Add libc agnostic fortify-headers package

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2024-11-22 02:59:47 +01:00 · 2018-10-17 00:39:37 +02:00 · 2018-10-17 00:39:37 +02:00 · 8063550d4e
commit 8063550d4e
parent 52933c58c9
5 changed files with 55 additions and 2 deletions
--- a/pkg/fortify-headers/build
+++ b/pkg/fortify-headers/build
@ -0,0 +1,24 @@
+VERSION="1.0"
+SRCDIR="fortify-headers-$VERSION"
+TARBALL="$SRCDIR.tar.xz"
+URL="http://infraroot.at/pygos"
+SHA256SUM="992af871941317b75b5520485111da14dd1b785dcb45de86244b1f6476182696"
+DEPENDS="linux_headers"
+
+prepare() {
+	return
+}
+
+build() {
+	return
+}
+
+deploy() {
+	make -C "$1" PREFIX="" DESTDIR="$2" install
+}
+
+check_update() {
+	curl --silent -L "http://git.2f30.org/fortify-headers/refs.html" | \
+		grep -o "<td>[0-9.]\+</td>" | grep -o "[0-9.]*" | \
+		verson_find_greatest "$VERSION"
+}
--- a/pkg/musl/build
+++ b/pkg/musl/build
@ -3,7 +3,7 @@ SRCDIR="musl-$VERSION"
 TARBALL="$SRCDIR.tar.gz"
 URL="https://www.musl-libc.org/releases"
 SHA256SUM="44be8771d0e6c6b5f82dd15662eb2957c9a3173a19a8b49966ac0542bbd40d61"
-DEPENDS="tc-gcc1 linux_headers"
+DEPENDS="tc-gcc1 linux_headers fortify-headers"

 prepare() {
 	return
--- a/pkg/tc-gcc1/0001.patch
+++ b/pkg/tc-gcc1/0001.patch
@ -0,0 +1,13 @@
+diff --git a/gcc/config/linux.h b/gcc/config/linux.h
+index 2ea4ff9..e10e0a5 100644
+--- a/gcc/config/linux.h
+++ b/gcc/config/linux.h
+@@ -154,6 +154,8 @@ see the files COPYING3 and COPYING.RUNTIME respectively.  If not, see
+ 
+ #ifdef NATIVE_SYSTEM_HEADER_DIR
+ #define INCLUDE_DEFAULTS_MUSL_NATIVE			\
+    { NATIVE_SYSTEM_HEADER_DIR "/fortify", 0, 0, 0, 1, 2 },	\
+    { NATIVE_SYSTEM_HEADER_DIR "/fortify", 0, 0, 0, 1, 0 },	\
+     { NATIVE_SYSTEM_HEADER_DIR, 0, 0, 0, 1, 2 },	\
+     { NATIVE_SYSTEM_HEADER_DIR, 0, 0, 0, 1, 0 },
+ #else
--- a/pkg/tc-gcc1/0002.patch
+++ b/pkg/tc-gcc1/0002.patch
@ -0,0 +1,14 @@
+diff --git a/gcc/c-family/c-cppbuiltin.c b/gcc/c-family/c-cppbuiltin.c
+index 3fc4fa9..2c502be 100644
+--- a/gcc/c-family/c-cppbuiltin.c
+++ b/gcc/c-family/c-cppbuiltin.c
+@@ -1342,6 +1342,9 @@ c_cpp_builtins (cpp_reader *pfile)
+   builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0);
+   builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0);
+ 
+  /* Fortify Source enabled by default w/optimization.  */
+  cpp_define (pfile, "_FORTIFY_SOURCE=((defined __OPTIMIZE__ && __OPTIMIZE__ > 0) ? 2 : 0)");
+
+   /* Misc.  */
+   if (flag_gnu89_inline)
+     cpp_define (pfile, "__GNUC_GNU_INLINE__");
--- a/pkg/tc-gcc1/build
+++ b/pkg/tc-gcc1/build
@ -3,9 +3,11 @@ SRCDIR="gcc-$VERSION"
 TARBALL="gcc-$VERSION.tar.xz"
 URL="http://ftp.gnu.org/gnu/gcc/gcc-$VERSION"
 SHA256SUM="196c3c04ba2613f893283977e6011b2345d1cd1af9abeac58e916b1aab3e0080"
-DEPENDS="tc-binutils tc-cloog tc-gmp tc-isl tc-mpc tc-mpfr linux_headers"
+DEPENDS="tc-binutils tc-cloog tc-gmp tc-isl tc-mpc tc-mpfr linux_headers fortify-headers"

 prepare() {
+	apply_patches
+
 	#
 	# XXX: if you ever add support for another 64 bit processor,
 	#      you need to patch this.