Date: Sat, 7 Oct 2023 13:55:13 +0200 From: Moin Rahman <bofh@freebsd.org> To: Mathieu Arnold <mat@FreeBSD.org> Cc: ports-committers <ports-committers@freebsd.org>, dev-commits-ports-all@freebsd.org, dev-commits-ports-main@freebsd.org Subject: Re: git: 28374e2250ce - main - lang/php83: Add non-default NOASLR option Message-ID: <C39F9241-9A9A-4874-86C6-E9C59EDBB2AC@freebsd.org> In-Reply-To: <n3ekop2xlf23eki57rp3xesg5uar7gduzt7ucyw5tndy3skxs2@vfe2a4ge77w5> References: <202310071101.397B1Beq050941@gitrepo.freebsd.org> <n3ekop2xlf23eki57rp3xesg5uar7gduzt7ucyw5tndy3skxs2@vfe2a4ge77w5>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_2C2B3FBE-84BC-415F-A992-196FFB4DCCAF Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Oct 7, 2023, at 1:51 PM, Mathieu Arnold <mat@FreeBSD.org> wrote: >=20 > On Sat, Oct 07, 2023 at 11:01:11AM +0000, Muhammad Moinur Rahman = wrote: >> The branch main has been updated by bofh: >>=20 >> URL: = https://cgit.FreeBSD.org/ports/commit/?id=3D28374e2250ce52ea7f88bef2e62c6e= 56181f573b >>=20 >> commit 28374e2250ce52ea7f88bef2e62c6e56181f573b >> Author: Muhammad Moinur Rahman <bofh@FreeBSD.org> >> AuthorDate: 2023-10-07 10:56:44 +0000 >> Commit: Muhammad Moinur Rahman <bofh@FreeBSD.org> >> CommitDate: 2023-10-07 11:00:34 +0000 >>=20 >> lang/php83: Add non-default NOASLR option >=20 > So this should be an ASLR option that is on by default. I thought about it but I will not do it in that way during the lifetime = of 12 as it will create confusion. As there was no ASLR in 12. >> In certain corner cases php-fpm is creating zombie processes = specially >> from 13.2-RELEASE onwards. The exact reason has not been = pin-pointed but >> it looks like disabling ASLR solves the problem. So add a = non-default >> option NOASLR to allow the user build without ASLR. >>=20 >> This patch will not go into lang/php80 but will go in lang/php81 = and >> lang/php82 after some more extensive tests. >>=20 >> PR: 274135 >> Reported by: ports@thelanman.net >> --- >> lang/php83/Makefile | 26 +++++++++++++++++++++----- >> 1 file changed, 21 insertions(+), 5 deletions(-) >>=20 >> diff --git a/lang/php83/Makefile b/lang/php83/Makefile >> index 90ca4ef3b915..bf150d592329 100644 >> --- a/lang/php83/Makefile >> +++ b/lang/php83/Makefile >> @@ -31,17 +31,15 @@ CONFIGURE_ARGS+=3D --disable-all \ >> --with-password-argon2=3D${LOCALBASE} >> DESTDIRNAME=3D INSTALL_ROOT >>=20 >> -USES+=3D autoreconf:build ssl >> +USES+=3D autoreconf:build localbase ssl >> USE_GNOME=3D libxml2 >>=20 >> -CPPFLAGS=3D -I${LOCALBASE}/include >> - >> -LDFLAGS=3D -L${OPENSSLLIB} -lcrypto -lssl >> +LDFLAGS+=3D -L${OPENSSLLIB} -lcrypto -lssl >> # PR230207 Allow relocations against read-only segments (override lld = default) >> LDFLAGS_i386=3D -Wl,-z,notext >>=20 >> OPTIONS_DEFINE+=3D CGI CLI DEBUG DTRACE EMBED FPM IPV6 LINKTHR \ >> - MYSQLND PHPDBG ZTS >> + MYSQLND NOASLR PHPDBG ZTS >> OPTIONS_DEFAULT=3D CGI CLI DTRACE EMBED FPM LINKTHR MYSQLND >> OPTIONS_EXCLUDE_DragonFly=3D DTRACE >> # ld(1) fails to link probes: Relocations in generic ELF (EM: 0) >> @@ -83,6 +81,7 @@ FPM_VARS=3D PHP_SAPI+=3Dfpm \ >> USE_RC_SUBR+=3Dphp-fpm >> IPV6_CONFIGURE_OFF=3D --disable-ipv6 >> LINKTHR_LIBS=3D -lpthread >> +NOASLR_USES=3D elfctl >> MYSQLND_CONFIGURE_ON=3D --enable-mysqlnd >> PHPDBG_CONFIGURE_ON=3D --enable-phpdbg >> PHPDBG_VARS=3D PHP_SAPI+=3Dphpdbg >> @@ -98,6 +97,23 @@ SHORTMODNAME=3D php >> WARNING=3D "!!! If you have a threaded Apache, you must build = ${PHP_PORT} with ZTS support to enable thread-safety in extensions !!!" >> .endif >>=20 >> +.include <bsd.port.options.mk> >> + >> +.if ${PORT_OPTIONS:NOASLR} >> +.if ${PORT_OPTIONS:MCLI} >> +ELF_FEATURES+=3D+noaslr:sapi/cli/php >> +.endif >> +.if ${PORT_OPTIONS:MCGI} >> +ELF_FEATURES+=3D+noaslr:sapi/cgi/php-cgi >> +.endif >> +.if ${PORT_OPTIONS:MPHPDBG} >> +ELF_FEATURES+=3D+noaslr:sapi/phpdbg/phpdbg >> +.endif >> +.if ${PORT_OPTIONS:MFPM} >> +ELF_FEATURES+=3D+noaslr:sapi/fpm/php-fpm >> +.endif >> +.endif >> + >> .include <bsd.port.pre.mk> >>=20 >> .if ${ARCH} =3D=3D riscv64 >>=20 >=20 > -- > Mathieu Arnold --Apple-Mail=_2C2B3FBE-84BC-415F-A992-196FFB4DCCAF Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEETfdREoUGjQZKBS+fvbm1phfAvJEFAmUhRyFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDRE Rjc1MTEyODUwNjhEMDY0QTA1MkY5RkJEQjlCNUE2MTdDMEJDOTEACgkQvbm1phfA vJG/uBAAlPNfaIEPB6AKr8ohFpIl8SyftwhF6MddpgrwGXutvciSL2yaoCs3zo4/ JXDr/ZtLrMKTtMpZjsmjgHmlFjBDLkjIw77xZQtuxG+/mmhUcvBNX6g6dfQ2uGnQ q/GDH1FrifWy+0U5zfzTfMiIRelVXUKUbyPDICF4dMzr90szRUK+ESg8R/gImGpN 8O01Y65rCCqLSPWBe0Z6BKiPHvITZwUYpJwLi08MlKmP99aeqdt+jtkMtukLoQpf 2nizIXjihhb5cIbPkDD202rX0zNQ34OKIzBYzu6DtaTF9quEXfzX+BHdZlR4fKIo 4TD+XanbpJIUuC9hKPGZtaAsatrT6lFdQFOfmStkamGhUWuhnTjT9bZkc7XXHEg2 qw+c7dOD4zhnIJn7BpS3AOz3aHVBSh4qvyqsmGaekcm6C4DqBVAFGzqm4I+ar9r6 Z13tX0DRxnI/JfAzDUC28M14FFZQfIEcTzMEnVeBvos2g2aMBJoJh7HjLerJdF9j FUj7MG08kZwtf+kFdoraN0nKcAdSYeAbjz+hn1R85Ngr2DIsRz1QfYyGx8q/7/v1 mB2wOt0nGsLYBQiJrbxwpMS32lHhcSAHQqgc1UK2BX378bjy6L36ed7jTTkMGDYo wsIVZzloD/L5Oojqcw8BOgs6jP/XO8qKi56Bb1xzUVkxgh+4oiQ= =UK2h -----END PGP SIGNATURE----- --Apple-Mail=_2C2B3FBE-84BC-415F-A992-196FFB4DCCAF--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C39F9241-9A9A-4874-86C6-E9C59EDBB2AC>