16873524 Need to convert openscap to 64-bit and enable ASLR.
authorJacob Varughese <jacob.varughese@oracle.com>
Thu, 29 Jan 2015 11:15:54 -0800
changeset 3703 71b5204c547a
parent 3702 a4cf62e97757
child 3705 0d8951107033
16873524 Need to convert openscap to 64-bit and enable ASLR.
components/openscap/Makefile
components/openscap/openscap-perl-512.p5m
components/openscap/openscap-perl-PERLVER.p5m
components/openscap/openscap-python-PYVER.p5m
components/openscap/openscap.p5m
components/openscap/patches/zz_fixes_for_64bit.patch
components/openscap/resolve.deps
--- a/components/openscap/Makefile	Thu Jan 29 09:22:33 2015 -0800
+++ b/components/openscap/Makefile	Thu Jan 29 11:15:54 2015 -0800
@@ -47,6 +47,11 @@
 include $(WS_TOP)/make-rules/configure.mk
 include $(WS_TOP)/make-rules/ips.mk
 
+PERL_VERSION.32 = 5.12
+PERL_VERSION.64 = 5.16
+PERL_VERSION = $(PERL_VERSION.$(BITS))
+PERL = $(PERL.$(PERL_VERSION))
+CONFIGURE_BINDIR.64 =	$(CONFIGURE_PREFIX)/bin
 CPPFLAGS +=	-I/usr/include/openldap
 
 # Perl related patch needs configure script recreation.
@@ -73,7 +78,10 @@
 CPPFLAGS +=	-I$(SOURCE_DIR)/src/OVAL/probes
 CPPFLAGS +=	-I/usr/include/pcre
 
-CONFIGURE_OPTIONS +=	CFLAGS="$(CFLAGS)"
+CONFIGURE_ENV +=        PERL="$(PERL)"
+CONFIGURE_ENV +=        PYTHON="$(PYTHON.$(BITS))"
+CONFIGURE_OPTIONS.32 +=	CFLAGS="$(CFLAGS)"
+CONFIGURE_OPTIONS.64 +=	CFLAGS="$(CFLAGS) -D_FILE_OFFSET_BITS=64"
 CONFIGURE_OPTIONS +=	CPPFLAGS="$(CPPFLAGS)"
 CONFIGURE_OPTIONS +=	--enable-debug=no
 CONFIGURE_OPTIONS +=	--enable-sce=yes
@@ -85,16 +93,19 @@
 
 DOCS_DIR = $(PROTO_DIR)/usr/share/docs/openscap/html/
 
-# common targets
-configure:	$(CONFIGURE_32)
+# Enable ASLR for this component
+ASLR_MODE = $(ASLR_ENABLE)
 
-build:		$(BUILD_32)
+# common targets
+configure:	$(CONFIGURE_32_and_64)
 
-install:	$(INSTALL_32)
+build:		$(BUILD_32_and_64)
+
+install:	$(INSTALL_32_and_64)
 		$(MKDIR) $(DOCS_DIR)
 		$(CP) $(SOURCE_DIR)/docs/html/* $(DOCS_DIR)
 
-test:		$(TEST_32)
+test:		$(TEST_32_and_64)
 
 BUILD_PKG_DEPENDENCIES =	$(BUILD_TOOLS)
 
--- a/components/openscap/openscap-perl-512.p5m	Thu Jan 29 09:22:33 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,44 +0,0 @@
-#
-# CDDL HEADER START
-#
-# The contents of this file are subject to the terms of the
-# Common Development and Distribution License (the "License").
-# You may not use this file except in compliance with the License.
-#
-# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
-# or http://www.opensolaris.org/os/licensing.
-# See the License for the specific language governing permissions
-# and limitations under the License.
-#
-# When distributing Covered Code, include this CDDL HEADER in each
-# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
-# If applicable, add the following below this CDDL HEADER, with the
-# fields enclosed by brackets "[]" replaced with your own identifying
-# information: Portions Copyright [yyyy] [name of copyright owner]
-#
-# CDDL HEADER END
-#
-# Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
-#
-
-set name=pkg.fmri \
-    value=pkg:/library/perl-5/[email protected]$(IPS_COMPONENT_VERSION),$(BUILD_VERSION)
-set name=pkg.summary \
-    value="Perl 5.12 bindings for the Open implementation of SCAP"
-set name=com.oracle.info.description \
-    value="Perl 5.12 bindings for the Open implementation of SCAP"
-set name=com.oracle.info.tpno value=$(TPNO)
-set name=info.classification value=org.opensolaris.category.2008:System/Security
-set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
-set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
-set name=org.opensolaris.arc-caseid value=PSARC/2012/152
-set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
-
-
-file path=usr/perl5/vendor_perl/$(PERL_VERSION)/$(PERL_ARCH)/_openscap_pm.so
-file path=usr/perl5/vendor_perl/$(PERL_VERSION)/openscap.pm
-license openscap.license license="LGPLv2.1, LGPLv3, OVAL"
-
-# force a dependency on the Perl $(PERL_VERSION) runtime
-depend type=require fmri=__TBD pkg.debug.depend.file=perl \
-    pkg.debug.depend.path=usr/perl5/$(PERL_VERSION)/bin
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/openscap-perl-PERLVER.p5m	Thu Jan 29 11:15:54 2015 -0800
@@ -0,0 +1,44 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
+#
+
+set name=pkg.fmri \
+    value=pkg:/library/perl-5/openscap-$(PLV)@$(IPS_COMPONENT_VERSION),$(BUILD_VERSION)
+set name=pkg.summary \
+    value="Perl $(PERLVER) bindings for the Open implementation of SCAP"
+set name=com.oracle.info.description \
+    value="Perl $(PERLVER) bindings for the Open implementation of SCAP"
+set name=com.oracle.info.tpno value=$(TPNO)
+set name=info.classification value=org.opensolaris.category.2008:System/Security
+set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
+set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
+set name=org.opensolaris.arc-caseid value=PSARC/2012/152
+set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
+
+
+file path=usr/perl5/vendor_perl/$(PERLVER)/$(PERL_ARCH)/_openscap_pm.so
+file path=usr/perl5/vendor_perl/$(PERLVER)/openscap.pm
+license openscap.license license="LGPLv2.1, LGPLv3, OVAL"
+
+# force a dependency on the Perl $(PERLVER) runtime
+depend type=require fmri=__TBD pkg.debug.depend.file=perl \
+    pkg.debug.depend.path=usr/perl5/$(PERLVER)/bin
--- a/components/openscap/openscap-python-PYVER.p5m	Thu Jan 29 09:22:33 2015 -0800
+++ b/components/openscap/openscap-python-PYVER.p5m	Thu Jan 29 11:15:54 2015 -0800
@@ -36,6 +36,7 @@
 
 
 file path=usr/lib/python$(PYVER)/vendor-packages/_openscap_py.so
+file path=usr/lib/python$(PYVER)/vendor-packages/64/_openscap_py.so
 file path=usr/lib/python$(PYVER)/vendor-packages/openscap.py
 file path=usr/lib/python$(PYVER)/vendor-packages/openscap_api.py
 license openscap.license license="LGPLv2.1, LGPLv3, OVAL"
--- a/components/openscap/openscap.p5m	Thu Jan 29 09:22:33 2015 -0800
+++ b/components/openscap/openscap.p5m	Thu Jan 29 11:15:54 2015 -0800
@@ -22,7 +22,7 @@
 #
 
 <transform file path=usr.*/man/.+ -> default mangler.man.stability uncommitted>
-<transform file path=usr/lib/openscap/.+ ->default mode 0555>
+<transform file path=usr/lib/$(MACH64)/openscap/.+ -> default mode 0555>
 <transform file path=usr/share/docs/openscap/html/.* -> default facet.doc.html true>
 set name=pkg.fmri \
     value=pkg:/security/compliance/[email protected]$(IPS_COMPONENT_VERSION),$(BUILD_VERSION)
@@ -76,32 +76,38 @@
 link path=usr/lib/libopenscap_sce.so target=libopenscap_sce.so.8.4.0
 link path=usr/lib/libopenscap_sce.so.8 target=libopenscap_sce.so.8.4.0
 file path=usr/lib/libopenscap_sce.so.8.4.0
-file path=usr/lib/openscap/probe_dnscache
-file path=usr/lib/openscap/probe_environmentvariable
-file path=usr/lib/openscap/probe_environmentvariable58
-file path=usr/lib/openscap/probe_family
-file path=usr/lib/openscap/probe_file
-file path=usr/lib/openscap/probe_filehash
-file path=usr/lib/openscap/probe_filehash58
-file path=usr/lib/openscap/probe_gconf
-file path=usr/lib/openscap/probe_interface
-file path=usr/lib/openscap/probe_isainfo
-file path=usr/lib/openscap/probe_ldap57
-file path=usr/lib/openscap/probe_package
-file path=usr/lib/openscap/probe_password
-file path=usr/lib/openscap/probe_patch
-file path=usr/lib/openscap/probe_process
-file path=usr/lib/openscap/probe_runlevel
-file path=usr/lib/openscap/probe_shadow
-file path=usr/lib/openscap/probe_smf
-file path=usr/lib/openscap/probe_sysctl
-file path=usr/lib/openscap/probe_system_info
-file path=usr/lib/openscap/probe_textfilecontent
-file path=usr/lib/openscap/probe_textfilecontent54
-file path=usr/lib/openscap/probe_uname
-file path=usr/lib/openscap/probe_variable
-file path=usr/lib/openscap/probe_xinetd
-file path=usr/lib/openscap/probe_xmlfilecontent
+link path=usr/lib/$(MACH64)/libopenscap.so target=libopenscap.so.8.4.0
+link path=usr/lib/$(MACH64)/libopenscap.so.8 target=libopenscap.so.8.4.0
+file path=usr/lib/$(MACH64)/libopenscap.so.8.4.0
+link path=usr/lib/$(MACH64)/libopenscap_sce.so target=libopenscap_sce.so.8.4.0
+link path=usr/lib/$(MACH64)/libopenscap_sce.so.8 target=libopenscap_sce.so.8.4.0
+file path=usr/lib/$(MACH64)/libopenscap_sce.so.8.4.0
+file path=usr/lib/$(MACH64)/openscap/probe_dnscache
+file path=usr/lib/$(MACH64)/openscap/probe_environmentvariable
+file path=usr/lib/$(MACH64)/openscap/probe_environmentvariable58
+file path=usr/lib/$(MACH64)/openscap/probe_family
+file path=usr/lib/$(MACH64)/openscap/probe_file
+file path=usr/lib/$(MACH64)/openscap/probe_filehash
+file path=usr/lib/$(MACH64)/openscap/probe_filehash58
+file path=usr/lib/$(MACH64)/openscap/probe_gconf
+file path=usr/lib/$(MACH64)/openscap/probe_interface
+file path=usr/lib/$(MACH64)/openscap/probe_isainfo
+file path=usr/lib/$(MACH64)/openscap/probe_ldap57
+file path=usr/lib/$(MACH64)/openscap/probe_package
+file path=usr/lib/$(MACH64)/openscap/probe_password
+file path=usr/lib/$(MACH64)/openscap/probe_patch
+file path=usr/lib/$(MACH64)/openscap/probe_process
+file path=usr/lib/$(MACH64)/openscap/probe_runlevel
+file path=usr/lib/$(MACH64)/openscap/probe_shadow
+file path=usr/lib/$(MACH64)/openscap/probe_smf
+file path=usr/lib/$(MACH64)/openscap/probe_sysctl
+file path=usr/lib/$(MACH64)/openscap/probe_system_info
+file path=usr/lib/$(MACH64)/openscap/probe_textfilecontent
+file path=usr/lib/$(MACH64)/openscap/probe_textfilecontent54
+file path=usr/lib/$(MACH64)/openscap/probe_uname
+file path=usr/lib/$(MACH64)/openscap/probe_variable
+file path=usr/lib/$(MACH64)/openscap/probe_xinetd
+file path=usr/lib/$(MACH64)/openscap/probe_xmlfilecontent
 file path=usr/lib/pkgconfig/libopenscap.pc
 file path=usr/share/docs/openscap/html/MurmurHash3_8h_source.html
 file path=usr/share/docs/openscap/html/OVAL_2probes_2SEAP_2generic_2bfind_8h_source.html
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/zz_fixes_for_64bit.patch	Thu Jan 29 11:15:54 2015 -0800
@@ -0,0 +1,49 @@
+This patch is required to build 64-bit versions of openscap on solaris.
+It has not been submitted to upstream, but will be  2015-Feb-15.
+
+--- openscap-1.2.0/configure.ac.~3~	2014-08-08 10:58:39.160398757 -0700
++++ openscap-1.2.0/configure.ac	2014-08-08 10:58:15.703200526 -0700
[email protected]@ -877,7 +877,7 @@
+ #check for atomic functions
+ case $host_cpu in
+ 	i386 | i486 | i586 | i686)
+-		CFLAGS="$CFLAGS  -march=i686"
++#		CFLAGS="$CFLAGS  -march=i686"
+ 		;;
+ esac
+ 
+--- openscap-1.2.0/src/SCE/sce_engine.c.~1~	2014-12-12 10:59:03.676427726 -0800
++++ openscap-1.2.0/src/SCE/sce_engine.c	2014-12-12 11:01:28.358061794 -0800
[email protected]@ -48,6 +48,9 @@
+ #include <sys/prctl.h>
+ #include <limits.h>
+ #include <unistd.h>
++#if defined(__SVR4) && defined(__sun)
++#include <libgen.h>
++#endif
+ 
+ struct sce_check_result
+ {
+--- openscap-1.2.0/src/OVAL/probes/SEAP/_sexp-value.h.~1~	2014-12-19 09:53:15.178129356 -0800
++++ openscap-1.2.0/src/OVAL/probes/SEAP/_sexp-value.h	2014-12-19 09:55:26.268851025 -0800
[email protected]@ -95,6 +95,9 @@
+         uintptr_t nxsz;
+         uint16_t  real;
+         uint16_t  refs;
++#if defined(__sparc) && defined(_LP64)
++	 uint32_t pad_gcc_align_hack;
++#endif
+         SEXP_t    memb[];
+ } __attribute__ ((packed));
+ 
+--- openscap-1.2.0/src/OVAL/probes/independent/system_info.c.~5~	2014-12-19 11:20:58.972279544 -0800
++++ openscap-1.2.0/src/OVAL/probes/independent/system_info.c	2014-12-19 11:23:46.471735971 -0800
[email protected]@ -114,7 +114,7 @@
+ static char *get_mac(const struct ifaddrs *ifa)
+ {
+        struct lifreq lifr;
+-	uint_t physaddrlen = DLPI_PHYSADDR_MAX;
++	size_t physaddrlen = DLPI_PHYSADDR_MAX;
+ 	uchar_t physaddr[DLPI_PHYSADDR_MAX];
+ 	static char mac_buf[DLPI_PHYSADDR_MAX];
+ 	char *str;
--- a/components/openscap/resolve.deps	Thu Jan 29 09:22:33 2015 -0800
+++ b/components/openscap/resolve.deps	Thu Jan 29 11:15:54 2015 -0800
@@ -6,6 +6,7 @@
 library/openldap
 library/pcre
 runtime/perl-512
+runtime/perl-516
 runtime/python-26
 runtime/python-27
 security/compliance/openscap