From 2f52958e02fb96e88999eaa8ab597c763d56c000 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Tue, 28 Dec 2021 15:00:09 +0800 Subject: [PATCH] golang: Update to 1.17.5, add patch Includes fixes for: * CVE-2021-44716: unbounded growth of HTTP/2 header canonicalization cache * CVE-2021-44717: syscall.ForkExec error can close file descriptor 0 Added patches: * 001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch: https://github.com/golang/go/pull/49748 backported for Go 1.17, this removes the requirement for the gold linker when building Go programs that use Go plugins on arm/arm64 Signed-off-by: Jeffery To (cherry picked from commit eac2e91a285e9df119ce1aac0f4fe340cc54a6e4) --- lang/golang/golang/Makefile | 4 +-- ...-ARM-ARM64-only-if-gold-is-available.patch | 35 +++++++++++++++++++ 2 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch diff --git a/lang/golang/golang/Makefile b/lang/golang/golang/Makefile index 30979fe7c6..dddd981c24 100644 --- a/lang/golang/golang/Makefile +++ b/lang/golang/golang/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk GO_VERSION_MAJOR_MINOR:=1.17 -GO_VERSION_PATCH:=3 +GO_VERSION_PATCH:=5 PKG_NAME:=golang PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH)) @@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \ PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz PKG_SOURCE_URL:=$(GO_SOURCE_URLS) -PKG_HASH:=705c64251e5b25d5d55ede1039c6aa22bea40a7a931d14c370339853643c3df0 +PKG_HASH:=3defb9a09bed042403195e872dcbc8c6fae1485963332279668ec52e80a95a2d PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause diff --git a/lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch b/lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch new file mode 100644 index 0000000000..bfd861f224 --- /dev/null +++ b/lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch @@ -0,0 +1,35 @@ +This is https://github.com/golang/go/pull/49748 backported for Go 1.17. + +--- a/src/cmd/link/internal/ld/lib.go ++++ b/src/cmd/link/internal/ld/lib.go +@@ -1388,23 +1388,18 @@ func (ctxt *Link) hostlink() { + } + + if ctxt.Arch.InFamily(sys.ARM, sys.ARM64) && buildcfg.GOOS == "linux" { +- // On ARM, the GNU linker will generate COPY relocations +- // even with -znocopyreloc set. ++ // On ARM, older versions of the GNU linker will generate ++ // COPY relocations even with -znocopyreloc set. + // https://sourceware.org/bugzilla/show_bug.cgi?id=19962 + // +- // On ARM64, the GNU linker will fail instead of +- // generating COPY relocations. ++ // On ARM64, older versions of the GNU linker will fail ++ // instead of generating COPY relocations. + // +- // In both cases, switch to gold. +- altLinker = "gold" +- +- // If gold is not installed, gcc will silently switch +- // back to ld.bfd. So we parse the version information +- // and provide a useful error if gold is missing. ++ // In both cases, switch to gold if gold is available. + cmd := exec.Command(*flagExtld, "-fuse-ld=gold", "-Wl,--version") + if out, err := cmd.CombinedOutput(); err == nil { +- if !bytes.Contains(out, []byte("GNU gold")) { +- log.Fatalf("ARM external linker must be gold (issue #15696), but is not: %s", out) ++ if bytes.Contains(out, []byte("GNU gold")) { ++ altLinker = "gold" + } + } + } -- 2.30.2