yama-scope/ptrace-scope-test.sh b/tests/Sanity/yama-scope/ptrace-scope-test.sh new file mode 100644 index 0000000..6eb1ca4 --- /dev/null +++ b/tests/Sanity/yama-scope/ptrace-scope-test.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +RETVAL=0 +OUT=$(mktemp) +eu-stack -p $$ |& tee $OUT +grep -i 'operation not permitted' $OUT && RETVAL=1 +rm $OUT +exit $RETVAL diff --git a/tests/Sanity/yama-scope/runtest.sh b/tests/Sanity/yama-scope/runtest.sh new file mode 100755 index 0000000..8195b54 --- /dev/null +++ b/tests/Sanity/yama-scope/runtest.sh @@ -0,0 +1,108 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /tools/elfutils/Sanity/yama-scope +# Description: yama-scope +# Author: Martin Cermak +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2017 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="elfutils" +MY_USER="ptrace_scope_testuser" +TESTCASE="/tmp/ptrace-scope-test.sh" +PROCFILE='/proc/sys/kernel/yama/ptrace_scope' + +test_root() +{ + $TESTCASE +} + +test_user() +{ + su - $MY_USER -c $TESTCASE +} + +rlJournalStart + rlPhaseStartTest + +# This can easily be tested with strace. Just cycle through the settings: + +# 0 - Default attach security permissions. +# 1 - Restricted attach. Only child processes plus normal permissions. +# 2 - Admin-only attach. Only executables with CAP_SYS_PTRACE. +# 3 - No attach. No process may call ptrace at all. Irrevocable. + +# echo 0 > /proc/sys/kernel/yama/ptrace_scope + +# With 0, strace works against any process with your uid. For example, strace -p 2190. +# With 1, strace errors when doing the same as in 0: strace: attach: ptrace(PTRACE_SEIZE, 3180): Operation not permitted. However, you can strace any program you run from strace, "strace /bin/ls" or example. +# With 2, you can only strace from the root account. You can no longer strace commands run from strace. +# With 3, even root cannot strace. + +# --- + +# possible related AVCs tracked as https://bugzilla.redhat.com/show_bug.cgi?id=1458999 + +# --- + + rlRun "useradd $MY_USER" 0,9 + + rlRun "cp ptrace-scope-test.sh /tmp/" + rlRun "chmod a+rx /tmp/ptrace-scope-test.sh" + + rlRun "ORIGVAL=$( cat $PROCFILE )" + + # First, test the default behaviour, which is "no restriction" + # from the ptrace perspective. Here we assume that + # elfutils-default-yama-scope.rpm is installed and so the default + # yama policy is set to 0 instead of 1 which would otherwise be set + # as a kernel default (security/yama/yama_lsm.c ---> YAMA_SCOPE_RELATIONAL) + rlRun test_root + rlRun test_user + + rlRun "echo 0 > $PROCFILE" + rlRun test_root + rlRun test_user + rlRun "echo 1 > $PROCFILE" + rlRun test_root + rlRun test_user 1 + rlRun "echo 2 > $PROCFILE" + rlRun test_root + rlRun test_user 1 + # Following subtest would be irrevertible (till next reboot) + # rlRun "echo 3 > $PROCFILE" + # rlRun test_root 1 + # rlRun test_user 1 + + rlRun "userdel -f $MY_USER" + +# This testcase could be more complex - using child and non-child processes and +# performing reboots. But let's keep this simple, since we are not testing the +# kernel facility, but merely an elfutils "plugin" for it, whose purpose is to +# set the default yama policy as such. + + rlRun "echo $ORIGVAL > $PROCFILE" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd