diff --git a/dbus-pie.patch b/dbus-pie.patch new file mode 100644 index 0000000..ab6afa1 --- /dev/null +++ b/dbus-pie.patch @@ -0,0 +1,87 @@ +From: John (J5) Palmieri +Date: Wed, 3 Oct 2007 19:21:57 +0000 (-0400) +Subject: Correctly implement -fPIC and -fPIE +X-Git-Url: http://gitweb.freedesktop.org/?p=dbus/dbus.git;a=commitdiff;h=8a92100bbed2ba5cb16a1ede36214fa7d2f43e43 + +Correctly implement -fPIC and -fPIE + +* For security reasons we want possition independent code for libraries + and possition independent executable for executables +* before we were just enabling -fPIC +* now we correctly enable -fPIC and -PIE for libdbus and the bus respectively +* propper LD_FLAGS are set for each also +--- + +--- a/bus/Makefile.am ++++ b/bus/Makefile.am +@@ -1,7 +1,7 @@ + + configdir=$(sysconfdir)/dbus-1 + +-INCLUDES=-I$(top_srcdir) $(DBUS_BUS_CFLAGS) \ ++INCLUDES=-I$(top_srcdir) $(DBUS_BUS_CFLAGS) @PIE_CFLAGS@ \ + -DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \ + -DDAEMON_NAME=\"dbus-daemon\" -DDBUS_COMPILATION + +@@ -77,7 +77,7 @@ dbus_daemon_LDADD= \ + $(DBUS_BUS_LIBS) \ + $(top_builddir)/dbus/libdbus-convenience.la + +-dbus_daemon_LDFLAGS=@R_DYNAMIC_LDFLAG@ @SECTION_LDFLAGS@ ++dbus_daemon_LDFLAGS=@R_DYNAMIC_LDFLAG@ @SECTION_LDFLAGS@ @PIE_LDFLAGS@ + + LAUNCH_HELPER_SOURCES= \ + $(XML_SOURCES) \ +--- a/configure.in ++++ b/configure.in +@@ -211,7 +211,17 @@ if test "x$GCC" = "xyes"; then + case " $CFLAGS " in + *[\ \ ]-fPIC[\ \ ]*) ;; + *) if cc_supports_flag -fPIC; then +- CFLAGS="$CFLAGS -fPIC" ++ PIC_CFLAGS="-fPIC" ++ PIC_LDFLAGS="-Wl,-z,relro" ++ fi ++ ;; ++ esac ++ ++ case " $CFLAGS " in ++ *[\ \ ]-fPIE[\ \ ]*) ;; ++ *) if cc_supports_flag -fPIE; then ++ PIE_CFLAGS="-fPIE" ++ PIE_LDFLAGS="-pie -Wl,-z,relro" + fi + ;; + esac +@@ -257,6 +267,11 @@ else + fi + fi + ++AC_SUBST(PIC_CFLAGS) ++AC_SUBST(PIC_LDFLAGS) ++AC_SUBST(PIE_CFLAGS) ++AC_SUBST(PIE_LDFLAGS) ++ + # Check for -Wl,--gc-sections + AC_MSG_CHECKING([for ld that supports "-Wl,--gc-sections"]) + AC_TRY_LINK([ +--- a/dbus/Makefile.am ++++ b/dbus/Makefile.am +@@ -1,7 +1,7 @@ + + configdir=$(sysconfdir)/dbus-1 + +-INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) -DDBUS_COMPILATION \ ++INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) @PIC_CFLAGS@ -DDBUS_COMPILATION \ + -DDBUS_MACHINE_UUID_FILE=\""$(localstatedir)/lib/dbus/machine-id"\" \ + -DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \ + -DDBUS_SESSION_CONFIG_FILE=\""$(configdir)/session.conf"\" +@@ -173,7 +173,7 @@ noinst_LTLIBRARIES=libdbus-convenience.l + libdbus_1_la_LIBADD= $(DBUS_CLIENT_LIBS) + ## don't export symbols that start with "_" (we use this + ## convention for internal symbols) +-libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@ ++libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@ @PIC_LDFLAGS@ + + libdbus_convenience_la_LDFLAGS=@R_DYNAMIC_LDFLAG@ + diff --git a/dbus.spec b/dbus.spec index 23192e8..18faffc 100644 --- a/dbus.spec +++ b/dbus.spec @@ -8,7 +8,7 @@ Summary: D-BUS message bus Name: dbus Version: 1.1.2 -Release: 6%{?dist} +Release: 7%{?dist} URL: http://www.freedesktop.org/software/dbus/ Source0: http://dbus.freedesktop.org/releases/dbus/%{name}-%{version}.tar.gz Source1: doxygen_to_devhelp.xsl @@ -41,6 +41,8 @@ Patch2: dbus-1.0.2-lsb.patch Patch3: dbus-1.1.2-audit-user.patch # https://bugs.freedesktop.org/show_bug.cgi?id=12430 Patch4: dbus-1.1.2-no-abort.patch +# from upstream git +Patch5: dbus-pie.patch %description @@ -85,6 +87,7 @@ in this separate package so server systems need not install X. %patch2 -p1 -b .lsb %patch3 -p1 -b .audit-user %patch4 -p1 -b .abort +%patch5 -p1 -b .pie autoreconf -f -i @@ -204,6 +207,9 @@ fi %{_datadir}/devhelp/books/dbus %changelog +* Thu Oct 4 2007 Matthias Clasen - 1.1.2-7 +- Make the daemon a PIE executable (#210039) + * Fri Sep 14 2007 Bill Nottingham - 1.1.2-6%{?dist} - fix daemon abort when SELinux denies passing on a message (#283231)