rpms
/
zstd
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
...
pull from: rpms:i10c-beta
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9

No commits in common. 'c9' and 'i10c-beta' have entirely different histories.
c9 ... i10c-beta

6 changed files with 160 additions and 107 deletions
Show Stats

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/zstd-1.5.1.tar.gz
SOURCES/zstd-1.5.5.tar.gz

2
.zstd.metadata
Unescape View File

@ -1 +1 @@
e6a51ef3f7d5be5b74ac74d88bf3850057e00adb SOURCES/zstd-1.5.1.tar.gz
4479ecc74300d23391d99fbebf2fddd47aed9b28 SOURCES/zstd-1.5.5.tar.gz

67
SOURCES/bti.patch
Unescape View File

@ -0,0 +1,67 @@
From a88781954a875c4f00883eba6a8c5d172c4f5c17 Mon Sep 17 00:00:00 2001
From: Nick Terrell <terrelln@fb.com>
Date: Wed, 13 Mar 2024 09:58:34 -0700
Subject: [PATCH] [asm][aarch64] Mark that BTI and PAC are supported
Mark that `huf_decompress_amd64.S` supports BTI and PAC, which it trivially does because it is empty for aarch64.
The issue only requested BTI markings, but it also makes sense to mark PAC, which is the only other feature.
Also run add a test for this mode to the ARM64 QEMU test. Before this PR it warns on `huf_decompress_amd64.S`, after it doesn't.
Fixes Issue #3841.
---
.github/workflows/dev-short-tests.yml | 1 +
lib/decompress/huf_decompress_amd64.S | 23 ++++++++++++++++++++++-
2 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/dev-short-tests.yml b/.github/workflows/dev-short-tests.yml
index b2aaff89cf7..5324b38d9ac 100644
--- a/.github/workflows/dev-short-tests.yml
+++ b/.github/workflows/dev-short-tests.yml
@@ -409,6 +409,7 @@ jobs:
- name: ARM64
if: ${{ matrix.name == 'ARM64' }}
run: |
+ LDFLAGS="-static -z force-bti" MOREFLAGS="-mbranch-protection=standard" CC=$XCC QEMU_SYS=$XEMU make clean check
LDFLAGS="-static" CC=$XCC QEMU_SYS=$XEMU make clean check
- name: PPC
if: ${{ matrix.name == 'PPC' }}
diff --git a/lib/decompress/huf_decompress_amd64.S b/lib/decompress/huf_decompress_amd64.S
index 3b96b44612f..78da291ee3c 100644
--- a/lib/decompress/huf_decompress_amd64.S
+++ b/lib/decompress/huf_decompress_amd64.S
@@ -10,11 +10,32 @@
#include "../common/portability_macros.h"
+#if defined(__ELF__) && defined(__GNUC__)
/* Stack marking
* ref: https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart
*/
-#if defined(__ELF__) && defined(__GNUC__)
.section .note.GNU-stack,"",%progbits
+
+#if defined(__aarch64__)
+/* Mark that this assembly supports BTI & PAC, because it is empty for aarch64.
+ * See: https://github.com/facebook/zstd/issues/3841
+ * See: https://gcc.godbolt.org/z/sqr5T4ffK
+ * See: https://lore.kernel.org/linux-arm-kernel/20200429211641.9279-8-broonie@kernel.org/
+ * See: https://reviews.llvm.org/D62609
+ */
+.pushsection .note.gnu.property, "a"
+.p2align 3
+.long 4 /* size of the name - "GNU\0" */
+.long 0x10 /* size of descriptor */
+.long 0x5 /* NT_GNU_PROPERTY_TYPE_0 */
+.asciz "GNU"
+.long 0xc0000000 /* pr_type - GNU_PROPERTY_AARCH64_FEATURE_1_AND */
+.long 4 /* pr_datasz - 4 bytes */
+.long 3 /* pr_data - GNU_PROPERTY_AARCH64_FEATURE_1_BTI | GNU_PROPERTY_AARCH64_FEATURE_1_PAC */
+.p2align 3 /* pr_padding - bring everything to 8 byte alignment */
+.popsection
+#endif
+
#endif
#if ZSTD_ENABLE_ASM_X86_64_BMI2

38
SOURCES/enable-CET.patch
Unescape View File

@ -1,38 +0,0 @@
From cd7620a730413a48843e175d34dc408c152f8125 Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Tue, 11 Jan 2022 07:28:25 -0800
Subject: [PATCH] x86-64: Enable Intel CET
Intel Control-flow Enforcement Technology (CET):
https://en.wikipedia.org/wiki/Control-flow_integrity#Intel_Control-flow_Enforcement_Technology
requires that on Linux, all linker input files are marked as CET enabled
in .note.gnu.property section. For high-level language source codes,
.note.gnu.property section is added by compiler with the -fcf-protection
option. For assembly sources, include <cet.h> to add .note.gnu.property
section.
---
lib/common/portability_macros.h | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/lib/common/portability_macros.h b/lib/common/portability_macros.h
index 627ef9eed4..6ac4b05510 100644
--- a/lib/common/portability_macros.h
+++ b/lib/common/portability_macros.h
@@ -128,4 +128,15 @@
# define ZSTD_ENABLE_ASM_X86_64_BMI2 0
#endif
+/*
+ * For x86 ELF targets, add .note.gnu.property section for Intel CET in
+ * assembly sources when CET is enabled.
+ */
+#if defined(__ELF__) && (defined(__x86_64__) || defined(__i386__)) \
+ && defined(__has_include)
+# if __has_include(<cet.h>)
+# include <cet.h>
+# endif
+#endif
+
#endif /* ZSTD_PORTABILITY_MACROS_H */

15
SOURCES/pzstd.1.patch
Unescape View File

@ -1,8 +1,8 @@
diff -Naur zstd-1.5.1.orig/programs/zstd.1 zstd-1.5.1/programs/zstd.1
--- zstd-1.5.1.orig/programs/zstd.1 2021-12-20 22:49:18.000000000 +0000
+++ zstd-1.5.1/programs/zstd.1 2021-12-22 16:49:17.160850340 +0000
@@ -146,6 +146,14 @@
\fB\-\-show\-default\-cparams\fR: Shows the default compression parameters that will be used for a particular src file\. If the provided src file is not a regular file (eg\. named pipe), the cli will just output the default parameters\. That is, the parameters that are used when the src size is unknown\.
diff -Naur zstd-1.5.4/programs/zstd.1 zstd-1.5.4.new/programs/zstd.1
--- zstd-1.5.4/programs/zstd.1 2023-02-10 00:41:50.000000000 +0000
+++ zstd-1.5.4.new/programs/zstd.1 2023-02-13 12:44:01.575160149 +0000
@@ -162,6 +162,13 @@
\fB\-\-show\-default\-cparams\fR: shows the default compression parameters that will be used for a particular input file, based on the provided compression level and the input size\. If the provided file is not a regular file (e\.g\. a pipe), this flag will output the parameters used for inputs of unknown size\.
.IP "\[ci]" 4
\fB\-\-\fR: All arguments after \fB\-\-\fR are treated as files
+
@ -11,8 +11,7 @@ diff -Naur zstd-1.5.1.orig/programs/zstd.1 zstd-1.5.1/programs/zstd.1
+.TP
+.BR \-p ", " --processes
+ number of threads to use for (de)compression (default:4)
+
+
.IP "" 0
.SS "Restricted usage of Environment Variables"
Using environment variables to set parameters has security implications\. Therefore, this avenue is intentionally restricted\. Only \fBZSTD_CLEVEL\fR and \fBZSTD_NBTHREADS\fR are currently supported\. They set the compression level and number of threads to use during compression, respectively\.
.SS "gzip Operation Modifiers"
When invoked via a \fBgzip\fR symlink, \fBzstd\fR will support further options that intend to mimic the \fBgzip\fR behavior:

143
SPECS/zstd.spec
Unescape View File

@ -1,3 +1,6 @@
# enable asm implementations by default
%bcond_without asm
# enable .lz4 support by default
%bcond_without lz4
@ -7,48 +10,26 @@
# enable .gz support by default
%bcond_without zlib
%if 0%{?rhel} && 0%{?rhel} <= 6
# gcc-4.4 is currently too old to compile pzstd
%bcond_with pzstd
%else
%ifarch %{ix86} x86_64
# enable pzstd support by default
%bcond_without pzstd
%else
# aarch64 and armv7hl at least currently segfault
# in ThreadPool test for the pzstd util
%bcond_with pzstd
%endif
%endif
%ifarch x86_64
%bcond_without asm
%else
# Disable asm to ensure non excutable stack
# used on archs where asm not actually used
# https://github.com/facebook/zstd/issues/2963
%bcond_with asm
%endif
# Disable gtest
%bcond_with gtest
# Disable gtest on RHEL
%bcond gtest %[ !0%{?rhel} ]
Name: zstd
Version: 1.5.1
Release: 2%{?dist}
Version: 1.5.5
Release: 8%{?dist}
Summary: Zstd compression library
License: BSD and GPLv2
License: BSD-3-Clause AND GPL-2.0-only
URL: https://github.com/facebook/zstd
Source0: https://github.com/facebook/zstd/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Patch1: pzstd.1.patch
Patch2: enable-CET.patch
Patch2: bti.patch
BuildRequires: make
BuildRequires: gcc
%if %{with gtest}
BuildRequires: gtest-devel
%endif
BuildRequires: gcc %{?with_gtest:gtest-devel}
%if %{with lz4}
BuildRequires: lz4-devel
%endif
@ -93,6 +74,7 @@ find -name .gitignore -delete
%if %{with pzstd}
%patch1 -p1
%endif
%patch2 -p1
%build
@ -113,12 +95,10 @@ execstack lib/libzstd.so.1
export CFLAGS="$RPM_OPT_FLAGS"
export LDFLAGS="$RPM_LD_FLAGS"
make -C tests test-zstd
%if %{with pzstd}
%if %{with gtest}
%if %{with pzstd} && %{with gtest}
export CXXFLAGS="$RPM_OPT_FLAGS"
make -C contrib/pzstd test
%endif
%endif
%install
%make_install PREFIX=%{_prefix} LIBDIR=%{_libdir}
@ -163,32 +143,77 @@ install -D -m644 programs/%{name}.1 %{buildroot}%{_mandir}/man1/p%{name}.1
%ldconfig_scriptlets -n lib%{name}
%changelog
* Mon Feb 07 2022 Jakub Martisko <jamartis@redhat.com> - 1.5.1-2
- Add some basic gating tests
Resolves: rhbz#2050272
* Wed Jan 12 2022 Michel Alexandre Salim <salimma@centosproject.org> - 1.5.1-1
- Rebase to the latest upstream version
- Enable optional gz, xz/lzma, and lz4 support in the zstd tool
- Disable amd64 assembly on non-x86_64 architectures (rhbz#2035802)
this should avoid the issue where an executable stack is created
- Re-enable CET protections (rhbz#2039353)
Resolves: rhbz#2039488
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.5.0-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Jul 12 2021 Jakub Martisko <jamartis@redhat.com> - 1.5.0-1
* Rebase to the latest upstream version
Resolves: rhbz#1928094
* Thu Jul 01 2021 Jakub Martisko <jamartis@redhat.com> - 1.4.9-3
- Drop gtest-devel dependency
Resolves: rhbz#1977606
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.4.9-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Nov 26 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.5.5-8
- Rebuilt for MSVSphere 10
* Tue Jul 23 2024 Jakub Martisko <jamartis@redhat.com> - 1.5.5-8
- Backport the patch that enables BTI on aarch64
Related: RHEL-50092
* Mon Jul 22 2024 Jakub Martisko <jamartis@redhat.com> - 1.5.5-7
- Add the gating test from rhel-9
Related: RHEL-50092
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.5.5-6
- Bump release for June 2024 mass rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jun 22 2023 Jiří Kučera <jkucera@redhat.com> - 1.5.5-3
- Drop gtest on RHEL (c9s backport)
* Thu Apr 13 2023 Lukáš Zaoral <lzaoral@redhat.com> - 1.5.5-2
- migrate to SPDX license format
* Wed Apr 05 2023 Pádraig Brady <P@draigBrady.com> - 1.5.5-1
- Latest upstream
* Mon Feb 13 2023 Pádraig Brady <P@draigBrady.com> - 1.5.4-1
- Latest upstream
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu May 19 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 1.5.2-2
- ThreadPool segfault fixed so build pzst everywhere
* Sat Jan 22 2022 Pádraig Brady <P@draigBrady.com> - 1.5.2-1
- Latest upstream
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Jan 11 2022 Pádraig Brady <P@draigBrady.com> - 1.5.1-6
- Re-enable CET protections (#2039353)
* Fri Jan 07 2022 Michel Alexandre Salim <salimma@fedoraproject.org> - 1.5.1-5
- Enable gz, .xz/.lzma and .lz4 support
* Mon Jan 03 2022 Pádraig Brady <P@draigBrady.com> - 1.5.1-4
- Use correct prefix for pkgconfig.
* Wed Dec 29 2021 Pádraig Brady <P@draigBrady.com> - 1.5.1-3
- Avoid executable stack on i686 also.
* Tue Dec 28 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.5.1-2
- Disable amd64 assembly on non-intel architectures (#2035802):
this should avoid the issue where an executable stack is created.
* Wed Dec 22 2021 Pádraig Brady <P@draigBrady.com> - 1.5.1-1
- Latest upstream
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sun May 16 2021 Pádraig Brady <P@draigBrady.com> - 1.5.0-2
- Latest upstream
* Fri Mar 05 2021 Pádraig Brady <P@draigBrady.com> - 1.4.9-1
- Latest upstream

Write Preview
Loading…
Cancel
Save