rpms/dbus/devel dbus-pie.patch,NONE,1.1 dbus.spec,1.130,1.131

Matthias Clasen (mclasen) fedora-extras-commits at redhat.com
Fri Oct 5 02:39:59 UTC 2007 

Author: mclasen

Update of /cvs/pkgs/rpms/dbus/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26677

Modified Files:
	dbus.spec 
Added Files:
	dbus-pie.patch 
Log Message:
Make the daemon a PIE executable


dbus-pie.patch:

--- NEW FILE dbus-pie.patch ---
From: John (J5) Palmieri <johnp at redhat.com>
Date: Wed, 3 Oct 2007 19:21:57 +0000 (-0400)
Subject: Correctly implement -fPIC and -fPIE
X-Git-Url: http://gitweb.freedesktop.org/?p=dbus/dbus.git;a=commitdiff;h=8a92100bbed2ba5cb16a1ede36214fa7d2f43e43

Correctly implement -fPIC and -fPIE

* For security reasons we want possition independent code for libraries
  and possition independent executable for executables
* before we were just enabling -fPIC
* now we correctly enable -fPIC and -PIE for libdbus and the bus respectively
* propper LD_FLAGS are set for each also
---

--- a/bus/Makefile.am
+++ b/bus/Makefile.am
@@ -1,7 +1,7 @@
 
 configdir=$(sysconfdir)/dbus-1
 
-INCLUDES=-I$(top_srcdir) $(DBUS_BUS_CFLAGS)				\
+INCLUDES=-I$(top_srcdir) $(DBUS_BUS_CFLAGS) @PIE_CFLAGS@		\
 	-DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\"	\
 	-DDAEMON_NAME=\"dbus-daemon\"  -DDBUS_COMPILATION
 
@@ -77,7 +77,7 @@ dbus_daemon_LDADD=					\
 	$(DBUS_BUS_LIBS)				\
 	$(top_builddir)/dbus/libdbus-convenience.la
 
-dbus_daemon_LDFLAGS=@R_DYNAMIC_LDFLAG@ @SECTION_LDFLAGS@
+dbus_daemon_LDFLAGS=@R_DYNAMIC_LDFLAG@ @SECTION_LDFLAGS@ @PIE_LDFLAGS@
 
 LAUNCH_HELPER_SOURCES=				\
 	$(XML_SOURCES)				\
--- a/configure.in
+++ b/configure.in
@@ -211,7 +211,17 @@ if test "x$GCC" = "xyes"; then
   case " $CFLAGS " in
   *[\ \	]-fPIC[\ \	]*) ;;
   *) if cc_supports_flag -fPIC; then
-        CFLAGS="$CFLAGS -fPIC"
+        PIC_CFLAGS="-fPIC"
+        PIC_LDFLAGS="-Wl,-z,relro"
+     fi
+     ;;
+  esac
+
+  case " $CFLAGS " in
+  *[\ \	]-fPIE[\ \	]*) ;;
+  *) if cc_supports_flag -fPIE; then
+        PIE_CFLAGS="-fPIE"
+        PIE_LDFLAGS="-pie -Wl,-z,relro"
      fi
      ;;
   esac
@@ -257,6 +267,11 @@ else
   fi
 fi
 
+AC_SUBST(PIC_CFLAGS)
+AC_SUBST(PIC_LDFLAGS)  
+AC_SUBST(PIE_CFLAGS)
+AC_SUBST(PIE_LDFLAGS)  
+
 # Check for -Wl,--gc-sections
 AC_MSG_CHECKING([for ld that supports "-Wl,--gc-sections"])
 AC_TRY_LINK([
--- a/dbus/Makefile.am
+++ b/dbus/Makefile.am
@@ -1,7 +1,7 @@
 
 configdir=$(sysconfdir)/dbus-1
 
-INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) -DDBUS_COMPILATION	\
+INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) @PIC_CFLAGS@ -DDBUS_COMPILATION	\
 	-DDBUS_MACHINE_UUID_FILE=\""$(localstatedir)/lib/dbus/machine-id"\"		\
 	-DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\"			\
 	-DDBUS_SESSION_CONFIG_FILE=\""$(configdir)/session.conf"\"
@@ -173,7 +173,7 @@ noinst_LTLIBRARIES=libdbus-convenience.l
 libdbus_1_la_LIBADD= $(DBUS_CLIENT_LIBS)
 ## don't export symbols that start with "_" (we use this 
 ## convention for internal symbols)
-libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@
+libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@ @PIC_LDFLAGS@
 
 libdbus_convenience_la_LDFLAGS=@R_DYNAMIC_LDFLAG@
 


Index: dbus.spec
===================================================================
RCS file: /cvs/pkgs/rpms/dbus/devel/dbus.spec,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -r1.130 -r1.131
--- dbus.spec	14 Sep 2007 22:08:30 -0000	1.130
+++ dbus.spec	5 Oct 2007 02:39:26 -0000	1.131
@@ -8,7 +8,7 @@
 Summary: D-BUS message bus
 Name: dbus
 Version: 1.1.2
-Release: 6%{?dist}
+Release: 7%{?dist}
 URL: http://www.freedesktop.org/software/dbus/
 Source0: http://dbus.freedesktop.org/releases/dbus/%{name}-%{version}.tar.gz
 Source1: doxygen_to_devhelp.xsl
@@ -41,6 +41,8 @@
 Patch3: dbus-1.1.2-audit-user.patch
 # https://bugs.freedesktop.org/show_bug.cgi?id=12430
 Patch4: dbus-1.1.2-no-abort.patch
+# from upstream git
+Patch5: dbus-pie.patch
 
 %description
 
@@ -85,6 +87,7 @@
 %patch2 -p1 -b .lsb
 %patch3 -p1 -b .audit-user
 %patch4 -p1 -b .abort
+%patch5 -p1 -b .pie
 
 autoreconf -f -i
 
@@ -204,6 +207,9 @@
 %{_datadir}/devhelp/books/dbus
 
 %changelog
+* Thu Oct  4 2007 Matthias Clasen <mclasen at redhat.com> - 1.1.2-7
+- Make the daemon a PIE executable  (#210039)
+
 * Fri Sep 14 2007 Bill Nottingham <notting at redhat.com> - 1.1.2-6%{?dist}
 - fix daemon abort when SELinux denies passing on a message (#283231)

More information about the fedora-extras-commits mailing list