Package: autotools-dev Version: 20150820.1 Severity: wishlist Tags: patch upstream User: bal...@balintreczey.hu Usertags: hardened1-linux-amd64
Dear autotools-dev Maintainers, I have successfully bootstrapped the hardened1-linux-amd64 [1] port using a set of patches [2]. I'm working towards making the port ready for being accepted to Debian and the attached patches are adding the port support to autotools-dev. I plan upstreaming the change but I would like to start the discussion showing a working prototype which I'm setting up right now. I used the simple patching to limit build-dependencies to simple packages. Dpkg support for the port is being discussed in #812782. Accepting this patch would make (re-)bootstrapping the new port easier. Thank you in advance, Balint [1] http://balintreczey.hu/blog/proposing-amd64-hardened-architecture-for-debian/ [2] https://anonscm.debian.org/cgit/users/rbalint/rebootstrap.git/
>From 130b5219b2fbe48f943ec6459ea28b3fca8bcce9 Mon Sep 17 00:00:00 2001 From: Balint Reczey <bal...@balintreczey.hu> Date: Fri, 8 Jan 2016 18:35:44 +0100 Subject: [PATCH] Support gnuhardened1 architecture --- debian/control | 2 +- debian/patches/01_add_gnuhardened1_architecture.patch | 18 ++++++++++++++++++ debian/rules | 1 + 3 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 debian/patches/01_add_gnuhardened1_architecture.patch diff --git a/debian/control b/debian/control index a20ad52..f25239f 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: autotools-dev Section: devel Priority: optional Maintainer: Henrique de Moraes Holschuh <h...@debian.org> -Build-Depends: debhelper (>> 7) +Build-Depends: debhelper (>> 7), patch Build-Depends-Indep: perl Standards-Version: 3.9.5 Homepage: http://savannah.gnu.org/projects/config/ diff --git a/debian/patches/01_add_gnuhardened1_architecture.patch b/debian/patches/01_add_gnuhardened1_architecture.patch new file mode 100644 index 0000000..7e0c912 --- /dev/null +++ b/debian/patches/01_add_gnuhardened1_architecture.patch @@ -0,0 +1,18 @@ +Description: Detect compiler with hardened1 featureset enabled +Forwarded: not-needed +Author: Balint Reczey <bal...@balintreczey.hu> + +diff --git a/config.guess b/config.guess +index 1659250..8b3dbca 100755 +--- a/config.guess ++++ b/config.guess +@@ -145,6 +145,8 @@ Linux|GNU|GNU/*) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc ++ #elif defined(__GNU_FEATURESET_HARDENED1__) ++ LIBC=gnuhardened1 + #else + LIBC=gnu + #endif + diff --git a/debian/rules b/debian/rules index e184dbb..3dd93a1 100755 --- a/debian/rules +++ b/debian/rules @@ -9,6 +9,7 @@ build: build-stamp build-indep: build-stamp build-stamp: dh_testdir + patch config.guess < debian/patches/01_add_gnuhardened1_architecture.patch pod2man -c Debhelper debian/dh_autotools-dev_updateconfig debian/dh_autotools-dev_updateconfig.1 pod2man -c Debhelper debian/dh_autotools-dev_restoreconfig debian/dh_autotools-dev_restoreconfig.1 touch build-stamp -- 2.1.4
