Package: glibc Version: 2.21-7 Severity: wishlist Tags: patch User: [email protected] Usertags: hardened1-linux-amd64
Dear glibc Maintainers, I have successfully bootstrapped the hardened1-linux-amd64 [1] port using a set of patches [2]. I'm working towards making the port ready for being accepted to Debian and the attached patch defines __GNU_FEATURESET_HARDENED1__ to make config.guess be able to distinguish the port from gnu-linux-amd64. Dpkg support for the port is being discussed in #812782. Accepting this patch would make (re-)bootstrapping the new port easier. Thank you in advance, Balint [1] http://balintreczey.hu/blog/proposing-amd64-hardened-architecture-for-debian/ [2] https://anonscm.debian.org/cgit/users/rbalint/rebootstrap.git/
>From 84cba048a438707f02e8b8d209fc211204865491 Mon Sep 17 00:00:00 2001 From: Balint Reczey <[email protected]> Date: Fri, 8 Jan 2016 19:25:53 +0100 Subject: [PATCH] Define __GNU_FEATURESET_HARDENED1__ on hardened1-linux-amd64 --- debian/patches/hardened1/local-define-featureset.diff | 19 +++++++++++++++++++ debian/patches/series.hardened1-linux-amd64 | 1 + 2 files changed, 20 insertions(+) create mode 100644 debian/patches/hardened1/local-define-featureset.diff create mode 100644 debian/patches/series.hardened1-linux-amd64 diff --git a/debian/patches/hardened1/local-define-featureset.diff b/debian/patches/hardened1/local-define-featureset.diff new file mode 100644 index 0000000..6202f5c --- /dev/null +++ b/debian/patches/hardened1/local-define-featureset.diff @@ -0,0 +1,19 @@ +# All lines beginning with `# DP:' are a description of the patch. +# DP: Description: Define __GNU_FEATURESET_HARDENED1__ to distinguish +# DP: hardened1-linux-<cpu> ports + +diff --git a/include/features.h b/include/features.h +index 782dfb6..a6e561d 100644 +--- a/include/features.h ++++ b/include/features.h +@@ -118,6 +118,10 @@ + #undef __USE_REENTRANT + #undef __USE_FORTIFY_LEVEL + #undef __KERNEL_STRICT_NAMES ++#undef __GNU_FEATURESET_HARDENED1__ ++ ++/* Compilers have the hardened1 featureset enabled by default */ ++#define __GNU_FEATURESET_HARDENED1__ + + /* Suppress kernel-name space pollution unless user expressedly asks + for it. */ diff --git a/debian/patches/series.hardened1-linux-amd64 b/debian/patches/series.hardened1-linux-amd64 new file mode 100644 index 0000000..ae7e968 --- /dev/null +++ b/debian/patches/series.hardened1-linux-amd64 @@ -0,0 +1 @@ +hardened1/local-define-featureset.diff -- 2.1.4
