cross/binutils-*: upgrade to 2.40-r11

cross/binutils-aarch64/APKBUILD

@@ -8,7 +8,7 @@ CTARGET="$(arch_to_hostspec $CTARGET_ARCH)"
 
 pkgname=binutils-aarch64
 pkgver=2.40
-pkgrel=8
+pkgrel=11
 pkgdesc="Tools necessary to build programs for aarch64 targets"
 url="https://www.gnu.org/software/binutils/"
 makedepends_build="bison flex texinfo"
@@ -18,8 +18,10 @@ arch="x86_64"
 license="GPL-2.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause"
 subpackages="binutils-dev binutils-doc"
 source="https://ftp.gnu.org/gnu/binutils/binutils-$pkgver.tar.xz
-	binutils-ld-fix-static-linking.patch
 	0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+	CVE-2023-1972.patch
+	binutils-ld-fix-static-linking.patch
+	riscv64-textrels.patch
 	"
 builddir="$srcdir/binutils-$pkgver"
 
@@ -38,6 +40,8 @@ if [ "$CHOST" != "$CTARGET" ]; then
 fi
 
 # secfixes:
+#   2.40-r10:
+#     - CVE-2023-1972
 #   2.40-r0:
 #     - CVE-2023-1579
 #   2.39-r2:
@@ -79,6 +83,8 @@ build() {
 		_gold_configure="--disable-gold"
 	fi
 
+	CFLAGS="$CFLAGS -O2" \
+	CXXFLAGS="$CXXFLAGS -O2" \
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -139,6 +145,8 @@ gold() {
 
 sha512sums="
 a37e042523bc46494d99d5637c3f3d8f9956d9477b748b3b1f6d7dfbb8d968ed52c932e88a4e946c6f77b8f48f1e1b360ca54c3d298f17193f3b4963472f6925  binutils-2.40.tar.xz
-ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
 70ec22bd72ef6dddecfd970613387dd4a8cdc8730dd3cbf03d5a0c3a7c4d839383167bb06dad21bf7c235329fd44b5dc4aefe762f68544f17155cf002bf1be4a  0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+b434e126c4c3f70c02b0a5597a0d75a4ea99b1498552c2d0676005ac0ae171c56cf07a6f6e2faa1381f1f4d4a37043a07d177dd4912f09b61109f103853594b2  CVE-2023-1972.patch
+ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
+d138691d953c6f49111601df1731db157d2ecedf1593e37ababb5c12ff10572b5f7982288c81579f4a99097780dbb18d3b457f74daab0f935f59423e69cec56f  riscv64-textrels.patch
 "

cross/binutils-aarch64/CVE-2023-1972.patch

@@ -0,0 +1,37 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+https://sourceware.org/bugzilla/show_bug.cgi?id=30285
+--
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 30 Mar 2023 09:10:09 +0000 (+0100)
+Subject: Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+
+Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+
+  PR 30285
+  * elf.c (_bfd_elf_slurp_version_tables): Fail if no version definitions are allocated.
+---
+
+diff --git a/bfd/elf.c b/bfd/elf.c
+index 027d0143735..185028cbd97 100644
+--- a/bfd/elf.c
++++ b/bfd/elf.c
+@@ -9030,6 +9030,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return_verdef;
+ 	}
++
++      if (amt == 0)
++	goto error_return_verdef;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return_verdef;
+@@ -9133,6 +9136,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return;
+ 	}
++      if (amt == 0)
++	goto error_return;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return;

cross/binutils-aarch64/riscv64-textrels.patch

@@ -0,0 +1,103 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e#patch1
+https://sourceware.org/bugzilla/show_bug.cgi?id=25694
+--
+From: Nelson Chu <nelson@nelson.ba.rivosinc.com>
+Date: Thu, 4 May 2023 09:08:50 +0000 (+0800)
+Subject: [PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e
+
+[PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+
+Lots of targets already fixed the TEXTREL problem for TLS in PIE.
+
+* For PR ld/25694,
+In the check_reloc, refer to spare and loongarch, they don't need to reserve
+any local dynamic reloc for TLS LE in pie/pde, and similar to other targets.
+So it seems like riscv was too conservative to estimate the TLS LE before.
+Just break and don't goto static_reloc for TLS LE in pie/pde can fix the
+TEXTREL problem.
+
+* For PR ld/22263,
+The risc-v code for TLS GD/IE in the relocate_section seems same as MIPS port.
+So similar to MIPS, pr22570, commits 9143e72c6d4d and 1cb83cac9a89, it seems
+also the right way to do the same thing for risc-v.
+
+On risc-v, fixes
+FAIL: Build pr22263-1
+
+RISC-V haven't supported the TLS transitions, so will need the same fix (use
+bfd_link_dll) in the future.
+
+bfd/
+	PR ld/22263
+	PR ld/25694
+	* elfnn-riscv.c (riscv_elf_check_relocs): Replace bfd_link_pic with
+	bfd_link_dll for TLS IE.  Don't need to reserve the local dynamic
+	relocation for TLS LE in pie/pde, and report error in pic just like
+	before.
+	(riscv_elf_relocate_section): For TLS GD/IE, use bfd_link_dll rather
+	than !bfd_link_pic in determining the dynamic symbol index.  Avoid
+	the index of -1.
+---
+
+diff --git a/bfd/elfnn-riscv.c b/bfd/elfnn-riscv.c
+index 75af040cf92..762ea231c0b 100644
+--- a/bfd/elfnn-riscv.c
++++ b/bfd/elfnn-riscv.c
+@@ -824,7 +824,7 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  break;
+ 
+ 	case R_RISCV_TLS_GOT_HI20:
+-	  if (bfd_link_pic (info))
++	  if (bfd_link_dll (info))
+ 	    info->flags |= DF_STATIC_TLS;
+ 	  if (!riscv_elf_record_got_reference (abfd, info, h, r_symndx)
+ 	      || !riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_IE))
+@@ -920,11 +920,12 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  goto static_reloc;
+ 
+ 	case R_RISCV_TPREL_HI20:
++	  /* This is not allowed in the pic, but okay in pie.  */
+ 	  if (!bfd_link_executable (info))
+ 	    return bad_static_reloc (abfd, r_type, h);
+ 	  if (h != NULL)
+ 	    riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_LE);
+-	  goto static_reloc;
++	  break;
+ 
+ 	case R_RISCV_HI20:
+ 	  if (bfd_link_pic (info))
+@@ -2880,24 +2881,20 @@ riscv_elf_relocate_section (bfd *output_bfd,
+ 	      if (htab->elf.srelgot == NULL)
+ 		abort ();
+ 
+-	      if (h != NULL)
+-		{
+-		  bool dyn, pic;
+-		  dyn = htab->elf.dynamic_sections_created;
+-		  pic = bfd_link_pic (info);
+-
+-		  if (WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, pic, h)
+-		      && (!pic || !SYMBOL_REFERENCES_LOCAL (info, h)))
+-		    indx = h->dynindx;
+-		}
++	      bool dyn = elf_hash_table (info)->dynamic_sections_created;
++	      if (h != NULL
++		  && h->dynindx != -1
++		  && WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, bfd_link_pic (info), h)
++		  && (bfd_link_dll (info) || !SYMBOL_REFERENCES_LOCAL (info, h)))
++		indx = h->dynindx;
+ 
+ 	      /* The GOT entries have not been initialized yet.  Do it
+ 		 now, and emit any relocations.  */
+-	      if ((bfd_link_pic (info) || indx != 0)
++	      if ((bfd_link_dll (info) || indx != 0)
+ 		  && (h == NULL
+ 		      || ELF_ST_VISIBILITY (h->other) == STV_DEFAULT
+ 		      || h->root.type != bfd_link_hash_undefweak))
+-		    need_relocs = true;
++		need_relocs = true;
+ 
+ 	      if (tls_type & GOT_TLS_GD)
+ 		{
+

cross/binutils-armhf/APKBUILD

@@ -8,7 +8,7 @@ CTARGET="$(arch_to_hostspec $CTARGET_ARCH)"
 
 pkgname=binutils-armhf
 pkgver=2.40
-pkgrel=8
+pkgrel=11
 pkgdesc="Tools necessary to build programs for armhf targets"
 url="https://www.gnu.org/software/binutils/"
 makedepends_build="bison flex texinfo"
@@ -18,8 +18,10 @@ arch="x86_64"
 license="GPL-2.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause"
 subpackages="binutils-dev binutils-doc"
 source="https://ftp.gnu.org/gnu/binutils/binutils-$pkgver.tar.xz
-	binutils-ld-fix-static-linking.patch
 	0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+	CVE-2023-1972.patch
+	binutils-ld-fix-static-linking.patch
+	riscv64-textrels.patch
 	"
 builddir="$srcdir/binutils-$pkgver"
 
@@ -38,6 +40,8 @@ if [ "$CHOST" != "$CTARGET" ]; then
 fi
 
 # secfixes:
+#   2.40-r10:
+#     - CVE-2023-1972
 #   2.40-r0:
 #     - CVE-2023-1579
 #   2.39-r2:
@@ -79,6 +83,8 @@ build() {
 		_gold_configure="--disable-gold"
 	fi
 
+	CFLAGS="$CFLAGS -O2" \
+	CXXFLAGS="$CXXFLAGS -O2" \
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -139,6 +145,8 @@ gold() {
 
 sha512sums="
 a37e042523bc46494d99d5637c3f3d8f9956d9477b748b3b1f6d7dfbb8d968ed52c932e88a4e946c6f77b8f48f1e1b360ca54c3d298f17193f3b4963472f6925  binutils-2.40.tar.xz
-ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
 70ec22bd72ef6dddecfd970613387dd4a8cdc8730dd3cbf03d5a0c3a7c4d839383167bb06dad21bf7c235329fd44b5dc4aefe762f68544f17155cf002bf1be4a  0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+b434e126c4c3f70c02b0a5597a0d75a4ea99b1498552c2d0676005ac0ae171c56cf07a6f6e2faa1381f1f4d4a37043a07d177dd4912f09b61109f103853594b2  CVE-2023-1972.patch
+ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
+d138691d953c6f49111601df1731db157d2ecedf1593e37ababb5c12ff10572b5f7982288c81579f4a99097780dbb18d3b457f74daab0f935f59423e69cec56f  riscv64-textrels.patch
 "

cross/binutils-armhf/CVE-2023-1972.patch

@@ -0,0 +1,37 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+https://sourceware.org/bugzilla/show_bug.cgi?id=30285
+--
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 30 Mar 2023 09:10:09 +0000 (+0100)
+Subject: Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+
+Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+
+  PR 30285
+  * elf.c (_bfd_elf_slurp_version_tables): Fail if no version definitions are allocated.
+---
+
+diff --git a/bfd/elf.c b/bfd/elf.c
+index 027d0143735..185028cbd97 100644
+--- a/bfd/elf.c
++++ b/bfd/elf.c
+@@ -9030,6 +9030,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return_verdef;
+ 	}
++
++      if (amt == 0)
++	goto error_return_verdef;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return_verdef;
+@@ -9133,6 +9136,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return;
+ 	}
++      if (amt == 0)
++	goto error_return;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return;

cross/binutils-armhf/riscv64-textrels.patch

@@ -0,0 +1,103 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e#patch1
+https://sourceware.org/bugzilla/show_bug.cgi?id=25694
+--
+From: Nelson Chu <nelson@nelson.ba.rivosinc.com>
+Date: Thu, 4 May 2023 09:08:50 +0000 (+0800)
+Subject: [PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e
+
+[PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+
+Lots of targets already fixed the TEXTREL problem for TLS in PIE.
+
+* For PR ld/25694,
+In the check_reloc, refer to spare and loongarch, they don't need to reserve
+any local dynamic reloc for TLS LE in pie/pde, and similar to other targets.
+So it seems like riscv was too conservative to estimate the TLS LE before.
+Just break and don't goto static_reloc for TLS LE in pie/pde can fix the
+TEXTREL problem.
+
+* For PR ld/22263,
+The risc-v code for TLS GD/IE in the relocate_section seems same as MIPS port.
+So similar to MIPS, pr22570, commits 9143e72c6d4d and 1cb83cac9a89, it seems
+also the right way to do the same thing for risc-v.
+
+On risc-v, fixes
+FAIL: Build pr22263-1
+
+RISC-V haven't supported the TLS transitions, so will need the same fix (use
+bfd_link_dll) in the future.
+
+bfd/
+	PR ld/22263
+	PR ld/25694
+	* elfnn-riscv.c (riscv_elf_check_relocs): Replace bfd_link_pic with
+	bfd_link_dll for TLS IE.  Don't need to reserve the local dynamic
+	relocation for TLS LE in pie/pde, and report error in pic just like
+	before.
+	(riscv_elf_relocate_section): For TLS GD/IE, use bfd_link_dll rather
+	than !bfd_link_pic in determining the dynamic symbol index.  Avoid
+	the index of -1.
+---
+
+diff --git a/bfd/elfnn-riscv.c b/bfd/elfnn-riscv.c
+index 75af040cf92..762ea231c0b 100644
+--- a/bfd/elfnn-riscv.c
++++ b/bfd/elfnn-riscv.c
+@@ -824,7 +824,7 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  break;
+ 
+ 	case R_RISCV_TLS_GOT_HI20:
+-	  if (bfd_link_pic (info))
++	  if (bfd_link_dll (info))
+ 	    info->flags |= DF_STATIC_TLS;
+ 	  if (!riscv_elf_record_got_reference (abfd, info, h, r_symndx)
+ 	      || !riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_IE))
+@@ -920,11 +920,12 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  goto static_reloc;
+ 
+ 	case R_RISCV_TPREL_HI20:
++	  /* This is not allowed in the pic, but okay in pie.  */
+ 	  if (!bfd_link_executable (info))
+ 	    return bad_static_reloc (abfd, r_type, h);
+ 	  if (h != NULL)
+ 	    riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_LE);
+-	  goto static_reloc;
++	  break;
+ 
+ 	case R_RISCV_HI20:
+ 	  if (bfd_link_pic (info))
+@@ -2880,24 +2881,20 @@ riscv_elf_relocate_section (bfd *output_bfd,
+ 	      if (htab->elf.srelgot == NULL)
+ 		abort ();
+ 
+-	      if (h != NULL)
+-		{
+-		  bool dyn, pic;
+-		  dyn = htab->elf.dynamic_sections_created;
+-		  pic = bfd_link_pic (info);
+-
+-		  if (WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, pic, h)
+-		      && (!pic || !SYMBOL_REFERENCES_LOCAL (info, h)))
+-		    indx = h->dynindx;
+-		}
++	      bool dyn = elf_hash_table (info)->dynamic_sections_created;
++	      if (h != NULL
++		  && h->dynindx != -1
++		  && WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, bfd_link_pic (info), h)
++		  && (bfd_link_dll (info) || !SYMBOL_REFERENCES_LOCAL (info, h)))
++		indx = h->dynindx;
+ 
+ 	      /* The GOT entries have not been initialized yet.  Do it
+ 		 now, and emit any relocations.  */
+-	      if ((bfd_link_pic (info) || indx != 0)
++	      if ((bfd_link_dll (info) || indx != 0)
+ 		  && (h == NULL
+ 		      || ELF_ST_VISIBILITY (h->other) == STV_DEFAULT
+ 		      || h->root.type != bfd_link_hash_undefweak))
+-		    need_relocs = true;
++		need_relocs = true;
+ 
+ 	      if (tls_type & GOT_TLS_GD)
+ 		{
+

cross/binutils-armv7/APKBUILD

@@ -8,7 +8,7 @@ CTARGET="$(arch_to_hostspec $CTARGET_ARCH)"
 
 pkgname=binutils-armv7
 pkgver=2.40
-pkgrel=8
+pkgrel=11
 pkgdesc="Tools necessary to build programs for armv7 targets"
 url="https://www.gnu.org/software/binutils/"
 makedepends_build="bison flex texinfo"
@@ -18,8 +18,10 @@ arch="x86_64"
 license="GPL-2.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause"
 subpackages="binutils-dev binutils-doc"
 source="https://ftp.gnu.org/gnu/binutils/binutils-$pkgver.tar.xz
-	binutils-ld-fix-static-linking.patch
 	0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+	CVE-2023-1972.patch
+	binutils-ld-fix-static-linking.patch
+	riscv64-textrels.patch
 	"
 builddir="$srcdir/binutils-$pkgver"
 
@@ -38,6 +40,8 @@ if [ "$CHOST" != "$CTARGET" ]; then
 fi
 
 # secfixes:
+#   2.40-r10:
+#     - CVE-2023-1972
 #   2.40-r0:
 #     - CVE-2023-1579
 #   2.39-r2:
@@ -79,6 +83,8 @@ build() {
 		_gold_configure="--disable-gold"
 	fi
 
+	CFLAGS="$CFLAGS -O2" \
+	CXXFLAGS="$CXXFLAGS -O2" \
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -139,6 +145,8 @@ gold() {
 
 sha512sums="
 a37e042523bc46494d99d5637c3f3d8f9956d9477b748b3b1f6d7dfbb8d968ed52c932e88a4e946c6f77b8f48f1e1b360ca54c3d298f17193f3b4963472f6925  binutils-2.40.tar.xz
-ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
 70ec22bd72ef6dddecfd970613387dd4a8cdc8730dd3cbf03d5a0c3a7c4d839383167bb06dad21bf7c235329fd44b5dc4aefe762f68544f17155cf002bf1be4a  0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+b434e126c4c3f70c02b0a5597a0d75a4ea99b1498552c2d0676005ac0ae171c56cf07a6f6e2faa1381f1f4d4a37043a07d177dd4912f09b61109f103853594b2  CVE-2023-1972.patch
+ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
+d138691d953c6f49111601df1731db157d2ecedf1593e37ababb5c12ff10572b5f7982288c81579f4a99097780dbb18d3b457f74daab0f935f59423e69cec56f  riscv64-textrels.patch
 "

cross/binutils-armv7/CVE-2023-1972.patch

@@ -0,0 +1,37 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+https://sourceware.org/bugzilla/show_bug.cgi?id=30285
+--
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 30 Mar 2023 09:10:09 +0000 (+0100)
+Subject: Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+
+Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+
+  PR 30285
+  * elf.c (_bfd_elf_slurp_version_tables): Fail if no version definitions are allocated.
+---
+
+diff --git a/bfd/elf.c b/bfd/elf.c
+index 027d0143735..185028cbd97 100644
+--- a/bfd/elf.c
++++ b/bfd/elf.c
+@@ -9030,6 +9030,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return_verdef;
+ 	}
++
++      if (amt == 0)
++	goto error_return_verdef;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return_verdef;
+@@ -9133,6 +9136,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return;
+ 	}
++      if (amt == 0)
++	goto error_return;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return;

cross/binutils-armv7/riscv64-textrels.patch

@@ -0,0 +1,103 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e#patch1
+https://sourceware.org/bugzilla/show_bug.cgi?id=25694
+--
+From: Nelson Chu <nelson@nelson.ba.rivosinc.com>
+Date: Thu, 4 May 2023 09:08:50 +0000 (+0800)
+Subject: [PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e
+
+[PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+
+Lots of targets already fixed the TEXTREL problem for TLS in PIE.
+
+* For PR ld/25694,
+In the check_reloc, refer to spare and loongarch, they don't need to reserve
+any local dynamic reloc for TLS LE in pie/pde, and similar to other targets.
+So it seems like riscv was too conservative to estimate the TLS LE before.
+Just break and don't goto static_reloc for TLS LE in pie/pde can fix the
+TEXTREL problem.
+
+* For PR ld/22263,
+The risc-v code for TLS GD/IE in the relocate_section seems same as MIPS port.
+So similar to MIPS, pr22570, commits 9143e72c6d4d and 1cb83cac9a89, it seems
+also the right way to do the same thing for risc-v.
+
+On risc-v, fixes
+FAIL: Build pr22263-1
+
+RISC-V haven't supported the TLS transitions, so will need the same fix (use
+bfd_link_dll) in the future.
+
+bfd/
+	PR ld/22263
+	PR ld/25694
+	* elfnn-riscv.c (riscv_elf_check_relocs): Replace bfd_link_pic with
+	bfd_link_dll for TLS IE.  Don't need to reserve the local dynamic
+	relocation for TLS LE in pie/pde, and report error in pic just like
+	before.
+	(riscv_elf_relocate_section): For TLS GD/IE, use bfd_link_dll rather
+	than !bfd_link_pic in determining the dynamic symbol index.  Avoid
+	the index of -1.
+---
+
+diff --git a/bfd/elfnn-riscv.c b/bfd/elfnn-riscv.c
+index 75af040cf92..762ea231c0b 100644
+--- a/bfd/elfnn-riscv.c
++++ b/bfd/elfnn-riscv.c
+@@ -824,7 +824,7 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  break;
+ 
+ 	case R_RISCV_TLS_GOT_HI20:
+-	  if (bfd_link_pic (info))
++	  if (bfd_link_dll (info))
+ 	    info->flags |= DF_STATIC_TLS;
+ 	  if (!riscv_elf_record_got_reference (abfd, info, h, r_symndx)
+ 	      || !riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_IE))
+@@ -920,11 +920,12 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  goto static_reloc;
+ 
+ 	case R_RISCV_TPREL_HI20:
++	  /* This is not allowed in the pic, but okay in pie.  */
+ 	  if (!bfd_link_executable (info))
+ 	    return bad_static_reloc (abfd, r_type, h);
+ 	  if (h != NULL)
+ 	    riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_LE);
+-	  goto static_reloc;
++	  break;
+ 
+ 	case R_RISCV_HI20:
+ 	  if (bfd_link_pic (info))
+@@ -2880,24 +2881,20 @@ riscv_elf_relocate_section (bfd *output_bfd,
+ 	      if (htab->elf.srelgot == NULL)
+ 		abort ();
+ 
+-	      if (h != NULL)
+-		{
+-		  bool dyn, pic;
+-		  dyn = htab->elf.dynamic_sections_created;
+-		  pic = bfd_link_pic (info);
+-
+-		  if (WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, pic, h)
+-		      && (!pic || !SYMBOL_REFERENCES_LOCAL (info, h)))
+-		    indx = h->dynindx;
+-		}
++	      bool dyn = elf_hash_table (info)->dynamic_sections_created;
++	      if (h != NULL
++		  && h->dynindx != -1
++		  && WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, bfd_link_pic (info), h)
++		  && (bfd_link_dll (info) || !SYMBOL_REFERENCES_LOCAL (info, h)))
++		indx = h->dynindx;
+ 
+ 	      /* The GOT entries have not been initialized yet.  Do it
+ 		 now, and emit any relocations.  */
+-	      if ((bfd_link_pic (info) || indx != 0)
++	      if ((bfd_link_dll (info) || indx != 0)
+ 		  && (h == NULL
+ 		      || ELF_ST_VISIBILITY (h->other) == STV_DEFAULT
+ 		      || h->root.type != bfd_link_hash_undefweak))
+-		    need_relocs = true;
++		need_relocs = true;
+ 
+ 	      if (tls_type & GOT_TLS_GD)
+ 		{
+

cross/binutils-riscv64/APKBUILD

@@ -8,7 +8,7 @@ CTARGET="$(arch_to_hostspec $CTARGET_ARCH)"
 
 pkgname=binutils-riscv64
 pkgver=2.40
-pkgrel=8
+pkgrel=11
 pkgdesc="Tools necessary to build programs for riscv64 targets"
 url="https://www.gnu.org/software/binutils/"
 makedepends_build="bison flex texinfo"
@@ -18,8 +18,10 @@ arch="x86_64"
 license="GPL-2.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause"
 subpackages="binutils-dev binutils-doc"
 source="https://ftp.gnu.org/gnu/binutils/binutils-$pkgver.tar.xz
-	binutils-ld-fix-static-linking.patch
 	0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+	CVE-2023-1972.patch
+	binutils-ld-fix-static-linking.patch
+	riscv64-textrels.patch
 	"
 builddir="$srcdir/binutils-$pkgver"
 
@@ -38,6 +40,8 @@ if [ "$CHOST" != "$CTARGET" ]; then
 fi
 
 # secfixes:
+#   2.40-r10:
+#     - CVE-2023-1972
 #   2.40-r0:
 #     - CVE-2023-1579
 #   2.39-r2:
@@ -79,6 +83,8 @@ build() {
 		_gold_configure="--disable-gold"
 	fi
 
+	CFLAGS="$CFLAGS -O2" \
+	CXXFLAGS="$CXXFLAGS -O2" \
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -139,6 +145,8 @@ gold() {
 
 sha512sums="
 a37e042523bc46494d99d5637c3f3d8f9956d9477b748b3b1f6d7dfbb8d968ed52c932e88a4e946c6f77b8f48f1e1b360ca54c3d298f17193f3b4963472f6925  binutils-2.40.tar.xz
-ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
 70ec22bd72ef6dddecfd970613387dd4a8cdc8730dd3cbf03d5a0c3a7c4d839383167bb06dad21bf7c235329fd44b5dc4aefe762f68544f17155cf002bf1be4a  0001-Revert-PR25882-.gnu.attributes-are-not-checked-for-s.patch
+b434e126c4c3f70c02b0a5597a0d75a4ea99b1498552c2d0676005ac0ae171c56cf07a6f6e2faa1381f1f4d4a37043a07d177dd4912f09b61109f103853594b2  CVE-2023-1972.patch
+ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49  binutils-ld-fix-static-linking.patch
+d138691d953c6f49111601df1731db157d2ecedf1593e37ababb5c12ff10572b5f7982288c81579f4a99097780dbb18d3b457f74daab0f935f59423e69cec56f  riscv64-textrels.patch
 "

cross/binutils-riscv64/CVE-2023-1972.patch

@@ -0,0 +1,37 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+https://sourceware.org/bugzilla/show_bug.cgi?id=30285
+--
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 30 Mar 2023 09:10:09 +0000 (+0100)
+Subject: Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hp=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086
+
+Fix an illegal memory access when an accessing a zer0-lengthverdef table.
+
+  PR 30285
+  * elf.c (_bfd_elf_slurp_version_tables): Fail if no version definitions are allocated.
+---
+
+diff --git a/bfd/elf.c b/bfd/elf.c
+index 027d0143735..185028cbd97 100644
+--- a/bfd/elf.c
++++ b/bfd/elf.c
+@@ -9030,6 +9030,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return_verdef;
+ 	}
++
++      if (amt == 0)
++	goto error_return_verdef;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return_verdef;
+@@ -9133,6 +9136,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return;
+ 	}
++      if (amt == 0)
++	goto error_return;
+       elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verdef == NULL)
+ 	goto error_return;

cross/binutils-riscv64/riscv64-textrels.patch

@@ -0,0 +1,103 @@
+Patch-Source: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e#patch1
+https://sourceware.org/bugzilla/show_bug.cgi?id=25694
+--
+From: Nelson Chu <nelson@nelson.ba.rivosinc.com>
+Date: Thu, 4 May 2023 09:08:50 +0000 (+0800)
+Subject: [PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=225df051d3d4cf714d1791b9035966a6686b3f3d;hp=a70d5ba34cb64bbbb7df4f3055cf5b1967bdf61e
+
+[PR ld/22263][PR ld/25694] RISC-V: Avoid dynamic TLS relocs in PIE.
+
+Lots of targets already fixed the TEXTREL problem for TLS in PIE.
+
+* For PR ld/25694,
+In the check_reloc, refer to spare and loongarch, they don't need to reserve
+any local dynamic reloc for TLS LE in pie/pde, and similar to other targets.
+So it seems like riscv was too conservative to estimate the TLS LE before.
+Just break and don't goto static_reloc for TLS LE in pie/pde can fix the
+TEXTREL problem.
+
+* For PR ld/22263,
+The risc-v code for TLS GD/IE in the relocate_section seems same as MIPS port.
+So similar to MIPS, pr22570, commits 9143e72c6d4d and 1cb83cac9a89, it seems
+also the right way to do the same thing for risc-v.
+
+On risc-v, fixes
+FAIL: Build pr22263-1
+
+RISC-V haven't supported the TLS transitions, so will need the same fix (use
+bfd_link_dll) in the future.
+
+bfd/
+	PR ld/22263
+	PR ld/25694
+	* elfnn-riscv.c (riscv_elf_check_relocs): Replace bfd_link_pic with
+	bfd_link_dll for TLS IE.  Don't need to reserve the local dynamic
+	relocation for TLS LE in pie/pde, and report error in pic just like
+	before.
+	(riscv_elf_relocate_section): For TLS GD/IE, use bfd_link_dll rather
+	than !bfd_link_pic in determining the dynamic symbol index.  Avoid
+	the index of -1.
+---
+
+diff --git a/bfd/elfnn-riscv.c b/bfd/elfnn-riscv.c
+index 75af040cf92..762ea231c0b 100644
+--- a/bfd/elfnn-riscv.c
++++ b/bfd/elfnn-riscv.c
+@@ -824,7 +824,7 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  break;
+ 
+ 	case R_RISCV_TLS_GOT_HI20:
+-	  if (bfd_link_pic (info))
++	  if (bfd_link_dll (info))
+ 	    info->flags |= DF_STATIC_TLS;
+ 	  if (!riscv_elf_record_got_reference (abfd, info, h, r_symndx)
+ 	      || !riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_IE))
+@@ -920,11 +920,12 @@ riscv_elf_check_relocs (bfd *abfd, struct bfd_link_info *info,
+ 	  goto static_reloc;
+ 
+ 	case R_RISCV_TPREL_HI20:
++	  /* This is not allowed in the pic, but okay in pie.  */
+ 	  if (!bfd_link_executable (info))
+ 	    return bad_static_reloc (abfd, r_type, h);
+ 	  if (h != NULL)
+ 	    riscv_elf_record_tls_type (abfd, h, r_symndx, GOT_TLS_LE);
+-	  goto static_reloc;
++	  break;
+ 
+ 	case R_RISCV_HI20:
+ 	  if (bfd_link_pic (info))
+@@ -2880,24 +2881,20 @@ riscv_elf_relocate_section (bfd *output_bfd,
+ 	      if (htab->elf.srelgot == NULL)
+ 		abort ();
+ 
+-	      if (h != NULL)
+-		{
+-		  bool dyn, pic;
+-		  dyn = htab->elf.dynamic_sections_created;
+-		  pic = bfd_link_pic (info);
+-
+-		  if (WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, pic, h)
+-		      && (!pic || !SYMBOL_REFERENCES_LOCAL (info, h)))
+-		    indx = h->dynindx;
+-		}
++	      bool dyn = elf_hash_table (info)->dynamic_sections_created;
++	      if (h != NULL
++		  && h->dynindx != -1
++		  && WILL_CALL_FINISH_DYNAMIC_SYMBOL (dyn, bfd_link_pic (info), h)
++		  && (bfd_link_dll (info) || !SYMBOL_REFERENCES_LOCAL (info, h)))
++		indx = h->dynindx;
+ 
+ 	      /* The GOT entries have not been initialized yet.  Do it
+ 		 now, and emit any relocations.  */
+-	      if ((bfd_link_pic (info) || indx != 0)
++	      if ((bfd_link_dll (info) || indx != 0)
+ 		  && (h == NULL
+ 		      || ELF_ST_VISIBILITY (h->other) == STV_DEFAULT
+ 		      || h->root.type != bfd_link_hash_undefweak))
+-		    need_relocs = true;
++		need_relocs = true;
+ 
+ 	      if (tls_type & GOT_TLS_GD)
+ 		{
+