From 0cb691368189832e23fa6649bbf8857b7c2c6ce5 Mon Sep 17 00:00:00 2001 From: Jacob Wang Date: Tue, 13 May 2025 10:13:35 +0800 Subject: [PATCH 1/4] [CVE]update to emacs-27.2-11.2 to #IC6YWD update to emacs-27.2-11.2 for CVE-2024-53920 Project: TC2024080204 Signed-off-by: Jacob Wang --- 1001-emacs-add-sw.patch | 86 ---------- emacs-CVE-2024-53920.patch | 316 +++++++++++++++++++++++++++++++++++++ emacs.spec | 40 +---- 3 files changed, 322 insertions(+), 120 deletions(-) delete mode 100644 1001-emacs-add-sw.patch create mode 100644 emacs-CVE-2024-53920.patch diff --git a/1001-emacs-add-sw.patch b/1001-emacs-add-sw.patch deleted file mode 100644 index bafdfa1..0000000 --- a/1001-emacs-add-sw.patch +++ /dev/null @@ -1,86 +0,0 @@ -From f0cc006e3b7f490ece36996dfbef46712cdaf36f Mon Sep 17 00:00:00 2001 -From: wxiat -Date: Tue, 20 Jun 2023 14:20:50 +0800 -Subject: [PATCH] add sw - -Signed-off-by: wxiat ---- - build-aux/config.guess | 8 ++++++++ - build-aux/config.sub | 1 + - configure.ac | 2 +- - src/unexelf.c | 8 +++++++- - 4 files changed, 17 insertions(+), 2 deletions(-) - -diff --git a/build-aux/config.guess b/build-aux/config.guess -index 457a63a..827cd81 100755 ---- a/build-aux/config.guess -+++ b/build-aux/config.guess -@@ -926,6 +926,14 @@ EOF - UNAME_MACHINE=aarch64_be - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; -+ sw_64:Linux:*:*) -+ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in -+ sw) UNAME_MACHINE=sw_64 ;; -+ esac -+ objdump --private-headers /bin/sh | grep -q ld.so.1 -+ if test "$?" = 0 ; then LIBC=gnulibc1 ; fi -+ echo "$UNAME_MACHINE"-sunway-linux-"$LIBC" -+ exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; -diff --git a/build-aux/config.sub b/build-aux/config.sub -index 90f19bb..eb9e11d 100755 ---- a/build-aux/config.sub -+++ b/build-aux/config.sub -@@ -1159,6 +1159,7 @@ case $cpu-$vendor in - | aarch64 | aarch64_be \ - | loongarch32 | loongarch64 | loongarchx32 \ - | abacus \ -+ | sw_64 \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \ - | alphapca5[67] | alpha64pca5[67] \ -diff --git a/configure.ac b/configure.ac -index 0b34532..d4d637c 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -703,7 +703,7 @@ case "${canonical}" in - *-apple-darwin* ) - case "${canonical}" in - *-apple-darwin[0-9].*) unported=yes ;; -- i[3456]86-* | x86_64-* | arm-* | aarch64-* ) ;; -+ i[3456]86-* | x86_64-* | arm-* | aarch64-* | sw_64-* ) ;; - * ) unported=yes ;; - esac - opsys=darwin -diff --git a/src/unexelf.c b/src/unexelf.c -index b5cded5..6c1e121 100644 ---- a/src/unexelf.c -+++ b/src/unexelf.c -@@ -120,7 +120,7 @@ typedef struct { - /* - * NetBSD does not have normal-looking user-land ELF support. - */ --# if defined __alpha__ || defined __sparc_v9__ || defined _LP64 -+# if defined __alpha__ || defined __sparc_v9__ || defined _LP64 || defined __sw_64__ - # define ELFSIZE 64 - # else - # define ELFSIZE 32 -@@ -150,6 +150,12 @@ typedef struct { - # define pHDRR HDRR * - # endif /* __alpha__ */ - -+# ifdef __sw_64__ -+# include -+# define HDRR struct ecoff_symhdr -+# define pHDRR HDRR * -+# endif /* __sw_64__ */ -+ - #ifdef __mips__ /* was in pkgsrc patches for 20.7 */ - # define SHT_MIPS_DEBUG DT_MIPS_FLAGS - # define HDRR struct Elf_Shdr --- -2.31.1 - diff --git a/emacs-CVE-2024-53920.patch b/emacs-CVE-2024-53920.patch new file mode 100644 index 0000000..920f93a --- /dev/null +++ b/emacs-CVE-2024-53920.patch @@ -0,0 +1,316 @@ +--- + emacs-27.2/doc/emacs/misc.texi | 33 +++++++++++++++++ + emacs-27.2/doc/misc/efaq.texi | 7 +++ + emacs-27.2/etc/NEWS | 23 ++++++++++++ + emacs-27.2/lisp/emacs-lisp/macroexp.el | 10 ++++- + emacs-27.2/lisp/files.el | 60 +++++++++++++++++++++++++++++--- + emacs-27.2/lisp/ielm.el | 3 + + emacs-27.2/lisp/progmodes/elisp-mode.el | 58 +++++++++++++++++++++++++----- + emacs-27.2/lisp/simple.el | 1 + emacs-27.2/lisp/startup.el | 14 +++++-- + 9 files changed, 189 insertions(+), 20 deletions(-) + +--- emacs-27.2/doc/emacs/misc.texi ++++ emacs-27.2/doc/emacs/misc.texi 2025-03-03 09:18:41.368169799 +0000 +@@ -279,6 +279,39 @@ trusted and the default checking for the + you can set @code{enable-local-variables} to @code{:all}. @xref{Safe + File Variables}. + ++@cindex trusted files and directories ++Loading a file of Emacs Lisp code with @code{load-file} or ++@code{load-library} (@pxref{Lisp Libraries}) can execute some of the ++Lisp code in the file being loaded, so you should only load Lisp files ++whose source you trust. However, some Emacs features can in certain ++situations execute Lisp code even without your explicit command or ++request. For example, Flymake, the on-the-fly syntax checker for Emacs ++(@pxref{Top,,, flymake, GNU Flymake}), if it is enabled, can ++automatically execute some of the code in a Lisp file you visit as part ++of its syntax-checking job. Similarly, some completion commands ++(@pxref{Completion}) in buffers visiting Lisp files sometimes need to ++expand Lisp macros for best results. In these cases, just visiting a ++Lisp file and performing some editing in it could trigger execution of ++Lisp code. If the visited file came from an untrusted source, it could ++include dangerous or even malicious code that Emacs would execute in ++those situations. ++ ++To protect against this, Emacs disables execution of Lisp code by ++Flymake, completion, and some other features, unless the visited file is ++@dfn{trusted}. It is up to you to specify which files on your system ++should be trusted, by customizing the user option ++@code{trusted-content}. ++ ++@defopt trusted-content ++The value of this option is @code{nil} by default, which means no file ++is trusted. You can customize the variable to be a list of one or more ++names of trusted files and directories. A file name that ends in a ++slash @file{/} is interpreted as a directory, which means all its files ++and subdirectories are also trusted. A special value @code{:all} means ++@emph{all} the files and directories on your system should be trusted; ++@strong{this is not recommended}, as it opens a gaping security hole. ++@end defopt ++ + @xref{Security Considerations,,, elisp, The Emacs Lisp Reference + Manual}, for more information about security considerations when using + Emacs as part of a larger application. +--- emacs-27.2/doc/misc/efaq.texi ++++ emacs-27.2/doc/misc/efaq.texi 2025-03-03 09:18:41.368169799 +0000 +@@ -1001,6 +1001,13 @@ Native support for @acronym{JSON} parsin + @file{json.el}. + + @item ++New user option @code{trusted-contents} to allow potentially dangerous ++Emacs features which could execute arbitrary Lisp code. Use this ++variable to list files and directories whose contents Emacs should ++trust, thus allowing those potentially dangerous features when those ++files are visited. ++ ++@item + Cairo drawing is no longer experimental. + + @cindex portable dumper +--- emacs-27.2/etc/NEWS ++++ emacs-27.2/etc/NEWS 2025-03-03 09:18:41.368169799 +0000 +@@ -15,6 +15,29 @@ in older Emacs versions. + You can narrow news to a specific version by calling 'view-emacs-news' + with a prefix argument or by typing 'C-u C-h C-n'. + ++* Changes for CVE-2024-53920 ++ ++** New user option 'trusted-content' to allow potentially dangerous features. ++This variable lists those files and directories whose content Emacs should ++consider as sufficiently trusted to run any part of the code contained ++therein even without any explicit user request. ++For example, Flymake's backend for Emacs Lisp consults this variable ++and disables itself with an "untrusted content" warning if the file ++is not listed. ++ ++Emacs Lisp authors should note that a major or minor mode must never set ++this variable to the ':all' value. ++ ++This option is used to fix CVE-2024-53920. See below for details. ++ ++** Emacs Lisp mode ++ ++*** 'elisp-flymake-byte-compile' is disabled for untrusted files. ++For security reasons, this backend can be used only in those files ++specified as trusted according to 'trusted-content' and emits an ++"untrusted content" warning otherwise. ++This fixes CVE-2024-53920. ++ + + * Changes in Emacs 27.2 + +--- emacs-27.2/lisp/emacs-lisp/macroexp.el ++++ emacs-27.2/lisp/emacs-lisp/macroexp.el 2025-03-03 09:18:41.368169799 +0000 +@@ -94,12 +94,20 @@ each clause." + (macroexp--all-forms clause skip) + clause))) + ++(defvar macroexp-inhibit-compiler-macros nil ++ "Inhibit application of compiler macros if non-nil.") ++ + (defun macroexp--compiler-macro (handler form) ++ "Apply compiler macro HANDLER to FORM and return the result. ++Unless `macroexp-inhibit-compiler-macros' is non-nil, in which ++case return FORM unchanged." ++ (if macroexp-inhibit-compiler-macros ++ form + (condition-case-unless-debug err + (apply handler form (cdr form)) + (error + (message "Compiler-macro error for %S: %S" (car form) err) +- form))) ++ form)))) + + (defun macroexp--funcall-if-compiled (_form) + "Pseudo function used internally by macroexp to delay warnings. +--- emacs-27.2/lisp/files.el ++++ emacs-27.2/lisp/files.el 2025-03-03 09:20:04.078645249 +0000 +@@ -591,10 +596,57 @@ buffer contents as untrusted. + (other :tag "Query" other)) + :group 'find-file) + +-(defvar enable-dir-local-variables t +- "Non-nil means enable use of directory-local variables. +-Some modes may wish to set this to nil to prevent directory-local +-settings being applied, but still respect file-local ones.") ++(defcustom trusted-content nil ++ "List of files and directories whose content we trust. ++Be extra careful here since trusting means that Emacs might execute the ++code contained within those files and directories without an explicit ++request by the user. ++One important case when this might happen is when `flymake-mode' is ++enabled (for example, when it is added to a mode hook). ++Each element of the list should be a string: ++- If it ends in \"/\", it is considered as a directory name and means that ++ Emacs should trust all the files whose name has this directory as a prefix. ++- Otherwise, it is considered a file name. ++Use abbreviated file names. For example, an entry \"~/mycode/\" means ++that Emacs will trust all the files in your directory \"mycode\". ++This variable can also be set to `:all', in which case Emacs will trust ++all files, which opens a gaping security hole. Emacs Lisp authors ++should note that this value must never be set by a major or minor mode." ++ :type '(choice (repeat :tag "List" file) ++ (const :tag "Trust everything (DANGEROUS!)" :all)) ++ :version "27.2") ++(put 'trusted-content 'risky-local-variable t) ++ ++(defun trusted-content-p () ++ "Return non-nil if we trust the contents of the current buffer. ++Here, \"trust\" means that we are willing to run code found inside of it. ++See also `trusted-content'." ++ ;; We compare with `buffer-file-truename' i.s.o `buffer-file-name' ++ ;; to try and avoid marking as trusted a file that's merely accessed ++ ;; via a symlink that happens to be inside a trusted dir. ++ (and (not untrusted-content) ++ (or ++ (eq trusted-content :all) ++ (and ++ buffer-file-truename ++ (with-demoted-errors "trusted-content-p: %S" ++ (let ((exists (file-exists-p buffer-file-truename))) ++ (or ++ ;; We can't avoid trusting the user's init file. ++ (if (and exists user-init-file) ++ (file-equal-p buffer-file-truename user-init-file) ++ (equal buffer-file-truename user-init-file)) ++ (let ((file (abbreviate-file-name buffer-file-truename)) ++ (trusted nil)) ++ (dolist (tf trusted-content) ++ (when (or (if exists (file-equal-p tf file) (equal tf file)) ++ ;; We don't use `file-in-directory-p' here, because ++ ;; we want to err on the conservative side: "guilty ++ ;; until proven innocent". ++ (and (string-suffix-p "/" tf) ++ (string-prefix-p tf file))) ++ (setq trusted t))) ++ trusted)))))))) + + ;; This is an odd variable IMO. + ;; You might wonder why it is needed, when we could just do: +--- emacs-27.2/lisp/ielm.el ++++ emacs-27.2/lisp/ielm.el 2025-03-03 09:18:41.372169725 +0000 +@@ -616,7 +616,8 @@ See `inferior-emacs-lisp-mode' for detai + (unless (comint-check-proc buf-name) + (with-current-buffer (get-buffer-create buf-name) + (unless (zerop (buffer-size)) (setq old-point (point))) +- (inferior-emacs-lisp-mode))) ++ (inferior-emacs-lisp-mode) ++ (setq-local trusted-content :all))) + (pop-to-buffer-same-window buf-name) + (when old-point (push-mark old-point)))) + +--- emacs-27.2/lisp/progmodes/elisp-mode.el ++++ emacs-27.2/lisp/progmodes/elisp-mode.el 2025-03-03 09:18:41.372169725 +0000 +@@ -333,6 +333,43 @@ Blank lines separate paragraphs. Semico + + (defvar warning-minimum-log-level) + ++(defvar elisp--local-macroenv ++ `((cl-eval-when . ,(lambda (&rest args) `(progn . ,(cdr args)))) ++ (eval-when-compile . ,(lambda (&rest args) `(progn . ,args))) ++ (eval-and-compile . ,(lambda (&rest args) `(progn . ,args)))) ++ "Environment to use while tentatively expanding macros. ++This is used to try and avoid the most egregious problems linked to the ++use of `macroexpand-all' as a way to find the \"underlying raw code\".") ++ ++(defvar elisp--macroexpand-untrusted-warning t) ++ ++(defun elisp--safe-macroexpand-all (sexp) ++ (if (not (trusted-content-p)) ++ ;; FIXME: We should try and do better here, either using a notion ++ ;; of "safe" macros, or with `bwrap', or ... ++ (progn ++ (when elisp--macroexpand-untrusted-warning ++ (setq-local elisp--macroexpand-untrusted-warning nil) ;Don't spam! ++ (let ((inhibit-message t)) ;Only log. ++ (message "Completion of local vars is disabled in %s (untrusted content)" ++ (buffer-name)))) ++ sexp) ++ (let ((macroexpand-advice ++ (lambda (expander form &rest args) ++ (condition-case err ++ (apply expander form args) ++ (error ++ (message "Ignoring macroexpansion error: %S" err) form))))) ++ (unwind-protect ++ ;; Silence any macro expansion errors when ++ ;; attempting completion at point (bug#58148). ++ (let ((inhibit-message t) ++ (macroexp-inhibit-compiler-macros t) ++ (warning-minimum-log-level :emergency)) ++ (advice-add 'macroexpand-1 :around macroexpand-advice) ++ (macroexpand-all sexp elisp--local-macroenv)) ++ (advice-remove 'macroexpand-1 macroexpand-advice))))) ++ + (defun elisp--local-variables () + "Return a list of locally let-bound variables at point." + (save-excursion +@@ -348,17 +385,8 @@ Blank lines separate paragraphs. Semico + (car (read-from-string + (concat txt "elisp--witness--lisp" closer))) + ((invalid-read-syntax end-of-file) nil))) +- (macroexpand-advice (lambda (expander form &rest args) +- (condition-case nil +- (apply expander form args) +- (error form)))) +- (sexp +- (unwind-protect +- (let ((warning-minimum-log-level :emergency)) +- (advice-add 'macroexpand :around macroexpand-advice) +- (macroexpand-all sexp)) +- (advice-remove 'macroexpand macroexpand-advice))) +- (vars (elisp--local-variables-1 nil sexp))) ++ (vars (elisp--local-variables-1 ++ nil (elisp--safe-macroexpand-all sexp)))) + (delq nil + (mapcar (lambda (var) + (and (symbolp var) +@@ -1721,6 +1749,14 @@ directory of the buffer being compiled, + "A Flymake backend for elisp byte compilation. + Spawn an Emacs process that byte-compiles a file representing the + current buffer state and calls REPORT-FN when done." ++ (unless (trusted-content-p) ++ ;; FIXME: Use `bwrap' and friends to compile untrusted content. ++ ;; FIXME: We emit a message *and* signal an error, because by default ++ ;; Flymake doesn't display the warning it puts into "*flmake log*". ++ (message "Disabling elisp-flymake-byte-compile in %s (untrusted content)" ++ (buffer-name)) ++ (error "Disabling elisp-flymake-byte-compile in %s (untrusted content)" ++ (buffer-name))) + (when elisp-flymake--byte-compile-process + (when (process-live-p elisp-flymake--byte-compile-process) + (kill-process elisp-flymake--byte-compile-process))) +--- emacs-27.2/lisp/simple.el ++++ emacs-27.2/lisp/simple.el 2025-03-03 09:18:41.372169725 +0000 +@@ -1621,6 +1621,7 @@ display the result of expression evaluat + ;; `eldoc--eval-expression-setup')? + (add-hook 'completion-at-point-functions + #'elisp-completion-at-point nil t) ++ (setq-local trusted-content :all) + (run-hooks 'eval-expression-minibuffer-setup-hook)) + (read-from-minibuffer prompt initial-contents + read-expression-map t +--- emacs-27.2/lisp/startup.el ++++ emacs-27.2/lisp/startup.el 2025-03-03 09:18:41.372169725 +0000 +@@ -2316,9 +2316,17 @@ A fancy display is used on graphic displ + + (defun startup--get-buffer-create-scratch () + (or (get-buffer "*scratch*") +- (with-current-buffer (get-buffer-create "*scratch*") +- (set-buffer-major-mode (current-buffer)) +- (current-buffer)))) ++ (let ((scratch (get-buffer-create "*scratch*"))) ++ ;; Don't touch the buffer contents or mode unless we know that ++ ;; we just created it. ++ (with-current-buffer scratch ++ (when initial-scratch-message ++ (insert (substitute-command-keys initial-scratch-message)) ++ (set-buffer-modified-p nil)) ++ (funcall initial-major-mode) ++ (when (eq initial-major-mode 'lisp-interaction-mode) ++ (setq-local trusted-content :all))) ++ scratch))) + + (defun command-line-1 (args-left) + "A subroutine of `command-line'." diff --git a/emacs.spec b/emacs.spec index 8cdaef8..8119b66 100644 --- a/emacs.spec +++ b/emacs.spec @@ -1,12 +1,11 @@ %global _hardened_build 1 -%define anolis_release .0.1 # This file is encoded in UTF-8. -*- coding: utf-8 -*- Summary: GNU Emacs text editor Name: emacs Epoch: 1 Version: 27.2 -Release: 11%{anolis_release}%{?dist}.1 +Release: 11%{?dist}.2 License: GPLv3+ and CC0-1.0 URL: http://www.gnu.org/software/emacs/ Source0: https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz @@ -39,11 +38,8 @@ Patch11: emacs-mark-contents-untrusted.patch Patch12: emacs-latex-preview.patch Patch13: emacs-org-link-expand-abbrev-unsafe-elisp.patch Patch14: emacs-man-el-shell-injection-vulnerability.patch +Patch15: emacs-CVE-2024-53920.patch BuildRequires: gcc -# Add by Anolis -Patch1001: 1001-emacs-add-sw.patch -# End of Anolis - BuildRequires: atk-devel BuildRequires: cairo-devel BuildRequires: freetype-devel @@ -105,9 +101,6 @@ Requires(posttrans): %{_sbindir}/alternatives Requires: emacs-common = %{epoch}:%{version}-%{release} Provides: emacs(bin) = %{epoch}:%{version}-%{release} -Requires: glibc -Provides: /usr/bin/emacs - %define site_lisp %{_datadir}/emacs/site-lisp %define site_start_d %{site_lisp}/site-start.d %define bytecompargs -batch --no-init-file --no-site-file -f batch-byte-compile @@ -200,14 +193,6 @@ Summary: Development header files for Emacs %description devel Development header files for Emacs. -%package doc -Summary: Documents for %{name} -BuildArch: noarch -Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} - -%description doc -Doc pages for %{name}. - %prep %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' %setup -q @@ -226,11 +211,7 @@ Doc pages for %{name}. %patch -P 12 -p1 -b .latex-preview %patch -P 13 -p1 -b .org-link-expand-abbrev-unsafe-elisp %patch -P 14 -p1 -b .man-el-shell-injection-vulnerability - -%ifarch loongarch64 -%_update_config_guess -%_update_config_sub -%endif +%patch -P 15 -p1 -b .CVE-2024-53920 autoconf # We prefer our emacs.desktop file @@ -274,11 +255,6 @@ ln -s ../../%{name}/%{version}/etc/NEWS doc %build -%ifarch sw_64 -%_update_config_sub -%_update_config_guess -%endif - export CFLAGS="-DMAIL_USE_LOCKF %{build_cflags}" %set_build_flags @@ -497,6 +473,7 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg %config(noreplace) %{_sysconfdir}/skel/.emacs %{_rpmconfigdir}/macros.d/macros.emacs %license etc/COPYING +%doc doc/NEWS BUGS README %{_bindir}/ebrowse %{_bindir}/emacsclient %{_bindir}/etags.emacs @@ -524,14 +501,9 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg %files devel %{_includedir}/emacs-module.h -%files doc -%doc doc/NEWS BUGS README - %changelog -* Fri Feb 28 2025 Xiaoping Liu - 1:27.2-11.0.1.1 -- Add doc sub package -- update config.sub and config.guess for loongarch64 (Jingyun Hua) -- cherry-pick `add sw patch #349896d0a48b80b530cfa5cc2bd1fc4ceff68e42`. (nijie@wxiat.com) +* Mon May 05 2025 Jacek Migacz - 1:27.2-11.el9_5.2 +- Fix arbitrary code execution via Lisp macro expansion (RHEL-69395) * Mon Feb 24 2025 Jacek Migacz - 1:27.2-11.el9_5.1 - Fix man.el shell injection vulnerability (RHEL-79021) -- Gitee From a11f8c1d92c9deb3946736915a38960d07691616 Mon Sep 17 00:00:00 2001 From: liuxiaoping Date: Mon, 28 Nov 2022 17:48:47 +0800 Subject: [PATCH 2/4] spec: add doc sub package --- emacs.spec | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/emacs.spec b/emacs.spec index 8119b66..f6bc4c8 100644 --- a/emacs.spec +++ b/emacs.spec @@ -1,11 +1,12 @@ %global _hardened_build 1 +%define anolis_release .0.1 # This file is encoded in UTF-8. -*- coding: utf-8 -*- Summary: GNU Emacs text editor Name: emacs Epoch: 1 Version: 27.2 -Release: 11%{?dist}.2 +Release: 11%{anolis_release}%{?dist}.2 License: GPLv3+ and CC0-1.0 URL: http://www.gnu.org/software/emacs/ Source0: https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz @@ -101,6 +102,9 @@ Requires(posttrans): %{_sbindir}/alternatives Requires: emacs-common = %{epoch}:%{version}-%{release} Provides: emacs(bin) = %{epoch}:%{version}-%{release} +Requires: glibc +Provides: /usr/bin/emacs + %define site_lisp %{_datadir}/emacs/site-lisp %define site_start_d %{site_lisp}/site-start.d %define bytecompargs -batch --no-init-file --no-site-file -f batch-byte-compile @@ -193,6 +197,14 @@ Summary: Development header files for Emacs %description devel Development header files for Emacs. +%package doc +Summary: Documents for %{name} +BuildArch: noarch +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} + +%description doc +Doc pages for %{name}. + %prep %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' %setup -q @@ -473,7 +485,6 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg %config(noreplace) %{_sysconfdir}/skel/.emacs %{_rpmconfigdir}/macros.d/macros.emacs %license etc/COPYING -%doc doc/NEWS BUGS README %{_bindir}/ebrowse %{_bindir}/emacsclient %{_bindir}/etags.emacs @@ -501,7 +512,13 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg %files devel %{_includedir}/emacs-module.h +%files doc +%doc doc/NEWS BUGS README + %changelog +* Tue May 13 2025 Xiaoping Liu - 1:27.2-11.0.1.2 +- Add doc sub package + * Mon May 05 2025 Jacek Migacz - 1:27.2-11.el9_5.2 - Fix arbitrary code execution via Lisp macro expansion (RHEL-69395) -- Gitee From e8ca9377e6d6d62f0b24aa83334f7b4891aeafb0 Mon Sep 17 00:00:00 2001 From: Jingyun Hua Date: Tue, 18 Jul 2023 07:34:48 +0000 Subject: [PATCH 3/4] build:support loongarch64 platform --- emacs.spec | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/emacs.spec b/emacs.spec index f6bc4c8..bfade37 100644 --- a/emacs.spec +++ b/emacs.spec @@ -224,6 +224,11 @@ Doc pages for %{name}. %patch -P 13 -p1 -b .org-link-expand-abbrev-unsafe-elisp %patch -P 14 -p1 -b .man-el-shell-injection-vulnerability %patch -P 15 -p1 -b .CVE-2024-53920 + +%ifarch loongarch64 +%_update_config_guess +%_update_config_sub +%endif autoconf # We prefer our emacs.desktop file @@ -518,6 +523,7 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg %changelog * Tue May 13 2025 Xiaoping Liu - 1:27.2-11.0.1.2 - Add doc sub package +- update config.sub and config.guess for loongarch64 (Jingyun Hua) * Mon May 05 2025 Jacek Migacz - 1:27.2-11.el9_5.2 - Fix arbitrary code execution via Lisp macro expansion (RHEL-69395) -- Gitee From cdd38dbb724910fbbe98de89be95873d6c6d6feb Mon Sep 17 00:00:00 2001 From: wxiat Date: Tue, 20 Jun 2023 14:24:31 +0800 Subject: [PATCH 4/4] cherry-pick `add sw patch #349896d0a48b80b530cfa5cc2bd1fc4ceff68e42`. Signed-off-by: wxiat Signed-off-by: Weisson --- 1001-emacs-add-sw.patch | 86 +++++++++++++++++++++++++++++++++++++++++ emacs.spec | 10 +++++ 2 files changed, 96 insertions(+) create mode 100644 1001-emacs-add-sw.patch diff --git a/1001-emacs-add-sw.patch b/1001-emacs-add-sw.patch new file mode 100644 index 0000000..bafdfa1 --- /dev/null +++ b/1001-emacs-add-sw.patch @@ -0,0 +1,86 @@ +From f0cc006e3b7f490ece36996dfbef46712cdaf36f Mon Sep 17 00:00:00 2001 +From: wxiat +Date: Tue, 20 Jun 2023 14:20:50 +0800 +Subject: [PATCH] add sw + +Signed-off-by: wxiat +--- + build-aux/config.guess | 8 ++++++++ + build-aux/config.sub | 1 + + configure.ac | 2 +- + src/unexelf.c | 8 +++++++- + 4 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/build-aux/config.guess b/build-aux/config.guess +index 457a63a..827cd81 100755 +--- a/build-aux/config.guess ++++ b/build-aux/config.guess +@@ -926,6 +926,14 @@ EOF + UNAME_MACHINE=aarch64_be + echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" + exit ;; ++ sw_64:Linux:*:*) ++ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in ++ sw) UNAME_MACHINE=sw_64 ;; ++ esac ++ objdump --private-headers /bin/sh | grep -q ld.so.1 ++ if test "$?" = 0 ; then LIBC=gnulibc1 ; fi ++ echo "$UNAME_MACHINE"-sunway-linux-"$LIBC" ++ exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; +diff --git a/build-aux/config.sub b/build-aux/config.sub +index 90f19bb..eb9e11d 100755 +--- a/build-aux/config.sub ++++ b/build-aux/config.sub +@@ -1159,6 +1159,7 @@ case $cpu-$vendor in + | aarch64 | aarch64_be \ + | loongarch32 | loongarch64 | loongarchx32 \ + | abacus \ ++ | sw_64 \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \ + | alphapca5[67] | alpha64pca5[67] \ +diff --git a/configure.ac b/configure.ac +index 0b34532..d4d637c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -703,7 +703,7 @@ case "${canonical}" in + *-apple-darwin* ) + case "${canonical}" in + *-apple-darwin[0-9].*) unported=yes ;; +- i[3456]86-* | x86_64-* | arm-* | aarch64-* ) ;; ++ i[3456]86-* | x86_64-* | arm-* | aarch64-* | sw_64-* ) ;; + * ) unported=yes ;; + esac + opsys=darwin +diff --git a/src/unexelf.c b/src/unexelf.c +index b5cded5..6c1e121 100644 +--- a/src/unexelf.c ++++ b/src/unexelf.c +@@ -120,7 +120,7 @@ typedef struct { + /* + * NetBSD does not have normal-looking user-land ELF support. + */ +-# if defined __alpha__ || defined __sparc_v9__ || defined _LP64 ++# if defined __alpha__ || defined __sparc_v9__ || defined _LP64 || defined __sw_64__ + # define ELFSIZE 64 + # else + # define ELFSIZE 32 +@@ -150,6 +150,12 @@ typedef struct { + # define pHDRR HDRR * + # endif /* __alpha__ */ + ++# ifdef __sw_64__ ++# include ++# define HDRR struct ecoff_symhdr ++# define pHDRR HDRR * ++# endif /* __sw_64__ */ ++ + #ifdef __mips__ /* was in pkgsrc patches for 20.7 */ + # define SHT_MIPS_DEBUG DT_MIPS_FLAGS + # define HDRR struct Elf_Shdr +-- +2.31.1 + diff --git a/emacs.spec b/emacs.spec index bfade37..2aa055f 100644 --- a/emacs.spec +++ b/emacs.spec @@ -41,6 +41,10 @@ Patch13: emacs-org-link-expand-abbrev-unsafe-elisp.patch Patch14: emacs-man-el-shell-injection-vulnerability.patch Patch15: emacs-CVE-2024-53920.patch BuildRequires: gcc +# Add by Anolis +Patch1001: 1001-emacs-add-sw.patch +# End of Anolis + BuildRequires: atk-devel BuildRequires: cairo-devel BuildRequires: freetype-devel @@ -272,6 +276,11 @@ ln -s ../../%{name}/%{version}/etc/NEWS doc %build +%ifarch sw_64 +%_update_config_sub +%_update_config_guess +%endif + export CFLAGS="-DMAIL_USE_LOCKF %{build_cflags}" %set_build_flags @@ -524,6 +533,7 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg * Tue May 13 2025 Xiaoping Liu - 1:27.2-11.0.1.2 - Add doc sub package - update config.sub and config.guess for loongarch64 (Jingyun Hua) +- cherry-pick `add sw patch #349896d0a48b80b530cfa5cc2bd1fc4ceff68e42`. (nijie@wxiat.com) * Mon May 05 2025 Jacek Migacz - 1:27.2-11.el9_5.2 - Fix arbitrary code execution via Lisp macro expansion (RHEL-69395) -- Gitee