sys-apps/kbd: don't redefine _FORTIFY_SOURCE

Closes: https://bugs.gentoo.org/892834 Signed-off-by: Sam James <sam@gentoo.org>
author: Sam James <sam@gentoo.org> 2023-10-04 15:04:39 +0100
committer: Sam James <sam@gentoo.org> 2023-10-04 16:10:43 +0100
commit: a82615f6b9ef054b0d937bbde647c552905945e6 (patch)
tree: c6fa637f5bc30ec6d5804fae9f90d1c7f360c172 /sys-apps/kbd
parent: dev-libs/libmpack: drop 1.0.5-r3 (diff)
download: gentoo-a82615f6b9ef054b0d937bbde647c552905945e6.tar.gz
gentoo-a82615f6b9ef054b0d937bbde647c552905945e6.tar.bz2
gentoo-a82615f6b9ef054b0d937bbde647c552905945e6.zip
2 files changed, 265 insertions, 0 deletions
diff --git a/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch b/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch
new file mode 100644
index 000000000000..b18fb9f751cf
--- /dev/null
+++ b/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch
@@ -0,0 +1,171 @@
+https://github.com/legionus/kbd/pull/103
+
+From 3392e2038dee97361d7438512653736d72a02109 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Wed, 4 Oct 2023 14:47:33 +0100
+Subject: [PATCH] Use `AX_ADD_FORTIFY_SOURCE` to avoid redefining
+ `_FORTIFY_SOURCE`
+
+Some distributions are now setting -D_FORTIFY_SOURCE=3 by default in their
+toolchains rather than _F_S=2. By forcing _F_S=2, this causes both a warning
+and a downgrade in the effective protection.
+
+Use the autoconf-archive macro for this purpose (AX_ADD_FORTIFY_SOURCE)
+to add the fortification at the highest supported level if the compiler doesn't
+already default to it.
+
+Bug: https://bugs.gentoo.org/892834
+Signed-off-by: Sam James <sam@gentoo.org>
+---
+ configure.ac                |   5 +-
+ m4/ax_add_fortify_source.m4 | 119 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 122 insertions(+), 2 deletions(-)
+ create mode 100644 m4/ax_add_fortify_source.m4
+
+diff --git a/configure.ac b/configure.ac
+index 66023ff8..7fdbe7d6 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -63,13 +63,14 @@ strspn strstr strtol strtoul setpgrp malloc realloc])
+ 
+ AC_SEARCH_LIBS([timer_create], [rt])
+ 
++AX_ADD_FORTIFY_SOURCE
++
+ # Optimization level
+ CC_O_LEVEL="-O2"
+-FORTIFY_SOURCE="-D_FORTIFY_SOURCE=2"
+ 
+ if test "$enable_code_coverage" = yes; then
+ 	CC_O_LEVEL="-O0"
+-	FORTIFY_SOURCE=
++	FORTIFY_SOURCE="-U_FORTIFY_SOURCE"
+ fi
+ 
+ case "$GCC,$ac_cv_prog_cc_g" in
+diff --git a/m4/ax_add_fortify_source.m4 b/m4/ax_add_fortify_source.m4
+new file mode 100644
+index 00000000..860c1598
+--- /dev/null
++++ b/m4/ax_add_fortify_source.m4
+@@ -0,0 +1,119 @@
++# ===========================================================================
++#  https://www.gnu.org/software/autoconf-archive/ax_add_fortify_source.html
++# ===========================================================================
++#
++# SYNOPSIS
++#
++#   AX_ADD_FORTIFY_SOURCE
++#
++# DESCRIPTION
++#
++#   Check whether -D_FORTIFY_SOURCE=2 can be added to CPPFLAGS without macro
++#   redefinition warnings, other cpp warnings or linker. Some distributions
++#   (such as Ubuntu or Gentoo Linux) enable _FORTIFY_SOURCE globally in
++#   their compilers, leading to unnecessary warnings in the form of
++#
++#     <command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
++#     <built-in>: note: this is the location of the previous definition
++#
++#   which is a problem if -Werror is enabled. This macro checks whether
++#   _FORTIFY_SOURCE is already defined, and if not, adds -D_FORTIFY_SOURCE=2
++#   to CPPFLAGS.
++#
++#   Newer mingw-w64 msys2 package comes with a bug in
++#   headers-git-7.0.0.5546.d200317d-1. It broke -D_FORTIFY_SOURCE support,
++#   and would need -lssp or -fstack-protector.  See
++#   https://github.com/msys2/MINGW-packages/issues/5803. Try to actually
++#   link it.
++#
++# LICENSE
++#
++#   Copyright (c) 2017 David Seifert <soap@gentoo.org>
++#   Copyright (c) 2019, 2023 Reini Urban <rurban@cpan.org>
++#
++#   Copying and distribution of this file, with or without modification, are
++#   permitted in any medium without royalty provided the copyright notice
++#   and this notice are preserved.  This file is offered as-is, without any
++#   warranty.
++
++#serial 10
++
++AC_DEFUN([AX_ADD_FORTIFY_SOURCE],[
++    ac_save_cflags=$CFLAGS
++    ac_cwerror_flag=yes
++    AX_CHECK_COMPILE_FLAG([-Werror],[CFLAGS="$CFLAGS -Werror"])
++    ax_add_fortify_3_failed=
++    AC_MSG_CHECKING([whether to add -D_FORTIFY_SOURCE=3 to CPPFLAGS])
++    AC_LINK_IFELSE([
++        AC_LANG_PROGRAM([],
++            [[
++                #ifndef _FORTIFY_SOURCE
++                    return 0;
++                #else
++                    _FORTIFY_SOURCE_already_defined;
++                #endif
++            ]]
++        )],
++        AC_LINK_IFELSE([
++            AC_LANG_SOURCE([[
++                #define _FORTIFY_SOURCE 3
++                #include <string.h>
++                int main(void) {
++                    char *s = " ";
++                    strcpy(s, "x");
++                    return strlen(s)-1;
++                }
++              ]]
++            )],
++            [
++              AC_MSG_RESULT([yes])
++              CFLAGS=$ac_save_cflags
++              CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=3"
++            ], [
++              AC_MSG_RESULT([no])
++              ax_add_fortify_3_failed=1
++            ],
++        ),
++        [
++          AC_MSG_RESULT([no])
++          ax_add_fortify_3_failed=1
++        ])
++    if test -n "$ax_add_fortify_3_failed"
++    then
++    AC_MSG_CHECKING([whether to add -D_FORTIFY_SOURCE=2 to CPPFLAGS])
++    AC_LINK_IFELSE([
++        AC_LANG_PROGRAM([],
++            [[
++                #ifndef _FORTIFY_SOURCE
++                    return 0;
++                #else
++                    _FORTIFY_SOURCE_already_defined;
++                #endif
++            ]]
++        )],
++        AC_LINK_IFELSE([
++            AC_LANG_SOURCE([[
++                #define _FORTIFY_SOURCE 2
++                #include <string.h>
++                int main(void) {
++                    char *s = " ";
++                    strcpy(s, "x");
++                    return strlen(s)-1;
++                }
++              ]]
++            )],
++            [
++              AC_MSG_RESULT([yes])
++              CFLAGS=$ac_save_cflags
++              CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2"
++            ], [
++              AC_MSG_RESULT([no])
++              CFLAGS=$ac_save_cflags
++            ],
++        ),
++        [
++          AC_MSG_RESULT([no])
++          CFLAGS=$ac_save_cflags
++        ])
++    fi
++])
+
diff --git a/sys-apps/kbd/kbd-2.6.3-r1.ebuild b/sys-apps/kbd/kbd-2.6.3-r1.ebuild
new file mode 100644
index 000000000000..8109218a18e0
--- /dev/null
+++ b/sys-apps/kbd/kbd-2.6.3-r1.ebuild
@@ -0,0 +1,94 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+if [[ ${PV} == 9999 ]] ; then
+	EGIT_REPO_URI="https://github.com/legionus/kbd.git https://git.kernel.org/pub/scm/linux/kernel/git/legion/kbd.git"
+	EGIT_BRANCH="master"
+	inherit git-r3
+else
+	if [[ $(ver_cut 3) -lt 90 ]] ; then
+		SRC_URI="https://www.kernel.org/pub/linux/utils/kbd/${P}.tar.xz"
+		KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+	else
+		SRC_URI="https://github.com/legionus/kbd/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+	fi
+fi
+
+DESCRIPTION="Keyboard and console utilities"
+HOMEPAGE="https://kbd-project.org/"
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="nls selinux pam test"
+RESTRICT="!test? ( test )"
+
+# Testsuite's Makefile.am calls missing(!)
+# ... but this seems to be consistent with the autoconf docs?
+# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html
+QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*"
+
+DEPEND="
+	app-alternatives/gzip
+	pam? (
+		!app-misc/vlock
+		sys-libs/pam
+	)
+"
+RDEPEND="
+	${DEPEND}
+	selinux? ( sec-policy/selinux-loadkeys )
+"
+BDEPEND="
+	virtual/pkgconfig
+	test? ( dev-libs/check )
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2.6.3-no-redefine-fortify-source.patch
+)
+
+src_prepare() {
+	default
+
+	# Rename conflicting keymaps to have unique names, bug #293228
+	# See also https://github.com/legionus/kbd/issues/76.
+	pushd "${S}"/data/keymaps/i386 &> /dev/null || die
+	mv fgGIod/trf.map fgGIod/trf-fgGIod.map || die
+	mv olpc/es.map olpc/es-olpc.map || die
+	mv olpc/pt.map olpc/pt-olpc.map || die
+	mv qwerty/cz.map qwerty/cz-qwerty.map || die
+	popd &> /dev/null || die
+
+	#if [[ ${PV} == 9999 ]] || [[ $(ver_cut 3) -ge 90 ]] ; then
+	#	eautoreconf
+	#fi
+
+	# Always do it for now for the F_S patch
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--disable-werror
+
+		$(use_enable nls)
+		$(use_enable pam vlock)
+		$(use_enable test tests)
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	docinto html
+	dodoc docs/doc/*.html
+
+	# USE="test" installs .la files
+	find "${ED}" -type f -name "*.la" -delete || die
+}
author	Sam James <sam@gentoo.org>	2023-10-04 15:04:39 +0100
committer	Sam James <sam@gentoo.org>	2023-10-04 16:10:43 +0100
commit	a82615f6b9ef054b0d937bbde647c552905945e6 (patch)
tree	c6fa637f5bc30ec6d5804fae9f90d1c7f360c172 /sys-apps/kbd
parent	dev-libs/libmpack: drop 1.0.5-r3 (diff)
download	gentoo-a82615f6b9ef054b0d937bbde647c552905945e6.tar.gz gentoo-a82615f6b9ef054b0d937bbde647c552905945e6.tar.bz2 gentoo-a82615f6b9ef054b0d937bbde647c552905945e6.zip