commit: cbd8f5219c8df40bf3f0f43a2fb0ffe69b21cbad Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Tue Apr 15 03:40:52 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Tue Apr 15 03:43:04 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cbd8f521
dev-libs/libffi: don't add executable stack on HPPA When building libffi on HPPA with `-Wl,--warn-warn-execstack`, we get: ``` ld: warning: src/pa/.libs/linux.o: missing .note.GNU-stack section implies executable stack ld: NOTE: This behaviour is deprecated and will be removed in a future version of the linker `` This is because pa/linux.S lacks a .GNU-stack note so it gets one added automatically that states an executable stack is needed. That becomes more problematic with glibc-2.41 which forbids dlopen() of a library with an executable stack, and libffi is commonly dlopen()'d, especially by Python. I suspect the reason it didn't show up on Debian is that since February, Debian has been building Binutils with --disable-default-execstack. Closes: https://bugs.gentoo.org/953805 Signed-off-by: Sam James <sam <AT> gentoo.org> ...-pa-add-.note.GNU-stack-marker-to-linux.S.patch | 34 ++++++++++++++++++++++ .../{libffi-9999.ebuild => libffi-3.4.8-r1.ebuild} | 2 +- dev-libs/libffi/libffi-9999.ebuild | 2 +- 3 files changed, 36 insertions(+), 2 deletions(-) diff --git a/dev-libs/libffi/files/libffi-3.4.8-pa-add-.note.GNU-stack-marker-to-linux.S.patch b/dev-libs/libffi/files/libffi-3.4.8-pa-add-.note.GNU-stack-marker-to-linux.S.patch new file mode 100644 index 000000000000..ac74106c2b56 --- /dev/null +++ b/dev-libs/libffi/files/libffi-3.4.8-pa-add-.note.GNU-stack-marker-to-linux.S.patch @@ -0,0 +1,34 @@ +https://github.com/libffi/libffi/pull/899 + +From 9991e8312b2cb4d1a9d0842ec9440c5e606f8cde Mon Sep 17 00:00:00 2001 +Message-ID: <9991e8312b2cb4d1a9d0842ec9440c5e606f8cde.1744688368.git....@gentoo.org> +From: Sam James <[email protected]> +Date: Tue, 15 Apr 2025 04:37:09 +0100 +Subject: [PATCH] pa: add .note.GNU-stack marker to linux.S + +Similarly to f515eac04cf8e5f594d5d9dee5fb7dfc3a186a4c, add a .note.GNU-stack +marker to pa/linux.S as it doesn't need an executable stack. Absence of the +note means that GNU Binutils will consider it as needing an executable stack +and mark it as such automatically. + +Bug: https://bugs.gentoo.org/953805 +Bug: https://github.com/libffi/libffi/issues/898 +--- + src/pa/linux.S | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/pa/linux.S b/src/pa/linux.S +index 2d3b036..fdd4332 100644 +--- a/src/pa/linux.S ++++ b/src/pa/linux.S +@@ -425,3 +425,7 @@ ffi_closure_pa32: + + .align 4 + .LEFDE2: ++ ++#if defined(__ELF__) && defined(__linux__) ++.section .note.GNU-stack,"",%progbits ++#endif +-- +2.49.0 + diff --git a/dev-libs/libffi/libffi-9999.ebuild b/dev-libs/libffi/libffi-3.4.8-r1.ebuild similarity index 96% copy from dev-libs/libffi/libffi-9999.ebuild copy to dev-libs/libffi/libffi-3.4.8-r1.ebuild index 072cb92af743..b53a7ca31e89 100644 --- a/dev-libs/libffi/libffi-9999.ebuild +++ b/dev-libs/libffi/libffi-3.4.8-r1.ebuild @@ -33,7 +33,7 @@ RESTRICT="!test? ( test )" BDEPEND="test? ( dev-util/dejagnu )" PATCHES=( - "${FILESDIR}"/${PN}-3.4.7-Revert-Fix-x86-ffi64-calls-with-6-gp-and-some-sse-re.patch + "${FILESDIR}"/${PN}-3.4.8-pa-add-.note.GNU-stack-marker-to-linux.S.patch ) src_prepare() { diff --git a/dev-libs/libffi/libffi-9999.ebuild b/dev-libs/libffi/libffi-9999.ebuild index 072cb92af743..b53a7ca31e89 100644 --- a/dev-libs/libffi/libffi-9999.ebuild +++ b/dev-libs/libffi/libffi-9999.ebuild @@ -33,7 +33,7 @@ RESTRICT="!test? ( test )" BDEPEND="test? ( dev-util/dejagnu )" PATCHES=( - "${FILESDIR}"/${PN}-3.4.7-Revert-Fix-x86-ffi64-calls-with-6-gp-and-some-sse-re.patch + "${FILESDIR}"/${PN}-3.4.8-pa-add-.note.GNU-stack-marker-to-linux.S.patch ) src_prepare() {
