diff --git a/unix/linux/Dockerfile b/unix/linux/Dockerfile index 3833f8c17..ad5c040f3 100644 --- a/unix/linux/Dockerfile +++ b/unix/linux/Dockerfile @@ -17,8 +17,8 @@ WORKDIR /git RUN git config --global advice.detachedHead false # Linux Kernel: Released 10 March 2024 RUN git clone --branch v6.8 --depth 1 https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux -# GNU C library: Released 1 Feb 2023 -RUN git clone --branch release/2.37/master --depth 1 https://sourceware.org/git/glibc.git +# GNU C library: Released 31 Jan 2024 +RUN git clone --branch release/2.39/master --depth 1 https://sourceware.org/git/glibc.git # Get Go ENV GOLANG_VERSION 1.21.0 diff --git a/unix/linux/mkall.go b/unix/linux/mkall.go index 70d8cd8f2..ae159148b 100644 --- a/unix/linux/mkall.go +++ b/unix/linux/mkall.go @@ -417,6 +417,20 @@ func (t *target) makeHeaders() error { } else { glibcArgs = append(glibcArgs, "--enable-kernel="+MinKernel) } + + // CET is not supported on x86 but glibc 2.39 enables it by default, it was later reverted. + // See https://sourceware.org/git/?p=glibc.git;a=commit;h=25f1e16ef03a6a8fb1701c4647d46c564480d88c + if t.LinuxArch == "x86" { + glibcArgs = append(glibcArgs, "--enable-cet=no") + } + + // glibc 2.38 requires libmvec to be disabled explicitly in aarch64 + // since the installed compiler does not have SVE ACLE. + // See https://sourceware.org/pipermail/libc-alpha/2023-May/147829.html + if t.LinuxArch == "arm64" { + glibcArgs = append(glibcArgs, "--disable-mathvec") + } + glibcConf := t.makeCommand(confScript, glibcArgs...) glibcConf.Dir = buildDir diff --git a/unix/zerrors_linux.go b/unix/zerrors_linux.go index f9dde70ef..feba381d7 100644 --- a/unix/zerrors_linux.go +++ b/unix/zerrors_linux.go @@ -1339,6 +1339,7 @@ const ( F_OFD_SETLK = 0x25 F_OFD_SETLKW = 0x26 F_OK = 0x0 + F_SEAL_EXEC = 0x20 F_SEAL_FUTURE_WRITE = 0x10 F_SEAL_GROW = 0x4 F_SEAL_SEAL = 0x1 @@ -1627,6 +1628,7 @@ const ( IP_FREEBIND = 0xf IP_HDRINCL = 0x3 IP_IPSEC_POLICY = 0x10 + IP_LOCAL_PORT_RANGE = 0x33 IP_MAXPACKET = 0xffff IP_MAX_MEMBERSHIPS = 0x14 IP_MF = 0x2000 @@ -1653,6 +1655,7 @@ const ( IP_PMTUDISC_OMIT = 0x5 IP_PMTUDISC_PROBE = 0x3 IP_PMTUDISC_WANT = 0x1 + IP_PROTOCOL = 0x34 IP_RECVERR = 0xb IP_RECVERR_RFC4884 = 0x1a IP_RECVFRAGSIZE = 0x19 @@ -2918,7 +2921,9 @@ const ( SCHED_RESET_ON_FORK = 0x40000000 SCHED_RR = 0x2 SCM_CREDENTIALS = 0x2 + SCM_PIDFD = 0x4 SCM_RIGHTS = 0x1 + SCM_SECURITY = 0x3 SCM_TIMESTAMP = 0x1d SC_LOG_FLUSH = 0x100000 SECCOMP_ADDFD_FLAG_SEND = 0x2 @@ -3264,6 +3269,7 @@ const ( TCP_MAX_WINSHIFT = 0xe TCP_MD5SIG = 0xe TCP_MD5SIG_EXT = 0x20 + TCP_MD5SIG_FLAG_IFINDEX = 0x2 TCP_MD5SIG_FLAG_PREFIX = 0x1 TCP_MD5SIG_MAXKEYLEN = 0x50 TCP_MSS = 0x200 diff --git a/unix/zerrors_linux_386.go b/unix/zerrors_linux_386.go index 42ff8c3c1..e4bc0bd57 100644 --- a/unix/zerrors_linux_386.go +++ b/unix/zerrors_linux_386.go @@ -118,6 +118,7 @@ const ( IXOFF = 0x1000 IXON = 0x400 MAP_32BIT = 0x40 + MAP_ABOVE4G = 0x80 MAP_ANON = 0x20 MAP_ANONYMOUS = 0x20 MAP_DENYWRITE = 0x800 diff --git a/unix/zerrors_linux_amd64.go b/unix/zerrors_linux_amd64.go index dca436004..689317afd 100644 --- a/unix/zerrors_linux_amd64.go +++ b/unix/zerrors_linux_amd64.go @@ -118,6 +118,7 @@ const ( IXOFF = 0x1000 IXON = 0x400 MAP_32BIT = 0x40 + MAP_ABOVE4G = 0x80 MAP_ANON = 0x20 MAP_ANONYMOUS = 0x20 MAP_DENYWRITE = 0x800