From je-vv at e.email Tue Jun 27 19:24:33 2023 From: je-vv at e.email (Javier) Date: Tue, 27 Jun 2023 11:24:33 -0600 Subject: [artix-general] texlive-bin upgrade "2023.66984-10 => 2023.66984-12" provoking errors Message-ID: <3187ba92-8f1c-8df8-f708-583a35ed709a@e.email> > (1/6) Updating TeXLive format files... > Can't locate TeXLive/TLUtils.pm in @INC (you may need to install the TeXLive::TLUtils module) (@INC contains: /usr/share/tlpkg /usr/share/texmf-dist/scripts/texlive /usr/lib/perl5/5.36/site_perl /usr/share/perl5/site_perl /usr/lib/perl5/5.36/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5/5.36/core_perl /usr/share/perl5/core_perl) at /usr/bin/fmtutil line 45. > BEGIN failed--compilation aborted at /usr/bin/fmtutil line 45. > error: command failed to execute correctly > (2/6) Updating TeXLive font maps... > Can't locate TeXLive/TLUtils.pm in @INC (you may need to install the TeXLive::TLUtils module) (@INC contains: /usr/share/tlpkg /usr/lib/perl5/5.36/site_perl /usr/share/perl5/site_perl /usr/lib/perl5/5.36/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5/5.36/core_perl /usr/share/perl5/core_perl) at /usr/bin/updmap line 40. > BEGIN failed--compilation aborted at /usr/bin/updmap line 40. > error: command failed to execute correctly Is there a way to avoid it? Are there other packages not getting upgraded which would need upgrade accordingly (justa a matter of waiting for them to show up)? For now, keeping texlive-bin @ 2023.66984-10 avoids the issue... Greetings ! -- Javier -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From somenxavier at posteo.net Tue Jun 27 21:29:50 2023 From: somenxavier at posteo.net (Xavier B.) Date: Tue, 27 Jun 2023 19:29:50 +0000 Subject: [artix-general] texlive-bin upgrade "2023.66984-10 => 2023.66984-12" provoking errors In-Reply-To: <3187ba92-8f1c-8df8-f708-583a35ed709a@e.email> References: <3187ba92-8f1c-8df8-f708-583a35ed709a@e.email> Message-ID: <20230627212950.da5c5706f95a7f841c8ef690@posteo.net> Me too. I hope a solution too. On Tue, 27 Jun 2023 11:24:33 -0600 Javier ha escrit: > > (1/6) Updating TeXLive format files... > > Can't locate TeXLive/TLUtils.pm in @INC (you may need to install the TeXLive::TLUtils module) (@INC contains: /usr/share/tlpkg /usr/share/texmf-dist/scripts/texlive /usr/lib/perl5/5.36/site_perl /usr/share/perl5/site_perl /usr/lib/perl5/5.36/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5/5.36/core_perl /usr/share/perl5/core_perl) at /usr/bin/fmtutil line 45. > > BEGIN failed--compilation aborted at /usr/bin/fmtutil line 45. > > error: command failed to execute correctly > > (2/6) Updating TeXLive font maps... > > Can't locate TeXLive/TLUtils.pm in @INC (you may need to install the TeXLive::TLUtils module) (@INC contains: /usr/share/tlpkg /usr/lib/perl5/5.36/site_perl /usr/share/perl5/site_perl /usr/lib/perl5/5.36/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5/5.36/core_perl /usr/share/perl5/core_perl) at /usr/bin/updmap line 40. > > BEGIN failed--compilation aborted at /usr/bin/updmap line 40. > > error: command failed to execute correctly > > Is there a way to avoid it? Are there other packages not getting upgraded which would need upgrade accordingly (justa a matter of waiting for them to show up)? For now, keeping texlive-bin @ 2023.66984-10 avoids the issue... > > Greetings ! > > -- > Javier From somenxavier at posteo.net Tue Jun 27 23:06:39 2023 From: somenxavier at posteo.net (Xavier B.) Date: Tue, 27 Jun 2023 21:06:39 +0000 Subject: [artix-general] -fstack-protector-strong in packages? Message-ID: <20230627230639.c379136d058644affeb231a4@posteo.net> Hi, I know that arch compiles packages with -fstack-protector-strong option. Are artix packages do the same? Thanks in advance, Xavier From je-vv at e.email Tue Jun 27 23:51:32 2023 From: je-vv at e.email (Javier) Date: Tue, 27 Jun 2023 15:51:32 -0600 Subject: [artix-general] -fstack-protector-strong in packages? In-Reply-To: <20230627230639.c379136d058644affeb231a4@posteo.net> References: <20230627230639.c379136d058644affeb231a4@posteo.net> Message-ID: On 6/27/23 15:06, Xavier B. wrote: > Hi, > > I know that arch compiles packages with -fstack-protector-strong option. Are artix packages do the same? > > Thanks in advance, > > Xavier Unless Arch changes the build flags on all or most packages, see it makepkg.conf [1]: > -fstack-clash-protection Which is the same Artix uses on /etc/makepkg.conf. I think both are in sync... The flags CR [2] was about "stack-clash-protection", not "stack-protector-strong". On gcc options [3]: > -fstack-protector > > Emit extra code to check for buffer overflows, such as stack smashing attacks. This is done by adding a guard variable to functions with vulnerable objects. This includes functions that call alloca, and functions with buffers larger than or equal to 8 bytes. The guards are initialized when a function is entered and then checked when the function exits. If a guard check fails, an error message is printed and the program exits. Only variables that are actually allocated on the stack are considered, optimized away variables or variables allocated in registers don?t count. > -fstack-protector-all > > Like -fstack-protector except that all functions are protected. > -fstack-protector-strong > > Like -fstack-protector but includes additional functions to be protected ? those that have local array definitions, or have references to local frame addresses. Only variables that are actually allocated on the stack are considered, optimized away variables or variables allocated in registers don?t count. > > ... > > -fstack-clash-protection > > Generate code to prevent stack clash style attacks. When this option is enabled, the compiler will only allocate one page of stack space at a time and each page is accessed immediately after allocation. Thus, it prevents allocations from jumping over any stack guard page provided by the operating system. > > Most targets do not fully support stack clash protection. However, on those targets -fstack-clash-protection will protect dynamic stack allocations. -fstack-clash-protection may also provide limited protection for static stack allocations if the target supports -fstack-check=specific. So if I'm not mistaken, the options you were asking for is not used by default on every package built, unless the packages themselves include such flag... -- Javier [1] https://gitlab.archlinux.org/archlinux/packaging/packages/pacman/-/blob/main/makepkg.conf [2] https://gitlab.archlinux.org/archlinux/rfcs/-/merge_requests/3 [3] https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From somenxavier at posteo.net Wed Jun 28 14:51:21 2023 From: somenxavier at posteo.net (Xavier B.) Date: Wed, 28 Jun 2023 12:51:21 +0000 Subject: [artix-general] -fstack-protector-strong in packages? In-Reply-To: References: <20230627230639.c379136d058644affeb231a4@posteo.net> Message-ID: <20230628145121.e26ad0cfcc32dbad301feb03@posteo.net> Wow Thanks a lot, Javier. Xavier On Tue, 27 Jun 2023 15:51:32 -0600 Javier ha escrit: > On 6/27/23 15:06, Xavier B. wrote: > > Hi, > > > > I know that arch compiles packages with -fstack-protector-strong option. Are artix packages do the same? > > > > Thanks in advance, > > > > Xavier > > Unless Arch changes the build flags on all or most packages, see it makepkg.conf [1]: > > > -fstack-clash-protection > > Which is the same Artix uses on /etc/makepkg.conf. I think both are in sync... The flags CR [2] was about "stack-clash-protection", not "stack-protector-strong". On gcc options [3]: > > > -fstack-protector > > > > Emit extra code to check for buffer overflows, such as stack smashing attacks. This is done by adding a guard variable to functions with vulnerable objects. This includes functions that call alloca, and functions with buffers larger than or equal to 8 bytes. The guards are initialized when a function is entered and then checked when the function exits. If a guard check fails, an error message is printed and the program exits. Only variables that are actually allocated on the stack are considered, optimized away variables or variables allocated in registers don?t count. > > -fstack-protector-all > > > > Like -fstack-protector except that all functions are protected. > > -fstack-protector-strong > > > > Like -fstack-protector but includes additional functions to be protected ? those that have local array definitions, or have references to local frame addresses. Only variables that are actually allocated on the stack are considered, optimized away variables or variables allocated in registers don?t count. > > > > ... > > > > -fstack-clash-protection > > > > Generate code to prevent stack clash style attacks. When this option is enabled, the compiler will only allocate one page of stack space at a time and each page is accessed immediately after allocation. Thus, it prevents allocations from jumping over any stack guard page provided by the operating system. > > > > Most targets do not fully support stack clash protection. However, on those targets -fstack-clash-protection will protect dynamic stack allocations. -fstack-clash-protection may also provide limited protection for static stack allocations if the target supports -fstack-check=specific. > > So if I'm not mistaken, the options you were asking for is not used by default on every package built, unless the packages themselves include such flag... > > -- > Javier > > > [1] https://gitlab.archlinux.org/archlinux/packaging/packages/pacman/-/blob/main/makepkg.conf > [2] https://gitlab.archlinux.org/archlinux/rfcs/-/merge_requests/3 > [3] https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html