Merge remote branch 'origin/master'

9 files changed, 244 insertions, 131 deletions

diff --git a/dwflpp.cxx b/dwflpp.cxx
index 4fb0d54e..0d41dab8 100644
--- a/dwflpp.cxx
+++ b/dwflpp.cxx
@@ -1729,9 +1729,9 @@ dwflpp::translate_location(struct obstack *pool,
                             e->tok);
     }
 
-  // get_cfa_ops works on the dw address space, pc is relative to current
-  // module, so add do need to add module_bias.
-  Dwarf_Op *cfa_ops = get_cfa_ops (pc + module_bias);
+  // pc is relative to current module, which is what get_cfa_ops
+  // and c_translate_location expects.
+  Dwarf_Op *cfa_ops = get_cfa_ops (pc);
   return c_translate_location (pool, &loc2c_error, this,
                                &loc2c_emit_address,
                                1, 0 /* PR9768 */,
diff --git a/runtime/alloc.c b/runtime/alloc.c
index fa85fc41..810ec5d5 100644
--- a/runtime/alloc.c
+++ b/runtime/alloc.c
@@ -172,18 +172,99 @@ static void _stp_mem_debug_free(void *addr, enum _stp_memtype type)
 
 	return;
 }
+
+static void _stp_mem_debug_validate(void *addr)
+{
+	int found = 0;
+	struct list_head *p, *tmp;
+	struct _stp_mem_entry *m = NULL;
+
+	spin_lock(&_stp_mem_lock);
+	list_for_each_safe(p, tmp, &_stp_mem_list) {
+		m = list_entry(p, struct _stp_mem_entry, list);
+		if (m->addr == addr) {
+			found = 1;
+			break;
+		}
+	}
+	spin_unlock(&_stp_mem_lock);
+	if (!found) {
+		printk("SYSTEMTAP ERROR: Couldn't validate memory %p\n", 
+		       addr);
+		return;
+	}
+	if (m->magic != MEM_MAGIC) {
+		printk("SYSTEMTAP ERROR: Memory at %p corrupted!!\n", addr);
+		return;
+	}
+	
+	switch (m->type) {
+	case MEM_KMALLOC:
+		_stp_check_mem_fence(addr, m->len);
+		break;
+	case MEM_PERCPU:
+		/* do nothing */
+		break;
+	case MEM_VMALLOC:
+		_stp_check_mem_fence(addr, m->len);
+		break;
+	default:
+		printk("SYSTEMTAP ERROR: Attempted to validate memory at addr %p len=%d with unknown allocation type.\n", addr, (int)m->len);
+	}
+
+	return;
+}
+#endif
+
+/* #define MAXMEMORY 8192 */
+/*
+ * If MAXMEMORY is defined to a value (stap -DMAXMEMORY=8192 ...) then
+ * every memory allocation is checked to make sure the systemtap
+ * module doesn't use more than MAXMEMORY of memory.  MAXMEMORY is
+ * specified in kilobytes, so, for example, '8192' means that the
+ * systemtap module won't use more than 8 megabytes of memory.
+ *
+ * Note 1: This size does include the size of the module itself, plus
+ * any additional allocations.
+ *
+ * Note 2: Since we can't be ensured that the module transport is set
+ * up when a memory allocation problem happens, this code can't
+ * directly report an error back to a user (so instead it uses
+ * 'printk').  If the modules transport has been set up, the code that
+ * calls the memory allocation functions
+ * (_stp_kmalloc/_stp_kzalloc/etc.) should report an error directly wto
+ * the user.
+ *
+ * Note 3: This only tracks direct allocations by the systemtap
+ * runtime.  This does not track indirect allocations (such as done by
+ * kprobes/uprobes/etc. internals).
+ */
+
+#ifdef MAXMEMORY
+#ifndef STAPCONF_GRSECURITY
+#define _STP_MODULE_CORE_SIZE (THIS_MODULE->core_size)
+#else
+#define _STP_MODULE_CORE_SIZE (THIS_MODULE->core_size_rw)
+#endif
 #endif
 
 static void *_stp_kmalloc(size_t size)
 {
+	void *ret;
+#ifdef MAXMEMORY
+	if ((_STP_MODULE_CORE_SIZE + _stp_allocated_memory + size)
+	    > (MAXMEMORY * 1024)) {
+		return NULL;
+	}
+#endif
 #ifdef DEBUG_MEM
-	void *ret = kmalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS);
+	ret = kmalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 		ret = _stp_mem_debug_setup(ret, size, MEM_KMALLOC);
 	}
 #else
-	void *ret = kmalloc(size, STP_ALLOC_FLAGS);
+	ret = kmalloc(size, STP_ALLOC_FLAGS);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 	}
@@ -194,15 +275,22 @@ static void *_stp_kmalloc(size_t size)
 static void *_stp_kzalloc(size_t size)
 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,15)
 {
+	void *ret;
+#ifdef MAXMEMORY
+	if ((_STP_MODULE_CORE_SIZE + _stp_allocated_memory + size)
+	    > (MAXMEMORY * 1024)) {
+		return NULL;
+	}
+#endif
 #ifdef DEBUG_MEM
-	void *ret = kmalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS);
+	ret = kmalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 		ret = _stp_mem_debug_setup(ret, size, MEM_KMALLOC);
 		memset (ret, 0, size);
 	}
 #else
-	void *ret = kmalloc(size, STP_ALLOC_FLAGS);
+	ret = kmalloc(size, STP_ALLOC_FLAGS);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 		memset (ret, 0, size);
@@ -212,14 +300,21 @@ static void *_stp_kzalloc(size_t size)
 }
 #else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,15) */
 {
+	void *ret;
+#ifdef MAXMEMORY
+	if ((_STP_MODULE_CORE_SIZE + _stp_allocated_memory + size)
+	    > (MAXMEMORY * 1024)) {
+		return NULL;
+	}
+#endif
 #ifdef DEBUG_MEM
-	void *ret = kzalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS);
+	ret = kzalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 		ret = _stp_mem_debug_setup(ret, size, MEM_KMALLOC);
 	}
 #else
-	void *ret = kzalloc(size, STP_ALLOC_FLAGS);
+	ret = kzalloc(size, STP_ALLOC_FLAGS);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 	}
@@ -230,14 +325,21 @@ static void *_stp_kzalloc(size_t size)
 
 static void *_stp_vmalloc(unsigned long size)
 {
+	void *ret;
+#ifdef MAXMEMORY
+	if ((_STP_MODULE_CORE_SIZE + _stp_allocated_memory + size)
+	    > (MAXMEMORY * 1024)) {
+		return NULL;
+	}
+#endif
 #ifdef DEBUG_MEM
-	void *ret = __vmalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS, PAGE_KERNEL);
+	ret = __vmalloc(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS, PAGE_KERNEL);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 		ret = _stp_mem_debug_setup(ret, size, MEM_VMALLOC);
 	}
 #else
-	void *ret = __vmalloc(size, STP_ALLOC_FLAGS, PAGE_KERNEL);
+	ret = __vmalloc(size, STP_ALLOC_FLAGS, PAGE_KERNEL);
 	if (likely(ret)) {
 	        _stp_allocated_memory += size;
 	}
@@ -258,6 +360,14 @@ static void *_stp_alloc_percpu(size_t size)
 	if (size > _STP_MAX_PERCPU_SIZE)
 		return NULL;
 
+#ifdef MAXMEMORY
+	if ((_STP_MODULE_CORE_SIZE + _stp_allocated_memory
+	     + (size * num_online_cpus()))
+	    > (MAXMEMORY * 1024)) {
+		return NULL;
+	}
+#endif
+
 #ifdef STAPCONF_ALLOC_PERCPU_ALIGN
 	ret = __alloc_percpu(size, 8);
 #else
@@ -287,6 +397,12 @@ static void *_stp_alloc_percpu(size_t size)
 static void *_stp_kmalloc_node(size_t size, int node)
 {
 	void *ret;
+#ifdef MAXMEMORY
+	if ((_STP_MODULE_CORE_SIZE + _stp_allocated_memory + size)
+	    > (MAXMEMORY * 1024)) {
+		return NULL;
+	}
+#endif
 #ifdef DEBUG_MEM
 	ret = kmalloc_node(size + MEM_DEBUG_SIZE, STP_ALLOC_FLAGS, node);
 	if (likely(ret)) {
diff --git a/stap-authorize-server-cert.8.in b/stap-authorize-server-cert.8.in
index 5fae0237..6ea245b1 100644
--- a/stap-authorize-server-cert.8.in
+++ b/stap-authorize-server-cert.8.in
@@ -52,7 +52,7 @@ server\[aq]s certificate database.
 On the server host,
 for servers started by the \fIstap\-server\fR service, this database can be
 found in \fI/var/lib/stap\-server/.systemtap/ssl/server/\fR.
-Ror servers run by other non\-root users,
+For servers run by other non\-root users,
 this database can be found in
 .I $HOME/.systemtap/ssl/server/\fP.
 For root users (EUID=0), it can be found in
@@ -112,7 +112,7 @@ Server certificate for servers started by the \fIstap\-server\fR service.
 .IR certutil
 
 .SH BUGS
-Use the Bugzilla link off of the project web page or our mailing list.
+Use the Bugzilla link of the project web page or our mailing list.
 .nh
 .BR http://sources.redhat.com/systemtap/ ", " <systemtap@sources.redhat.com> .
 .hy
diff --git a/stap-authorize-signing-cert.8.in b/stap-authorize-signing-cert.8.in
index db9f49c5..d1157544 100644
--- a/stap-authorize-signing-cert.8.in
+++ b/stap-authorize-signing-cert.8.in
@@ -49,7 +49,7 @@ server\[aq]s certificate database.
 On the server host,
 for servers started by the \fIstap\-server\fR service, this database can be
 found in \fI/var/lib/stap\-server/.systemtap/ssl/server/\fR.
-Ror servers run by other non\-root users,
+For servers run by other non\-root users,
 this database can be found in
 .I $HOME/.systemtap/ssl/server/\fP.
 For root users (EUID=0), it can be found in
@@ -101,7 +101,7 @@ Signing certificate for servers started by the \fIstap\-server\fR service.
 .IR certutil
 
 .SH BUGS
-Use the Bugzilla link off of the project web page or our mailing list.
+Use the Bugzilla link of the project web page or our mailing list.
 .nh
 .BR http://sources.redhat.com/systemtap/ ", " <systemtap@sources.redhat.com> .
 .hy
diff --git a/stap-client.8.in b/stap-client.8.in
index c8db45ee..f4ca86f6 100644
--- a/stap-client.8.in
+++ b/stap-client.8.in
@@ -129,7 +129,8 @@ manual page for more details.
 .PP
 The trustworthiness of other servers may also be asserted
 for the duration of one invocation of \fIstap\-client\fR
-by using the.B \-\-ssl
+by using the
+.B \-\-ssl
 option one or more times (see
 .I OPTIONS
 above). Servers whose certificates are contained in the additional databases
@@ -226,7 +227,7 @@ Server certificate for servers started by the \fIstap\-server\fR service.
 .IR certutil
 
 .SH BUGS
-Use the Bugzilla link off of the project web page or our mailing list.
+Use the Bugzilla link of the project web page or our mailing list.
 .nh
 .BR http://sources.redhat.com/systemtap/ ", " <systemtap@sources.redhat.com> .
 .hy
diff --git a/stap-server.8.in b/stap-server.8.in
index 3994a17d..1c69ca1c 100644
--- a/stap-server.8.in
+++ b/stap-server.8.in
@@ -403,7 +403,7 @@ Location of installed kernels.
 .IR certutil
 
 .SH BUGS
-Use the Bugzilla link off of the project web page or our mailing list.
+Use the Bugzilla link of the project web page or our mailing list.
 .nh
 .BR http://sources.redhat.com/systemtap/ ", " <systemtap@sources.redhat.com> .
 .hy
diff --git a/stap.1.in b/stap.1.in
index 4be443b7..6706ad7f 100644
--- a/stap.1.in
+++ b/stap.1.in
@@ -215,41 +215,36 @@ If the size of output file will exceed
 output files exceed
 .B N
 , systemtap removes the oldest output file. You can omit the second argument.
-.TP
-.B \-\-kelf
-For names and addresses of functions to probe,
-consult the symbol tables in the kernel and modules.
-This can be useful if your kernel and/or modules were compiled
-without debugging information, or the function you want to probe
-is in an assembly-language file built without debugging information.
-See the
-.B "MAKING DO WITH SYMBOL TABLES"
-section for more information.
-.TP
-.BI \-\-kmap [=FILE]
-For names and addresses of kernel functions to probe,
-consult the symbol table in the indicated text file.
-The default is /boot/System.map-VERSION.
-The contents of this file should be in the form of the default output from
-.IR nm (1).
-Only symbols of type T or t are used.
-If you specify /proc/kallsyms or some other file in that format,
-where lines for module symbols contain a fourth column,
-reading of the symbol table stops with the first module symbol
-(which should be right after the last kernel symbol).
-As with
-.BR \-\-kelf ,
-the symbol table in each module's .ko file will also be consulted.
-See the
-.B "MAKING DO WITH SYMBOL TABLES"
-section for more information.
-.TP
-.B \-\-ignore\-vmlinux
-For testing, act as though neither the uncompressed kernel (vmlinux)
-nor the kernel debugging information can be found.
-.TP
-.B \-\-ignore\-dwarf
-For testing, act as though vmlinux and modules lack debugging information.
+\" PR6864: disable temporarily 
+\".TP
+\".B \-\-kelf
+\"For names and addresses of functions to probe,
+\"consult the symbol tables in the kernel and modules.
+\"This can be useful if your kernel and/or modules were compiled
+\"without debugging information, or the function you want to probe
+\"is in an assembly-language file built without debugging information.
+\"See the
+\".B "MAKING DO WITH SYMBOL TABLES"
+\"section for more information.
+\".TP
+\".BI \-\-kmap [=FILE] 
+\"For names and addresses of kernel functions to probe,
+\"consult the symbol table in the indicated text file.
+\"The default is /boot/System.map-VERSION.
+\"The contents of this file should be in the form of the default output from
+\".IR nm (1).
+\"Only symbols of type T or t are used.
+\"If you specify /proc/kallsyms or some other file in that format,
+\"where lines for module symbols contain a fourth column,
+\"reading of the symbol table stops with the first module symbol
+\"(which should be right after the last kernel symbol).
+\"As with
+\".BR \-\-kelf ,
+\"the symbol table in each module's .ko file will also be consulted.
+\"See the
+\".B "MAKING DO WITH SYMBOL TABLES"
+\"section for more information.
+\" --ignore-{vmlinux,dwarf} shouldn't be visible 
 .TP
 .B \-\-skip\-badvars
 Ignore out of context variables and substitute with literal 0.
@@ -361,7 +356,7 @@ variables usable.
 .PP
 The TRUE-TOKENS and FALSE-TOKENS are zero or more general parser
 tokens (possibly including nested preprocessor conditionals), and are
-pasted into the input stream if the condition is true or false.  For
+passed into the input stream if the condition is true or false.  For
 example, the following code induces a parse error unless the target
 kernel version is newer than 2.6.5:
 .SAMPLE
@@ -391,7 +386,7 @@ invocation.
 .PP
 Scalar variables are implicitly typed as either string or integer.
 Associative arrays also have a string or integer value, and a
-a tuple of strings and/or integers serving as a key.  Here are a
+tuple of strings and/or integers serving as a key.  Here are a
 few basic expressions.
 .SAMPLE
 var1 = 5
@@ -1168,48 +1163,49 @@ have overloaded the system and an exit is triggered.
 By default, overload processing is turned on for all modules.  If you
 would like to disable overload processing, define STP_NO_OVERLOAD.
 
-.SH MAKING DO WITH SYMBOL TABLES
-Systemtap performs best when it has access to the debugging information
-associated with your kernel and modules.
-However, if this information is not available,
-systemtap can still support probing of function entries and returns
-using symbols read from vmlinux and/or the modules in /lib/modules.
-Systemtap can also read the kernel symbol table from a text file
-such as /boot/System.map or /proc/kallsyms.
-See the
-.B \-\-kelf
-and
-.B \-\-kmap
-options.
-.PP
-If systemtap finds relevant debugging information,
-it will use it even if you specify
-.B \-\-kelf
-or
-.BR \-\-kmap .
-.PP
-Without debugging information, systemtap cannot support the
-following types of language constructs:
-.IP \(bu 4
-probe specifications that refer to source files or line numbers
-.IP \(bu 4
-probe specifications that refer to inline functions
-.IP \(bu 4
-statements that refer to $target variables
-.IP \(bu 4
-statements that refer to @cast() variables
-.IP \(bu 4
-tapset-defined variables defined using any of the above constructs.
-In particular, at this writing,
-the prologue blocks for certain aliases in the syscall tapset
-(e.g., syscall.open) contain "if" statements that refer to $target variables.
-If your script refers to any such aliases,
-systemtap must have access to the kernel's debugging information.
-.PP
-Most T and t symbols correspond to function entry points, but some do not.
-Based only on the symbol table, systemtap cannot tell the difference.
-Placing return probes on symbols that aren't entry points
-will most likely lead to kernel stack corruption.
+.\" PR6864: disable temporarily 
+.\".SH MAKING DO WITH SYMBOL TABLES
+.\"Systemtap performs best when it has access to the debugging information
+.\"associated with your kernel and modules.
+.\"However, if this information is not available,
+.\"systemtap can still support probing of function entries and returns
+.\"using symbols read from vmlinux and/or the modules in /lib/modules.
+.\"Systemtap can also read the kernel symbol table from a text file
+.\"such as /boot/System.map or /proc/kallsyms.
+.\"See the
+.\".B \-\-kelf
+.\"and
+.\".B \-\-kmap
+.\"options.
+.\".PP
+.\"If systemtap finds relevant debugging information,
+.\"it will use it even if you specify
+.\".B \-\-kelf
+.\"or
+.\".BR \-\-kmap .
+.\".PP
+.\"Without debugging information, systemtap cannot support the
+.\"following types of language constructs:
+.\".IP \(bu 4
+.\"probe specifications that refer to source files or line numbers
+.\".IP \(bu 4
+.\"probe specifications that refer to inline functions
+.\".IP \(bu 4
+.\"statements that refer to $target variables
+.\".IP \(bu 4
+.\"statements that refer to @cast() variables
+.\".IP \(bu 4
+.\"tapset-defined variables defined using any of the above constructs.
+.\"In particular, at this writing,
+.\"the prologue blocks for certain aliases in the syscall tapset
+.\"(e.g., syscall.open) contain "if" statements that refer to $target variables.
+.\"If your script refers to any such aliases,
+.\"systemtap must have access to the kernel's debugging information.
+.\".PP
+.\"Most T and t symbols correspond to function entry points, but some do not.
+.\"Based only on the symbol table, systemtap cannot tell the difference.
+.\"Placing return probes on symbols that aren't entry points
+.\"will most likely lead to kernel stack corruption.
 
 .SH FILES
 .\" consider autoconf-substituting these directories
@@ -1263,7 +1259,7 @@ unloading.
 .IR gdb (1)
 
 .SH BUGS
-Use the Bugzilla link off of the project web page or our mailing list.
+Use the Bugzilla link of the project web page or our mailing list.
 .nh
 .BR http://sources.redhat.com/systemtap/ , <systemtap@sources.redhat.com> .
 .hy
diff --git a/staprun.8.in b/staprun.8.in
index ee071945..7ddedd1c 100644
--- a/staprun.8.in
+++ b/staprun.8.in
@@ -215,7 +215,7 @@ user and not be world writable.
 .IR stapex (3stap)
 
 .SH BUGS
-Use the Bugzilla link off of the project web page or our mailing list.
+Use the Bugzilla link of the project web page or our mailing list.
 .nh
 .BR http://sources.redhat.com/systemtap/ ", " <systemtap@sources.redhat.com> .
 .hy
diff --git a/systemtap.spec b/systemtap.spec
index 2ae99e58..17eff400 100644
--- a/systemtap.spec
+++ b/systemtap.spec
@@ -1,14 +1,14 @@
-%{!?with_sqlite: %define with_sqlite 1}
-%{!?with_docs: %define with_docs 1}
-%{!?with_crash: %define with_crash 0}
-%{!?with_rpm: %define with_rpm 1}
-%{!?with_bundled_elfutils: %define with_bundled_elfutils 0}
-%{!?elfutils_version: %define elfutils_version 0.127}
-%{!?pie_supported: %define pie_supported 1}
-%{!?with_grapher: %define with_grapher 1}
-%{!?with_boost: %define with_boost 0}
-%{!?with_publican: %define with_publican 1}
-%{!?publican_brand: %define publican_brand fedora}
+%{!?with_sqlite: %global with_sqlite 1}
+%{!?with_docs: %global with_docs 1}
+%{!?with_crash: %global with_crash 0}
+%{!?with_rpm: %global with_rpm 1}
+%{!?with_bundled_elfutils: %global with_bundled_elfutils 0}
+%{!?elfutils_version: %global elfutils_version 0.127}
+%{!?pie_supported: %global pie_supported 1}
+%{!?with_grapher: %global with_grapher 1}
+%{!?with_boost: %global with_boost 0}
+%{!?with_publican: %global with_publican 1}
+%{!?publican_brand: %global publican_brand fedora}
 
 Name: systemtap
 Version: 1.1
@@ -48,7 +48,7 @@ BuildRequires: nss-devel nss-tools pkgconfig
 Source1: elfutils-%{elfutils_version}.tar.gz
 Patch1: elfutils-portability.patch
 BuildRequires: m4
-%define setup_elfutils -a1
+%global setup_elfutils -a1
 %else
 BuildRequires: elfutils-devel >= %{elfutils_version}
 %endif
@@ -193,63 +193,63 @@ cd ..
 
 %if %{with_bundled_elfutils}
 # Build our own copy of elfutils.
-%define elfutils_config --with-elfutils=elfutils-%{elfutils_version}
+%global elfutils_config --with-elfutils=elfutils-%{elfutils_version}
 
 # We have to prevent the standard dependency generation from identifying
 # our private elfutils libraries in our provides and requires.
-%define _use_internal_dependency_generator	0
-%define filter_eulibs() /bin/sh -c "%{1} | sed '/libelf/d;/libdw/d;/libebl/d'"
-%define __find_provides %{filter_eulibs /usr/lib/rpm/find-provides}
-%define __find_requires %{filter_eulibs /usr/lib/rpm/find-requires}
+%global _use_internal_dependency_generator	0
+%global filter_eulibs() /bin/sh -c "%{1} | sed '/libelf/d;/libdw/d;/libebl/d'"
+%global __find_provides %{filter_eulibs /usr/lib/rpm/find-provides}
+%global __find_requires %{filter_eulibs /usr/lib/rpm/find-requires}
 
 # This will be needed for running stap when not installed, for the test suite.
-%define elfutils_mflags LD_LIBRARY_PATH=`pwd`/lib-elfutils
+%global elfutils_mflags LD_LIBRARY_PATH=`pwd`/lib-elfutils
 %endif
 
 # Enable/disable the sqlite coverage testing support
 %if %{with_sqlite}
-%define sqlite_config --enable-sqlite
+%global sqlite_config --enable-sqlite
 %else
-%define sqlite_config --disable-sqlite
+%global sqlite_config --disable-sqlite
 %endif
 
 # Enable/disable the crash extension
 %if %{with_crash}
-%define crash_config --enable-crash
+%global crash_config --enable-crash
 %else
-%define crash_config --disable-crash
+%global crash_config --disable-crash
 %endif
 
 # Enable/disable the code to find and suggest needed rpms
 %if %{with_rpm}
-%define rpm_config --with-rpm
+%global rpm_config --with-rpm
 %else
-%define rpm_config --without-rpm
+%global rpm_config --without-rpm
 %endif
 
 %if %{with_docs}
-%define docs_config --enable-docs
+%global docs_config --enable-docs
 %else
-%define docs_config --disable-docs
+%global docs_config --disable-docs
 %endif
 
 # Enable pie as configure defaults to disabling it
 %if %{pie_supported}
-%define pie_config --enable-pie
+%global pie_config --enable-pie
 %else
-%define pie_config --disable-pie
+%global pie_config --disable-pie
 %endif
 
 %if %{with_grapher}
-%define grapher_config --enable-grapher
+%global grapher_config --enable-grapher
 %else
-%define grapher_config --disable-grapher
+%global grapher_config --disable-grapher
 %endif
 
 %if %{with_publican}
-%define publican_config --enable-publican --with-publican-brand=%{publican_brand}
+%global publican_config --enable-publican --with-publican-brand=%{publican_brand}
 %else
-%define publican_config --disable-publican
+%global publican_config --disable-publican
 %endif