From 77d20dcc781818adc3ec092b5793341ec973b30f Mon Sep 17 00:00:00 2001 From: Zhao Hang Date: Thu, 5 Dec 2024 09:53:30 +0800 Subject: [PATCH 1/5] [CVE]update to python3-3.6.8-69.src.rpm to #IB97DI update to python3-3.6.8-69.src.rpm for CVE-2024-9287 CVE-2024-11168 Project: TC2024080204 Signed-off-by: Zhao Hang --- ...e-strings-in-venv-activation-scripts.patch | 281 ++++++++++++++++++ 00444-security-fix-for-cve-2024-11168.patch | 110 +++++++ 1001-python3-anolis-add-loongarch.patch | 12 - 1002-fix-faulthandler_register-stack.patch | 43 --- ...-by-value-for-structs-on-loongarch64.patch | 39 --- Python-3.6.8-sw.patch | 45 --- add-anolis-platform.patch | 12 - python3.spec | 63 ++-- 8 files changed, 422 insertions(+), 183 deletions(-) create mode 100644 00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch create mode 100644 00444-security-fix-for-cve-2024-11168.patch delete mode 100644 1001-python3-anolis-add-loongarch.patch delete mode 100644 1002-fix-faulthandler_register-stack.patch delete mode 100644 1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch delete mode 100644 Python-3.6.8-sw.patch delete mode 100644 add-anolis-platform.patch diff --git a/00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch b/00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch new file mode 100644 index 0000000..aa44096 --- /dev/null +++ b/00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch @@ -0,0 +1,281 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Victor Stinner +Date: Fri, 1 Nov 2024 14:11:47 +0100 +Subject: [PATCH] 00443: gh-124651: Quote template strings in `venv` activation + scripts + +(cherry picked from 3.9) +--- + Lib/test/test_venv.py | 82 +++++++++++++++++++ + Lib/venv/__init__.py | 42 ++++++++-- + Lib/venv/scripts/common/activate | 8 +- + Lib/venv/scripts/posix/activate.csh | 8 +- + Lib/venv/scripts/posix/activate.fish | 8 +- + ...-09-28-02-03-04.gh-issue-124651.bLBGtH.rst | 1 + + 6 files changed, 132 insertions(+), 17 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst + +diff --git a/Lib/test/test_venv.py b/Lib/test/test_venv.py +index 842470fef0..67fdcd86bb 100644 +--- a/Lib/test/test_venv.py ++++ b/Lib/test/test_venv.py +@@ -13,6 +13,8 @@ import struct + import subprocess + import sys + import tempfile ++import shlex ++import shutil + from test.support import (captured_stdout, captured_stderr, requires_zlib, + can_symlink, EnvironmentVarGuard, rmtree) + import unittest +@@ -80,6 +82,10 @@ class BaseTest(unittest.TestCase): + result = f.read() + return result + ++ def assertEndsWith(self, string, tail): ++ if not string.endswith(tail): ++ self.fail(f"String {string!r} does not end with {tail!r}") ++ + class BasicTest(BaseTest): + """Test venv module functionality.""" + +@@ -293,6 +299,82 @@ class BasicTest(BaseTest): + 'import sys; print(sys.executable)']) + self.assertEqual(out.strip(), envpy.encode()) + ++ # gh-124651: test quoted strings ++ @unittest.skipIf(os.name == 'nt', 'contains invalid characters on Windows') ++ def test_special_chars_bash(self): ++ """ ++ Test that the template strings are quoted properly (bash) ++ """ ++ rmtree(self.env_dir) ++ bash = shutil.which('bash') ++ if bash is None: ++ self.skipTest('bash required for this test') ++ env_name = '"\';&&$e|\'"' ++ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name) ++ builder = venv.EnvBuilder(clear=True) ++ builder.create(env_dir) ++ activate = os.path.join(env_dir, self.bindir, 'activate') ++ test_script = os.path.join(self.env_dir, 'test_special_chars.sh') ++ with open(test_script, "w") as f: ++ f.write(f'source {shlex.quote(activate)}\n' ++ 'python -c \'import sys; print(sys.executable)\'\n' ++ 'python -c \'import os; print(os.environ["VIRTUAL_ENV"])\'\n' ++ 'deactivate\n') ++ out, err = check_output([bash, test_script]) ++ lines = out.splitlines() ++ self.assertTrue(env_name.encode() in lines[0]) ++ self.assertEndsWith(lines[1], env_name.encode()) ++ ++ # gh-124651: test quoted strings ++ @unittest.skipIf(os.name == 'nt', 'contains invalid characters on Windows') ++ def test_special_chars_csh(self): ++ """ ++ Test that the template strings are quoted properly (csh) ++ """ ++ rmtree(self.env_dir) ++ csh = shutil.which('tcsh') or shutil.which('csh') ++ if csh is None: ++ self.skipTest('csh required for this test') ++ env_name = '"\';&&$e|\'"' ++ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name) ++ builder = venv.EnvBuilder(clear=True) ++ builder.create(env_dir) ++ activate = os.path.join(env_dir, self.bindir, 'activate.csh') ++ test_script = os.path.join(self.env_dir, 'test_special_chars.csh') ++ with open(test_script, "w") as f: ++ f.write(f'source {shlex.quote(activate)}\n' ++ 'python -c \'import sys; print(sys.executable)\'\n' ++ 'python -c \'import os; print(os.environ["VIRTUAL_ENV"])\'\n' ++ 'deactivate\n') ++ out, err = check_output([csh, test_script]) ++ lines = out.splitlines() ++ self.assertTrue(env_name.encode() in lines[0]) ++ self.assertEndsWith(lines[1], env_name.encode()) ++ ++ # gh-124651: test quoted strings on Windows ++ @unittest.skipUnless(os.name == 'nt', 'only relevant on Windows') ++ def test_special_chars_windows(self): ++ """ ++ Test that the template strings are quoted properly on Windows ++ """ ++ rmtree(self.env_dir) ++ env_name = "'&&^$e" ++ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name) ++ builder = venv.EnvBuilder(clear=True) ++ builder.create(env_dir) ++ activate = os.path.join(env_dir, self.bindir, 'activate.bat') ++ test_batch = os.path.join(self.env_dir, 'test_special_chars.bat') ++ with open(test_batch, "w") as f: ++ f.write('@echo off\n' ++ f'"{activate}" & ' ++ f'{self.exe} -c "import sys; print(sys.executable)" & ' ++ f'{self.exe} -c "import os; print(os.environ[\'VIRTUAL_ENV\'])" & ' ++ 'deactivate') ++ out, err = check_output([test_batch]) ++ lines = out.splitlines() ++ self.assertTrue(env_name.encode() in lines[0]) ++ self.assertEndsWith(lines[1], env_name.encode()) ++ + @unittest.skipUnless(os.name == 'nt', 'only relevant on Windows') + def test_unicode_in_batch_file(self): + """ +diff --git a/Lib/venv/__init__.py b/Lib/venv/__init__.py +index 716129d139..0c44dfd07d 100644 +--- a/Lib/venv/__init__.py ++++ b/Lib/venv/__init__.py +@@ -10,6 +10,7 @@ import shutil + import subprocess + import sys + import types ++import shlex + + logger = logging.getLogger(__name__) + +@@ -280,11 +281,41 @@ class EnvBuilder: + :param context: The information for the environment creation request + being processed. + """ +- text = text.replace('__VENV_DIR__', context.env_dir) +- text = text.replace('__VENV_NAME__', context.env_name) +- text = text.replace('__VENV_PROMPT__', context.prompt) +- text = text.replace('__VENV_BIN_NAME__', context.bin_name) +- text = text.replace('__VENV_PYTHON__', context.env_exe) ++ replacements = { ++ '__VENV_DIR__': context.env_dir, ++ '__VENV_NAME__': context.env_name, ++ '__VENV_PROMPT__': context.prompt, ++ '__VENV_BIN_NAME__': context.bin_name, ++ '__VENV_PYTHON__': context.env_exe, ++ } ++ ++ def quote_ps1(s): ++ """ ++ This should satisfy PowerShell quoting rules [1], unless the quoted ++ string is passed directly to Windows native commands [2]. ++ [1]: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules ++ [2]: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing#passing-arguments-that-contain-quote-characters ++ """ ++ s = s.replace("'", "''") ++ return f"'{s}'" ++ ++ def quote_bat(s): ++ return s ++ ++ # gh-124651: need to quote the template strings properly ++ quote = shlex.quote ++ script_path = context.script_path ++ if script_path.endswith('.ps1'): ++ quote = quote_ps1 ++ elif script_path.endswith('.bat'): ++ quote = quote_bat ++ else: ++ # fallbacks to POSIX shell compliant quote ++ quote = shlex.quote ++ ++ replacements = {key: quote(s) for key, s in replacements.items()} ++ for key, quoted in replacements.items(): ++ text = text.replace(key, quoted) + return text + + def install_scripts(self, context, path): +@@ -321,6 +352,7 @@ class EnvBuilder: + with open(srcfile, 'rb') as f: + data = f.read() + if not srcfile.endswith('.exe'): ++ context.script_path = srcfile + try: + data = data.decode('utf-8') + data = self.replace_variables(data, context) +diff --git a/Lib/venv/scripts/common/activate b/Lib/venv/scripts/common/activate +index fff0765af5..c2e2f968fa 100644 +--- a/Lib/venv/scripts/common/activate ++++ b/Lib/venv/scripts/common/activate +@@ -37,11 +37,11 @@ deactivate () { + # unset irrelevant variables + deactivate nondestructive + +-VIRTUAL_ENV="__VENV_DIR__" ++VIRTUAL_ENV=__VENV_DIR__ + export VIRTUAL_ENV + + _OLD_VIRTUAL_PATH="$PATH" +-PATH="$VIRTUAL_ENV/__VENV_BIN_NAME__:$PATH" ++PATH="$VIRTUAL_ENV/"__VENV_BIN_NAME__":$PATH" + export PATH + + # unset PYTHONHOME if set +@@ -54,8 +54,8 @@ fi + + if [ -z "${VIRTUAL_ENV_DISABLE_PROMPT:-}" ] ; then + _OLD_VIRTUAL_PS1="${PS1:-}" +- if [ "x__VENV_PROMPT__" != x ] ; then +- PS1="__VENV_PROMPT__${PS1:-}" ++ if [ "x"__VENV_PROMPT__ != x ] ; then ++ PS1=__VENV_PROMPT__"${PS1:-}" + else + if [ "`basename \"$VIRTUAL_ENV\"`" = "__" ] ; then + # special case for Aspen magic directories +diff --git a/Lib/venv/scripts/posix/activate.csh b/Lib/venv/scripts/posix/activate.csh +index b0c7028a92..0e90d54008 100644 +--- a/Lib/venv/scripts/posix/activate.csh ++++ b/Lib/venv/scripts/posix/activate.csh +@@ -8,17 +8,17 @@ alias deactivate 'test $?_OLD_VIRTUAL_PATH != 0 && setenv PATH "$_OLD_VIRTUAL_PA + # Unset irrelevant variables. + deactivate nondestructive + +-setenv VIRTUAL_ENV "__VENV_DIR__" ++setenv VIRTUAL_ENV __VENV_DIR__ + + set _OLD_VIRTUAL_PATH="$PATH" +-setenv PATH "$VIRTUAL_ENV/__VENV_BIN_NAME__:$PATH" ++setenv PATH "$VIRTUAL_ENV/"__VENV_BIN_NAME__":$PATH" + + + set _OLD_VIRTUAL_PROMPT="$prompt" + + if (! "$?VIRTUAL_ENV_DISABLE_PROMPT") then +- if ("__VENV_NAME__" != "") then +- set env_name = "__VENV_NAME__" ++ if (__VENV_NAME__ != "") then ++ set env_name = __VENV_NAME__ + else + if (`basename "VIRTUAL_ENV"` == "__") then + # special case for Aspen magic directories +diff --git a/Lib/venv/scripts/posix/activate.fish b/Lib/venv/scripts/posix/activate.fish +index 4d4f0bd7a4..0407f9c7be 100644 +--- a/Lib/venv/scripts/posix/activate.fish ++++ b/Lib/venv/scripts/posix/activate.fish +@@ -29,10 +29,10 @@ end + # unset irrelevant variables + deactivate nondestructive + +-set -gx VIRTUAL_ENV "__VENV_DIR__" ++set -gx VIRTUAL_ENV __VENV_DIR__ + + set -gx _OLD_VIRTUAL_PATH $PATH +-set -gx PATH "$VIRTUAL_ENV/__VENV_BIN_NAME__" $PATH ++set -gx PATH "$VIRTUAL_ENV/"__VENV_BIN_NAME__ $PATH + + # unset PYTHONHOME if set + if set -q PYTHONHOME +@@ -52,8 +52,8 @@ if test -z "$VIRTUAL_ENV_DISABLE_PROMPT" + set -l old_status $status + + # Prompt override? +- if test -n "__VENV_PROMPT__" +- printf "%s%s" "__VENV_PROMPT__" (set_color normal) ++ if test -n __VENV_PROMPT__ ++ printf "%s%s" __VENV_PROMPT__ (set_color normal) + else + # ...Otherwise, prepend env + set -l _checkbase (basename "$VIRTUAL_ENV") +diff --git a/Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst b/Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst +new file mode 100644 +index 0000000000..17fc917139 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst +@@ -0,0 +1 @@ ++Properly quote template strings in :mod:`venv` activation scripts. diff --git a/00444-security-fix-for-cve-2024-11168.patch b/00444-security-fix-for-cve-2024-11168.patch new file mode 100644 index 0000000..d447c86 --- /dev/null +++ b/00444-security-fix-for-cve-2024-11168.patch @@ -0,0 +1,110 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Tue, 9 May 2023 23:35:24 -0700 +Subject: [PATCH] 00444: Security fix for CVE-2024-11168 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +gh-103848: Adds checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format (GH-103849) + +Tests are adjusted because Python <3.9 don't support scoped IPv6 addresses. + +(cherry picked from commit 29f348e232e82938ba2165843c448c2b291504c5) + +Co-authored-by: JohnJamesUtley <81572567+JohnJamesUtley@users.noreply.github.com> +Co-authored-by: Gregory P. Smith +Co-authored-by: Lumír Balhar +--- + Lib/test/test_urlparse.py | 26 +++++++++++++++++++ + Lib/urllib/parse.py | 15 +++++++++++ + ...-04-26-09-54-25.gh-issue-103848.aDSnpR.rst | 2 ++ + 3 files changed, 43 insertions(+) + create mode 100644 Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst + +diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py +index 7fd61ffea9..090d2f17bf 100644 +--- a/Lib/test/test_urlparse.py ++++ b/Lib/test/test_urlparse.py +@@ -1076,6 +1076,32 @@ class UrlParseTestCase(unittest.TestCase): + self.assertEqual(p2.scheme, 'tel') + self.assertEqual(p2.path, '+31641044153') + ++ def test_invalid_bracketed_hosts(self): ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[192.0.2.146]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[important.com:8000]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v123r.IP]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v12ae]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v.IP]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v123.]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af::2309::fae7:1234]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af:2309::fae7:1234:2342:438e:192.0.2.146]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@]v6a.ip[/Path') ++ ++ def test_splitting_bracketed_hosts(self): ++ p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]/path?query') ++ self.assertEqual(p1.hostname, 'v6a.ip') ++ self.assertEqual(p1.username, 'user') ++ self.assertEqual(p1.path, '/path') ++ p2 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7]/path?query') ++ self.assertEqual(p2.hostname, '0439:23af:2309::fae7') ++ self.assertEqual(p2.username, 'user') ++ self.assertEqual(p2.path, '/path') ++ p3 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7:1234:192.0.2.146]/path?query') ++ self.assertEqual(p3.hostname, '0439:23af:2309::fae7:1234:192.0.2.146') ++ self.assertEqual(p3.username, 'user') ++ self.assertEqual(p3.path, '/path') ++ + def test_telurl_params(self): + p1 = urllib.parse.urlparse('tel:123-4;phone-context=+1-650-516') + self.assertEqual(p1.scheme, 'tel') +diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py +index 717e990997..bf186b7984 100644 +--- a/Lib/urllib/parse.py ++++ b/Lib/urllib/parse.py +@@ -34,6 +34,7 @@ It serves as a useful guide when making changes. + import os + import sys + import collections ++import ipaddress + + __all__ = ["urlparse", "urlunparse", "urljoin", "urldefrag", + "urlsplit", "urlunsplit", "urlencode", "parse_qs", +@@ -425,6 +426,17 @@ def _remove_unsafe_bytes_from_url(url): + url = url.replace(b, "") + return url + ++# Valid bracketed hosts are defined in ++# https://www.rfc-editor.org/rfc/rfc3986#page-49 and https://url.spec.whatwg.org/ ++def _check_bracketed_host(hostname): ++ if hostname.startswith('v'): ++ if not re.match(r"\Av[a-fA-F0-9]+\..+\Z", hostname): ++ raise ValueError(f"IPvFuture address is invalid") ++ else: ++ ip = ipaddress.ip_address(hostname) # Throws Value Error if not IPv6 or IPv4 ++ if isinstance(ip, ipaddress.IPv4Address): ++ raise ValueError(f"An IPv4 address cannot be in brackets") ++ + def urlsplit(url, scheme='', allow_fragments=True): + """Parse a URL into 5 components: + :///?# +@@ -480,6 +492,9 @@ def urlsplit(url, scheme='', allow_fragments=True): + if (('[' in netloc and ']' not in netloc) or + (']' in netloc and '[' not in netloc)): + raise ValueError("Invalid IPv6 URL") ++ if '[' in netloc and ']' in netloc: ++ bracketed_host = netloc.partition('[')[2].partition(']')[0] ++ _check_bracketed_host(bracketed_host) + if allow_fragments and '#' in url: + url, fragment = url.split('#', 1) + if '?' in url: +diff --git a/Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst b/Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst +new file mode 100644 +index 0000000000..81e5904aa6 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst +@@ -0,0 +1,2 @@ ++Add checks to ensure that ``[`` bracketed ``]`` hosts found by ++:func:`urllib.parse.urlsplit` are of IPv6 or IPvFuture format. diff --git a/1001-python3-anolis-add-loongarch.patch b/1001-python3-anolis-add-loongarch.patch deleted file mode 100644 index 3a1e801..0000000 --- a/1001-python3-anolis-add-loongarch.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nurp Python-3.6.8.orig/configure.ac Python-3.6.8/configure.ac ---- Python-3.6.8.orig/configure.ac 2021-01-07 07:03:34.660156250 +0000 -+++ Python-3.6.8/configure.ac 2021-01-07 07:04:44.785156250 +0000 -@@ -824,6 +824,8 @@ cat >> conftest.c < -Date: Wed, 14 Aug 2019 23:35:27 +0200 -Subject: [PATCH] bpo-21131: Fix faulthandler.register(chain=True) stack - (GH-15276) - -faulthandler now allocates a dedicated stack of SIGSTKSZ*2 bytes, -instead of just SIGSTKSZ bytes. Calling the previous signal handler -in faulthandler signal handler uses more than SIGSTKSZ bytes of stack -memory on some platforms. ---- - .../next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst | 4 ++++ - Modules/faulthandler.c | 6 +++++- - 2 files changed, 9 insertions(+), 1 deletion(-) - create mode 100644 Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst - -diff --git a/Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst b/Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst -new file mode 100644 -index 000000000000..d330aca1c17d ---- /dev/null -+++ b/Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst -@@ -0,0 +1,4 @@ -+Fix ``faulthandler.register(chain=True)`` stack. faulthandler now allocates a -+dedicated stack of ``SIGSTKSZ*2`` bytes, instead of just ``SIGSTKSZ`` bytes. -+Calling the previous signal handler in faulthandler signal handler uses more -+than ``SIGSTKSZ`` bytes of stack memory on some platforms. -diff --git a/Modules/faulthandler.c b/Modules/faulthandler.c -index 2331051f7907..5dbbcad057e6 100644 ---- a/Modules/faulthandler.c -+++ b/Modules/faulthandler.c -@@ -1325,7 +1325,11 @@ _PyFaulthandler_Init(int enable) - * be able to allocate memory on the stack, even on a stack overflow. If it - * fails, ignore the error. */ - stack.ss_flags = 0; -- stack.ss_size = SIGSTKSZ; -+ /* bpo-21131: allocate dedicated stack of SIGSTKSZ*2 bytes, instead of just -+ SIGSTKSZ bytes. Calling the previous signal handler in faulthandler -+ signal handler uses more than SIGSTKSZ bytes of stack memory on some -+ platforms. */ -+ stack.ss_size = SIGSTKSZ * 2; - stack.ss_sp = PyMem_Malloc(stack.ss_size); - if (stack.ss_sp != NULL) { - err = sigaltstack(&stack, &old_stack); diff --git a/1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch b/1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch deleted file mode 100644 index 2b3cd0d..0000000 --- a/1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 52b9fb9288eaec8d1b9eaa756c4079ed7e5baf5f Mon Sep 17 00:00:00 2001 -From: Liwei Ge -Date: Wed, 28 Sep 2022 17:50:16 +0800 -Subject: [PATCH] ctypes: pass by value for structs on loongarch64 - ---- - Lib/test/test_sysconfig.py | 2 +- - Modules/_ctypes/callproc.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py -index 90e6719..384fe39 100644 ---- a/Lib/test/test_sysconfig.py -+++ b/Lib/test/test_sysconfig.py -@@ -407,7 +407,7 @@ class TestSysConfig(unittest.TestCase): - import platform, re - machine = platform.machine() - suffix = sysconfig.get_config_var('EXT_SUFFIX') -- if re.match('(aarch64|arm|mips|ppc|powerpc|s390|sparc)', machine): -+ if re.match('(aarch64|arm|loongarch64|mips|ppc|powerpc|s390|sparc)', machine): - self.assertTrue('linux' in suffix, suffix) - if re.match('(i[3-6]86|x86_64)$', machine): - if ctypes.sizeof(ctypes.c_char_p()) == 4: -diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c -index 2bb289b..7b3577f 100644 ---- a/Modules/_ctypes/callproc.c -+++ b/Modules/_ctypes/callproc.c -@@ -1050,7 +1050,7 @@ GetComError(HRESULT errcode, GUID *riid, IUnknown *pIunk) - #endif - - #if (defined(__x86_64__) && (defined(__MINGW64__) || defined(__CYGWIN__))) || \ -- defined(__aarch64__) -+ defined(__aarch64__) || defined(__loongarch__) - #define CTYPES_PASS_BY_REF_HACK - #define POW2(x) (((x & ~(x - 1)) == x) ? x : 0) - #define IS_PASS_BY_REF(x) (x > 8 || !POW2(x)) --- -2.27.0 - diff --git a/Python-3.6.8-sw.patch b/Python-3.6.8-sw.patch deleted file mode 100644 index 1925652..0000000 --- a/Python-3.6.8-sw.patch +++ /dev/null @@ -1,45 +0,0 @@ -diff -Naur Python-3.6.8.org/configure.ac Python-3.6.8.sw/configure.ac ---- Python-3.6.8.org/configure.ac 2023-05-17 15:31:40.509671581 +0800 -+++ Python-3.6.8.sw/configure.ac 2023-05-17 15:33:36.428751614 +0800 -@@ -784,6 +784,8 @@ - # else - aarch64_be-linux-gnu - # endif -+# elif defined(__sw_64__) -+ sw_64-linux-gnu - # elif defined(__alpha__) - alpha-linux-gnu - # elif defined(__ARM_EABI__) && defined(__ARM_PCS_VFP) -@@ -1808,7 +1810,7 @@ - # support. Without this, treatment of subnormals doesn't follow - # the standard. - case $host in -- alpha*) -+ alpha* | sw_64* ) - BASECFLAGS="$BASECFLAGS -mieee" - ;; - esac -diff -Naur Python-3.6.8.org/Lib/test/test_sysconfig.py Python-3.6.8.sw/Lib/test/test_sysconfig.py ---- Python-3.6.8.org/Lib/test/test_sysconfig.py 2023-05-17 15:31:40.495671088 +0800 -+++ Python-3.6.8.sw/Lib/test/test_sysconfig.py 2023-05-17 15:34:19.362262761 +0800 -@@ -407,7 +407,7 @@ - import platform, re - machine = platform.machine() - suffix = sysconfig.get_config_var('EXT_SUFFIX') -- if re.match('(aarch64|arm|loongarch64|mips|ppc|powerpc|s390|sparc)', machine): -+ if re.match('(aarch64|arm|sw_64|loongarch64|mips|ppc|powerpc|s390|sparc)', machine): - self.assertTrue('linux' in suffix, suffix) - if re.match('(i[3-6]86|x86_64)$', machine): - if ctypes.sizeof(ctypes.c_char_p()) == 4: -diff -Naur Python-3.6.8.org/Modules/_ctypes/callproc.c Python-3.6.8.sw/Modules/_ctypes/callproc.c ---- Python-3.6.8.org/Modules/_ctypes/callproc.c 2023-05-17 15:31:40.495671088 +0800 -+++ Python-3.6.8.sw/Modules/_ctypes/callproc.c 2023-05-17 15:37:29.182943941 +0800 -@@ -1050,7 +1050,7 @@ - #endif - - #if (defined(__x86_64__) && (defined(__MINGW64__) || defined(__CYGWIN__))) || \ -- defined(__aarch64__) || defined(__loongarch__) -+ defined(__aarch64__) || defined(__loongarch__) || defined(__sw_64__) - #define CTYPES_PASS_BY_REF_HACK - #define POW2(x) (((x & ~(x - 1)) == x) ? x : 0) - #define IS_PASS_BY_REF(x) (x > 8 || !POW2(x)) diff --git a/add-anolis-platform.patch b/add-anolis-platform.patch deleted file mode 100644 index 9952007..0000000 --- a/add-anolis-platform.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nur Python-3.6.8/Lib/platform.py Python-3.6.8.new/Lib/platform.py ---- Python-3.6.8/Lib/platform.py 2018-12-24 05:37:14.000000000 +0800 -+++ Python-3.6.8.new/Lib/platform.py 2020-11-26 11:18:27.345369745 +0800 -@@ -297,7 +297,7 @@ - # and http://www.die.net/doc/linux/man/man1/lsb_release.1.html - - _supported_dists = ( -- 'SuSE', 'debian', 'fedora', 'redhat', 'centos', -+ 'SuSE', 'debian', 'fedora', 'redhat', 'centos', 'anolis', - 'mandrake', 'mandriva', 'rocks', 'slackware', 'yellowdog', 'gentoo', - 'UnitedLinux', 'turbolinux', 'arch', 'mageia') - diff --git a/python3.spec b/python3.spec index 5605027..4ead1b4 100644 --- a/python3.spec +++ b/python3.spec @@ -1,4 +1,3 @@ -%define anolis_release .0.1 # ================== # Top-level metadata # ================== @@ -15,7 +14,7 @@ URL: https://www.python.org/ # WARNING When rebasing to a new Python version, # remember to update the python3-docs package as well Version: %{pybasever}.8 -Release: 67%{anolis_release}%{?dist} +Release: 69%{?dist} License: Python @@ -174,15 +173,11 @@ License: Python # need different filenames. Use "64" or "32" according to the word size. # Currently, the best way to determine an architecture's word size happens to # be checking %%{_lib}. -%ifnarch sw_64 %if "%{_lib}" == "lib64" %global wordsize 64 %else %global wordsize 32 %endif -%else -%global wordsize 64 -%endif # %ifnarch sw_64 # ======================= @@ -283,7 +278,7 @@ Source13: unversioned-python.1 # 00001 # # Fixup distutils/unixccompiler.py to remove standard library path from rpath: # Was Patch0 in ivazquez' python3000 specfile: -Patch1: 00001-rpath.patch +Patch1: 00001-rpath.patch # 00102 # # Change the various install paths to use /usr/lib64/ instead or /usr/lib @@ -909,6 +904,20 @@ Patch435: 00435-cve-2024-6923.patch # Cherry-picked from 3.8. Patch437: 00437-cve-2024-6232.patch +# 00443 # 49e939f29e3551ec4e7bdb2cc8b8745e3d1fca35 +# gh-124651: Quote template strings in `venv` activation scripts +# +# (cherry picked from 3.9) +Patch443: 00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch + +# 00444 # fed0071c8c86599091f93967a5fa2cce42ceb840 +# Security fix for CVE-2024-11168 +# +# gh-103848: Adds checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format (GH-103849) +# +# Tests are adjusted because Python <3.9 don't support scoped IPv6 addresses. +Patch444: 00444-security-fix-for-cve-2024-11168.patch + # (New patches go here ^^^) # # When adding new patches to "python" and "python3" in Fedora, EL, etc., @@ -918,13 +927,6 @@ Patch437: 00437-cve-2024-6232.patch # # https://fedoraproject.org/wiki/SIGs/Python/PythonPatches -# add anolis platform dist -Patch1000: add-anolis-platform.patch - -Patch1001: 1001-python3-anolis-add-loongarch.patch -Patch1002: 1002-fix-faulthandler_register-stack.patch -Patch1003: 1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch -Patch10000: Python-3.6.8-sw.patch # ========================================== # Descriptions, and metadata for subpackages @@ -971,7 +973,7 @@ Requires: python3-pip-wheel %endif # Require alternatives version that implements the --keep-foreign flag -Requires: alternatives >= 1.19.1-1 +Requires: alternatives >= 1.19.1-1 Requires(post): alternatives >= 1.19.1-1 Requires(postun): alternatives >= 1.19.1-1 @@ -998,7 +1000,7 @@ for example python36. %package libs -Summary: Python runtime libraries +Summary: Python runtime libraries # The "enum" module is included in the standard library. # Provide an upgrade path from the external library. @@ -1247,7 +1249,7 @@ rm Lib/ensurepip/_bundled/*.whl %patch346 -p1 # Patch 351 adds binary file for testing. We need to apply it using Git. -git apply %{PATCH351} +GIT_DIR=$PWD git apply %{PATCH351} %patch352 -p1 %patch353 -p1 @@ -1283,12 +1285,8 @@ git apply %{PATCH351} %patch431 -p1 %patch435 -p1 %patch437 -p1 - -%patch1000 -p1 -%patch1001 -p1 -%patch1002 -p1 -%patch1003 -p1 -%patch10000 -p1 +%patch443 -p1 +%patch444 -p1 # Remove files that should be generated by the build # (This is after patching, so that we can use patches directly from upstream) @@ -2220,12 +2218,13 @@ fi # ====================================================== %changelog -* Fri Sep 27 2024 zhangbinchen - 3.6.8-67.0.1 -- Add Anolis platform -- Support Loongarch for python3 (songmingliang@uniontech.com) -- Fix testcase fails on loongarch64 (geliwei@openanolis.org) -- cherry-pick `add sw patch #1182efa2f05c5804a55d35d45a9d72f97b64a9b2`. (Weisson@linux.alibaba.com) - cherry-pick `sw use python of wordsize 64 #862dabb407d3f98c64f3a9d2675fcd3a6300a21f`. +* Thu Nov 14 2024 Lumír Balhar - 3.6.8-69 +- Security fix for CVE-2024-11168 +Resolves: RHEL-67252 + +* Tue Nov 05 2024 Lumír Balhar - 3.6.8-68 +- Security fix for CVE-2024-9287 +Resolves: RHEL-64878 * Thu Sep 05 2024 Lumír Balhar - 3.6.8-67 - Security fix for CVE-2024-6232 @@ -2371,7 +2370,7 @@ Resolves: rhbz#1890237 * Tue Nov 24 2020 Lumír Balhar - 3.6.8-33 - Add support for upstream architecture names -https://fedoraproject.org/wiki/Changes/Python_Upstream_Architecture_Names +https: //fedoraproject.org/wiki/Changes/Python_Upstream_Architecture_Names Resolves: rhbz#1868003 * Mon Nov 09 2020 Charalampos Stratakis - 3.6.8-32 @@ -3249,7 +3248,7 @@ we get consistent with python2 spec and it's more obvious that we're doing it. keeping few more downstream tests) - Removed patches: 3 (audiotest.au made it to upstream tarball) - Removed workaround for http://bugs.python.org/issue14774, discussed in -http://bugs.python.org/issue15298 and fixed in revision 24d52d3060e8. +http: //bugs.python.org/issue15298 and fixed in revision 24d52d3060e8. * Mon Mar 25 2013 David Malcolm - 3.3.0-10 - fix gcc 4.8 incompatibility (rhbz#927358); regenerate autotool intermediates @@ -3571,7 +3570,7 @@ standard, packaging the debug build in a new "python3-debug" subpackage * Tue Apr 13 2010 David Malcolm - 3.1.2-5 - exclude test_http_cookies when running selftests, due to hang seen on -http://koji.fedoraproject.org/koji/taskinfo?taskID=2088463 (cancelled after +http: //koji.fedoraproject.org/koji/taskinfo?taskID=2088463 (cancelled after 11 hours) - update python-gdb.py from v5 to py3k version submitted upstream -- Gitee From 083f6688469722fc00206faf7a99bee3637eb510 Mon Sep 17 00:00:00 2001 From: songmingliang Date: Fri, 22 Apr 2022 14:46:55 +0800 Subject: [PATCH 2/5] rebrand: add anolis platform distribution --- add-anolis-platform.patch | 12 ++++++++++++ python3.spec | 10 +++++++++- 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 add-anolis-platform.patch diff --git a/add-anolis-platform.patch b/add-anolis-platform.patch new file mode 100644 index 0000000..9952007 --- /dev/null +++ b/add-anolis-platform.patch @@ -0,0 +1,12 @@ +diff -Nur Python-3.6.8/Lib/platform.py Python-3.6.8.new/Lib/platform.py +--- Python-3.6.8/Lib/platform.py 2018-12-24 05:37:14.000000000 +0800 ++++ Python-3.6.8.new/Lib/platform.py 2020-11-26 11:18:27.345369745 +0800 +@@ -297,7 +297,7 @@ + # and http://www.die.net/doc/linux/man/man1/lsb_release.1.html + + _supported_dists = ( +- 'SuSE', 'debian', 'fedora', 'redhat', 'centos', ++ 'SuSE', 'debian', 'fedora', 'redhat', 'centos', 'anolis', + 'mandrake', 'mandriva', 'rocks', 'slackware', 'yellowdog', 'gentoo', + 'UnitedLinux', 'turbolinux', 'arch', 'mageia') + diff --git a/python3.spec b/python3.spec index 4ead1b4..0833a65 100644 --- a/python3.spec +++ b/python3.spec @@ -1,3 +1,4 @@ +%define anolis_release .0.1 # ================== # Top-level metadata # ================== @@ -14,7 +15,7 @@ URL: https://www.python.org/ # WARNING When rebasing to a new Python version, # remember to update the python3-docs package as well Version: %{pybasever}.8 -Release: 69%{?dist} +Release: 69%{anolis_release}%{?dist} License: Python @@ -927,6 +928,8 @@ Patch444: 00444-security-fix-for-cve-2024-11168.patch # # https://fedoraproject.org/wiki/SIGs/Python/PythonPatches +# add anolis platform dist +Patch1000: add-anolis-platform.patch # ========================================== # Descriptions, and metadata for subpackages @@ -1288,6 +1291,8 @@ GIT_DIR=$PWD git apply %{PATCH351} %patch443 -p1 %patch444 -p1 +%patch1000 -p1 + # Remove files that should be generated by the build # (This is after patching, so that we can use patches directly from upstream) rm configure pyconfig.h.in @@ -2218,6 +2223,9 @@ fi # ====================================================== %changelog +* Thu Dec 05 2024 zhangbinchen - 3.6.8-69.0.1 +- Add Anolis platform + * Thu Nov 14 2024 Lumír Balhar - 3.6.8-69 - Security fix for CVE-2024-11168 Resolves: RHEL-67252 -- Gitee From 2893cdeeaaae57e25feac005bd303b006c90662e Mon Sep 17 00:00:00 2001 From: songmingliang Date: Thu, 5 May 2022 15:48:46 +0800 Subject: [PATCH 3/5] add loongarch support Signed-off-by: songmingliang --- 1001-python3-anolis-add-loongarch.patch | 12 ++++++++++++ python3.spec | 4 ++++ 2 files changed, 16 insertions(+) create mode 100644 1001-python3-anolis-add-loongarch.patch diff --git a/1001-python3-anolis-add-loongarch.patch b/1001-python3-anolis-add-loongarch.patch new file mode 100644 index 0000000..3a1e801 --- /dev/null +++ b/1001-python3-anolis-add-loongarch.patch @@ -0,0 +1,12 @@ +diff -Nurp Python-3.6.8.orig/configure.ac Python-3.6.8/configure.ac +--- Python-3.6.8.orig/configure.ac 2021-01-07 07:03:34.660156250 +0000 ++++ Python-3.6.8/configure.ac 2021-01-07 07:04:44.785156250 +0000 +@@ -824,6 +824,8 @@ cat >> conftest.c < - 3.6.8-69.0.1 - Add Anolis platform +- Support Loongarch for python3 (songmingliang@uniontech.com) * Thu Nov 14 2024 Lumír Balhar - 3.6.8-69 - Security fix for CVE-2024-11168 -- Gitee From e8c578a98867182219933c63a555750cb69ddd62 Mon Sep 17 00:00:00 2001 From: Liwei Ge Date: Wed, 28 Sep 2022 17:56:54 +0800 Subject: [PATCH 4/5] build: fix testcase failure with loongarch64 https://bugzilla.openanolis.cn/show_bug.cgi?id=2295 --- 1002-fix-faulthandler_register-stack.patch | 43 +++++++++++++++++++ ...-by-value-for-structs-on-loongarch64.patch | 39 +++++++++++++++++ python3.spec | 5 +++ 3 files changed, 87 insertions(+) create mode 100644 1002-fix-faulthandler_register-stack.patch create mode 100644 1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch diff --git a/1002-fix-faulthandler_register-stack.patch b/1002-fix-faulthandler_register-stack.patch new file mode 100644 index 0000000..13b7090 --- /dev/null +++ b/1002-fix-faulthandler_register-stack.patch @@ -0,0 +1,43 @@ +From ef158444cbe271d08d40c374316d3a2ffd6dea76 Mon Sep 17 00:00:00 2001 +From: Victor Stinner +Date: Wed, 14 Aug 2019 23:35:27 +0200 +Subject: [PATCH] bpo-21131: Fix faulthandler.register(chain=True) stack + (GH-15276) + +faulthandler now allocates a dedicated stack of SIGSTKSZ*2 bytes, +instead of just SIGSTKSZ bytes. Calling the previous signal handler +in faulthandler signal handler uses more than SIGSTKSZ bytes of stack +memory on some platforms. +--- + .../next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst | 4 ++++ + Modules/faulthandler.c | 6 +++++- + 2 files changed, 9 insertions(+), 1 deletion(-) + create mode 100644 Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst + +diff --git a/Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst b/Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst +new file mode 100644 +index 000000000000..d330aca1c17d +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2019-08-14-15-34-23.bpo-21131.0MMQRi.rst +@@ -0,0 +1,4 @@ ++Fix ``faulthandler.register(chain=True)`` stack. faulthandler now allocates a ++dedicated stack of ``SIGSTKSZ*2`` bytes, instead of just ``SIGSTKSZ`` bytes. ++Calling the previous signal handler in faulthandler signal handler uses more ++than ``SIGSTKSZ`` bytes of stack memory on some platforms. +diff --git a/Modules/faulthandler.c b/Modules/faulthandler.c +index 2331051f7907..5dbbcad057e6 100644 +--- a/Modules/faulthandler.c ++++ b/Modules/faulthandler.c +@@ -1325,7 +1325,11 @@ _PyFaulthandler_Init(int enable) + * be able to allocate memory on the stack, even on a stack overflow. If it + * fails, ignore the error. */ + stack.ss_flags = 0; +- stack.ss_size = SIGSTKSZ; ++ /* bpo-21131: allocate dedicated stack of SIGSTKSZ*2 bytes, instead of just ++ SIGSTKSZ bytes. Calling the previous signal handler in faulthandler ++ signal handler uses more than SIGSTKSZ bytes of stack memory on some ++ platforms. */ ++ stack.ss_size = SIGSTKSZ * 2; + stack.ss_sp = PyMem_Malloc(stack.ss_size); + if (stack.ss_sp != NULL) { + err = sigaltstack(&stack, &old_stack); diff --git a/1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch b/1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch new file mode 100644 index 0000000..2b3cd0d --- /dev/null +++ b/1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch @@ -0,0 +1,39 @@ +From 52b9fb9288eaec8d1b9eaa756c4079ed7e5baf5f Mon Sep 17 00:00:00 2001 +From: Liwei Ge +Date: Wed, 28 Sep 2022 17:50:16 +0800 +Subject: [PATCH] ctypes: pass by value for structs on loongarch64 + +--- + Lib/test/test_sysconfig.py | 2 +- + Modules/_ctypes/callproc.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py +index 90e6719..384fe39 100644 +--- a/Lib/test/test_sysconfig.py ++++ b/Lib/test/test_sysconfig.py +@@ -407,7 +407,7 @@ class TestSysConfig(unittest.TestCase): + import platform, re + machine = platform.machine() + suffix = sysconfig.get_config_var('EXT_SUFFIX') +- if re.match('(aarch64|arm|mips|ppc|powerpc|s390|sparc)', machine): ++ if re.match('(aarch64|arm|loongarch64|mips|ppc|powerpc|s390|sparc)', machine): + self.assertTrue('linux' in suffix, suffix) + if re.match('(i[3-6]86|x86_64)$', machine): + if ctypes.sizeof(ctypes.c_char_p()) == 4: +diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c +index 2bb289b..7b3577f 100644 +--- a/Modules/_ctypes/callproc.c ++++ b/Modules/_ctypes/callproc.c +@@ -1050,7 +1050,7 @@ GetComError(HRESULT errcode, GUID *riid, IUnknown *pIunk) + #endif + + #if (defined(__x86_64__) && (defined(__MINGW64__) || defined(__CYGWIN__))) || \ +- defined(__aarch64__) ++ defined(__aarch64__) || defined(__loongarch__) + #define CTYPES_PASS_BY_REF_HACK + #define POW2(x) (((x & ~(x - 1)) == x) ? x : 0) + #define IS_PASS_BY_REF(x) (x > 8 || !POW2(x)) +-- +2.27.0 + diff --git a/python3.spec b/python3.spec index 18ad32b..a1b24db 100644 --- a/python3.spec +++ b/python3.spec @@ -932,6 +932,8 @@ Patch444: 00444-security-fix-for-cve-2024-11168.patch Patch1000: add-anolis-platform.patch Patch1001: 1001-python3-anolis-add-loongarch.patch +Patch1002: 1002-fix-faulthandler_register-stack.patch +Patch1003: 1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch # ========================================== # Descriptions, and metadata for subpackages @@ -1295,6 +1297,8 @@ GIT_DIR=$PWD git apply %{PATCH351} %patch1000 -p1 %patch1001 -p1 +%patch1002 -p1 +%patch1003 -p1 # Remove files that should be generated by the build # (This is after patching, so that we can use patches directly from upstream) @@ -2229,6 +2233,7 @@ fi * Thu Dec 05 2024 zhangbinchen - 3.6.8-69.0.1 - Add Anolis platform - Support Loongarch for python3 (songmingliang@uniontech.com) +- Fix testcase fails on loongarch64 (geliwei@openanolis.org) * Thu Nov 14 2024 Lumír Balhar - 3.6.8-69 - Security fix for CVE-2024-11168 -- Gitee From dffc035e7d42643132a33a206e94c95a994ca345 Mon Sep 17 00:00:00 2001 From: wxiat Date: Thu, 29 Jun 2023 16:45:50 +0800 Subject: [PATCH 5/5] cherry-pick `add sw patch #1182efa2f05c5804a55d35d45a9d72f97b64a9b2`. cherry-pick `sw use python of wordsize 64 #862dabb407d3f98c64f3a9d2675fcd3a6300a21f`. Signed-off-by: Weisson --- Python-3.6.8-sw.patch | 45 +++++++++++++++++++++++++++++++++++++++++++ python3.spec | 8 ++++++++ 2 files changed, 53 insertions(+) create mode 100644 Python-3.6.8-sw.patch diff --git a/Python-3.6.8-sw.patch b/Python-3.6.8-sw.patch new file mode 100644 index 0000000..1925652 --- /dev/null +++ b/Python-3.6.8-sw.patch @@ -0,0 +1,45 @@ +diff -Naur Python-3.6.8.org/configure.ac Python-3.6.8.sw/configure.ac +--- Python-3.6.8.org/configure.ac 2023-05-17 15:31:40.509671581 +0800 ++++ Python-3.6.8.sw/configure.ac 2023-05-17 15:33:36.428751614 +0800 +@@ -784,6 +784,8 @@ + # else + aarch64_be-linux-gnu + # endif ++# elif defined(__sw_64__) ++ sw_64-linux-gnu + # elif defined(__alpha__) + alpha-linux-gnu + # elif defined(__ARM_EABI__) && defined(__ARM_PCS_VFP) +@@ -1808,7 +1810,7 @@ + # support. Without this, treatment of subnormals doesn't follow + # the standard. + case $host in +- alpha*) ++ alpha* | sw_64* ) + BASECFLAGS="$BASECFLAGS -mieee" + ;; + esac +diff -Naur Python-3.6.8.org/Lib/test/test_sysconfig.py Python-3.6.8.sw/Lib/test/test_sysconfig.py +--- Python-3.6.8.org/Lib/test/test_sysconfig.py 2023-05-17 15:31:40.495671088 +0800 ++++ Python-3.6.8.sw/Lib/test/test_sysconfig.py 2023-05-17 15:34:19.362262761 +0800 +@@ -407,7 +407,7 @@ + import platform, re + machine = platform.machine() + suffix = sysconfig.get_config_var('EXT_SUFFIX') +- if re.match('(aarch64|arm|loongarch64|mips|ppc|powerpc|s390|sparc)', machine): ++ if re.match('(aarch64|arm|sw_64|loongarch64|mips|ppc|powerpc|s390|sparc)', machine): + self.assertTrue('linux' in suffix, suffix) + if re.match('(i[3-6]86|x86_64)$', machine): + if ctypes.sizeof(ctypes.c_char_p()) == 4: +diff -Naur Python-3.6.8.org/Modules/_ctypes/callproc.c Python-3.6.8.sw/Modules/_ctypes/callproc.c +--- Python-3.6.8.org/Modules/_ctypes/callproc.c 2023-05-17 15:31:40.495671088 +0800 ++++ Python-3.6.8.sw/Modules/_ctypes/callproc.c 2023-05-17 15:37:29.182943941 +0800 +@@ -1050,7 +1050,7 @@ + #endif + + #if (defined(__x86_64__) && (defined(__MINGW64__) || defined(__CYGWIN__))) || \ +- defined(__aarch64__) || defined(__loongarch__) ++ defined(__aarch64__) || defined(__loongarch__) || defined(__sw_64__) + #define CTYPES_PASS_BY_REF_HACK + #define POW2(x) (((x & ~(x - 1)) == x) ? x : 0) + #define IS_PASS_BY_REF(x) (x > 8 || !POW2(x)) diff --git a/python3.spec b/python3.spec index a1b24db..dc91fae 100644 --- a/python3.spec +++ b/python3.spec @@ -174,11 +174,15 @@ License: Python # need different filenames. Use "64" or "32" according to the word size. # Currently, the best way to determine an architecture's word size happens to # be checking %%{_lib}. +%ifnarch sw_64 %if "%{_lib}" == "lib64" %global wordsize 64 %else %global wordsize 32 %endif +%else +%global wordsize 64 +%endif # %ifnarch sw_64 # ======================= @@ -934,6 +938,7 @@ Patch1000: add-anolis-platform.patch Patch1001: 1001-python3-anolis-add-loongarch.patch Patch1002: 1002-fix-faulthandler_register-stack.patch Patch1003: 1003-ctypes-pass-by-value-for-structs-on-loongarch64.patch +Patch10000: Python-3.6.8-sw.patch # ========================================== # Descriptions, and metadata for subpackages @@ -1299,6 +1304,7 @@ GIT_DIR=$PWD git apply %{PATCH351} %patch1001 -p1 %patch1002 -p1 %patch1003 -p1 +%patch10000 -p1 # Remove files that should be generated by the build # (This is after patching, so that we can use patches directly from upstream) @@ -2234,6 +2240,8 @@ fi - Add Anolis platform - Support Loongarch for python3 (songmingliang@uniontech.com) - Fix testcase fails on loongarch64 (geliwei@openanolis.org) +- cherry-pick `add sw patch #1182efa2f05c5804a55d35d45a9d72f97b64a9b2`. (Weisson@linux.alibaba.com) + cherry-pick `sw use python of wordsize 64 #862dabb407d3f98c64f3a9d2675fcd3a6300a21f`. * Thu Nov 14 2024 Lumír Balhar - 3.6.8-69 - Security fix for CVE-2024-11168 -- Gitee