diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000000000000000000000000000000000..c9524742c991223b023e564159a396f5afc645ee --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +dotnet-9.0.109.tar.gz filter=lfs diff=lfs merge=lfs -text diff --git a/0001-Add-openEuler-Linux-support.patch b/0001-Add-openEuler-Linux-support.patch new file mode 100644 index 0000000000000000000000000000000000000000..f0bac5b5023121d471993b820478823eb1de089a --- /dev/null +++ b/0001-Add-openEuler-Linux-support.patch @@ -0,0 +1,23 @@ +diff --git a/src/runtime/src/native/corehost/hostmisc/pal.unix.cpp b/src/runtime/src/native/corehost/hostmisc/pal.unix.cpp +index 265ad809d..bc536c285 100644 +--- a/src/runtime/src/native/corehost/hostmisc/pal.unix.cpp ++++ b/src/runtime/src/native/corehost/hostmisc/pal.unix.cpp +@@ -788,6 +788,7 @@ pal::string_t normalize_linux_rid(pal::string_t rid) + pal::string_t rhelPrefix(_X("rhel.")); + pal::string_t alpinePrefix(_X("alpine.")); + pal::string_t rockyPrefix(_X("rocky.")); ++ pal::string_t oePrefix(_X("openeuler.")); + size_t lastVersionSeparatorIndex = std::string::npos; + + if (rid.compare(0, rhelPrefix.length(), rhelPrefix) == 0) +@@ -806,6 +807,10 @@ pal::string_t normalize_linux_rid(pal::string_t rid) + { + lastVersionSeparatorIndex = rid.find(_X("."), rockyPrefix.length()); + } ++ else if (rid.compare(0, oePrefix.length(), oePrefix) == 0) ++ { ++ lastVersionSeparatorIndex = rid.find(_X("."), oePrefix.length()); ++ } + + if (lastVersionSeparatorIndex != std::string::npos) + { diff --git a/0002-Update-openEuler-Linux-RIDs.patch b/0002-Update-openEuler-Linux-RIDs.patch new file mode 100644 index 0000000000000000000000000000000000000000..bf66bbec46b6fc1f0153d7dace359f14f5b56077 --- /dev/null +++ b/0002-Update-openEuler-Linux-RIDs.patch @@ -0,0 +1,114 @@ +diff --git a/src/runtime/src/libraries/Microsoft.NETCore.Platforms/src/runtime.json b/src/runtime/src/libraries/Microsoft.NETCore.Platforms/src/runtime.json +index 64e7c5546..a65b75adc 100644 +--- a/src/runtime/src/libraries/Microsoft.NETCore.Platforms/src/runtime.json ++++ b/src/runtime/src/libraries/Microsoft.NETCore.Platforms/src/runtime.json +@@ -2600,6 +2600,109 @@ + "illumos-x64" + ] + }, ++ "openeuler": { ++ "#import": [ ++ "linux" ++ ] ++ }, ++ "openeuler-x64": { ++ "#import": [ ++ "openeuler", ++ "linux-x64" ++ ] ++ }, ++ "openeuler-arm64": { ++ "#import": [ ++ "openeuler", ++ "linux-arm64" ++ ] ++ }, ++ "openeuler.20": { ++ "#import": [ ++ "openeuler" ++ ] ++ }, ++ "openeuler.20-x64": { ++ "#import": [ ++ "openeuler.22", ++ "openeuler-x64" ++ ] ++ }, ++ "openeuler.20-arm64": { ++ "#import": [ ++ "openeuler.22", ++ "openeuler-arm64" ++ ] ++ }, ++ ++ "openeuler.22": { ++ "#import": [ ++ "openeuler" ++ ] ++ }, ++ "openeuler.22-x64": { ++ "#import": [ ++ "openeuler.22", ++ "openeuler-x64" ++ ] ++ }, ++ "openeuler.22-arm64": { ++ "#import": [ ++ "openeuler.22", ++ "openeuler-arm64" ++ ] ++ }, ++ "openeuler.22.03": { ++ "#import": [ ++ "openeuler.22" ++ ] ++ }, ++ "openeuler.22.03-x64": { ++ "#import": [ ++ "openeuler.22.03", ++ "openeuler.22-x64" ++ ] ++ }, ++ "openeuler.22.03-arm64": { ++ "#import": [ ++ "openeuler.22.03", ++ "openeuler.22-arm64" ++ ] ++ }, ++ "openeuler.25": { ++ "#import": [ ++ "openeuler" ++ ] ++ }, ++ "openeuler.25-x64": { ++ "#import": [ ++ "openeuler.25", ++ "openeuler-x64" ++ ] ++ }, ++ "openeuler.25-arm64": { ++ "#import": [ ++ "openeuler.25", ++ "openeuler-arm64" ++ ] ++ }, ++ "openeuler.25.09": { ++ "#import": [ ++ "openeuler.25" ++ ] ++ }, ++ "openeuler.25.09-x64": { ++ "#import": [ ++ "openeuler.25.09", ++ "openeuler.25-x64" ++ ] ++ }, ++ "openeuler.25.09-arm64": { ++ "#import": [ ++ "openeuler.25.09", ++ "openeuler.25-arm64" ++ ] ++ }, + "opensuse": { + "#import": [ + "linux" diff --git a/check-debug-symbols.py b/check-debug-symbols.py old mode 100755 new mode 100644 index 4e26535e5b2654aa8390ef6b6845488dac472e51..a4caa57fbafd97c44e18cc86332dd075f9a6c282 --- a/check-debug-symbols.py +++ b/check-debug-symbols.py @@ -29,13 +29,16 @@ import sys ScanResult = collections.namedtuple('ScanResult', 'file_name debug_info debug_abbrev file_symbols gnu_debuglink') +file_symbol_exclude_list = [ + 'ilc', +] def scan_file(file): "Scan the provided file and return a ScanResult containing results of the scan." # Test for .debug_* sections in the shared object. This is the main test. # Stripped objects will not contain these. - readelf_S_result = subprocess.run(['readelf', '-S', file], + readelf_S_result = subprocess.run(['eu-readelf', '-S', file], stdout=subprocess.PIPE, encoding='utf-8', check=True) has_debug_info = any(line for line in readelf_S_result.stdout.split('\n') if '] .debug_info' in line) @@ -52,9 +55,11 @@ def scan_file(file): parts[2] == '0' and parts[3] == 'FILE' and parts[4] == 'LOCAL' and parts[5] == 'DEFAULT' and \ parts[6] == 'ABS' and re.match(r'((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx))?', parts[7]) - readelf_s_result = subprocess.run(["readelf", '-s', file], + readelf_s_result = subprocess.run(["eu-readelf", '-s', file], stdout=subprocess.PIPE, encoding='utf-8', check=True) - has_file_symbols = any(line for line in readelf_s_result.stdout.split('\n') if contains_file_symbols(line)) + has_file_symbols = True + if not os.path.basename(file) in file_symbol_exclude_list: + has_file_symbols = any(line for line in readelf_s_result.stdout.split('\n') if contains_file_symbols(line)) # Test that there are no .gnu_debuglink sections pointing to another # debuginfo file. There shouldn't be any debuginfo files, so the link makes diff --git a/dotnet-9.0.109.tar.gz b/dotnet-9.0.109.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..3e77b45f8af50d3790643bc8b22f3ef298289bfe --- /dev/null +++ b/dotnet-9.0.109.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:42fdfe3733884a3f6ceb3b428ff346ccb92f95010c447e27f3b164f70145730c +size 495158284 diff --git a/dotnet-9.0.109.tar.gz.sig b/dotnet-9.0.109.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000..74f2f6c971491160637fb26bd65cccc8459a9160 --- /dev/null +++ b/dotnet-9.0.109.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: BSN Pgp v1.0.0.0 + +iQIcBAABCAAGBQJoiUE2AAoJEP2/U8JNtIcuIjkQAJvFD1WwftRIn/Ll5PUw6YD8 +edNoU2z7dfogRJ+N3Wy/yxUeYCmYUGY82/afVYqanW0Uao7GHeqBJhjTdIf6lmiS +ny0DU6J0oBCYaJk/dxCCtjCPNz26AGo3oEIWTSlR1EOO/G3v6S6y8PI13YF13fxp +G4QRRiD+3MCuzZ7O3/otNZ1NWZ7rb9Fpbg0FcwhQrFUbVTtAAEFx3CEqXV0JQaJq +EnmzAGeiDa6by4QfdgYhkvuQko2lsBmZOa4Ung9r/DzhuIGA6wKlq+Nv70Y+rpkG +4/f2diGq7N6uER6mxoBvgVKrVECDdLf/atM/pyebFG5ccTGdj3KZGAG1uO95WlAH +SnCXsRfisERhmw8FXzrsJQ5awU3aMnqMalVF/zcVcqL/N+N56K7jQfOyzNStLa0C +zVA9vx8KyPpJk0Ua643Cih4XR7kKKnZNZ+JfzPxkCF3fXqx8qIhB8GqAGxBwKBG9 +bQk81WAXKx7KjeyDJLOIKff7O1GEK883PqSPbTzWm6Ip4mbpgtbnFUW6lm0AjAiy +/KaJ+z9NdkhXw46zTODcvdTa69RXQ54bGKPHnHezHUmYoLZ/h2AYIj37JSxG611N +0NJDqxP6JQVIsy6t7BUosTFo8YTO4bBHjINDZlpdOaNz6G0Jqj+GYkLbXL5l5VCT +SpD3zMussN+T0giRHHoW +=bbNN +-----END PGP SIGNATURE----- diff --git a/release-key-2023.asc b/release-key-2023.asc index 96844b6539812eca484385ba15cb39926517690c..8f0ec5733dd7e9a4ce220372caf0aee142800b63 100644 --- a/release-key-2023.asc +++ b/release-key-2023.asc @@ -1,29 +1,29 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: BSN Pgp v1.1.0.0 - -mQINBGUKsUYBEADVCJm4EhXALr1ld42kWeh/vM0XMZ2orNT6NRLDRYjpE4mm4UqA -vpjfGCwt5fLcrT4yZng8ABkB3QwTsZzmxesAMD5AZR/gdU1G96DuDGsjp6zJvTuX -zvz3PXUYfcl9n5X32acA6N9J5Xfp10xqX3oitUODBdYy/vKW/v/y87ZxgaR6a3wp -pPJBJIVKwFJx13v4BHRsGp1fepliQcXPvmNKFNI20le5+FbLq6C9hY5wcwGHGfQr -EokH79GsmqgSImqxDOIh06J5VfWA+JwV+3vf95pD8IUrRfGQ+GK7b1/bySxtM5Qa -b/IDgvl/Qq3AzEpGarMBaqGbqMz1C7jd8Y6nyKMP/V+OCjbEdYNM8GRz6kBP3Un+ -Frat5Lc2o4DF+zB3PKIJS3hku5gwlJu6IU1F23vmYFtjUcpRGmyQZDoWyBbOWlB5 -4SXqVu16amUsRFYmOK8BJMjdotcVbriVIv6WRmugfhIMoRJzVGxYkdbuiuMAX69V -xDoGpxX5A8S5A79y0USUVtadQfFavMTyb/gUuUe8oDsqK9gdI3ETxLYG4gYwauVX -fCGfoLOKsq5dPzEuEA7GCRrMau+rHKFaM7BigSdnHFW7xNZ4v0YnXAagoqM2G5o5 -9sak0l57vxxTVk2V3iZzkoU2J2Zlyxyh72n5vjRmb7aNwmQh4Eav6a8ssQARAQAB -tBlvbm54Y29yZWRldkBtaWNyb3NvZnQuY29tiQI4BBMBCAAiBQJlCrFGAhsDBgsJ -CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRD9v1PCTbSHLtfzEADIKq15XDeQxLSo -BG1aFa9n82K1YADVcu1LeddfhDmQWLnZNgyHtQlKN2n59282CXtgymzae3uc05s2 -feIJaqF4M4NnCX8Ct3K7Hq1jI7ZktlquPCCy9XHq9aQY8XTxmdtRevtclKgYTwDh -w+D/KbE8vTZ6o7JoubA3MKf4k3S8qL/0rIyaC6h0EpiWoMy1TdNMMK7BT4kl6Vz4 -W6KmNgOux1Pzku5ULM4WuOzmwW+NAzpOLJowfDs1ZC2RM3+g9i1/DmwWtCHngvGD -+clA0I0agXxo05toOBTfwxd2gWYczuo/Ole16fYTzqT6n0DHqOjjcc9A7EmC72fQ -J+hHAqM+4+CbEGuMpNnTMpCZs98bcK3Rqx/bDJYtbclZzm5O/V4nVbDrJZKzpgA1 -KuzNMLkr62P6/t15UsStgmrlTILmE5NG0CR1mj/46+mNbsMZCel3dcvnT1Zf4rTq -QxMC7Dd/DECKQVC339G/BRfNyhOk2S1mZR/g1uS4bznL+tiwudDh/TAi5C3ZBDMh -0muwD9caXS/QFIBWtb2ai3IcpU357R/ERPKLcWYtoYJ80RuKi6XYr1WxSPBmd5Qm -wuncye+wR2dveo2jnIXZGUSgz50ZNgBxs/cYWAQ8J6KMgIBa+JY2qalzvIGbrC5x -Sr+CkhS8vrktfnRgc8yBssJnvNfqXA== -=pKgS ------END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: BSN Pgp v1.1.0.0 + +mQINBGUKsUYBEADVCJm4EhXALr1ld42kWeh/vM0XMZ2orNT6NRLDRYjpE4mm4UqA +vpjfGCwt5fLcrT4yZng8ABkB3QwTsZzmxesAMD5AZR/gdU1G96DuDGsjp6zJvTuX +zvz3PXUYfcl9n5X32acA6N9J5Xfp10xqX3oitUODBdYy/vKW/v/y87ZxgaR6a3wp +pPJBJIVKwFJx13v4BHRsGp1fepliQcXPvmNKFNI20le5+FbLq6C9hY5wcwGHGfQr +EokH79GsmqgSImqxDOIh06J5VfWA+JwV+3vf95pD8IUrRfGQ+GK7b1/bySxtM5Qa +b/IDgvl/Qq3AzEpGarMBaqGbqMz1C7jd8Y6nyKMP/V+OCjbEdYNM8GRz6kBP3Un+ +Frat5Lc2o4DF+zB3PKIJS3hku5gwlJu6IU1F23vmYFtjUcpRGmyQZDoWyBbOWlB5 +4SXqVu16amUsRFYmOK8BJMjdotcVbriVIv6WRmugfhIMoRJzVGxYkdbuiuMAX69V +xDoGpxX5A8S5A79y0USUVtadQfFavMTyb/gUuUe8oDsqK9gdI3ETxLYG4gYwauVX +fCGfoLOKsq5dPzEuEA7GCRrMau+rHKFaM7BigSdnHFW7xNZ4v0YnXAagoqM2G5o5 +9sak0l57vxxTVk2V3iZzkoU2J2Zlyxyh72n5vjRmb7aNwmQh4Eav6a8ssQARAQAB +tBlvbm54Y29yZWRldkBtaWNyb3NvZnQuY29tiQI4BBMBCAAiBQJlCrFGAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRD9v1PCTbSHLtfzEADIKq15XDeQxLSo +BG1aFa9n82K1YADVcu1LeddfhDmQWLnZNgyHtQlKN2n59282CXtgymzae3uc05s2 +feIJaqF4M4NnCX8Ct3K7Hq1jI7ZktlquPCCy9XHq9aQY8XTxmdtRevtclKgYTwDh +w+D/KbE8vTZ6o7JoubA3MKf4k3S8qL/0rIyaC6h0EpiWoMy1TdNMMK7BT4kl6Vz4 +W6KmNgOux1Pzku5ULM4WuOzmwW+NAzpOLJowfDs1ZC2RM3+g9i1/DmwWtCHngvGD ++clA0I0agXxo05toOBTfwxd2gWYczuo/Ole16fYTzqT6n0DHqOjjcc9A7EmC72fQ +J+hHAqM+4+CbEGuMpNnTMpCZs98bcK3Rqx/bDJYtbclZzm5O/V4nVbDrJZKzpgA1 +KuzNMLkr62P6/t15UsStgmrlTILmE5NG0CR1mj/46+mNbsMZCel3dcvnT1Zf4rTq +QxMC7Dd/DECKQVC339G/BRfNyhOk2S1mZR/g1uS4bznL+tiwudDh/TAi5C3ZBDMh +0muwD9caXS/QFIBWtb2ai3IcpU357R/ERPKLcWYtoYJ80RuKi6XYr1WxSPBmd5Qm +wuncye+wR2dveo2jnIXZGUSgz50ZNgBxs/cYWAQ8J6KMgIBa+JY2qalzvIGbrC5x +Sr+CkhS8vrktfnRgc8yBssJnvNfqXA== +=pKgS +-----END PGP PUBLIC KEY BLOCK----- diff --git a/release.json b/release.json index 9a63353dcb4b817723e0ddd222ba9db66f09afbc..05a9b704456a9d774954a050a1c7788b99ce65a1 100644 --- a/release.json +++ b/release.json @@ -1,10 +1,10 @@ { - "release": "8.0.4", - "channel": "8.0", - "tag": "v8.0.4", - "sdkVersion": "8.0.104", - "runtimeVersion": "8.0.4", - "aspNetCoreVersion": "8.0.4", + "release": "9.0.8", + "channel": "9.0", + "tag": "v9.0.109", + "sdkVersion": "9.0.109", + "runtimeVersion": "9.0.8", + "aspNetCoreVersion": "9.0.8", "sourceRepository": "https://github.com/dotnet/dotnet", - "sourceVersion": "83659133a1aa2b2d94f9c4ecebfa10d960e27706" + "sourceVersion": "a1e39f97e51f1d381385d2dc6c94b368ea333784" } diff --git a/runtime-disable-fortify-on-ilasm-parser.patch b/runtime-disable-fortify-on-ilasm-parser.patch new file mode 100644 index 0000000000000000000000000000000000000000..a12822243fee8ec658d17930d27f9b633d2a382a --- /dev/null +++ b/runtime-disable-fortify-on-ilasm-parser.patch @@ -0,0 +1,12 @@ +diff --git dotnet/src/runtime/src/coreclr/ilasm/CMakeLists.txt dotnet/src/runtime/src/coreclr/ilasm/CMakeLists.txt +index cca2c6da185..d31e6cb2070 100644 +--- dotnet/src/runtime/src/coreclr/ilasm/CMakeLists.txt ++++ dotnet/src/runtime/src/coreclr/ilasm/CMakeLists.txt +@@ -52,6 +52,7 @@ if(CLR_CMAKE_HOST_UNIX) + add_compile_options(-Wno-array-bounds) + add_compile_options(-Wno-unused-label) + set_source_files_properties( prebuilt/asmparse.cpp PROPERTIES COMPILE_FLAGS "-O0" ) ++ set_source_files_properties( prebuilt/asmparse.cpp PROPERTIES COMPILE_FLAGS "-Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=0" ) + endif(CLR_CMAKE_HOST_UNIX) + + if(CLR_CMAKE_HOST_LINUX OR CLR_CMAKE_HOST_FREEBSD OR CLR_CMAKE_HOST_NETBSD OR CLR_CMAKE_HOST_SUNOS OR CLR_CMAKE_HOST_HAIKU) diff --git a/runtime-openssl-sha1.patch b/runtime-openssl-sha1.patch new file mode 100644 index 0000000000000000000000000000000000000000..6e307efbb2860d938ca92229cf34bea2caac2892 --- /dev/null +++ b/runtime-openssl-sha1.patch @@ -0,0 +1,34 @@ +From d7805229ffe6906cd0832c0482b963caf4b4fd82 Mon Sep 17 00:00:00 2001 +From: Tom Deseyn +Date: Wed, 28 Feb 2024 14:08:15 +0100 +Subject: [PATCH] Allow certificate validation with SHA-1 signatures. + +RHEL OpenSSL builds disable SHA-1 signatures. This causes certificate +validation to fail when using the X509_V_FLAG_CHECK_SS_SIGNATURE flag +with a chain where the last certificate uses a SHA-1 signature. + +This removes X509_V_FLAG_CHECK_SS_SIGNATURE flag to have the default +OpenSSL behavior for certificate validation. +--- + .../libs/System.Security.Cryptography.Native/pal_x509.c | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c +index 04c6ba06cd..2cd3413dae 100644 +--- a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c ++++ b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c +@@ -272,11 +272,6 @@ int32_t CryptoNative_X509StoreCtxInit(X509_STORE_CTX* ctx, X509_STORE* store, X5 + + int32_t val = X509_STORE_CTX_init(ctx, store, x509, extraStore); + +- if (val != 0) +- { +- X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_CHECK_SS_SIGNATURE); +- } +- + return val; + } + +-- +2.43.2 + diff --git a/runtime-re-enable-implicit-rejection.patch b/runtime-re-enable-implicit-rejection.patch index 841850fdbfa7153c4fce978b6329d01e0b025711..a2e5614edac3694c35e52c222da1fd27005e73f4 100644 --- a/runtime-re-enable-implicit-rejection.patch +++ b/runtime-re-enable-implicit-rejection.patch @@ -47,33 +47,6 @@ index 39f3ebc82ec..5b97f468a42 100644 using (RSA rsa = RSAFactory.Create(TestData.RSA2048Params)) { void RoundtripEmpty(RSAEncryptionPadding paddingMode) -@@ -716,26 +725,6 @@ public void NotSupportedValueMethods() - } - } - -- [ConditionalTheory] -- [InlineData(new byte[] { 1, 2, 3, 4 })] -- [InlineData(new byte[0])] -- public void Decrypt_Pkcs1_ErrorsForInvalidPadding(byte[] data) -- { -- if (data.Length == 0 && !PlatformSupportsEmptyRSAEncryption) -- { -- throw new SkipTestException("Platform does not support RSA encryption of empty data."); -- } -- -- using (RSA rsa = RSAFactory.Create(TestData.RSA2048Params)) -- { -- byte[] encrypted = Encrypt(rsa, data, RSAEncryptionPadding.Pkcs1); -- encrypted[1] ^= 0xFF; -- -- // PKCS#1, the data, and the key are all deterministic so this should always throw an exception. -- Assert.ThrowsAny(() => Decrypt(rsa, encrypted, RSAEncryptionPadding.Pkcs1)); -- } -- } -- - [Fact] - public void Decrypt_Pkcs1_BadPadding() - { @@ -757,23 +746,5 @@ public static IEnumerable OaepPaddingModes } }