Skip to content
Snippets Groups Projects
  1. Sep 28, 2023
  2. Sep 26, 2023
    • Simon McVittie's avatar
      capture-libs: Don't treat libcrypt.so.1 as part of glibc · 451b114f
      Simon McVittie authored
      
      libcrypt.so.1 is build-time optional since glibc 2.28, and is not built
      by default since 2.38. In newer distributions like Debian >= 11 and
      Ubuntu >= 20.04, it's usually replaced by libxcrypt, either compiled
      to be a drop-in replacement for glibc's libcrypt.so.1 (as in Debian,
      and therefore the Steam Runtime), or with its own SONAME libcrypt.so.2
      and optionally a secondary build as libcrypt.so.1 (as in Arch).
      
      Because libxcrypt implements a superset of the glibc libcrypt.so.1 ABI,
      adding some functions and symvers of its own, it is backward- but not
      forward-compatible: it's OK to use libxcrypt libcrypt.so.1 as a
      replacement for glibc libcrypt.so.1, but it is not OK to do the opposite.
      This means it would be incorrect for us to use a system copy of glibc
      libcrypt.so.1 (perhaps from glibc 2.32 or newer) as a replacement for a
      container's libxcrypt libcrypt.so.1, even if the system copy of glibc
      is strictly newer than the container's glibc (for example,
      Steam Runtime 3 'sniper' is based on Debian 11, so it comes with
      glibc 2.31 and libxcrypt).
      
      Unlike libpthread, libdl and librt, symbols from `libcrypt.so.1` were
      never absorbed into `libc.so.6`, so we don't have to apply the reasoning
      seen in 4c2e3e3b "capture-libs: Add a special case to support glibc 2.34+".
      
      In practice we've always got away with it in the past, but it's something
      that could cause a crash or incompatibility. I'm now looking into the
      possibility of backporting libxcrypt into Steam Runtime 1 and 2
      (steamrt/tasks#332), which makes it more important to get this right.
      
      Accordingly, exclude libcrypt.so.1 from that special treatment, and
      instead set it up to be compared separately using the same comparators
      we use for glibc: by public symvers, then by public symbols, and as a
      last resort by name.
      
      Signed-off-by: default avatarSimon McVittie <smcv@collabora.com>
      451b114f
    • Simon McVittie's avatar
      library-cmp: Make some symbols static · 0b1179c9
      Simon McVittie authored
      
      These are only directly used within their translation unit,
      therefore don't need to be extern.
      
      Signed-off-by: default avatarSimon McVittie <smcv@collabora.com>
      0b1179c9
    • Simon McVittie's avatar
    • Simon McVittie's avatar
      capture-libs: Add references for some more architectures · b321c0af
      Simon McVittie authored
      
      Just for completeness, we're not going to support any of these any
      time soon.
      
      Signed-off-by: default avatarSimon McVittie <smcv@collabora.com>
      b321c0af
  3. Aug 02, 2023
    • Simon McVittie's avatar
      Release v0.20230802.0 · 12874211
      Simon McVittie authored
      
      Signed-off-by: default avatarSimon McVittie <smcv@collabora.com>
      v0.20230802.0
      12874211
    • Simon McVittie's avatar
      CI: Use Debian 13 prereleases to test with sanitizers · 23f1a939
      Simon McVittie authored
      
      Now that the tests pass on merged-/usr systems, we can use a more modern
      Debian suite.
      
      Normally I'd use the latest Debian stable (Debian 12), but that seems
      to have a false positive for a printf argument to %s being NULL,
      causing the asan/ubsan builds to fail; so use Debian 10 and 11 as our
      representatives of older systems, together with Debian 13 prereleases
      as our representative of a modern system.
      
      Signed-off-by: default avatarSimon McVittie <smcv@collabora.com>
      23f1a939
    • Simon McVittie's avatar
      tests: Fix expectations for merged-/usr systems · de669890
      Simon McVittie authored
      
      Previously, we were assuming that the symlink created by
      capsule-capture-libs would point to the `realpath()` of a library,
      possibly with a `--link-target` prefix. However, it actually only
      resolves the symlink representing the SONAME: it will resolve `libz.so.1`
      to `libz.so.1.2.13`, but unlike Perl `abs_path()` or C `realpath()`,
      it will not necessarily resolve symlinks in the directory hierarchy
      leading up to that point.
      
      For example, on a merged-/usr system like Debian >= 12, /lib is a
      symbolic link to usr/lib. The realpath() of `libz.so.1` is something like
      `/usr/lib/MULTIARCH/libz.so.1.2.13`, but because both `/lib/MULTIARCH`
      and `/usr/lib/MULTIARCH` appear in `/etc/ld.so.conf.d`, it is undefined
      whether capsule-capture-libs will output `/lib/MULTIARCH/libz.so.1.2.13`
      or `/usr/lib/MULTIARCH/libz.so.1.2.13`.
      
      Relax the expectations of this test so we only say that the symlink
      points to some reasonable `$libdir`, followed by the `basename()` of the
      `realpath()` of `libc.so.6`.
      
      Signed-off-by: default avatarSimon McVittie <smcv@collabora.com>
      de669890
    • Simon McVittie's avatar
      75294a71
    • Simon McVittie's avatar
      capture-libs: Use warnx() instead of warn() when errno is not set · 6ff340cb
      Simon McVittie authored
      
      `warn(fmt, args)` is equivalent to (pseudocode)
      `warnx(fmt + ": %s", args, strerror(errno))`. In contexts where we do
      not have a useful value for errno, or where we are showing an error
      message that should already contain a previous result of strerror, we
      should use warnx() instead. This avoids showing a misleading errno
      which might have been set for some unrelated reason.
      
      Prompted by jupiter/tasks#887.
      
      Signed-off-by: default avatarSimon McVittie <smcv@collabora.com>
      6ff340cb
  4. Aug 01, 2023
  5. Jul 27, 2023
  6. Oct 06, 2022
  7. Jun 23, 2022
  8. Jun 22, 2022
  9. Oct 26, 2021
  10. Oct 25, 2021
  11. Sep 06, 2021
  12. Aug 31, 2021
    • Ludovico de Nittis's avatar
      capsule-wrappers: Avoid the deprecated mallinfo() when possible · 2cd84648
      Ludovico de Nittis authored
      
      mallinfo() has been deprecated since glibc 2.33 and has been replaced
      with mallinfo2().
      
      Building libcapsule with glibc 2.33 fails with the following error:
      ```
      capsule/capsule-wrappers.c: In function ‘address_within_main_heap’:
      capsule/capsule-wrappers.c:323:20: error: ‘mallinfo’ is deprecated
      [-Werror=deprecated-declarations]
        323 |             struct mallinfo mi = mallinfo();
            |                    ^~~~~~~~
      In file included from capsule/capsule-wrappers.c:16:
      /usr/include/malloc.h:118:24: note: declared here
      118 | extern struct mallinfo mallinfo (void) __THROW
      __MALLOC_DEPRECATED;
            |                        ^~~~~~~~
      cc1: all warnings being treated as errors
      ```
      
      To fix that we try to use the newer mallinfo2(), if it is available.
      
      Signed-off-by: default avatarLudovico de Nittis <ludovico.denittis@collabora.com>
      2cd84648
  13. Jul 28, 2021
  14. Jul 02, 2021
  15. Jan 18, 2021
  16. Jan 14, 2021
  17. Jan 12, 2021
  18. Jan 11, 2021
Loading