Update the hardened pie patch for glibc-2.16, bug #442712

(Portage version: 2.1.11.31/cvs/Linux x86_64, signed Manifest commit with key FD79807F)

3 files changed, 46 insertions, 3 deletions

diff --git a/sys-libs/glibc/ChangeLog b/sys-libs/glibc/ChangeLog
index dacc5ec8b0ad..ae3dad94a76d 100644
--- a/sys-libs/glibc/ChangeLog
+++ b/sys-libs/glibc/ChangeLog
@@ -1,5 +1,9 @@
 # ChangeLog for sys-libs/glibc
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.905 2012/11/11 07:24:55 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.906 2012/11/11 15:23:16 zorry Exp $
+
+  11 Nov 2012; Magnus Granberg <zorry@gentoo.org> glibc-2.16.0.ebuild,
+  +files/2.16/glibc-2.16-hardened-pie.patch:
+  Update the hardened pie patch for 2.16, bug #442712
 
   11 Nov 2012; Mike Frysinger <vapier@gentoo.org>
   files/eblits/src_install.eblit, files/eblits/src_unpack.eblit,
diff --git a/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch b/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch
new file mode 100644
index 000000000000..a850a61a272a
--- /dev/null
+++ b/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch
@@ -0,0 +1,39 @@
+2012-11-11  Magnus Granberg  <zorry@gentoo.org>
+
+	#442712
+	* Makeconfig (+link): Set to +link-pie.
+	(+link-static-before-libc): Change $(static-start-installed-name) to
+	S$(static-start-installed-name).
+	(+prector): Set to +prectorS.
+	(+postctor): Set to +postctorS.
+
+--- libc/Makeconfig
++++ libc/Makeconfig
+@@ -447,11 +447,12 @@
+ 	     $(common-objpfx)libc% $(+postinit),$^) \
+ 	     $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit)
+ endif
+++link = $(+link-pie)
+ # Command for statically linking programs with the C library.
+ ifndef +link-static
+ +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \
+ 	      $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F))  \
+-	      $(addprefix $(csu-objpfx),$(static-start-installed-name)) \
++	      $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \
+ 	      $(+preinit) $(+prector) \
+ 	      $(filter-out $(addprefix $(csu-objpfx),start.o \
+ 						     $(start-installed-name))\
+@@ -549,11 +550,10 @@
+ ifeq ($(elf),yes)
+ +preinit = $(addprefix $(csu-objpfx),crti.o)
+ +postinit = $(addprefix $(csu-objpfx),crtn.o)
+-+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o`
+-+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o`
+-# Variants of the two previous definitions for linking PIE programs.
+ +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o`
+ +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o`
+++prector = $(+prectorS)
+++postctor = $(+postctorS)
+ +interp = $(addprefix $(elf-objpfx),interp.os)
+ endif
+ csu-objpfx = $(common-objpfx)csu/
diff --git a/sys-libs/glibc/glibc-2.16.0.ebuild b/sys-libs/glibc/glibc-2.16.0.ebuild
index 40f28f981bb9..10171877ae98 100644
--- a/sys-libs/glibc/glibc-2.16.0.ebuild
+++ b/sys-libs/glibc/glibc-2.16.0.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.16.0.ebuild,v 1.14 2012/11/11 07:24:55 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.16.0.ebuild,v 1.15 2012/11/11 15:23:16 zorry Exp $
 
 inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib unpacker multiprocessing
 
@@ -178,7 +178,7 @@ eblit-src_unpack-post() {
 	if use hardened ; then
 		cd "${S}"
 		einfo "Patching to get working PIE binaries on PIE (hardened) platforms"
-		gcc-specs-pie && epatch "${FILESDIR}"/2.12/glibc-2.12-hardened-pie.patch
+		gcc-specs-pie && epatch "${FILESDIR}"/2.16/glibc-2.16-hardened-pie.patch
 		epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch
 		epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch