diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2012-12-28 19:25:42 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2012-12-28 19:25:42 +0000 |
| commit | fd2791b8f54d5fc8dcc4f2381c9aec65d90290c1 (patch) | |
| tree | ea889d29e2c62df9c112a0e663b6c5b8a8363eff /sys-libs | |
| parent | Fix building w/sed-4.2.2+ #448224 by Viacheslav Gagara. Fix use of gcc-4.2 a... (diff) | |
| download | gentoo-2-fd2791b8f54d5fc8dcc4f2381c9aec65d90290c1.tar.gz gentoo-2-fd2791b8f54d5fc8dcc4f2381c9aec65d90290c1.tar.bz2 gentoo-2-fd2791b8f54d5fc8dcc4f2381c9aec65d90290c1.zip | |
Update hardened patch by Alphat-PC #448876.
(Portage version: 2.2.0_alpha144/cvs/Linux x86_64, signed Manifest commit with key FB7C4156)
Diffstat (limited to 'sys-libs')
| -rw-r--r-- | sys-libs/glibc/ChangeLog | 6 | ||||
| -rw-r--r-- | sys-libs/glibc/files/2.17/glibc-2.17-hardened-pie.patch | 42 | ||||
| -rw-r--r-- | sys-libs/glibc/glibc-2.17.ebuild | 4 |
3 files changed, 49 insertions, 3 deletions
diff --git a/sys-libs/glibc/ChangeLog b/sys-libs/glibc/ChangeLog index 96efa64d63d9..a80e980a6677 100644 --- a/sys-libs/glibc/ChangeLog +++ b/sys-libs/glibc/ChangeLog @@ -1,5 +1,9 @@ # ChangeLog for sys-libs/glibc -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.912 2012/12/28 19:20:37 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.913 2012/12/28 19:25:42 vapier Exp $ + + 28 Dec 2012; Mike Frysinger <vapier@gentoo.org> + +files/2.17/glibc-2.17-hardened-pie.patch, glibc-2.17.ebuild: + Update hardened patch by Alphat-PC #448876. 28 Dec 2012; Mike Frysinger <vapier@gentoo.org> glibc-2.16.0.ebuild: Fix building w/sed-4.2.2+ #448224 by Viacheslav Gagara. Fix use of gcc-4.2 diff --git a/sys-libs/glibc/files/2.17/glibc-2.17-hardened-pie.patch b/sys-libs/glibc/files/2.17/glibc-2.17-hardened-pie.patch new file mode 100644 index 000000000000..da4fb82539cf --- /dev/null +++ b/sys-libs/glibc/files/2.17/glibc-2.17-hardened-pie.patch @@ -0,0 +1,42 @@ +2012-11-11 Magnus Granberg <zorry@gentoo.org> + + #442712 + * Makeconfig (+link): Set to +link-pie. + (+link-static-before-libc): Change $(static-start-installed-name) to + S$(static-start-installed-name). + (+prector): Set to +prectorS. + (+postctor): Set to +postctorS. + +--- libc/Makeconfig ++++ libc/Makeconfig +@@ -447,11 +447,12 @@ + $(common-objpfx)libc% $(+postinit),$^) \ + $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit) + endif +++link = $(+link-pie) + # Command for statically linking programs with the C library. + ifndef +link-static + +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \ + $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ +- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ ++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ + $(+preinit) $(+prectorT) \ + $(filter-out $(addprefix $(csu-objpfx),start.o \ + $(start-installed-name))\ +@@ -549,11 +550,10 @@ + ifeq ($(elf),yes) + +preinit = $(addprefix $(csu-objpfx),crti.o) + +postinit = $(addprefix $(csu-objpfx),crtn.o) +-+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o` +-+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` +-# Variants of the two previous definitions for linking PIE programs. + +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o` + +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o` +++prector = $(+prectorS) +++postctor = $(+postctorS) + # Variants of the two previous definitions for statically linking programs. + +prectorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginT.o` + +postctorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o` + +interp = $(addprefix $(elf-objpfx),interp.os) + endif + csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/glibc-2.17.ebuild b/sys-libs/glibc/glibc-2.17.ebuild index b3504014415c..85aed10d9395 100644 --- a/sys-libs/glibc/glibc-2.17.ebuild +++ b/sys-libs/glibc/glibc-2.17.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.17.ebuild,v 1.1 2012/12/25 21:48:13 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.17.ebuild,v 1.2 2012/12/28 19:25:42 vapier Exp $ inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib unpacker multiprocessing @@ -155,7 +155,7 @@ eblit-src_unpack-post() { if use hardened ; then cd "${S}" einfo "Patching to get working PIE binaries on PIE (hardened) platforms" - gcc-specs-pie && epatch "${FILESDIR}"/2.16/glibc-2.16-hardened-pie.patch + gcc-specs-pie && epatch "${FILESDIR}"/2.17/glibc-2.17-hardened-pie.patch epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch |