commit a77485b5bab46e5947165afe05736035ba4012c9 Author: Georg Koppen <gk@torproject.org> Date: Mon Jun 29 08:56:12 2015 +0000 Revert "Bug 16351: Update our toolchain (Binutils/GCC)" This reverts commit 50e6d095bd8d8eaef460d0bddda9455ff222c685. --- gitian/descriptors/windows/gitian-utils.yml | 3 ++ gitian/patches/enable-reloc-section-ld.patch | 53 +++++++++++-------- gitian/patches/gcc-dev-random.patch | 72 ++++++++++++++++++++++++++ gitian/patches/peXXigen.patch | 27 +++++----- gitian/versions.alpha | 6 +-- gitian/versions.nightly | 6 +-- 6 files changed, 125 insertions(+), 42 deletions(-) diff --git a/gitian/descriptors/windows/gitian-utils.yml b/gitian/descriptors/windows/gitian-utils.yml index 9162426..6e52c67 100644 --- a/gitian/descriptors/windows/gitian-utils.yml +++ b/gitian/descriptors/windows/gitian-utils.yml @@ -28,6 +28,7 @@ files: - "gmp.tar.bz2" - "enable-reloc-section-ld.patch" - "peXXigen.patch" +- "gcc-dev-random.patch" - "versions" - "dzip.sh" script: | @@ -74,6 +75,8 @@ script: | cd gcc tar -xjvf ../gcc.tar.bz2 cd gcc-* + # Don't use /dev/random on Windows. See bug 13169 for details. + patch -p1 < ../../gcc-dev-random.patch cd .. # We don't want to link against msvcrt.dll due to bug 9084. i686-w64-mingw32-g++ -dumpspecs > ~/build/msvcr100.spec diff --git a/gitian/patches/enable-reloc-section-ld.patch b/gitian/patches/enable-reloc-section-ld.patch index 5845d75..f393f51 100644 --- a/gitian/patches/enable-reloc-section-ld.patch +++ b/gitian/patches/enable-reloc-section-ld.patch @@ -1,23 +1,30 @@ -From 99ffc3f28b964519892cb1fb8bdc64d42b80d777 Mon Sep 17 00:00:00 2001 +From 093b08a9e7af23a258306b710ebc4556d12f94f7 Mon Sep 17 00:00:00 2001 From: Erinn Clark <erinn@torproject.org> Date: Fri, 8 Aug 2014 14:23:44 -0400 Subject: [PATCH] add relocation section so Windows bundles can have ASLR Patch by skruffy. +--- + ld/emultempl/pe.em | 6 +++++ + ld/emultempl/pep.em | 8 ++++++- + ld/pe-dll.c | 63 ++++++++++++++++++++++++++++++----------------------- + ld/pe-dll.h | 1 + + 4 files changed, 50 insertions(+), 28 deletions(-) + diff --git a/ld/emultempl/pe.em b/ld/emultempl/pe.em -index 979cc8b..4a63863 100644 +index 5d6da9e..14c07f7 100644 --- a/ld/emultempl/pe.em +++ b/ld/emultempl/pe.em -@@ -274,6 +274,7 @@ fragment <<EOF +@@ -268,6 +268,7 @@ fragment <<EOF + #define OPTION_TERMINAL_SERVER_AWARE (OPTION_WDM_DRIVER + 1) + /* Determinism. */ #define OPTION_INSERT_TIMESTAMP (OPTION_TERMINAL_SERVER_AWARE + 1) - #define OPTION_NO_INSERT_TIMESTAMP (OPTION_INSERT_TIMESTAMP + 1) - #define OPTION_BUILD_ID (OPTION_NO_INSERT_TIMESTAMP + 1) -+#define OPTION_ENABLE_RELOC_SECTION (OPTION_BUILD_ID + 1) ++#define OPTION_ENABLE_RELOC_SECTION (OPTION_INSERT_TIMESTAMP + 1) static void gld${EMULATION_NAME}_add_options -@@ -317,6 +318,7 @@ gld${EMULATION_NAME}_add_options +@@ -310,6 +311,7 @@ gld${EMULATION_NAME}_add_options {"export-all-symbols", no_argument, NULL, OPTION_EXPORT_ALL}, {"exclude-symbols", required_argument, NULL, OPTION_EXCLUDE_SYMBOLS}, {"exclude-all-symbols", no_argument, NULL, OPTION_EXCLUDE_ALL_SYMBOLS}, @@ -25,7 +32,7 @@ index 979cc8b..4a63863 100644 {"exclude-libs", required_argument, NULL, OPTION_EXCLUDE_LIBS}, {"exclude-modules-for-implib", required_argument, NULL, OPTION_EXCLUDE_MODULES_FOR_IMPLIB}, {"kill-at", no_argument, NULL, OPTION_KILL_ATS}, -@@ -787,6 +789,9 @@ gld${EMULATION_NAME}_handle_option (int optc) +@@ -773,6 +775,9 @@ gld${EMULATION_NAME}_handle_option (int optc) case OPTION_EXCLUDE_ALL_SYMBOLS: pe_dll_exclude_all_symbols = 1; break; @@ -35,7 +42,7 @@ index 979cc8b..4a63863 100644 case OPTION_EXCLUDE_LIBS: pe_dll_add_excludes (optarg, EXCLUDELIBS); break; -@@ -2059,6 +2064,7 @@ gld_${EMULATION_NAME}_finish (void) +@@ -1839,6 +1844,7 @@ gld_${EMULATION_NAME}_finish (void) if (link_info.shared #if !defined(TARGET_IS_shpe) || (!link_info.relocatable && pe_def_file->num_exports != 0) @@ -44,20 +51,20 @@ index 979cc8b..4a63863 100644 ) { diff --git a/ld/emultempl/pep.em b/ld/emultempl/pep.em -index b24a608..caf2946 100644 +index b738800..b566903 100644 --- a/ld/emultempl/pep.em +++ b/ld/emultempl/pep.em -@@ -248,7 +248,8 @@ enum options +@@ -242,7 +242,8 @@ enum options + OPTION_NO_BIND, + OPTION_WDM_DRIVER, OPTION_INSERT_TIMESTAMP, - OPTION_NO_INSERT_TIMESTAMP, - OPTION_TERMINAL_SERVER_AWARE, -- OPTION_BUILD_ID -+ OPTION_BUILD_ID, +- OPTION_TERMINAL_SERVER_AWARE ++ OPTION_TERMINAL_SERVER_AWARE, + OPTION_ENABLE_RELOC_SECTION }; static void -@@ -290,6 +291,7 @@ gld${EMULATION_NAME}_add_options +@@ -284,6 +285,7 @@ gld${EMULATION_NAME}_add_options {"export-all-symbols", no_argument, NULL, OPTION_EXPORT_ALL}, {"exclude-symbols", required_argument, NULL, OPTION_EXCLUDE_SYMBOLS}, {"exclude-all-symbols", no_argument, NULL, OPTION_EXCLUDE_ALL_SYMBOLS}, @@ -65,7 +72,7 @@ index b24a608..caf2946 100644 {"exclude-libs", required_argument, NULL, OPTION_EXCLUDE_LIBS}, {"exclude-modules-for-implib", required_argument, NULL, OPTION_EXCLUDE_MODULES_FOR_IMPLIB}, {"kill-at", no_argument, NULL, OPTION_KILL_ATS}, -@@ -743,6 +745,9 @@ gld${EMULATION_NAME}_handle_option (int optc) +@@ -727,6 +729,9 @@ gld${EMULATION_NAME}_handle_option (int optc) case OPTION_EXCLUDE_ALL_SYMBOLS: pep_dll_exclude_all_symbols = 1; break; @@ -75,7 +82,7 @@ index b24a608..caf2946 100644 case OPTION_EXCLUDE_LIBS: pep_dll_add_excludes (optarg, EXCLUDELIBS); break; -@@ -1838,6 +1843,7 @@ gld_${EMULATION_NAME}_finish (void) +@@ -1618,6 +1623,7 @@ gld_${EMULATION_NAME}_finish (void) #ifdef DLL_SUPPORT if (link_info.shared @@ -84,10 +91,10 @@ index b24a608..caf2946 100644 { pep_dll_fill_sections (link_info.output_bfd, &link_info); diff --git a/ld/pe-dll.c b/ld/pe-dll.c -index 61d8fa5..24c0c72 100644 +index e9e133b..4230dc3 100644 --- a/ld/pe-dll.c +++ b/ld/pe-dll.c -@@ -151,6 +151,7 @@ def_file * pe_def_file = 0; +@@ -152,6 +152,7 @@ def_file * pe_def_file = 0; int pe_dll_export_everything = 0; int pe_dll_exclude_all_symbols = 0; int pe_dll_do_default_excludes = 1; @@ -193,10 +200,10 @@ index 61d8fa5..24c0c72 100644 bfd_boolean diff --git a/ld/pe-dll.h b/ld/pe-dll.h -index 24ea302..6a0d633 100644 +index 4697390..2bf71d9 100644 --- a/ld/pe-dll.h +++ b/ld/pe-dll.h -@@ -30,6 +30,7 @@ extern def_file *pe_def_file; +@@ -31,6 +31,7 @@ extern def_file *pe_def_file; extern int pe_dll_export_everything; extern int pe_dll_exclude_all_symbols; extern int pe_dll_do_default_excludes; @@ -205,5 +212,5 @@ index 24ea302..6a0d633 100644 extern int pe_dll_stdcall_aliases; extern int pe_dll_warn_dup_exports; -- -1.7.9.5 +2.0.1 diff --git a/gitian/patches/gcc-dev-random.patch b/gitian/patches/gcc-dev-random.patch new file mode 100644 index 0000000..9757f92 --- /dev/null +++ b/gitian/patches/gcc-dev-random.patch @@ -0,0 +1,72 @@ +From b0ce14899060267b5b5e4d7e3d91edcdf5c09514 Mon Sep 17 00:00:00 2001 +From: law <law@138bc75d-0d04-0410-961f-82ee72b054a4> +Date: Tue, 10 Feb 2015 01:44:08 +0000 +Subject: [PATCH] * ssp.c (__guard_setup): For Windows, use approved methods + to get a suitable random number for the stack check guard + rather than reading /dev/random. + +git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@220559 138bc75d-0d04-0410-961f-82ee72b054a4 +--- + libssp/ChangeLog | 7 +++++++ + libssp/ssp.c | 16 ++++++++++++++++ + 2 files changed, 23 insertions(+) + +diff --git a/libssp/ChangeLog b/libssp/ChangeLog +index a445537..676d2a7 100644 +--- a/libssp/ChangeLog ++++ b/libssp/ChangeLog +@@ -1,3 +1,10 @@ ++2015-02-09 Georg Koppen <gk@torproject.org> ++ ++ * ssp.c: Conditionally include <windows.h> ++ (__guard_setup): For Windows, use approved methods to get ++ a suitable random number for the stack check guard rather ++ than reading /dev/random. ++ + 2014-07-16 Release Manager + + * GCC 4.9.1 released. +diff --git a/libssp/ssp.c b/libssp/ssp.c +index 96adf17..38e3ec8 100644 +--- a/libssp/ssp.c ++++ b/libssp/ssp.c +@@ -55,6 +55,7 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see + /* Native win32 apps don't know about /dev/tty but can print directly + to the console using "CONOUT$" */ + #if defined (_WIN32) && !defined (__CYGWIN__) ++#include <windows.h> + # define _PATH_TTY "CONOUT$" + #else + # define _PATH_TTY "/dev/tty" +@@ -75,6 +76,20 @@ __guard_setup (void) + if (__stack_chk_guard != 0) + return; + ++#if defined (_WIN32) && !defined (__CYGWIN__) ++ HCRYPTPROV hprovider = 0; ++ if (CryptAcquireContext(&hprovider, NULL, NULL, PROV_RSA_FULL, ++ CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) ++ { ++ if (CryptGenRandom(hprovider, sizeof (__stack_chk_guard), ++ (BYTE *)&__stack_chk_guard) && __stack_chk_guard != 0) ++ { ++ CryptReleaseContext(hprovider, 0); ++ return; ++ } ++ CryptReleaseContext(hprovider, 0); ++ } ++#else + fd = open ("/dev/urandom", O_RDONLY); + if (fd != -1) + { +@@ -85,6 +100,7 @@ __guard_setup (void) + return; + } + ++#endif + /* If a random generator can't be used, the protector switches the guard + to the "terminator canary". */ + p = (unsigned char *) &__stack_chk_guard; +-- +1.7.10.4 + diff --git a/gitian/patches/peXXigen.patch b/gitian/patches/peXXigen.patch index 0ae0979..785aa02 100644 --- a/gitian/patches/peXXigen.patch +++ b/gitian/patches/peXXigen.patch @@ -1,13 +1,14 @@ -diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c -index 13e39e4..deef7b3 100644 ---- a/bfd/peXXigen.c -+++ b/bfd/peXXigen.c -@@ -873,6 +873,8 @@ _bfd_XXi_only_swap_filehdr_out (bfd * abfd, void * in, void * out) - /* Only use a real timestamp if the option was chosen. */ - if ((pe_data (abfd)->insert_timestamp)) - H_PUT_32 (abfd, time (0), filehdr_out->f_timdat); -+ else -+ H_PUT_32 (abfd, 0, filehdr_out->f_timdat); - - PUT_FILEHDR_SYMPTR (abfd, filehdr_in->f_symptr, - filehdr_out->f_symptr); +diff -crB binutils-2.24/bfd/peXXigen.c binutils-2.24/bfd/peXXigen.c +*** binutils-2.24/bfd/peXXigen.c Tue Nov 26 11:37:33 2013 +--- binutils-2.24/bfd/peXXigen.c Mon Aug 4 07:10:15 2014 +*************** +*** 795,800 **** +--- 795,802 ---- + /* Only use a real timestamp if the option was chosen. */ + if ((pe_data (abfd)->insert_timestamp)) + H_PUT_32 (abfd, time(0), filehdr_out->f_timdat); ++ else ++ H_PUT_32 (abfd, 0, filehdr_out->f_timdat); + + PUT_FILEHDR_SYMPTR (abfd, filehdr_in->f_symptr, + filehdr_out->f_symptr); diff --git a/gitian/versions.alpha b/gitian/versions.alpha index 3f94294..e7564d7 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -39,8 +39,8 @@ OPENSSL_VER=1.0.1o GMP_VER=5.1.3 FIREFOX_LANG_VER=$FIREFOX_VERSION FIREFOX_LANG_BUILD=build1 -BINUTILS_VER=2.25 -GCC_VER=5.1.0 +BINUTILS_VER=2.24 +GCC_VER=4.9.1 PYTHON_VER=2.7.5 PYCRYPTO_VER=2.6.1 ARGPARSE_VER=1.2.1 @@ -98,7 +98,7 @@ PY2EXE_HASH=610a8800de3d973ed5ed4ac505ab42ad058add18a68609ac09e6cf3598ef056c SETUPTOOLS_HASH=75d288687066ed124311d6ca5f40ffa92a0e81adcd7fff318c6e84082713cf39 PARSLEY_HASH=50d30cee70770fd44db7cea421cb2fb75af247c3a1cd54885c06b30a7c85dd23 GO_HASH=299a6fd8f8adfdce15bc06bde926e7b252ae8e24dd5b16b7d8791ed79e7b5e9b -GCC_HASH=b7dafdf89cbb0e20333dbf5b5349319ae06e3d1a30bf3515b5488f7e89dca5ad +GCC_HASH=d334781a124ada6f38e63b545e2a3b8c2183049515a1abab6d513f109f1d717e ## Non-git package URLs OPENSSL_URL=https://www.openssl.org/source/${OPENSSL_PACKAGE} diff --git a/gitian/versions.nightly b/gitian/versions.nightly index e613c6d..e2dc33b 100755 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@ -42,8 +42,8 @@ OPENSSL_VER=1.0.1o GMP_VER=5.1.3 FIREFOX_LANG_VER=38.0.1esr #$FIREFOX_VERSION FIREFOX_LANG_BUILD=build2 -BINUTILS_VER=2.25 -GCC_VER=5.1.0 +BINUTILS_VER=2.24 +GCC_VER=4.9.1 PYTHON_VER=2.7.5 PYCRYPTO_VER=2.6.1 ARGPARSE_VER=1.2.1 @@ -101,7 +101,7 @@ PY2EXE_HASH=610a8800de3d973ed5ed4ac505ab42ad058add18a68609ac09e6cf3598ef056c SETUPTOOLS_HASH=75d288687066ed124311d6ca5f40ffa92a0e81adcd7fff318c6e84082713cf39 PARSLEY_HASH=50d30cee70770fd44db7cea421cb2fb75af247c3a1cd54885c06b30a7c85dd23 GO_HASH=299a6fd8f8adfdce15bc06bde926e7b252ae8e24dd5b16b7d8791ed79e7b5e9b -GCC_HASH=b7dafdf89cbb0e20333dbf5b5349319ae06e3d1a30bf3515b5488f7e89dca5ad +GCC_HASH=d334781a124ada6f38e63b545e2a3b8c2183049515a1abab6d513f109f1d717e ## Non-git package URLs OPENSSL_URL=https://www.openssl.org/source/${OPENSSL_PACKAGE}