From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: 01/02: gnu: libressl: Update to 2.5.3. Date: Thu, 13 Apr 2017 17:08:29 +0200 Message-ID: <87mvbkny4y.fsf@gnu.org> References: <20170412011114.29557.46901@vcs0.savannah.gnu.org> <20170412011115.CE2FF220BE@vcs0.savannah.gnu.org> <87pogioukr.fsf@netris.org> <20170412152029.GA5920@jasmine> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:46007) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cygMN-0007ik-PC for guix-devel@gnu.org; Thu, 13 Apr 2017 11:08:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cygMK-0000AB-F4 for guix-devel@gnu.org; Thu, 13 Apr 2017 11:08:35 -0400 In-Reply-To: <20170412152029.GA5920@jasmine> (Leo Famulari's message of "Wed, 12 Apr 2017 11:20:29 -0400") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Leo Famulari Cc: guix-devel@gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Leo Famulari skribis: > This is libressl-portable bug #290: > > https://github.com/libressl-portable/portable/issues/290 > > There is a problem with using getentropy() or getrandom() from > glibc-2.25 with Linux < 3.17, when these syscalls where introduced. > Basically, glibc will return ENOSYS, which applications are not handling > properly. > > I expect the build to succeed on armhf, where I believe the builders > have kernels > 3.17. > > In the case of libressl, the developers have closed as WONTFIX, although > perhaps they could be persuaded to make libressl handle ENOSYS somehow. > > Cpython hit the same problem, and they worked around it. This means that > the Python interpreters Hydra builds for x86_64 and i686 not use the new > getentropy() / getrandom() syscalls, even though many Guix users and > probably all GuixSD users have more recent kernels: > > https://bugs.python.org/issue29157 > > Can we disable the build on Hydra without marking the package as > non-substitutable? A simple approach is to force LibreSSL to always use its non-getentropy code, and lift this restriction once we clearly require newer kernels=C2=B9. The attached patch does that. Thoughts? Thanks, Ludo=E2=80=99. =C2=B9 We currently build libc with "--enable-kernel=3D2.6.32", and this is pretty much what defines our minimal kernel version requirement. --=-=-= Content-Type: text/x-patch Content-Disposition: inline diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 1c99a3ad7..5fe35a535 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -442,6 +442,10 @@ required structures.") (base32 "0c4awq45cl757fv7f7f75i5i0ibc6v7ns13n7xvfak7chv2lrqql")))) (build-system gnu-build-system) + (arguments + ;; Do as if 'getentropy' was missing since older Linux kernels lack it + ;; and libc would return ENOSYS, which is not properly handled. + '(#:configure-flags '("ac_cv_func_getentropy=no"))) (native-search-paths ;; FIXME: These two variables must designate a single file or directory ;; and are not actually "search paths." In practice it works OK in --=-=-=--