mirror of
https://github.com/linuxboot/heads.git
synced 2025-01-05 12:44:14 +00:00
0cef8e1edc
cryptsetup2 2.6.1 is a new release that supports reencryption of Q4.2 release LUKS2 volumes created at installation. This is a critical feature for the Qubes OS 4.2 release for added data at rest protection Cryptsetup 2.6.x internal changes: - Argon2 used externally and internally: requires a lot of RAM and CPU to derivate passphrase to key validated in key slots. - This is used to rate limit efficiently bruteforcing of LUKS key slots, requiring each offline brute force attempt to consume ~15-30 seconds per attempt - OF course, strong passphrases are still recommended, but bruteforcing LUKSv2 containers with Argon2 would require immense time, ram and CPU even to bruteforce low entropy passphrase/PINs. - passphrase change doesn't permit LUKS key slot specification anymore: key slot rotates (new one consusumed per op: then old one wiped internally. EG: LUKS key slot 1 created, then 0 deleted) - reencryption doesn't permit old call arguments. No more direct-io; inadmissively slow through AIO (async) calls, need workarounds for good enough perfs (arguments + newer kernel with cloudfare fixes in tree) cryptsetup 2.6.1 requires: - lvm2 2.03.23, which is also included in this PR. - requires libaio, which is also included in this PR (could be hacked out but deep dependency at first sight: left in) - requires util-linux 2.39 - patches for reproducible builds are included for above 3 packages. luks-functions was updated to support the new cryptsetup2 version calls/changes - reencryption happen in direct-io, offline mode and without locking, requiring linux 5.10.9+ to bypass linux queues - from tests, this is best for performance and reliability in single-user mode - LUKS container ops now validate Disk Recovery Key (DRK) passphrase prior and DRK key slot prior of going forward if needed, failing early. - Heads don't expect DRK to be in static key slot anymore, and finds the DRK key slot dynamically. - If reencrytipn/passphrase change: make sure all LUKS containers on same block device can be unlocked with same DRK - Reencryption: requires to know which key slot to reencrypt. - Find LUKS key slot that unlocks with DRK passphrase unlock prior of reencrypt call - Passphrase change: no slot can be passed, but key slot of DRK rotates. kexec-seal-key - TPM LUKS Disk Unlock Key key slots have changed to be set in max slots per LUKS version (LUKSv1:7 /LUKSv2: 31) - If key slot != default LUKS version's keyslot outside of DRK key slot: prompt the user before wiping that key slot, otherwise wipe automatically - This takes for granted that the DRK key slot alone is needed on the system and Heads controls the LUKS key slots. - If user has something else going on, ie: Using USB Security dongle + TPM DUK, then the user will need to say no when wiping keys. - It was suggested to leave LUKS key slots outside of DRK alone, but then: what to do when all key slots would be used? - Alternative implementation could be to only prompt users to wipe keyslots other then DRK when key slots are all used (LUKSv1: 0-7, LUKSv2: 0-31) - But then cleanup would need to happen prior of operations (LUKS passphrase change, TPM DUK setup) and could be problematic. - LUKS containers now checked to be same LUKS version prior of permitting to set TPM DUK and will refuse to go forward of different versions. TODO: - async (AIO) calls are not used. direct-io is used instead. libaio could be hacked out - this could be subject to future work Notes: - time to deprecated legacy boards the do not enough space for the new space requirements - x230-legacy, x230-legacy-flash, x230-hotp-legacy - t430-legacy, t430-legacy-flash, t430-hotp-legacy already deprecated Unrelated: - typos fixes found along the way Signed-off-by: Thierry Laurion <insurgo@riseup.net>
707 lines
26 KiB
Diff
707 lines
26 KiB
Diff
diff -u -r cryptsetup-2.4.3-clean/configure cryptsetup-2.4.3/configure
|
|
--- cryptsetup-2.4.3-clean/configure 2022-01-13 17:24:34.000000000 +0800
|
|
+++ cryptsetup-2.4.3/configure 2022-01-16 14:08:37.088258763 +0800
|
|
@@ -11056,7 +11056,7 @@
|
|
hardcode_automatic=no
|
|
hardcode_direct=no
|
|
hardcode_direct_absolute=no
|
|
- hardcode_libdir_flag_spec=
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=
|
|
hardcode_minus_L=no
|
|
hardcode_shlibpath_var=unsupported
|
|
@@ -11140,7 +11140,7 @@
|
|
# are reset later if shared libraries are not supported. Putting them
|
|
# here allows them to be overridden if necessary.
|
|
runpath_var=LD_RUN_PATH
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
export_dynamic_flag_spec='$wl--export-dynamic'
|
|
# ancient GNU ld didn't support --whole-archive et. al.
|
|
if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
|
|
@@ -11186,7 +11186,7 @@
|
|
;;
|
|
m68k)
|
|
archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_minus_L=yes
|
|
;;
|
|
esac
|
|
@@ -11206,7 +11206,7 @@
|
|
cygwin* | mingw* | pw32* | cegcc*)
|
|
# _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless,
|
|
# as there is no search path for DLLs.
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
export_dynamic_flag_spec='$wl--export-all-symbols'
|
|
allow_undefined_flag=unsupported
|
|
always_export_symbols=no
|
|
@@ -11236,7 +11236,7 @@
|
|
;;
|
|
|
|
os2*)
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_minus_L=yes
|
|
allow_undefined_flag=unsupported
|
|
shrext_cmds=.dll
|
|
@@ -11266,7 +11266,7 @@
|
|
interix[3-9]*)
|
|
hardcode_direct=no
|
|
hardcode_shlibpath_var=no
|
|
- hardcode_libdir_flag_spec='$wl-rpath,$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
export_dynamic_flag_spec='$wl-E'
|
|
# Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
|
|
# Instead, shared libraries are loaded at an image base (0x10000000 by
|
|
@@ -11342,7 +11342,7 @@
|
|
xlf* | bgf* | bgxlf* | mpixlf*)
|
|
# IBM XL Fortran 10.1 on PPC cannot create shared libs itself
|
|
whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive'
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
|
|
if test yes = "$supports_anon_versioning"; then
|
|
archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
|
|
@@ -11409,7 +11409,7 @@
|
|
# DT_RUNPATH tag from executables and libraries. But doing so
|
|
# requires that you compile everything twice, which is a pain.
|
|
if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
|
|
archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
|
|
else
|
|
@@ -11438,7 +11438,7 @@
|
|
|
|
if test no = "$ld_shlibs"; then
|
|
runpath_var=
|
|
- hardcode_libdir_flag_spec=
|
|
+ hardcode_libdir_flag_spec=" "
|
|
export_dynamic_flag_spec=
|
|
whole_archive_flag_spec=
|
|
fi
|
|
@@ -11556,7 +11556,7 @@
|
|
# path is not listed in the libpath. Setting hardcode_minus_L
|
|
# to unsupported forces relinking
|
|
hardcode_minus_L=yes
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=
|
|
fi
|
|
;;
|
|
@@ -11642,11 +11642,11 @@
|
|
aix_libpath=$lt_cv_aix_libpath_
|
|
fi
|
|
|
|
- hardcode_libdir_flag_spec='$wl-blibpath:$libdir:'"$aix_libpath"
|
|
+ hardcode_libdir_flag_spec=" "
|
|
archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs $wl'$no_entry_flag' $compiler_flags `if test -n "$allow_undefined_flag"; then func_echo_all "$wl$allow_undefined_flag"; else :; fi` $wl'$exp_sym_flag:\$export_symbols' '$shared_flag
|
|
else
|
|
if test ia64 = "$host_cpu"; then
|
|
- hardcode_libdir_flag_spec='$wl-R $libdir:/usr/lib:/lib'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
allow_undefined_flag="-z nodefs"
|
|
archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\$wl$no_entry_flag"' $compiler_flags $wl$allow_undefined_flag '"\$wl$exp_sym_flag:\$export_symbols"
|
|
else
|
|
@@ -11697,7 +11697,7 @@
|
|
aix_libpath=$lt_cv_aix_libpath_
|
|
fi
|
|
|
|
- hardcode_libdir_flag_spec='$wl-blibpath:$libdir:'"$aix_libpath"
|
|
+ hardcode_libdir_flag_spec=" "
|
|
# Warning - without using the other run time loading flags,
|
|
# -berok will link without error, but may produce a broken library.
|
|
no_undefined_flag=' $wl-bernotok'
|
|
@@ -11737,7 +11737,7 @@
|
|
;;
|
|
m68k)
|
|
archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_minus_L=yes
|
|
;;
|
|
esac
|
|
@@ -11847,7 +11847,7 @@
|
|
|
|
dgux*)
|
|
archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_shlibpath_var=no
|
|
;;
|
|
|
|
@@ -11857,7 +11857,7 @@
|
|
# extra space).
|
|
freebsd2.2*)
|
|
archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
|
|
- hardcode_libdir_flag_spec='-R$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_direct=yes
|
|
hardcode_shlibpath_var=no
|
|
;;
|
|
@@ -11884,7 +11884,7 @@
|
|
else
|
|
archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib'
|
|
fi
|
|
- hardcode_libdir_flag_spec='$wl+b $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=:
|
|
hardcode_direct=yes
|
|
|
|
@@ -11901,7 +11901,7 @@
|
|
archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
|
|
fi
|
|
if test no = "$with_gnu_ld"; then
|
|
- hardcode_libdir_flag_spec='$wl+b $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=:
|
|
hardcode_direct=yes
|
|
hardcode_direct_absolute=yes
|
|
@@ -11979,7 +11979,7 @@
|
|
esac
|
|
fi
|
|
if test no = "$with_gnu_ld"; then
|
|
- hardcode_libdir_flag_spec='$wl+b $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=:
|
|
|
|
case $host_cpu in
|
|
@@ -12040,7 +12040,7 @@
|
|
archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -exports_file $export_symbols -o $lib'
|
|
fi
|
|
archive_cmds_need_lc='no'
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=:
|
|
inherit_rpath=yes
|
|
link_all_deplibs=yes
|
|
@@ -12062,7 +12062,7 @@
|
|
else
|
|
archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
|
|
fi
|
|
- hardcode_libdir_flag_spec='-R$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_direct=yes
|
|
hardcode_shlibpath_var=no
|
|
;;
|
|
@@ -12070,7 +12070,7 @@
|
|
newsos6)
|
|
archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
|
|
hardcode_direct=yes
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=:
|
|
hardcode_shlibpath_var=no
|
|
;;
|
|
@@ -12086,11 +12086,11 @@
|
|
if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then
|
|
archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
|
|
archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags $wl-retain-symbols-file,$export_symbols'
|
|
- hardcode_libdir_flag_spec='$wl-rpath,$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
export_dynamic_flag_spec='$wl-E'
|
|
else
|
|
archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
|
|
- hardcode_libdir_flag_spec='$wl-rpath,$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
fi
|
|
else
|
|
ld_shlibs=no
|
|
@@ -12098,7 +12098,7 @@
|
|
;;
|
|
|
|
os2*)
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_minus_L=yes
|
|
allow_undefined_flag=unsupported
|
|
shrext_cmds=.dll
|
|
@@ -12134,7 +12134,7 @@
|
|
archive_cmds='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
|
|
fi
|
|
archive_cmds_need_lc='no'
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=:
|
|
;;
|
|
|
|
@@ -12142,7 +12142,7 @@
|
|
if test yes = "$GCC"; then
|
|
allow_undefined_flag=' $wl-expect_unresolved $wl\*'
|
|
archive_cmds='$CC -shared$allow_undefined_flag $pic_flag $libobjs $deplibs $compiler_flags $wl-msym $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
else
|
|
allow_undefined_flag=' -expect_unresolved \*'
|
|
archive_cmds='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
|
|
@@ -12150,7 +12150,7 @@
|
|
$CC -shared$allow_undefined_flag $wl-input $wl$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib~$RM $lib.exp'
|
|
|
|
# Both c and cxx compiler support -rpath directly
|
|
- hardcode_libdir_flag_spec='-rpath $libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
fi
|
|
archive_cmds_need_lc='no'
|
|
hardcode_libdir_separator=:
|
|
@@ -12179,7 +12179,7 @@
|
|
;;
|
|
esac
|
|
fi
|
|
- hardcode_libdir_flag_spec='-R$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_shlibpath_var=no
|
|
case $host_os in
|
|
solaris2.[0-5] | solaris2.[0-5].*) ;;
|
|
@@ -12206,7 +12206,7 @@
|
|
else
|
|
archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
|
|
fi
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_direct=yes
|
|
hardcode_minus_L=yes
|
|
hardcode_shlibpath_var=no
|
|
@@ -12276,7 +12276,7 @@
|
|
allow_undefined_flag='$wl-z,nodefs'
|
|
archive_cmds_need_lc=no
|
|
hardcode_shlibpath_var=no
|
|
- hardcode_libdir_flag_spec='$wl-R,$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator=':'
|
|
link_all_deplibs=yes
|
|
export_dynamic_flag_spec='$wl-Bexport'
|
|
@@ -12293,7 +12293,7 @@
|
|
|
|
uts4*)
|
|
archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_shlibpath_var=no
|
|
;;
|
|
|
|
@@ -12662,7 +12662,7 @@
|
|
version_type=linux # correct to gnu/linux during the next big refactor
|
|
need_lib_prefix=no
|
|
need_version=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
if test ia64 = "$host_cpu"; then
|
|
# AIX 5 supports IA64
|
|
library_names_spec='$libname$release$shared_ext$major $libname$release$shared_ext$versuffix $libname$shared_ext'
|
|
@@ -12952,16 +12952,16 @@
|
|
;;
|
|
freebsd3.[01]* | freebsdelf3.[01]*)
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
|
|
freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
*) # from 4.6 on, and DragonFly
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
esac
|
|
;;
|
|
@@ -12976,7 +12976,7 @@
|
|
shlibpath_var=LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
hpux9* | hpux10* | hpux11*)
|
|
@@ -12988,7 +12988,7 @@
|
|
case $host_cpu in
|
|
ia64*)
|
|
shrext_cmds='.so'
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker="$host_os dld.so"
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
|
|
@@ -13004,7 +13004,7 @@
|
|
;;
|
|
hppa*64*)
|
|
shrext_cmds='.sl'
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker="$host_os dld.sl"
|
|
shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
|
|
shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
|
|
@@ -13037,7 +13037,7 @@
|
|
dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
irix5* | irix6* | nonstopux*)
|
|
@@ -13074,7 +13074,7 @@
|
|
shlibpath_overrides_runpath=no
|
|
sys_lib_search_path_spec="/usr/lib$libsuff /lib$libsuff /usr/local/lib$libsuff"
|
|
sys_lib_dlsearch_path_spec="/usr/lib$libsuff /lib$libsuff"
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
# No shared lib support for Linux oldld, aout, or coff.
|
|
@@ -13095,11 +13095,11 @@
|
|
# This implies no fast_install, which is unacceptable.
|
|
# Some rework will be needed to allow for fast_install
|
|
# before this can be enabled.
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
|
|
dynamic_linker='Android linker'
|
|
# Don't embed -rpath directories since the linker doesn't support them.
|
|
- hardcode_libdir_flag_spec='-L$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
;;
|
|
|
|
# This must be glibc/ELF.
|
|
@@ -13153,7 +13153,7 @@
|
|
# This implies no fast_install, which is unacceptable.
|
|
# Some rework will be needed to allow for fast_install
|
|
# before this can be enabled.
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
|
|
# Ideally, we could use ldconfig to report *all* directores which are
|
|
# searched for libraries, however this is still not possible. Aside from not
|
|
@@ -13183,7 +13183,7 @@
|
|
soname_spec='${libname}${release}${shared_ext}$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker='NetBSD ld.elf_so'
|
|
;;
|
|
|
|
@@ -13202,7 +13202,7 @@
|
|
fi
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
newsos6)
|
|
@@ -13220,7 +13220,7 @@
|
|
soname_spec='$libname$release$shared_ext$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker='ldqnx.so'
|
|
;;
|
|
|
|
@@ -13292,7 +13292,7 @@
|
|
soname_spec='$libname$release$shared_ext$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
# ldd complains unless libraries are executable
|
|
postinstall_cmds='chmod +x $lib'
|
|
;;
|
|
@@ -13349,7 +13349,7 @@
|
|
soname_spec='$libname$release$shared_ext$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
if test yes = "$with_gnu_ld"; then
|
|
sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
|
|
else
|
|
@@ -13371,7 +13371,7 @@
|
|
library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
uts4*)
|
|
@@ -14490,7 +14490,7 @@
|
|
acl_shlibext="$acl_cv_shlibext"
|
|
acl_libname_spec="$acl_cv_libname_spec"
|
|
acl_library_names_spec="$acl_cv_library_names_spec"
|
|
- acl_hardcode_libdir_flag_spec="$acl_cv_hardcode_libdir_flag_spec"
|
|
+ acl_hardcode_libdir_flag_spec=" "
|
|
acl_hardcode_libdir_separator="$acl_cv_hardcode_libdir_separator"
|
|
acl_hardcode_direct="$acl_cv_hardcode_direct"
|
|
acl_hardcode_minus_L="$acl_cv_hardcode_minus_L"
|
|
@@ -22538,7 +22538,7 @@
|
|
with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`'
|
|
allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`'
|
|
no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`'
|
|
-hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`'
|
|
+hardcode_libdir_flag_spec=" "
|
|
hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`'
|
|
hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`'
|
|
hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`'
|
|
@@ -22569,7 +22569,7 @@
|
|
postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
|
|
finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`'
|
|
finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`'
|
|
-hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`'
|
|
+hardcode_into_libs=no
|
|
sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`'
|
|
configure_time_dlsearch_path='`$ECHO "$configure_time_dlsearch_path" | $SED "$delay_single_quote_subst"`'
|
|
configure_time_lt_sys_library_path='`$ECHO "$configure_time_lt_sys_library_path" | $SED "$delay_single_quote_subst"`'
|
|
@@ -23727,7 +23727,7 @@
|
|
finish_eval=$lt_finish_eval
|
|
|
|
# Whether we should hardcode library paths into libraries.
|
|
-hardcode_into_libs=$hardcode_into_libs
|
|
+hardcode_into_libs=no
|
|
|
|
# Compile-time system search path for libraries.
|
|
sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
|
|
@@ -23824,7 +23824,7 @@
|
|
|
|
# Flag to hardcode \$libdir into a binary during linking.
|
|
# This must work even if \$libdir does not exist
|
|
-hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec
|
|
+hardcode_libdir_flag_spec=" "
|
|
|
|
# Whether we need a single "-rpath" flag with a separated argument.
|
|
hardcode_libdir_separator=$lt_hardcode_libdir_separator
|
|
diff -u -r cryptsetup-2.4.3-clean/Makefile.in cryptsetup-2.4.3/Makefile.in
|
|
--- cryptsetup-2.4.3-clean/Makefile.in 2022-01-13 17:24:33.000000000 +0800
|
|
+++ cryptsetup-2.4.3/Makefile.in 2022-01-16 14:08:37.096258854 +0800
|
|
@@ -1115,6 +1115,8 @@
|
|
@CRYPTSETUP_TRUE@cryptsetup_LDADD = $(LDADD) \
|
|
@CRYPTSETUP_TRUE@ libcryptsetup.la \
|
|
@CRYPTSETUP_TRUE@ @POPT_LIBS@ \
|
|
+@CRYPTSETUP_TRUE@ @DEVMAPPER_LIBS@ \
|
|
+@CRYPTSETUP_TRUE@ @JSON_C_LIBS@ \
|
|
@CRYPTSETUP_TRUE@ @PWQUALITY_LIBS@ \
|
|
@CRYPTSETUP_TRUE@ @PASSWDQC_LIBS@ \
|
|
@CRYPTSETUP_TRUE@ @UUID_LIBS@ \
|
|
@@ -1147,6 +1149,9 @@
|
|
@VERITYSETUP_TRUE@veritysetup_LDADD = $(LDADD) \
|
|
@VERITYSETUP_TRUE@ libcryptsetup.la \
|
|
@VERITYSETUP_TRUE@ @POPT_LIBS@ \
|
|
+@VERITYSETUP_TRUE@ @UUID_LIBS@ \
|
|
+@VERITYSETUP_TRUE@ @DEVMAPPER_LIBS@ \
|
|
+@VERITYSETUP_TRUE@ @JSON_C_LIBS@ \
|
|
@VERITYSETUP_TRUE@ @BLKID_LIBS@
|
|
|
|
@STATIC_TOOLS_TRUE@@VERITYSETUP_TRUE@veritysetup_static_SOURCES = $(veritysetup_SOURCES)
|
|
@@ -1177,6 +1182,8 @@
|
|
@INTEGRITYSETUP_TRUE@ libcryptsetup.la \
|
|
@INTEGRITYSETUP_TRUE@ @POPT_LIBS@ \
|
|
@INTEGRITYSETUP_TRUE@ @UUID_LIBS@ \
|
|
+@INTEGRITYSETUP_TRUE@ @DEVMAPPER_LIBS@ \
|
|
+@INTEGRITYSETUP_TRUE@ @JSON_C_LIBS@ \
|
|
@INTEGRITYSETUP_TRUE@ @BLKID_LIBS@
|
|
|
|
@INTEGRITYSETUP_TRUE@@STATIC_TOOLS_TRUE@integritysetup_static_SOURCES = $(integritysetup_SOURCES)
|
|
|
|
--- ./configure.orig 2023-11-26 14:22:30.912000000 -0500
|
|
+++ ./configure 2023-11-26 14:26:21.714000000 -0500
|
|
@@ -12336,7 +12336,7 @@
|
|
|
|
case $cc_basename in
|
|
tcc*)
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
export_dynamic_flag_spec='-rdynamic'
|
|
;;
|
|
xlf* | bgf* | bgxlf* | mpixlf*)
|
|
@@ -12755,7 +12755,7 @@
|
|
case $cc_basename in
|
|
cl* | icl*)
|
|
# Native MSVC or ICC
|
|
- hardcode_libdir_flag_spec=' '
|
|
+ hardcode_libdir_flag_spec=" "
|
|
allow_undefined_flag=unsupported
|
|
always_export_symbols=yes
|
|
file_list_spec='@'
|
|
@@ -12796,7 +12796,7 @@
|
|
;;
|
|
*)
|
|
# Assume MSVC and ICC wrapper
|
|
- hardcode_libdir_flag_spec=' '
|
|
+ hardcode_libdir_flag_spec=" "
|
|
allow_undefined_flag=unsupported
|
|
# Tell ltmain to make .lib files, not .a files.
|
|
libext=lib
|
|
@@ -12873,7 +12873,7 @@
|
|
# FreeBSD 3 and greater uses gcc -shared to do shared libraries.
|
|
freebsd* | dragonfly* | midnightbsd*)
|
|
archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
|
|
- hardcode_libdir_flag_spec='-R$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
hardcode_direct=yes
|
|
hardcode_shlibpath_var=no
|
|
;;
|
|
@@ -13052,7 +13052,7 @@
|
|
# Fabrice Bellard et al's Tiny C Compiler
|
|
ld_shlibs=yes
|
|
archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
|
|
- hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
|
|
+ hardcode_libdir_flag_spec=" "
|
|
;;
|
|
esac
|
|
;;
|
|
--- ./configure.mod 2023-11-26 14:46:49.779000000 -0500
|
|
+++ ./configure 2023-11-26 14:47:56.962000000 -0500
|
|
@@ -17670,7 +17670,7 @@
|
|
version_type=linux # correct to gnu/linux during the next big refactor
|
|
need_lib_prefix=no
|
|
need_version=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
if test ia64 = "$host_cpu"; then
|
|
# AIX 5 supports IA64
|
|
library_names_spec='$libname$release$shared_ext$major $libname$release$shared_ext$versuffix $libname$shared_ext'
|
|
@@ -17958,16 +17958,16 @@
|
|
;;
|
|
freebsd3.[01]* | freebsdelf3.[01]*)
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
|
|
freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
*) # from 4.6 on, and DragonFly
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
esac
|
|
;;
|
|
@@ -17982,7 +17982,7 @@
|
|
shlibpath_var=LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
hpux9* | hpux10* | hpux11*)
|
|
@@ -17994,7 +17994,7 @@
|
|
case $host_cpu in
|
|
ia64*)
|
|
shrext_cmds='.so'
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker="$host_os dld.so"
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
|
|
@@ -18010,7 +18010,7 @@
|
|
;;
|
|
hppa*64*)
|
|
shrext_cmds='.sl'
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker="$host_os dld.sl"
|
|
shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
|
|
shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
|
|
@@ -18043,7 +18043,7 @@
|
|
dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
irix5* | irix6* | nonstopux*)
|
|
@@ -18080,7 +18080,7 @@
|
|
shlibpath_overrides_runpath=no
|
|
sys_lib_search_path_spec="/usr/lib$libsuff /lib$libsuff /usr/local/lib$libsuff"
|
|
sys_lib_dlsearch_path_spec="/usr/lib$libsuff /lib$libsuff"
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
# No shared lib support for Linux oldld, aout, or coff.
|
|
@@ -18101,7 +18101,7 @@
|
|
# This implies no fast_install, which is unacceptable.
|
|
# Some rework will be needed to allow for fast_install
|
|
# before this can be enabled.
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
|
|
dynamic_linker='Android linker'
|
|
# Don't embed -rpath directories since the linker doesn't support them.
|
|
@@ -18159,7 +18159,7 @@
|
|
# This implies no fast_install, which is unacceptable.
|
|
# Some rework will be needed to allow for fast_install
|
|
# before this can be enabled.
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
|
|
# Ideally, we could use ldconfig to report *all* directores which are
|
|
# searched for libraries, however this is still not possible. Aside from not
|
|
@@ -18189,7 +18189,7 @@
|
|
soname_spec='${libname}${release}${shared_ext}$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker='NetBSD ld.elf_so'
|
|
;;
|
|
|
|
@@ -18208,7 +18208,7 @@
|
|
fi
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
newsos6)
|
|
@@ -18226,7 +18226,7 @@
|
|
soname_spec='$libname$release$shared_ext$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
dynamic_linker='ldqnx.so'
|
|
;;
|
|
|
|
@@ -18298,7 +18298,7 @@
|
|
soname_spec='$libname$release$shared_ext$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
# ldd complains unless libraries are executable
|
|
postinstall_cmds='chmod +x $lib'
|
|
;;
|
|
@@ -18355,7 +18355,7 @@
|
|
soname_spec='$libname$release$shared_ext$major'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=yes
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
if test yes = "$with_gnu_ld"; then
|
|
sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
|
|
else
|
|
@@ -18377,7 +18377,7 @@
|
|
library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
|
|
shlibpath_var=LD_LIBRARY_PATH
|
|
shlibpath_overrides_runpath=no
|
|
- hardcode_into_libs=yes
|
|
+ hardcode_into_libs=no
|
|
;;
|
|
|
|
uts4*)
|