"gcc(1)" is really not a file name.
Use <ulink> and link to the online man page on
https://man.archlinux.org/ so the user can refer to the man pages more
easily.
The change is done via a sed command and long lines are wrapped
manually.
Disable building nscd in glibc.
Update to iana-etc-20230929.
Update to vim-9.0.1968.
Update to openssl-3.1.3.
Update to meson-1.2.2.
Update to man-db-2.12.0.
Update to linux-6.5.5.
Update to kmod-31.
Update to kbd-2.6.3.
Update to gettext-0.22.2.
Update to bc-6.7.0.
I've not bothered to write an explanation for --disable-crypt because it
will likely be the default of Glibc-2.38, then we may drop it from the
command lines.
Update the rationale for min-kernel in hostreqs. Add a note in
general.ent about the EOL of current min-kernel. Realign the
backslashes in glibc instructions.
"The command below shows an example of nested command substitution
using two methods: backquotes and a $() construct. It could be
rewritten using the same method for both substitutions, but is
shown this way to demonstrate how they can be mixed. Generally
the $() method is preferred."
We need to enable decimal float here or MPFR will be built w/o decimal
float support. Then 2 of 183 tests will be skipped, and this will also
cause an ICA issue.
Q: Why we need decimal float in pass 1?
A: We need pass-1 GCC with decimal float support to build decimal float
routines in pass-2 libgcc.
We only need a one-line change in upstream fix (because we don't use
"make --shuffle"). Add it as a sed for both Chapter 5 and Chapter 8.
Note that the "minimal" sed would be '/MAEKFLAGS :=/s/r/ -r/'. I
included an additional ')' so it won't modify "-r" again to "- -r".
Tested "make" and "make check" on a x86_64 with -j8 and an arm64 with
-j24.
Link: https://sourceware.org/git/?p=glibc.git;a=commit;h=2d7ed98add14
When I changed the sanity check to remove the "dummy.c" file, I
inadvertently used "gcc" instead of "$LFS_TGT-gcc". Which of course
finds the host gcc...
Expand tabs to 8 spaces like everywhere else in the book.
Explain that shared libraries are already covered by ASLR, PIE expands
the ASLR to cover the exetutables.
In 2022, stack smashing attackings are mostly constructing a sequence of
faked returning addresses to exectute a series of function already
existing in the programs or libraries itself (ret2lib). Returning into
the code injected by the attacker is almost impossible because on
i686 (with a PAE/NX enabled kernel) or x86_64, running injected code
needs W/X mappings and those are very rare these days.
