Update picdefault patch for glibc 2.19 #503088

(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key FD79807F)

3 files changed, 37 insertions, 3 deletions

diff --git a/sys-libs/glibc/ChangeLog b/sys-libs/glibc/ChangeLog
index d7cdec70908b..055d842f1a75 100644
--- a/sys-libs/glibc/ChangeLog
+++ b/sys-libs/glibc/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for sys-libs/glibc
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.981 2014/02/08 14:59:42 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.982 2014/03/05 19:25:54 zorry Exp $
+
+  05 Mar 2014; Magnus Granberg <zorry@gentoo.org> glibc-2.19.ebuild,
+  +files/2.19/glibc-2.19-hardened-configure-picdefault.patch:
+  Update picdefault patch for glibc 2.19 #503088
 
 *glibc-2.19 (08 Feb 2014)
 
diff --git a/sys-libs/glibc/files/2.19/glibc-2.19-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.19/glibc-2.19-hardened-configure-picdefault.patch
new file mode 100644
index 000000000000..341d8c5028e1
--- /dev/null
+++ b/sys-libs/glibc/files/2.19/glibc-2.19-hardened-configure-picdefault.patch
@@ -0,0 +1,30 @@
+Prevent default-fPIE from confusing configure into thinking
+PIC code is default.  This causes glibc to build both PIC and
+non-PIC code as normal, which on the hardened compiler generates
+PIC and PIE.
+
+Patch by Kevin F. Quinn <kevquinn@gentoo.org>
+Fixed for glibc 2.19 by Magnus Granberg <zorry@ume.nu>
+
+--- configure.ac
++++ configure.ac
+@@ -2145,7 +2145,7 @@
+ # error PIC is default.
+ #endif
+ EOF
+-if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
+   libc_cv_pic_default=no
+ fi
+ rm -f conftest.*])
+--- configure
++++ configure
+@@ -7698,7 +7698,7 @@
+ # error PIC is default.
+ #endif
+ EOF
+-if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then
+   libc_cv_pic_default=no
+ fi
+ rm -f conftest.*
diff --git a/sys-libs/glibc/glibc-2.19.ebuild b/sys-libs/glibc/glibc-2.19.ebuild
index 2d64f6141828..824fea023ffe 100644
--- a/sys-libs/glibc/glibc-2.19.ebuild
+++ b/sys-libs/glibc/glibc-2.19.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.19.ebuild,v 1.1 2014/02/08 14:59:42 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.19.ebuild,v 1.2 2014/03/05 19:25:54 zorry Exp $
 
 inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing
 
@@ -160,7 +160,7 @@ eblit-src_unpack-post() {
 		cd "${S}"
 		einfo "Patching to get working PIE binaries on PIE (hardened) platforms"
 		gcc-specs-pie && epatch "${FILESDIR}"/2.17/glibc-2.17-hardened-pie.patch
-		epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch
+		epatch "${FILESDIR}"/2.19/glibc-2.19-hardened-configure-picdefault.patch
 		epatch "${FILESDIR}"/2.18/glibc-2.18-hardened-inittls-nosysenter.patch
 
 		einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler"