commit: 1a947e6f6a83fde8abc06d527bf65bd054fc4ac6
Author: Hans de Graaff <hans <AT> degraaff <DOT> org>
AuthorDate: Fri Apr 24 08:57:40 2015 +0000
Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org>
CommitDate: Fri Apr 24 08:57:40 2015 +0000
URL: https://gitweb.gentoo.org/proj/ruby-scripts.git/commit/?id=1a947e6f
Patchset for ruby 2.2.2-r1
Add backported upstream patch to compile with hardened gcc.
patchsets/patches-2.2.2-r1/004_gfbsd7.patch | 37 +++++++++
.../patches-2.2.2-r1/005_no-undefined-ext.patch | 11 +++
patchsets/patches-2.2.2-r1/009_no-gems.patch | 88 ++++++++++++++++++++++
patchsets/patches-2.2.2-r1/013_hardened_gcc.patch | 37 +++++++++
4 files changed, 173 insertions(+)
diff --git a/patchsets/patches-2.2.2-r1/004_gfbsd7.patch
b/patchsets/patches-2.2.2-r1/004_gfbsd7.patch
new file mode 100644
index 0000000..450d714
--- /dev/null
+++ b/patchsets/patches-2.2.2-r1/004_gfbsd7.patch
@@ -0,0 +1,37 @@
+--- configure.in.orig 2013-05-05 19:36:02.800254192 +0200
++++ configure.in 2013-05-05 19:37:56.573346196 +0200
+@@ -2156,7 +2156,7 @@
+ fi
+
+ AS_CASE(["$target_os"],
+-[linux* | gnu* | k*bsd*-gnu | bsdi* | kopensolaris*-gnu | nacl], [
++[linux* | gnu* | k*bsd*-gnu | bsdi* | kopensolaris*-gnu | nacl | freebsd* |
dragonfly*], [
+ if test "$rb_cv_binary_elf" = no; then
+ with_dln_a_out=yes
+ else
+@@ -2249,7 +2249,7 @@
+ [bsdi3*], [ AS_CASE(["$CC"],
+ [*shlicc*], [ : ${LDSHARED='$(CC) -r'}
+ rb_cv_dlopen=yes])],
+- [linux* | gnu* | k*bsd*-gnu | netbsd* | bsdi* | kopensolaris*-gnu], [
++ [linux* | gnu* | k*bsd*-gnu | netbsd* | bsdi* | kopensolaris*-gnu |
freebsd7*], [
+ : ${LDSHARED='$(CC) -shared'}
+ if test "$rb_cv_binary_elf" = yes; then
+ LDFLAGS="$LDFLAGS -Wl,-export-dynamic"
+@@ -2262,7 +2262,6 @@
+ [freebsd*|dragonfly*], [
+ : ${LDSHARED='$(CC) -shared'}
+ if test "$rb_cv_binary_elf" = yes; then
+- LDFLAGS="$LDFLAGS -rdynamic"
+ DLDFLAGS="$DLDFLAGS "'-Wl,-soname,$@'
+ else
+ test "$GCC" = yes && test "$rb_cv_prog_gnu_ld" = yes
|| LDSHARED='$(LD) -Bshareable'
+@@ -2638,7 +2637,7 @@
+ [sunos4*], [
+ LIBRUBY_ALIASES='lib$(RUBY_SO_NAME).so.$(MAJOR).$(MINOR)
lib$(RUBY_SO_NAME).so'
+ ],
+- [linux* | gnu* | k*bsd*-gnu | atheos* | kopensolaris*-gnu], [
++ [linux* | gnu* | k*bsd*-gnu | atheos* | kopensolaris*-gnu | freebsd7*], [
+ LIBRUBY_DLDFLAGS='-Wl,-soname,lib$(RUBY_SO_NAME).so.$(MAJOR).$(MINOR)'"
$LDFLAGS_OPTDIR"
+ LIBRUBY_ALIASES='lib$(RUBY_SO_NAME).so.$(MAJOR).$(MINOR)
lib$(RUBY_SO_NAME).so'
+ if test "$load_relative" = yes; then
diff --git a/patchsets/patches-2.2.2-r1/005_no-undefined-ext.patch
b/patchsets/patches-2.2.2-r1/005_no-undefined-ext.patch
new file mode 100644
index 0000000..f279932
--- /dev/null
+++ b/patchsets/patches-2.2.2-r1/005_no-undefined-ext.patch
@@ -0,0 +1,11 @@
+--- ruby-1.9.3-preview1.orig/configure.in
++++ ruby-1.9.3-preview1/configure.in
+@@ -2038,7 +2038,7 @@ if test "$with_dln_a_out" != yes; then
+ [linux* | gnu* | k*bsd*-gnu | netbsd* | bsdi* | kopensolaris*-gnu], [
+ : ${LDSHARED='$(CC) -shared'}
+ if test "$rb_cv_binary_elf" = yes; then
+- LDFLAGS="$LDFLAGS -Wl,-export-dynamic"
++ LDFLAGS="$LDFLAGS -Wl,-export-dynamic
-Wl,--no-undefined"
+ fi
+ rb_cv_dlopen=yes],
+ [interix*], [ : ${LDSHARED='$(CC) -shared'}
diff --git a/patchsets/patches-2.2.2-r1/009_no-gems.patch
b/patchsets/patches-2.2.2-r1/009_no-gems.patch
new file mode 100644
index 0000000..a67cbf8
--- /dev/null
+++ b/patchsets/patches-2.2.2-r1/009_no-gems.patch
@@ -0,0 +1,88 @@
+--- tool/rbinstall.rb.~1~ 2015-03-25 04:33:14.000000000 +0100
++++ tool/rbinstall.rb 2015-04-14 07:07:01.169073427 +0200
+@@ -654,83 +654,11 @@
+ # :startdoc:
+
+ install?(:ext, :comm, :gem) do
+- $:.unshift(File.join(srcdir, "lib"))
+- require("rubygems.rb")
+- gem_dir = Gem.default_dir
+- directories = Gem.ensure_gem_subdirectories(gem_dir, :mode => $dir_mode)
+- prepare "default gems", gem_dir, directories
+-
+- spec_dir = File.join(gem_dir, directories.grep(/^spec/)[0])
+- default_spec_dir = "#{spec_dir}/default"
+- makedirs(default_spec_dir)
+-
+- gems = {}
+- File.foreach(File.join(srcdir, "defs/default_gems")) do |line|
+- line.chomp!
+- line.sub!(/\s*#.*/, '')
+- next if line.empty?
+- words = []
+- line.scan(/\G\s*([^\[\]\s]+|\[([^\[\]]*)\])/) do
+- words << ($2 ? $2.split : $1)
+- end
+- name, base_dir, src, execs = *words
+- next unless name and base_dir and src
+-
+- src = File.join(srcdir, src)
+- base_dir = File.join(srcdir, base_dir)
+- specgen = RbInstall::Specs::Generator.new(name, base_dir, src, execs ||
[])
+- gems[name] ||= specgen
+- end
+-
+- Dir.glob(srcdir+"/{lib,ext}/**/*.gemspec").each do |src|
+- specgen = RbInstall::Specs::Reader.new(src)
+- gems[specgen.gemspec.name] ||= specgen
+- end
+-
+- gems.sort.each do |name, specgen|
+- gemspec = specgen.gemspec
+- base_dir = specgen.src.sub(/\A#{Regexp.escape(srcdir)}\//, "")
+- full_name = "#{gemspec.name}-#{gemspec.version}"
+-
+- puts "#{" "*30}#{gemspec.name} #{gemspec.version}"
+- gemspec_path = File.join(default_spec_dir, "#{full_name}.gemspec")
+- open_for_install(gemspec_path, $data_mode) do
+- specgen.spec_source
+- end
+-
+- unless gemspec.executables.empty? then
+- bin_dir = File.join(gem_dir, 'gems', full_name, 'bin')
+- makedirs(bin_dir)
+-
+- execs = gemspec.executables.map {|exec| File.join(srcdir, 'bin', exec)}
+- install(execs, bin_dir, :mode => $prog_mode)
+- end
+- end
++ # gems are unbundled in Gentoo.
+ end
+
+ install?(:ext, :comm, :gem) do
+- begin
+- require "zlib"
+- rescue LoadError
+- end
+- if defined?(Zlib)
+- require 'pathname'
+- gem_dir = Gem.default_dir
+- directories = Gem.ensure_gem_subdirectories(gem_dir, :mode => $dir_mode)
+- prepare "bundle gems", gem_dir, directories
+- Dir.glob(srcdir+'/gems/*.gem').each do |gem|
+- Gem.install gem, Gem::Requirement.default, :install_dir =>
with_destdir(Gem.dir), :domain => :local, :ignore_dependencies => true
+- gemname = Pathname(gem).basename
+- puts "#{" "*30}#{gemname}"
+- end
+- # fix directory permissions
+- # TODO: Gem.install should accept :dir_mode option or something
+- File.chmod($dir_mode, *Dir.glob(with_destdir(Gem.dir)+"/**/"))
+- # fix .gemspec permissions
+- File.chmod($data_mode,
*Dir.glob(with_destdir(Gem.dir)+"/specifications/*.gemspec"))
+- else
+- puts "skip installing bundle gems because of lacking zlib"
+- end
++ # gems are unbundled in Gentoo.
+ end
+
+ parse_args()
diff --git a/patchsets/patches-2.2.2-r1/013_hardened_gcc.patch
b/patchsets/patches-2.2.2-r1/013_hardened_gcc.patch
new file mode 100644
index 0000000..1fefd08
--- /dev/null
+++ b/patchsets/patches-2.2.2-r1/013_hardened_gcc.patch
@@ -0,0 +1,37 @@
+Index: thread_pthread.c
+===================================================================
+--- thread_pthread.c (revision 50315)
++++ thread_pthread.c (revision 50316)
+@@ -662,11 +662,16 @@
+ # endif
+ struct rlimit rl;
+ volatile char buf[0x100];
++ enum {stack_check_margin = 0x1000}; /* for -fstack-check */
++
+ STACK_GROW_DIR_DETECTION;
+
+ if (!getrlimit(RLIMIT_STACK, &rl) && rl.rlim_cur == RLIM_INFINITY)
+ return;
+
++ if (size < stack_check_margin) return;
++ size -= stack_check_margin;
++
+ size -= sizeof(buf); /* margin */
+ if (IS_STACK_DIR_UPPER()) {
+ const volatile char *end = buf + sizeof(buf);
+@@ -674,13 +679,14 @@
+ if (limit > end) {
+ size = limit - end;
+ limit = alloca(size);
+- limit[size-1] = 0;
++ limit[stack_check_margin+size-1] = 0;
+ }
+ }
+ else {
+ limit -= size;
+ if (buf > limit) {
+ limit = alloca(buf - limit);
++ limit -= stack_check_margin;
+ limit[0] = 0;
+ }
+ }
