diff options
| author |   Sergei Trofimovich <slyfox@gentoo.org> | 2011-02-05 15:37:16 +0000 |
|---|---|---|
| committer | Sergei Trofimovich <slyfox@gentoo.org> | 2011-02-05 15:37:16 +0000 |
| commit | ebcbab87d1a7664abdeb1694f444a04ed30dafd2 (patch) | |
| tree | 13b3e6aec428f665b9ae26654e130141b76c1815 /dev-lang | |
| parent | Version bump with some bugfixes. (diff) | |
| download | gentoo-2-ebcbab87d1a7664abdeb1694f444a04ed30dafd2.tar.gz gentoo-2-ebcbab87d1a7664abdeb1694f444a04ed30dafd2.tar.bz2 gentoo-2-ebcbab87d1a7664abdeb1694f444a04ed30dafd2.zip | |
Backported libffi fix from upstream. It fixes GHCi operation on GRSEC kernel for TPE restricted users. Thanks to klondike!
(Portage version: 2.1.9.25/cvs/Linux x86_64)
Diffstat (limited to 'dev-lang')
| -rw-r--r-- | dev-lang/ghc/ChangeLog | 9 | ||||
| -rw-r--r-- | dev-lang/ghc/files/ghc-6.12.3-libffi-incorrect-detection-of-selinux.patch | 61 | ||||
| -rw-r--r-- | dev-lang/ghc/ghc-6.12.3.ebuild | 8 |
3 files changed, 74 insertions, 4 deletions
diff --git a/dev-lang/ghc/ChangeLog b/dev-lang/ghc/ChangeLog index 2a28d049d593..3e6fb6dae97a 100644 --- a/dev-lang/ghc/ChangeLog +++ b/dev-lang/ghc/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for dev-lang/ghc -# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ChangeLog,v 1.200 2010/11/27 12:43:55 kolmodin Exp $ +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ChangeLog,v 1.201 2011/02/05 15:37:16 slyfox Exp $ + + 05 Feb 2011; Sergei Trofimovich <slyfox@gentoo.org> ghc-6.12.3.ebuild, + +files/ghc-6.12.3-libffi-incorrect-detection-of-selinux.patch: + Backported libffi fix from upstream. It fixes GHCi operation on GRSEC + kernel for TPE restricted users. Thanks to klondike! 27 Nov 2010; Lennart Kolmodin <kolmodin@gentoo.org> -ghc-6.12.1.ebuild: Remove masked GHC 6.12.1. diff --git a/dev-lang/ghc/files/ghc-6.12.3-libffi-incorrect-detection-of-selinux.patch b/dev-lang/ghc/files/ghc-6.12.3-libffi-incorrect-detection-of-selinux.patch new file mode 100644 index 000000000000..9d839fc7b3e3 --- /dev/null +++ b/dev-lang/ghc/files/ghc-6.12.3-libffi-incorrect-detection-of-selinux.patch @@ -0,0 +1,61 @@ +From 6d011f0865dc99d9306b5768ccd1eaa0355d994e Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich <slyfox@gentoo.org> +Date: Sat, 5 Feb 2011 11:53:33 +0200 +Subject: [PATCH] libffi: backport incorrect detection of selinux + +This patch unbreaks ghci on GRSEC kernels hardened with +TPE (Trusted Path Execution) protection. + +TPE forbids mmap('rwx') files opened for writes: + fd = open (a_file_in_tmp, O_RDWR); + mmap (..., PROT_READ | PROT_WRITE | PROT_EXEC, fd); + +while allows anonymous RWX mappings: + mmap (...MAP_ANONYMOUS , PROT_READ | PROT_WRITE | PROT_EXEC, -1); + +Thanks to klondike for finding it out. + +Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> +--- + libffi/ghc.mk | 2 ++ + libffi/libffi.selinux-detection-3.0.8.patch | 15 +++++++++++++++ + 2 files changed, 17 insertions(+), 0 deletions(-) + create mode 100644 libffi/libffi.selinux-detection-3.0.8.patch + +diff --git a/libffi/ghc.mk b/libffi/ghc.mk +index 1b1b118..a40f23c 100644 +--- a/libffi/ghc.mk ++++ b/libffi/ghc.mk +@@ -117,6 +117,8 @@ $(libffi_STAMP_CONFIGURE): + # This patch is just the resulting delta from running + # automake && autoreconf && libtoolize --force --copy + cd libffi/build && "$(PATCH)" -p1 < ../libffi.autotools-update-3.0.8.patch ++ # don't report nonselinux systems as selinux ++ cd libffi/build && "$(PATCH)" -p0 < ../libffi.selinux-detection-3.0.8.patch + + # Because -Werror may be in SRC_CC_OPTS/SRC_LD_OPTS, we need to turn + # warnings off or the compilation of libffi might fail due to warnings +diff --git a/libffi/libffi.selinux-detection-3.0.8.patch b/libffi/libffi.selinux-detection-3.0.8.patch +new file mode 100644 +index 0000000..a919f28 +--- /dev/null ++++ b/libffi/libffi.selinux-detection-3.0.8.patch +@@ -0,0 +1,15 @@ ++src/closures.c (selinux_enabled_check): Fix strncmp usage bug. ++ ++http://github.com/atgreen/libffi/commit/eaf444eabc4c78703c0f98ac0197b1619c1b1bef ++ ++--- src/closures.c +++++ src/closures.c ++@@ -146,7 +146,7 @@ ++ p = strchr (p + 1, ' '); ++ if (p == NULL) ++ break; ++- if (strncmp (p + 1, "selinuxfs ", 10) != 0) +++ if (strncmp (p + 1, "selinuxfs ", 10) == 0) ++ { ++ free (buf); ++ fclose (f); +-- +1.7.3.4 + diff --git a/dev-lang/ghc/ghc-6.12.3.ebuild b/dev-lang/ghc/ghc-6.12.3.ebuild index 8778fc6498f7..fc14bad839e8 100644 --- a/dev-lang/ghc/ghc-6.12.3.ebuild +++ b/dev-lang/ghc/ghc-6.12.3.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2010 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ghc-6.12.3.ebuild,v 1.19 2010/11/14 18:10:55 slyfox Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-lang/ghc/ghc-6.12.3.ebuild,v 1.20 2011/02/05 15:37:16 slyfox Exp $ # Brief explanation of the bootstrap logic: # @@ -235,6 +235,10 @@ src_unpack() { # http://hackage.haskell.org/trac/ghc/ticket/3558 epatch "${FILESDIR}/ghc-6.12.3-ghciless-haddock-3558.patch" + # This patch unbreaks ghci on GRSEC kernels hardened with + # TPE (Trusted Path Execution) protection. + epatch "${FILESDIR}/ghc-6.12.3-libffi-incorrect-detection-of-selinux.patch" + # as we have changed the build system eautoreconf fi |