From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/kbd/, sys-apps/kbd/files/
Date: Wed, 4 Oct 2023 15:28:56 +0000 (UTC) [thread overview]
Message-ID: <1696432243.a82615f6b9ef054b0d937bbde647c552905945e6.sam@gentoo> (raw)
commit: a82615f6b9ef054b0d937bbde647c552905945e6
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 4 14:04:39 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Oct 4 15:10:43 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a82615f6
sys-apps/kbd: don't redefine _FORTIFY_SOURCE
Closes: https://bugs.gentoo.org/892834
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../kbd-2.6.3-no-redefine-fortify-source.patch | 171 +++++++++++++++++++++
sys-apps/kbd/kbd-2.6.3-r1.ebuild | 94 +++++++++++
2 files changed, 265 insertions(+)
diff --git a/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch b/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch
new file mode 100644
index 000000000000..b18fb9f751cf
--- /dev/null
+++ b/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch
@@ -0,0 +1,171 @@
+https://github.com/legionus/kbd/pull/103
+
+From 3392e2038dee97361d7438512653736d72a02109 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Wed, 4 Oct 2023 14:47:33 +0100
+Subject: [PATCH] Use `AX_ADD_FORTIFY_SOURCE` to avoid redefining
+ `_FORTIFY_SOURCE`
+
+Some distributions are now setting -D_FORTIFY_SOURCE=3 by default in their
+toolchains rather than _F_S=2. By forcing _F_S=2, this causes both a warning
+and a downgrade in the effective protection.
+
+Use the autoconf-archive macro for this purpose (AX_ADD_FORTIFY_SOURCE)
+to add the fortification at the highest supported level if the compiler doesn't
+already default to it.
+
+Bug: https://bugs.gentoo.org/892834
+Signed-off-by: Sam James <sam@gentoo.org>
+---
+ configure.ac | 5 +-
+ m4/ax_add_fortify_source.m4 | 119 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 122 insertions(+), 2 deletions(-)
+ create mode 100644 m4/ax_add_fortify_source.m4
+
+diff --git a/configure.ac b/configure.ac
+index 66023ff8..7fdbe7d6 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -63,13 +63,14 @@ strspn strstr strtol strtoul setpgrp malloc realloc])
+
+ AC_SEARCH_LIBS([timer_create], [rt])
+
++AX_ADD_FORTIFY_SOURCE
++
+ # Optimization level
+ CC_O_LEVEL="-O2"
+-FORTIFY_SOURCE="-D_FORTIFY_SOURCE=2"
+
+ if test "$enable_code_coverage" = yes; then
+ CC_O_LEVEL="-O0"
+- FORTIFY_SOURCE=
++ FORTIFY_SOURCE="-U_FORTIFY_SOURCE"
+ fi
+
+ case "$GCC,$ac_cv_prog_cc_g" in
+diff --git a/m4/ax_add_fortify_source.m4 b/m4/ax_add_fortify_source.m4
+new file mode 100644
+index 00000000..860c1598
+--- /dev/null
++++ b/m4/ax_add_fortify_source.m4
+@@ -0,0 +1,119 @@
++# ===========================================================================
++# https://www.gnu.org/software/autoconf-archive/ax_add_fortify_source.html
++# ===========================================================================
++#
++# SYNOPSIS
++#
++# AX_ADD_FORTIFY_SOURCE
++#
++# DESCRIPTION
++#
++# Check whether -D_FORTIFY_SOURCE=2 can be added to CPPFLAGS without macro
++# redefinition warnings, other cpp warnings or linker. Some distributions
++# (such as Ubuntu or Gentoo Linux) enable _FORTIFY_SOURCE globally in
++# their compilers, leading to unnecessary warnings in the form of
++#
++# <command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
++# <built-in>: note: this is the location of the previous definition
++#
++# which is a problem if -Werror is enabled. This macro checks whether
++# _FORTIFY_SOURCE is already defined, and if not, adds -D_FORTIFY_SOURCE=2
++# to CPPFLAGS.
++#
++# Newer mingw-w64 msys2 package comes with a bug in
++# headers-git-7.0.0.5546.d200317d-1. It broke -D_FORTIFY_SOURCE support,
++# and would need -lssp or -fstack-protector. See
++# https://github.com/msys2/MINGW-packages/issues/5803. Try to actually
++# link it.
++#
++# LICENSE
++#
++# Copyright (c) 2017 David Seifert <soap@gentoo.org>
++# Copyright (c) 2019, 2023 Reini Urban <rurban@cpan.org>
++#
++# Copying and distribution of this file, with or without modification, are
++# permitted in any medium without royalty provided the copyright notice
++# and this notice are preserved. This file is offered as-is, without any
++# warranty.
++
++#serial 10
++
++AC_DEFUN([AX_ADD_FORTIFY_SOURCE],[
++ ac_save_cflags=$CFLAGS
++ ac_cwerror_flag=yes
++ AX_CHECK_COMPILE_FLAG([-Werror],[CFLAGS="$CFLAGS -Werror"])
++ ax_add_fortify_3_failed=
++ AC_MSG_CHECKING([whether to add -D_FORTIFY_SOURCE=3 to CPPFLAGS])
++ AC_LINK_IFELSE([
++ AC_LANG_PROGRAM([],
++ [[
++ #ifndef _FORTIFY_SOURCE
++ return 0;
++ #else
++ _FORTIFY_SOURCE_already_defined;
++ #endif
++ ]]
++ )],
++ AC_LINK_IFELSE([
++ AC_LANG_SOURCE([[
++ #define _FORTIFY_SOURCE 3
++ #include <string.h>
++ int main(void) {
++ char *s = " ";
++ strcpy(s, "x");
++ return strlen(s)-1;
++ }
++ ]]
++ )],
++ [
++ AC_MSG_RESULT([yes])
++ CFLAGS=$ac_save_cflags
++ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=3"
++ ], [
++ AC_MSG_RESULT([no])
++ ax_add_fortify_3_failed=1
++ ],
++ ),
++ [
++ AC_MSG_RESULT([no])
++ ax_add_fortify_3_failed=1
++ ])
++ if test -n "$ax_add_fortify_3_failed"
++ then
++ AC_MSG_CHECKING([whether to add -D_FORTIFY_SOURCE=2 to CPPFLAGS])
++ AC_LINK_IFELSE([
++ AC_LANG_PROGRAM([],
++ [[
++ #ifndef _FORTIFY_SOURCE
++ return 0;
++ #else
++ _FORTIFY_SOURCE_already_defined;
++ #endif
++ ]]
++ )],
++ AC_LINK_IFELSE([
++ AC_LANG_SOURCE([[
++ #define _FORTIFY_SOURCE 2
++ #include <string.h>
++ int main(void) {
++ char *s = " ";
++ strcpy(s, "x");
++ return strlen(s)-1;
++ }
++ ]]
++ )],
++ [
++ AC_MSG_RESULT([yes])
++ CFLAGS=$ac_save_cflags
++ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2"
++ ], [
++ AC_MSG_RESULT([no])
++ CFLAGS=$ac_save_cflags
++ ],
++ ),
++ [
++ AC_MSG_RESULT([no])
++ CFLAGS=$ac_save_cflags
++ ])
++ fi
++])
+
diff --git a/sys-apps/kbd/kbd-2.6.3-r1.ebuild b/sys-apps/kbd/kbd-2.6.3-r1.ebuild
new file mode 100644
index 000000000000..8109218a18e0
--- /dev/null
+++ b/sys-apps/kbd/kbd-2.6.3-r1.ebuild
@@ -0,0 +1,94 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+if [[ ${PV} == 9999 ]] ; then
+ EGIT_REPO_URI="https://github.com/legionus/kbd.git https://git.kernel.org/pub/scm/linux/kernel/git/legion/kbd.git"
+ EGIT_BRANCH="master"
+ inherit git-r3
+else
+ if [[ $(ver_cut 3) -lt 90 ]] ; then
+ SRC_URI="https://www.kernel.org/pub/linux/utils/kbd/${P}.tar.xz"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+ else
+ SRC_URI="https://github.com/legionus/kbd/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+ fi
+fi
+
+DESCRIPTION="Keyboard and console utilities"
+HOMEPAGE="https://kbd-project.org/"
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="nls selinux pam test"
+RESTRICT="!test? ( test )"
+
+# Testsuite's Makefile.am calls missing(!)
+# ... but this seems to be consistent with the autoconf docs?
+# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html
+QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*"
+
+DEPEND="
+ app-alternatives/gzip
+ pam? (
+ !app-misc/vlock
+ sys-libs/pam
+ )
+"
+RDEPEND="
+ ${DEPEND}
+ selinux? ( sec-policy/selinux-loadkeys )
+"
+BDEPEND="
+ virtual/pkgconfig
+ test? ( dev-libs/check )
+"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.6.3-no-redefine-fortify-source.patch
+)
+
+src_prepare() {
+ default
+
+ # Rename conflicting keymaps to have unique names, bug #293228
+ # See also https://github.com/legionus/kbd/issues/76.
+ pushd "${S}"/data/keymaps/i386 &> /dev/null || die
+ mv fgGIod/trf.map fgGIod/trf-fgGIod.map || die
+ mv olpc/es.map olpc/es-olpc.map || die
+ mv olpc/pt.map olpc/pt-olpc.map || die
+ mv qwerty/cz.map qwerty/cz-qwerty.map || die
+ popd &> /dev/null || die
+
+ #if [[ ${PV} == 9999 ]] || [[ $(ver_cut 3) -ge 90 ]] ; then
+ # eautoreconf
+ #fi
+
+ # Always do it for now for the F_S patch
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ --disable-werror
+
+ $(use_enable nls)
+ $(use_enable pam vlock)
+ $(use_enable test tests)
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+
+ docinto html
+ dodoc docs/doc/*.html
+
+ # USE="test" installs .la files
+ find "${ED}" -type f -name "*.la" -delete || die
+}
next reply other threads:[~2023-10-04 15:29 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-04 15:28 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-05-15 0:07 [gentoo-commits] repo/gentoo:master commit in: sys-apps/kbd/, sys-apps/kbd/files/ David Seifert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1696432243.a82615f6b9ef054b0d937bbde647c552905945e6.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox