From d0aedfcdf1a45812219875760e88ba949af6ea16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Tue, 4 Dec 2018 13:54:42 +0100
Subject: [PATCH] Backport upstream PR to build with -fno-plt optimization

---
 libxcrypt-4.4.0-buildflags_-fno-plt.patch | 120 ++++++++++++++++++++++
 libxcrypt.spec                            |  16 +--
 2 files changed, 130 insertions(+), 6 deletions(-)
 create mode 100644 libxcrypt-4.4.0-buildflags_-fno-plt.patch

diff --git a/libxcrypt-4.4.0-buildflags_-fno-plt.patch b/libxcrypt-4.4.0-buildflags_-fno-plt.patch
new file mode 100644
index 0000000..841b431
--- /dev/null
+++ b/libxcrypt-4.4.0-buildflags_-fno-plt.patch
@@ -0,0 +1,120 @@
+From 2fb3cb0a974fc2911a49477765a99209e842b853 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
+Date: Sun, 2 Dec 2018 13:37:03 +0100
+Subject: [PATCH] Add -fno-plt to the compiler flags, if supported.  (#71)
+
+Do not use the PLT for external function calls in position-independent
+code.  Instead, load the callee address at call sites from the GOT and
+branch to it.  This leads to more efficient code by eliminating PLT
+stubs and exposing GOT loads to optimizations.
+
+Since we are already using -Wl,-z,now to disable lazy binding, the only
+downside (on x86-64) is that call instructions targeting C library
+functions are now six bytes each, instead of five bytes.
+
+Closes: #71
+---
+ LICENSING                     |  3 +++
+ Makefile.am                   |  2 +-
+ configure.ac                  |  7 ++++++
+ m4/ax_append_compile_flags.m4 | 46 +++++++++++++++++++++++++++++++++++
+ 4 files changed, 57 insertions(+), 1 deletion(-)
+ create mode 100644 m4/ax_append_compile_flags.m4
+
+diff --git a/LICENSING b/LICENSING
+index 152ed4c..7184f6d 100644
+--- a/LICENSING
++++ b/LICENSING
+@@ -88,6 +88,9 @@ source tree.  For specific licensing terms consult the files themselves.
+  * Copyright Kevin Cernekee; BSD alike:
+    m4/ax_check_vscript.m4
+ 
++ * Copyright Maarten Bosmans; BSD alike:
++   m4/ax_append_compile_flags.m4
++
+  * Copyright Scott James Remnant, Dan Nicholson;
+    GPL (v2 or later), with Autoconf exception:
+    m4/pkg_installdir_compat.m4
+diff --git a/Makefile.am b/Makefile.am
+index 72dfb33..1bfb457 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -9,7 +9,7 @@ AUTOMAKE_OPTIONS = \
+ 
+ ACLOCAL_AMFLAGS = -I m4
+ 
+-AM_CFLAGS = $(WARN_CFLAGS)
++AM_CFLAGS = $(WARN_CFLAGS) $(OPTI_FLAGS)
+ 
+ @VALGRIND_CHECK_RULES@
+ 
+diff --git a/configure.ac b/configure.ac
+index 063126a..a99f7b6 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -168,6 +168,13 @@ if test "x$ac_cv_ld_no_textrel" != xunknown; then
+ fi
+ AC_SUBST([TEXT_RELOC_FLAG])
+ 
++# FIXME: This only checks whether the compiler accepts -fno-plt.
++# It doesn't check that the switch actually does what we want it to do.
++AX_APPEND_COMPILE_FLAGS([-fno-plt], [OPTI_FLAGS])
++
++# Export compiler flags for optimization.
++AC_SUBST([OPTI_FLAGS])
++
+ # Checks for library functions.
+ AC_CHECK_FUNCS_ONCE([
+   arc4random_buf
+diff --git a/m4/ax_append_compile_flags.m4 b/m4/ax_append_compile_flags.m4
+new file mode 100644
+index 0000000..9c85635
+--- /dev/null
++++ b/m4/ax_append_compile_flags.m4
+@@ -0,0 +1,46 @@
++# ============================================================================
++#  https://www.gnu.org/software/autoconf-archive/ax_append_compile_flags.html
++# ============================================================================
++#
++# SYNOPSIS
++#
++#   AX_APPEND_COMPILE_FLAGS([FLAG1 FLAG2 ...], [FLAGS-VARIABLE], [EXTRA-FLAGS], [INPUT])
++#
++# DESCRIPTION
++#
++#   For every FLAG1, FLAG2 it is checked whether the compiler works with the
++#   flag.  If it does, the flag is added FLAGS-VARIABLE
++#
++#   If FLAGS-VARIABLE is not specified, the current language's flags (e.g.
++#   CFLAGS) is used.  During the check the flag is always added to the
++#   current language's flags.
++#
++#   If EXTRA-FLAGS is defined, it is added to the current language's default
++#   flags (e.g. CFLAGS) when the check is done.  The check is thus made with
++#   the flags: "CFLAGS EXTRA-FLAGS FLAG".  This can for example be used to
++#   force the compiler to issue an error when a bad flag is given.
++#
++#   INPUT gives an alternative input source to AC_COMPILE_IFELSE.
++#
++#   NOTE: This macro depends on the AX_APPEND_FLAG and
++#   AX_CHECK_COMPILE_FLAG. Please keep this macro in sync with
++#   AX_APPEND_LINK_FLAGS.
++#
++# LICENSE
++#
++#   Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
++#
++#   Copying and distribution of this file, with or without modification, are
++#   permitted in any medium without royalty provided the copyright notice
++#   and this notice are preserved.  This file is offered as-is, without any
++#   warranty.
++
++#serial 7
++
++AC_DEFUN([AX_APPEND_COMPILE_FLAGS],
++[AX_REQUIRE_DEFINED([AX_CHECK_COMPILE_FLAG])
++AX_REQUIRE_DEFINED([AX_APPEND_FLAG])
++for flag in $1; do
++  AX_CHECK_COMPILE_FLAG([$flag], [AX_APPEND_FLAG([$flag], [$2])], [], [$3], [$4])
++done
++])dnl AX_APPEND_COMPILE_FLAGS
diff --git a/libxcrypt.spec b/libxcrypt.spec
index 7e11251..a0971bf 100644
--- a/libxcrypt.spec
+++ b/libxcrypt.spec
@@ -89,7 +89,7 @@ fi                                                             \
 
 Name:           libxcrypt
 Version:        4.4.0
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Extended crypt library for DES, MD5, Blowfish and others
 
 # For explicit license breakdown, see the
@@ -99,13 +99,14 @@ URL:            https://github.com/besser82/%{name}
 Source0:        %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
 
 # Patch 0000 - 2999: Backported patches from upstream.
-Patch0:         %{url}/commit/a60130b2211c6666bee69051b2b76413af2d679f.patch#/%{name}-4.4.0-fix_manual-page-warning_list-type-stack0.patch
-Patch1:         %{url}/commit/664bfda5a51dbaa75904b29a7cd3c51888db6bd9.patch#/%{name}-4.4.0-use_XCRYPT_STRCPY_OR_ABORT_in_crypt_nt_rn.patch
-Patch2:         %{url}/commit/fdeddd908b6c659b281bbef7e535f9060b5b6186.patch#/%{name}-4.4.0-use_base64_output_gensalt_nt_rn.patch
-Patch3:         %{url}/commit/f6fe5e6faf4a681984e5bb9d830c8006bba8dab7.patch#/%{name}-4.4.0-set_minimum_rbytes_for_NT_to_2.patch
-Patch4:         %{url}/commit/580a15e118ee86676ddc1b4456ae6a3f14d86296.patch#/%{name}-4.4.0-test_hmac-sha256_incremental_computation.patch
+Patch0000:      %{url}/commit/a60130b2211c6666bee69051b2b76413af2d679f.patch#/%{name}-4.4.0-fix_manual-page-warning_list-type-stack0.patch
+Patch0001:      %{url}/commit/664bfda5a51dbaa75904b29a7cd3c51888db6bd9.patch#/%{name}-4.4.0-use_XCRYPT_STRCPY_OR_ABORT_in_crypt_nt_rn.patch
+Patch0002:      %{url}/commit/fdeddd908b6c659b281bbef7e535f9060b5b6186.patch#/%{name}-4.4.0-use_base64_output_gensalt_nt_rn.patch
+Patch0003:      %{url}/commit/f6fe5e6faf4a681984e5bb9d830c8006bba8dab7.patch#/%{name}-4.4.0-set_minimum_rbytes_for_NT_to_2.patch
+Patch0004:      %{url}/commit/580a15e118ee86676ddc1b4456ae6a3f14d86296.patch#/%{name}-4.4.0-test_hmac-sha256_incremental_computation.patch
 
 # Patch 3000 - 5999: Backported patches from pull requests.
+Patch3000:      %{url}/pull/72.patch#/%{name}-4.4.0-buildflags_-fno-plt.patch
 
 # Patch 6000 - 9999: Downstream patches.
 
@@ -334,6 +335,9 @@ done
 
 
 %changelog
+* Tue Dec 04 2018 Björn Esser <besser82@fedoraproject.org> - 4.4.0-3
+- Backport upstream PR to build with -fno-plt optimization
+
 * Mon Nov 26 2018 Björn Esser <besser82@fedoraproject.org> - 4.4.0-2
 - Backport upstream commit to use a safer strcpy for the NT method
 - Backport upstream generating base64 encoded output for NT gensalt