Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 146627 - dev-libs/nss-3.11-r1 fails with FEATURES="stricter"
Summary: dev-libs/nss-3.11-r1 fails with FEATURES="stricter"
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: AMD64 Linux
: High normal (vote)
Assignee: Crypto team [DISABLED]
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-09-06 19:31 UTC by Josh Nichols (RETIRED)
Modified: 2006-10-25 21:38 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
nss-3.11.3-stack.patch (nss-3.11.3-stack.patch,600 bytes, patch)
2006-10-23 07:24 UTC, Alon Bar-Lev (RETIRED)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Josh Nichols (RETIRED) gentoo-dev 2006-09-06 19:31:10 UTC
QA Notice: the following files contain executable stacks
 Files with executable stacks will not work properly (or at all!)
 on some architectures/operating systems.  A bug should be filed
 at http://bugs.gentoo.org/ to make sure the file is fixed.
 For more information, see http://hardened.gentoo.org/gnu-stack.xml
 Please include this file in your report:
 /var/tmp/portage/nss-3.11-r1/temp/scanelf-execstack.log
"RWX --- --- usr/lib64/nss/libfreebl3.so.11"
!!! ERROR: dev-libs/nss-3.11-r1 failed.
Call stack:
  misc-functions.sh, line 409:   Called install_qa_check
  misc-functions.sh, line 166:   Called die
!!! Aborting due to QA concerns:  execstacks


scanelf-execstack.log:
RWX --- --- image/usr/lib64/nss/libfreebl3.so.11
RWX --- --- work/nss-3.11/mozilla/security/dist/Linux2.6_x86_64_glibc_PTH_64_OPT
.OBJ/lib/libfreebl3.so
RWX --- --- work/nss-3.11/mozilla/security/dist/Linux2.6_x86_64_glibc_PTH_64_OPT
.OBJ/lib/libfreebl3.so.11
!WX --- --- work/nss-3.11/mozilla/security/nss/lib/freebl/Linux2.6_x86_64_glibc_
PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/arcfour-amd64-gas.o
RWX --- --- work/nss-3.11/mozilla/security/nss/lib/freebl/Linux2.6_x86_64_glibc_
PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/libfreebl3.so.11
!WX --- --- work/nss-3.11/mozilla/security/nss/lib/freebl/Linux2.6_x86_64_glibc_
PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mpi_amd64_gas.o
Comment 1 Alon Bar-Lev (RETIRED) gentoo-dev 2006-10-08 22:10:56 UTC
Not that I know what is stricter... It is not documented in make.conf.example.
But I don't get these messages.
Maybe it is 64bit related.
I regret I have no place to test it.
Comment 2 Josh Nichols (RETIRED) gentoo-dev 2006-10-09 06:58:35 UTC
These type of things will generally vary from platform to platform. To see this in action, take a look at dev-java/ibm-jdk-bin, where it varies from x86, to amd64, to ppc, to ppc64.

So yes, it could be possible this is only affected on amd64.

The documentation listed in the notice explains how this can be really fixed. There is a workaround that can be done until that is done though: you specify QA_EXECSTACK_amd64 to be the list of files effected.
Comment 3 Alon Bar-Lev (RETIRED) gentoo-dev 2006-10-23 07:24:57 UTC
Created attachment 100286 [details, diff]
nss-3.11.3-stack.patch

Hello Josh,
Can you please test nss-3.11.3, this issue seems to be handled by upstream.
The only place I see missing is this attachment... But first try without.
Thanks!
Comment 4 Alon Bar-Lev (RETIRED) gentoo-dev 2006-10-24 11:16:01 UTC
Hello amd64,

Can you please find the time to test this issue with nss-3.11.3?
I cannot test this.
Upstream should have solved the problem since 3.11.
attachment#100286 [details, diff] is the only issue I could find that may cause it to fail also in 3.11.3.

Thanks!
Comment 5 Josh Nichols (RETIRED) gentoo-dev 2006-10-25 20:43:18 UTC
Sorry for not reporting back earlier.

I've since updated to 3.11.3-r1, and it seems to merge without any of the QA notices.

So, it seems this bug can probably be resolved fixed.
Comment 6 Alon Bar-Lev (RETIRED) gentoo-dev 2006-10-25 21:38:58 UTC
Thanks!