Fix hardened installation in PAX_MARKINGS=XT mode (bug #518734).

(Portage version: 2.2.10_p40/cvs/Linux x86_64, signed Manifest commit with key 611FF3AA)

4 files changed, 26 insertions, 3 deletions

diff --git a/dev-lang/ghc/ChangeLog b/dev-lang/ghc/ChangeLog
index 879dac041a91..9647628fb99d 100644
--- a/dev-lang/ghc/ChangeLog
+++ b/dev-lang/ghc/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for dev-lang/ghc
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ChangeLog,v 1.262 2014/08/01 09:12:49 slyfox Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ChangeLog,v 1.263 2014/08/01 20:33:54 slyfox Exp $
+
+  01 Aug 2014; Sergei Trofimovich <slyfox@gentoo.org>
+  +files/ghc-7.6.3-preserve-inplace-xattr.patch, ghc-7.6.3-r1.ebuild,
+  ghc-7.8.3.ebuild:
+  Fix hardened installation in PAX_MARKINGS=XT mode (bug #518734).
 
   01 Aug 2014; Sergei Trofimovich <slyfox@gentoo.org> ghc-7.6.3-r1.ebuild,
   ghc-7.8.3.ebuild:
diff --git a/dev-lang/ghc/files/ghc-7.6.3-preserve-inplace-xattr.patch b/dev-lang/ghc/files/ghc-7.6.3-preserve-inplace-xattr.patch
new file mode 100644
index 000000000000..08410fa0cd9b
--- /dev/null
+++ b/dev-lang/ghc/files/ghc-7.6.3-preserve-inplace-xattr.patch
@@ -0,0 +1,14 @@
+On hardened 'cp' drops out XT-pax parking.
+perfinion suggested using 'install', where portage
+might have a chance to save our marking.
+
+Reported-by: Jay Yang
+Gentoo-bug: https://bugs.gentoo.org/518734
+diff --git a/rules/build-prog.mk b/rules/build-prog.mk
+index 399369e..2ee9cd5 100644
+--- a/rules/build-prog.mk
++++ b/rules/build-prog.mk
+@@ -288,3 +288,3 @@ endif
+ $$($1_$2_INPLACE) : $1/$2/build/tmp/$$($1_$2_PROG_INPLACE) | $$$$(dir $$$$@)/.
+-	"$$(CP)" -p $$< $$@
++	$$(INSTALL) -m 755 $$< $$@
diff --git a/dev-lang/ghc/ghc-7.6.3-r1.ebuild b/dev-lang/ghc/ghc-7.6.3-r1.ebuild
index 16e38a504686..bb6db572da32 100644
--- a/dev-lang/ghc/ghc-7.6.3-r1.ebuild
+++ b/dev-lang/ghc/ghc-7.6.3-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ghc-7.6.3-r1.ebuild,v 1.13 2014/08/01 09:12:49 slyfox Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ghc-7.6.3-r1.ebuild,v 1.14 2014/08/01 20:33:54 slyfox Exp $
 
 # Brief explanation of the bootstrap logic:
 #
@@ -443,6 +443,8 @@ src_prepare() {
 		epatch "${FILESDIR}"/${PN}-7.6.2-integer-simple-div-mod.patch
 		# ghc-7.8 changed linker code and likely fixed it
 		epatch "${FILESDIR}"/${PN}-7.6.3-trac-3333-weak-syms.patch
+		# bug 518734
+		epatch "${FILESDIR}"/${PN}-7.6.3-preserve-inplace-xattr.patch
 
 		if use prefix; then
 			# Make configure find docbook-xsl-stylesheets from Prefix
diff --git a/dev-lang/ghc/ghc-7.8.3.ebuild b/dev-lang/ghc/ghc-7.8.3.ebuild
index f2a21154c00c..28a7f63f0b8e 100644
--- a/dev-lang/ghc/ghc-7.8.3.ebuild
+++ b/dev-lang/ghc/ghc-7.8.3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ghc-7.8.3.ebuild,v 1.5 2014/08/01 09:12:49 slyfox Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ghc-7.8.3.ebuild,v 1.6 2014/08/01 20:33:54 slyfox Exp $
 
 EAPI=5
 
@@ -400,6 +400,8 @@ src_prepare() {
 		epatch "${FILESDIR}"/${PN}-7.8.2-ia64-no-shared.patch
 		epatch "${FILESDIR}"/${PN}-7.8.2-cgen-constify.patch
 		epatch "${FILESDIR}"/${PN}-7.8.3-prim-lm.patch
+		# bug 518734
+		epatch "${FILESDIR}"/${PN}-7.6.3-preserve-inplace-xattr.patch
 
 		if use prefix; then
 			# Make configure find docbook-xsl-stylesheets from Prefix