From patchwork Mon Jul 17 16:44:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Siddhesh Poyarekar X-Patchwork-Id: 72795 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 307D63858439 for ; Mon, 17 Jul 2023 16:45:13 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 307D63858439 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1689612313; bh=UkBVHeF+2th9oLceaeDT/2/o8vEH8viDBsge2eksUV0=; h=To:Cc:Subject:Date:In-Reply-To:References:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=kAgHNoaopfHT+tQlHIPEgA7+N+Q/+guqQApFcgvkI4jX/731BFQexG2lJTi7Hsc1E TudtJW3oXq9jpL6Z2BJ90zp4XLisFE6508NZckbjScvwJ8fHIKG2JtNhvMS9Y6iCTe RioPgv9v3bioSjZS6Flauc8pEoOI5/Ws9tGIMvog= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from cross.elm.relay.mailchannels.net (cross.elm.relay.mailchannels.net [23.83.212.46]) by sourceware.org (Postfix) with ESMTPS id 8DB5A3858D28 for ; Mon, 17 Jul 2023 16:44:46 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8DB5A3858D28 X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 296B636199B; Mon, 17 Jul 2023 16:44:37 +0000 (UTC) Received: from pdx1-sub0-mail-a286.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id B1E503625B6; Mon, 17 Jul 2023 16:44:35 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1689612276; a=rsa-sha256; cv=none; b=oZqn4prkPOVJiBuZSFy+BdI72/qH2D2VpUyCoWhPMFzkOtYtgvg5oQ2i4Iux9676c2scT2 fL0bqo3J+e465mY2DR2J3l73wcM71cKhLU5DNwyGPyWywTzGVNV+KuHtTHS4D5K5yLvohV GKGh8epLUrcrLrIOgWIjrBx+WjRejD3x6ryjzrrnkN+iCifIYu1VkvHKO/XoQcjT2G8biu uw0CQ/T6aT3qycgIBBIBHGo7qu7sgPH0H80sFiFfAvlvpU2Tansrnag0AorzCUiqNyOQJU S2lYg9KkkDDdJtfyBv2JKErPdG67hxudGx15B9WZB6DJK4CGBbnULdf49VMz3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1689612276; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UkBVHeF+2th9oLceaeDT/2/o8vEH8viDBsge2eksUV0=; b=9P1yvp5COolFYd1m31tTvtTuXzLHRZ9wlXrrFmqQj7HDx/N0rvARYRYEg+jWMV/EVNm2t9 mJDSG8+uXII5eni7FDfKCL5DKvNaG4V3reHlUVD2+GvVSE/QP+3ZqRjoLvzltlZagGtEUs crVOWkHDaq5rxuV/0zbYyAHUYO9bLCF+Ra58Dq0iAbB67ojsyiEfS+j5AVa/uY7kSuOrVF f3O71FqqGnsPdorAQXl4T9gGb88b2JPP6Aoa594wdDectLEh/AMgTSsSW82awhX5IvJC82 h46ofZguwNwIIdLfy0sbD05JVWCfzGYgOWUm0h8hnnxJQz9JPC0oKI4m1fyniw== ARC-Authentication-Results: i=1; rspamd-5595f87fc9-8ms8v; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MC-Copy: stored-urls X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Abiding-Spill: 6ebbd8ff7d6c1fba_1689612276618_1134526879 X-MC-Loop-Signature: 1689612276618:2203312255 X-MC-Ingress-Time: 1689612276618 Received: from pdx1-sub0-mail-a286.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.122.253.199 (trex/6.9.1); Mon, 17 Jul 2023 16:44:36 +0000 Received: from fedora.redhat.com (bras-vprn-toroon4834w-lp130-09-174-91-45-44.dsl.bell.ca [174.91.45.44]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a286.dreamhost.com (Postfix) with ESMTPSA id 4R4Sbj2W3Tz67; Mon, 17 Jul 2023 09:44:33 -0700 (PDT) To: libc-alpha@sourceware.org Cc: dilfridge@gentoo.org, fweimer@redhat.com, sam@gentoo.org Subject: [PATCH v3] configure: Disable building libcrypt by default Date: Mon, 17 Jul 2023 12:44:17 -0400 Message-ID: <20230717164418.1462841-1-siddhesh@sourceware.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230630014248.2819836-5-siddhesh@sourceware.org> References: <20230630014248.2819836-5-siddhesh@sourceware.org> MIME-Version: 1.0 X-Spam-Status: No, score=-1171.5 required=5.0 tests=BAYES_00, GIT_PATCH_0, KAM_DMARC_NONE, KAM_DMARC_STATUS, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_SOFTFAIL, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Siddhesh Poyarekar via Libc-alpha From: Siddhesh Poyarekar Reply-To: Siddhesh Poyarekar Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" We mentioned eventual dropping of libcrypt in the 2.28 NEWS. Actually put that plan in motion by first disabling building libcrypt by default. note in NEWS that the library will be dropped completely in a future release. Also add a couple of builds into build-many-glibcs.py. Signed-off-by: Siddhesh Poyarekar Reviewed-by: Andreas K. Hüttel --- Changes from v2: - Fixed up wording of the manual and NEWS based on various reviews - Added build-many-glibcs targets for sparc and x86_64 INSTALL | 22 ++++++++++++---------- NEWS | 5 ++++- configure | 4 ++-- configure.ac | 6 +++--- manual/install.texi | 22 ++++++++++++---------- scripts/build-many-glibcs.py | 8 ++++++-- 6 files changed, 39 insertions(+), 28 deletions(-) diff --git a/INSTALL b/INSTALL index 30b874cd3a..354f214d86 100644 --- a/INSTALL +++ b/INSTALL @@ -228,16 +228,18 @@ if ‘CFLAGS’ is specified it must enable optimization. For example: By default for x86_64, the GNU C Library is built with the vector math library. Use this option to disable the vector math library. -‘--disable-crypt’ - Do not install the passphrase-hashing library ‘libcrypt’ or the - header file ‘crypt.h’. ‘unistd.h’ will still declare the function - ‘crypt’. Using this option does not change the set of programs - that may need to be linked with ‘-lcrypt’; it only means that the - GNU C Library will not provide that library. - - This option is for hackers and distributions experimenting with - independently-maintained implementations of libcrypt. It may - become the default in a future release. +‘--enable-crypt’ + Install the legacy passphrase-hashing library ‘libcrypt’ and the + header file ‘crypt.h’. ‘unistd.h’ will declare the function + ‘crypt’ regardless of this option. Using this option does not + change the set of programs that may need to be linked with + ‘-lcrypt’; it only means that the GNU C Library will provide that + library. + + This option is for hackers and distributions who may not yet be + able to use libcrypt alternatives such as libxcrypt and need this + legacy implementation as a temporary workaround. libcrypt may be + removed in a future release. ‘--disable-scv’ Disable using ‘scv’ instruction for syscalls. All syscalls will diff --git a/NEWS b/NEWS index f976abccbd..7a973f3949 100644 --- a/NEWS +++ b/NEWS @@ -54,7 +54,10 @@ Major new features: explicitly enabled, then fortify source is forcibly disabled so to keep original behavior unchanged. -Deprecated and removed features, and other changes affecting compatibility: +* libcrypt is no longer built by default, one may use the --enable-crypt + option to build libcrypt. libcrypt is likely to be removed from the + GNU C Library in a future release, so it is recommended that + applications port away from it to an alternative such as libxcrypt. * In the Linux kernel for the hppa/parisc architecture some of the MADV_XXX constants were changed to have the same values as the other diff --git a/configure b/configure index c02c0b5825..d2a0eb9734 100755 --- a/configure +++ b/configure @@ -1484,7 +1484,7 @@ Optional Features: architectures --enable-memory-tagging enable memory tagging if supported by the architecture [default=no] - --disable-crypt do not build nor install the passphrase hashing + --enable-crypt build and install the legacy passphrase hashing library, libcrypt --enable-nss-crypt enable libcrypt to use nss --enable-systemtap enable systemtap static probe points [default=no] @@ -4577,7 +4577,7 @@ if test ${enable_crypt+y} then : enableval=$enable_crypt; build_crypt=$enableval else $as_nop - build_crypt=yes + build_crypt=no fi diff --git a/configure.ac b/configure.ac index 09553541fb..f508a3722b 100644 --- a/configure.ac +++ b/configure.ac @@ -316,10 +316,10 @@ fi AC_SUBST(memory_tagging) AC_ARG_ENABLE([crypt], - AS_HELP_STRING([--disable-crypt], - [do not build nor install the passphrase hashing library, libcrypt]), + AS_HELP_STRING([--enable-crypt], + [build and install the legacy passphrase hashing library, libcrypt]), [build_crypt=$enableval], - [build_crypt=yes]) + [build_crypt=no]) AC_SUBST(build_crypt) AC_ARG_ENABLE([nss-crypt], diff --git a/manual/install.texi b/manual/install.texi index be27a1b600..fbc3a863e4 100644 --- a/manual/install.texi +++ b/manual/install.texi @@ -256,16 +256,18 @@ configure with @option{--disable-werror}. By default for x86_64, @theglibc{} is built with the vector math library. Use this option to disable the vector math library. -@item --disable-crypt -Do not install the passphrase-hashing library @file{libcrypt} or the -header file @file{crypt.h}. @file{unistd.h} will still declare the -function @code{crypt}. Using this option does not change the set of -programs that may need to be linked with @option{-lcrypt}; it only -means that @theglibc{} will not provide that library. - -This option is for hackers and distributions experimenting with -independently-maintained implementations of libcrypt. It may become -the default in a future release. +@item --enable-crypt +Install the legacy passphrase-hashing library @file{libcrypt} and the +header file @file{crypt.h}. @file{unistd.h} will declare the function +@code{crypt} regardless of this option. Using this option does not +change the set of programs that may need to be linked with +@option{-lcrypt}; it only means that @theglibc{} will provide that +library. + +This option is for hackers and distributions who may not yet be able to +use libcrypt alternatives such as libxcrypt and need this legacy +implementation as a temporary workaround. libcrypt may be removed in a +future release. @item --disable-scv Disable using @code{scv} instruction for syscalls. All syscalls will use diff --git a/scripts/build-many-glibcs.py b/scripts/build-many-glibcs.py index e4eaec01e3..73ffc57c86 100755 --- a/scripts/build-many-glibcs.py +++ b/scripts/build-many-glibcs.py @@ -431,7 +431,9 @@ class Context(object): {'variant': 'disable-multi-arch', 'arch': 'sparcv9', 'ccopts': '-m32 -mlong-double-128 -mcpu=v9', - 'cfg': ['--disable-multi-arch']}]) + 'cfg': ['--disable-multi-arch']}, + {'variant': 'enable-crypt', + 'cfg': ['--enable-crypt']}]) self.add_config(arch='x86_64', os_name='linux-gnu', gcc_cfg=['--with-multilib-list=m64,m32,mx32'], @@ -466,7 +468,9 @@ class Context(object): {'arch': 'i586', 'ccopts': '-m32 -march=i586'}, {'variant': 'enable-fortify-source', - 'cfg': ['--enable-fortify-source']}]) + 'cfg': ['--enable-fortify-source']}, + {'variant': 'enable-crypt', + 'cfg': ['--enable-crypt']}]) self.add_config(arch='x86_64', os_name='gnu', gcc_cfg=['--disable-multilib'])