commit:     b3da431a04f89ae090d13b3952f9a67d19912647
Author:     Sergey Alirzaev <zl29ah <AT> gmail <DOT> com>
AuthorDate: Tue Apr 10 13:36:22 2018 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Wed Apr 11 07:54:01 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b3da431a

app-emulation/virtualbox: fix patching for hardened

Bug: https://bugs.gentoo.org/643466
Closes: https://github.com/gentoo/gentoo/pull/7928

 .../files/050_virtualbox-5.2.8-nopie.patch         | 147 +++++++++++++++++++++
 .../files/virtualbox-5.2.8-paxmark-bldprogs.patch  |  59 +++++++++
 app-emulation/virtualbox/virtualbox-5.2.8.ebuild   |   4 +-
 3 files changed, 208 insertions(+), 2 deletions(-)

diff --git a/app-emulation/virtualbox/files/050_virtualbox-5.2.8-nopie.patch 
b/app-emulation/virtualbox/files/050_virtualbox-5.2.8-nopie.patch
new file mode 100644
index 00000000000..35bd8e0a705
--- /dev/null
+++ b/app-emulation/virtualbox/files/050_virtualbox-5.2.8-nopie.patch
@@ -0,0 +1,147 @@
+diff -Naur VirtualBox-5.1.24/Config.kmk VirtualBox-5.1.24/Config.kmk
+--- VirtualBox-5.1.24/Config.kmk       2017-07-26 13:55:27.803972185 -0400
++++ VirtualBox-5.1.24/Config.kmk       2017-07-26 13:53:10.700974328 -0400
+@@ -2601,6 +2601,7 @@
+       $(QUIET)$(APPEND) '$@' 'VBOX_GCC_Wno-overlength-strings?= $(call 
VBOX_GCC_CHECK_CC,-Wno-overlength-strings,)'
+       $(QUIET)$(APPEND) '$@' 'VBOX_GCC_Wno-overloaded-virtual?= $(call 
VBOX_GCC_CHECK_CXX,-Wno-overloaded-virtual,)'
+       $(QUIET)$(APPEND) '$@' 'VBOX_GCC_fno-stack-protector   ?= $(call 
VBOX_GCC_CHECK_CC,-fno-stack-protector,)'
++      $(QUIET)$(APPEND) '$@' 'VBOX_GCC_nopie                 ?= $(call 
VBOX_GCC_CHECK_CC,-nopie,)'
+       $(QUIET)$(APPEND) '$@' 'VBOX_GCC_fno-dwarf2-cfi-asm    ?= $(call 
VBOX_GCC_CHECK_CC,-fno-dwarf2-cfi-asm,)'
+       $(QUIET)$(APPEND) '$@' 'VBOX_GCC_m64                   ?= $(call 
VBOX_GCC_CHECK_CC,-m64,)'
+       $(QUIET)$(APPEND) '$@' 'VBOX_GCC_no-pie                ?= $(call 
VBOX_GCC_CHECK_CC,-no-pie,)'
+@@ -3843,8 +3844,8 @@
+ 
+  ifeq ($(VBOX_LDR_FMT32),elf)
+  TEMPLATE_VBoxRc_TOOL                = $(VBOX_GCC32_TOOL)
+- TEMPLATE_VBoxRc_CXXFLAGS            = -fno-pie -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) $(VBOX_GCC32_Wno-variadic-macros) 
-fno-exceptions $(VBOX_GCC_GC_OPT) $(VBOX_GCC_GC_FP) -mno-sse -mno-mmx 
-mno-sse2 -mno-3dnow -fno-strict-aliasing $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_fvisibility-hidden) $(VBOX_GCC_fvisibility-inlines-hidden) -fno-rtti 
$(VBOX_GCC_IPRT_FMT_CHECK)
+- TEMPLATE_VBoxRc_CFLAGS              = -fno-pie -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C)   $(VBOX_GCC32_Wno-variadic-macros) 
-fno-exceptions $(VBOX_GCC_GC_OPT) $(VBOX_GCC_GC_FP) -mno-sse -mno-mmx 
-mno-sse2 -mno-3dnow -fno-strict-aliasing $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_fvisibility-hidden) $(VBOX_GCC_IPRT_FMT_CHECK)
++ TEMPLATE_VBoxRc_CXXFLAGS            = -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) $(VBOX_GCC32_Wno-variadic-macros) 
-fno-exceptions $(VBOX_GCC_GC_OPT) $(VBOX_GCC_GC_FP) -mno-sse -mno-mmx 
-mno-sse2 -mno-3dnow -fno-strict-aliasing $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_nopie) $(VBOX_GCC_fvisibility-hidden) 
$(VBOX_GCC_fvisibility-inlines-hidden) -fno-rtti $(VBOX_GCC_IPRT_FMT_CHECK)
++ TEMPLATE_VBoxRc_CFLAGS              = -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C)   $(VBOX_GCC32_Wno-variadic-macros) 
-fno-exceptions $(VBOX_GCC_GC_OPT) $(VBOX_GCC_GC_FP) -mno-sse -mno-mmx 
-mno-sse2 -mno-3dnow -fno-strict-aliasing $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_nopie) $(VBOX_GCC_fvisibility-hidden) $(VBOX_GCC_IPRT_FMT_CHECK)
+   ifeq ($(KBUILD_TARGET),solaris)
+    TEMPLATE_VBoxRc_LDFLAGS           = -r
+   else
+@@ -3864,8 +3865,8 @@
+  ifeq ($(VBOX_LDR_FMT32),macho)
+  TEMPLATE_VBoxRc_TOOL                = $(VBOX_GCC_TOOL)
+  TEMPLATE_VBoxRc_DEFS               += $(VBOX_DARWIN_DEF_SDK_DEFS)
+- TEMPLATE_VBoxRc_CXXFLAGS            = $(VBOX_DARWIN_DEF_SDK_CXXFLAGS) -m32 
-nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) 
$(VBOX_GCC32_Wno-variadic-macros) -fno-common -msoft-float -static 
$(VBOX_GCC_fno-stack-protector) -fno-exceptions $(VBOX_GCC_GC_OPT) 
$(VBOX_GCC_GC_FP) -fno-strict-aliasing -fno-rtti
+- TEMPLATE_VBoxRc_CFLAGS              = $(VBOX_DARWIN_DEF_SDK_CFLAGS)   -m32 
-nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C)   
$(VBOX_GCC32_Wno-variadic-macros) -fno-common -msoft-float -static 
$(VBOX_GCC_fno-stack-protector) -fno-exceptions $(VBOX_GCC_GC_OPT) 
$(VBOX_GCC_GC_FP) -fno-strict-aliasing
++ TEMPLATE_VBoxRc_CXXFLAGS            = $(VBOX_DARWIN_DEF_SDK_CXXFLAGS) -m32 
-nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) 
$(VBOX_GCC32_Wno-variadic-macros) -fno-common -msoft-float -static 
$(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) -fno-exceptions 
$(VBOX_GCC_GC_OPT) $(VBOX_GCC_GC_FP) -fno-strict-aliasing -fno-rtti
++ TEMPLATE_VBoxRc_CFLAGS              = $(VBOX_DARWIN_DEF_SDK_CFLAGS)   -m32 
-nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C)   
$(VBOX_GCC32_Wno-variadic-macros) -fno-common -msoft-float -static 
$(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) -fno-exceptions 
$(VBOX_GCC_GC_OPT) $(VBOX_GCC_GC_FP) -fno-strict-aliasing
+  TEMPLATE_VBoxRc_LDFLAGS             = $(VBOX_DARWIN_DEF_SDK_LDFLAGS)  -m32 
-nostdlib
+  #TEMPLATE_VBoxRc_LDFLAGS.release     = -Wl,-S ???
+  endif
+@@ -3903,9 +3904,9 @@
+  endif
+ 
+  ifeq ($(VBOX_LDR_FMT32),elf)
+-  TEMPLATE_VBoxRcExe_CFLAGS   = $(filter-out 
-nostdinc,$(TEMPLATE_VBoxRc_CFLAGS)) -O0
+-  TEMPLATE_VBoxRcExe_CXXFLAGS = $(filter-out 
-nostdinc,$(TEMPLATE_VBoxRc_CXXFLAGS)) -O0
+-  TEMPLATE_VBoxRcExe_LDFLAGS  = -g
++  TEMPLATE_VBoxRcExe_CFLAGS   = $(filter-out 
-nostdinc,$(TEMPLATE_VBoxRc_CFLAGS)) -O0 $(VBOX_GCC_nopie)
++  TEMPLATE_VBoxRcExe_CXXFLAGS = $(filter-out 
-nostdinc,$(TEMPLATE_VBoxRc_CXXFLAGS)) -O0 $(VBOX_GCC_nopie)
++  TEMPLATE_VBoxRcExe_LDFLAGS  = -g $(VBOX_GCC_nopie)
+   TEMPLATE_VBoxRcExe_LDFLAGS.dbgopt = -g
+   TEMPLATE_VBoxRcExe_LDFLAGS.strict = -g
+   TEMPLATE_VBoxRcExe_LDFLAGS.release = -g
+@@ -3984,8 +3985,8 @@
+ 
+ ifeq ($(VBOX_LDR_FMT),elf)
+ TEMPLATE_VBoxR0_TOOL                = $(VBOX_GCC_TOOL)
+-TEMPLATE_VBoxR0_CFLAGS              = -fno-pie -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C)   $(VBOX_GCC_Wno-variadic-macros) 
$(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) -fno-strict-aliasing -fno-exceptions 
$(VBOX_GCC_fno-stack-protector) -fno-common $(VBOX_GCC_fvisibility-hidden) 
-std=gnu99 $(VBOX_GCC_IPRT_FMT_CHECK)
+-TEMPLATE_VBoxR0_CXXFLAGS            = -fno-pie -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) $(VBOX_GCC_Wno-variadic-macros) 
$(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) -fno-strict-aliasing -fno-exceptions 
$(VBOX_GCC_fno-stack-protector) -fno-common 
$(VBOX_GCC_fvisibility-inlines-hidden) $(VBOX_GCC_fvisibility-hidden) -fno-rtti 
$(VBOX_GCC_IPRT_FMT_CHECK)
++TEMPLATE_VBoxR0_CFLAGS              = -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C)   $(VBOX_GCC_Wno-variadic-macros) 
$(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) -fno-strict-aliasing -fno-exceptions 
$(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) -fno-common 
$(VBOX_GCC_fvisibility-hidden) -std=gnu99 $(VBOX_GCC_IPRT_FMT_CHECK)
++TEMPLATE_VBoxR0_CXXFLAGS            = -nostdinc -g $(VBOX_GCC_pipe) 
$(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) $(VBOX_GCC_Wno-variadic-macros) 
$(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) -fno-strict-aliasing -fno-exceptions 
$(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) -fno-common 
$(VBOX_GCC_fvisibility-inlines-hidden) $(VBOX_GCC_fvisibility-hidden) -fno-rtti 
$(VBOX_GCC_IPRT_FMT_CHECK)
+ TEMPLATE_VBoxR0_CFLAGS.amd64        = -m64 -mno-red-zone -mcmodel=kernel 
-mno-sse -mno-mmx -mno-sse2 -mno-3dnow -fno-asynchronous-unwind-tables 
-ffreestanding
+ TEMPLATE_VBoxR0_CXXFLAGS.amd64      = -m64 -mno-red-zone -mcmodel=kernel 
-mno-sse -mno-mmx -mno-sse2 -mno-3dnow -fno-asynchronous-unwind-tables
+ ifeq ($(KBUILD_TARGET),solaris)
+@@ -4018,12 +4019,12 @@
+ TEMPLATE_VBoxR0_DEFS               += $(VBOX_DARWIN_DEF_SDK_DEFS)
+ TEMPLATE_VBoxR0_CXXFLAGS            = $(VBOX_DARWIN_DEF_SDK_CXXFLAGS) 
-nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) 
$(VBOX_GCC_Wno-variadic-macros) \
+       -fno-common -msoft-float -static -fno-rtti -fno-exceptions 
$(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) -fno-strict-aliasing \
+-      -mno-sse -mno-mmx -mno-sse2 -mno-3dnow $(VBOX_GCC_fno-stack-protector)
++      -mno-sse -mno-mmx -mno-sse2 -mno-3dnow $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_nopie)
+ TEMPLATE_VBoxR0_CXXFLAGS.amd64      = -m64 -mno-red-zone -mno-sse3 -mno-sse4 
-mno-sse4.1 -mno-sse4.2  -mno-sse4a -fno-unwind-tables
+ TEMPLATE_VBoxR0_CXXFLAGS.x86        = -m32
+ TEMPLATE_VBoxR0_CFLAGS              = $(VBOX_DARWIN_DEF_SDK_CFLAGS)   
-nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C)   
$(VBOX_GCC_Wno-variadic-macros) \
+       -fno-common -msoft-float -static -fno-exceptions $(VBOX_GCC_R0_OPT) 
$(VBOX_GCC_R0_FP) -fno-strict-aliasing \
+-      -mno-sse -mno-mmx -mno-sse2 -mno-3dnow $(VBOX_GCC_fno-stack-protector)
++      -mno-sse -mno-mmx -mno-sse2 -mno-3dnow $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_nopie)
+ TEMPLATE_VBoxR0_CFLAGS.amd64        = -m64 -mno-red-zone -mno-sse3 -mno-sse4 
-mno-sse4.1 -mno-sse4.2  -mno-sse4a -fno-unwind-tables
+ TEMPLATE_VBoxR0_CFLAGS.x86          = -m32
+ TEMPLATE_VBoxR0_LDFLAGS             = $(VBOX_DARWIN_DEF_SDK_LDFLAGS) -nostdlib
+@@ -4259,7 +4260,7 @@
+       -Wstrict-prototypes -Wmissing-prototypes -Wstrict-prototypes \
+       -Wimplicit-function-declaration -Werror-implicit-function-declaration \
+       -O2 -ffreestanding -fno-strict-aliasing -fno-common -finline-limit=8000 
\
+-      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) \
++      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) $(VBOX_GCC_R0_OPT) 
$(VBOX_GCC_R0_FP) \
+       -nostdinc -std=c99
+ TEMPLATE_VBOXR0DRV_CFLAGS.x86          = -m32 -mno-align-long-strings 
-mpreferred-stack-boundary=2 -mno-mmx -mno-3dnow -mno-sse -mno-sse2
+ TEMPLATE_VBOXR0DRV_CFLAGS.amd64        = -m64 --param inline-unit-growth=100 
--param large-function-growth=1000 \
+@@ -4268,7 +4269,7 @@
+ TEMPLATE_VBOXR0DRV_CXXFLAGS            = -fno-exceptions -fno-rtti \
+       $(VBOX_GCC_WARN) -Wpointer-arith -Winline \
+       -O2 -fno-strict-aliasing -fno-common -finline-limit=8000 \
+-      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) \
++      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) $(VBOX_GCC_R0_OPT) 
$(VBOX_GCC_R0_FP) \
+       -nostdinc
+ TEMPLATE_VBOXR0DRV_CXXFLAGS.x86        = $(TEMPLATE_VBOXR0DRV_CFLAGS.x86)
+ TEMPLATE_VBOXR0DRV_CXXFLAGS.amd64      = $(TEMPLATE_VBOXR0DRV_CFLAGS.amd64)
+@@ -4341,7 +4342,7 @@
+       -Wstrict-prototypes -Wmissing-prototypes -Wstrict-prototypes \
+       -Wimplicit-function-declaration -Werror-implicit-function-declaration \
+       -O2 -ffreestanding -fno-strict-aliasing -fno-common -finline-limit=8000 
\
+-      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) \
++      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) $(VBOX_GCC_R0_OPT) 
$(VBOX_GCC_R0_FP) \
+       -nostdinc -std=c99 -msoft-float
+ TEMPLATE_VBOXR0DRV_CFLAGS.x86          = -m32 \
+     -mpreferred-stack-boundary=2 -mno-mmx -mno-sse -mno-avx \
+@@ -4353,7 +4354,7 @@
+ TEMPLATE_VBOXR0DRV_CXXFLAGS            = -fno-exceptions -fno-rtti \
+       $(VBOX_GCC_WARN) -Wpointer-arith -Winline \
+       -O2 -fno-strict-aliasing -fno-common -finline-limit=8000 \
+-      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) \
++      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) $(VBOX_GCC_R0_OPT) 
$(VBOX_GCC_R0_FP) \
+       -nostdinc -msoft-float
+ TEMPLATE_VBOXR0DRV_CXXFLAGS.x86        = $(TEMPLATE_VBOXR0DRV_CFLAGS.x86)
+ TEMPLATE_VBOXR0DRV_CXXFLAGS.amd64      = $(TEMPLATE_VBOXR0DRV_CFLAGS.amd64)
+@@ -4394,7 +4395,7 @@
+ TEMPLATE_VBOXR0DRV_LDFLAGS             = -shared -no-undefined -dc -dy -lroot 
-rpath-link /boot/system/develop/lib/x86 --no-add-needed 
/boot/system/develop/lib/_KERNEL_ --no-add-needed 
/boot/system/develop/lib/haiku_version_glue.o
+ TEMPLATE_VBOXR0DRV_CFLAGS              = -fno-PIC \
+       $(VBOX_GCC_WARN) -Wstrict-prototypes $(VBOX_GCC_Wno-pointer-sign) 
-Wno-sign-compare \
+-      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) 
-fno-strict-aliasing -fno-common -Werror-implicit-function-declaration
++      $(VBOX_GCC_fno-stack-protector) $(VBOX_GCC_nopie) $(VBOX_GCC_R0_OPT) 
$(VBOX_GCC_R0_FP) -fno-strict-aliasing -fno-common 
-Werror-implicit-function-declaration
+ TEMPLATE_VBOXR0DRV_CFLAGS.x86          = -mno-sse -mno-mmx -mno-sse2 
-mno-3dnow
+ TEMPLATE_VBOXR0DRV_CFLAGS.x86          = -m32 -mno-sse -mno-mmx -mno-sse2 
-mno-3dnow
+ TEMPLATE_VBOXR0DRV_CFLAGS.amd64        = -m64 -mno-sse -mno-mmx -mno-sse2 
-mno-3dnow \
+@@ -5210,8 +5211,8 @@
+  TEMPLATE_VBoxNoCrtGccLib_TOOL             = $(VBOX_GCC_TOOL)
+  TEMPLATE_VBoxNoCrtGccLib_ASTOOL           = $(VBOX_ASTOOL)
+  TEMPLATE_VBoxNoCrtGccLib_ASFLAGS          = $(VBOX_ASFLAGS)
+- TEMPLATE_VBoxNoCrtGccLib_CFLAGS          += $(VBOX_GCC_fno-stack-protector)
+- TEMPLATE_VBoxNoCrtGccLib_CXXFLAGS        += $(VBOX_GCC_fno-stack-protector)
++ TEMPLATE_VBoxNoCrtGccLib_CFLAGS          += $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_nopie)
++ TEMPLATE_VBoxNoCrtGccLib_CXXFLAGS        += $(VBOX_GCC_fno-stack-protector) 
$(VBOX_GCC_nopie)
+  ifeq ($(KBUILD_TARGET_ARCH),amd64)
+   # in 64-bit mode we'll build a sys-module (VBoxREM2).
+   if1of ($(KBUILD_TARGET), darwin solaris)
+diff -Naur VirtualBox-5.1.24/src/VBox/Devices/PC/ipxe/Makefile.kmk 
VirtualBox-5.1.24/src/VBox/Devices/PC/ipxe/Makefile.kmk
+--- VirtualBox-5.1.24/src/VBox/Devices/PC/ipxe/Makefile.kmk    2017-07-26 
13:55:27.746972186 -0400
++++ VirtualBox-5.1.24/src/VBox/Devices/PC/ipxe/Makefile.kmk    2017-07-26 
13:53:10.641974329 -0400
+@@ -132,6 +132,7 @@
+       -W \
+       -Wformat-nonliteral \
+       $(VBOX_GCC_fno-stack-protector) \
++      $(VBOX_GCC_nopie) \
+       $(VBOX_GCC_fno-dwarf2-cfi-asm) \
+       $(VBOX_GCC_Wno-address)
+  TEMPLATE_iPxe_ASFLAGS = \
+@@ -155,6 +156,7 @@
+       -W \
+       -Wformat-nonliteral \
+       $(VBOX_GCC_fno-stack-protector) \
++      $(VBOX_GCC_nopie) \
+       $(VBOX_GCC_fno-dwarf2-cfi-asm) \
+       $(VBOX_GCC_Wno-address) \
+       -DASSEMBLY

diff --git 
a/app-emulation/virtualbox/files/virtualbox-5.2.8-paxmark-bldprogs.patch 
b/app-emulation/virtualbox/files/virtualbox-5.2.8-paxmark-bldprogs.patch
new file mode 100644
index 00000000000..7eb1e1793a7
--- /dev/null
+++ b/app-emulation/virtualbox/files/virtualbox-5.2.8-paxmark-bldprogs.patch
@@ -0,0 +1,59 @@
+2017-02-20  Quentin Minster <quen...@minster.io>
+
+       #https://bugs.gentoo.org/show_bug.cgi?id=591582
+       * Config.kmk: add paxmark befor VBOX_VBOXTPG get run.
+       * src/VBox/VMM/Makefile.kmk: add paxmark befor VBOX_VBOXCPP get run.
+       * src/VBox/Main/Makefile.kmk: add paxmark befor 
USBIdDatabaseGenerator_1_TARGET get run.
+
+--- a/Config.kmk
++++ b/Config.kmk       2016-09-21 02:22:28 
+@@ -3719,11 +3719,13 @@
+               $(if-expr $(intersects 
$(KBUILD_TARGET_ARCH),$(KBUILD_ARCHES_64)),-64,-32) \
+               -h --host-$(VBOX_HC_ARCH_BITS)-bit #-vvv
+ define TOOL_VBoxTpG_DTRACE_HDR_CMDS
++      $(QUIET)paxmark.sh -m "$(VBOX_VBOXTPG)"
+       $(QUIET)$(VBOX_VBOXTPG) $(flags) -o "$(out)" -s "$(source)"
+ endef
+ TOOL_VBoxTpG_DTRACE_OBJ_NOT_NEEDED :=
+ TOOL_VBoxTpG_DTRACE_OBJ_FLAGS      := -G --host-$(VBOX_HC_ARCH_BITS)-bit #-vvv
+ define TOOL_VBoxTpG_DTRACE_OBJ_CMDS
++      $(QUIET)paxmark.sh -m "$(VBOX_VBOXTPG)"
+       $(QUIET)$(VBOX_VBOXTPG) \
+               $(if-expr $(intersects 
$(bld_trg_arch),$(KBUILD_ARCHES_64)),-64,-32) \
+               $(flags) \
+@@ -3738,6 +3740,7 @@
+ TOOL_VBoxTpG-Disabled_DTRACE_DEPORD     = $(VBOX_VBOXTPG)
+ TOOL_VBoxTpG-Disabled_DTRACE_HDR_FLAGS := -h
+ define TOOL_VBoxTpG-Disabled_DTRACE_HDR_CMDS
++      $(QUIET)paxmark.sh -m "$(VBOX_VBOXTPG)"
+       $(QUIET)$(VBOX_VBOXTPG) $(flags) -o "$(out)" -s "$(source)"
+ endef
+ TOOL_VBoxTpG-Disabled_DTRACE_OBJ_NOT_NEEDED := $(KBUILD_OSES)
+@@ -3752,6 +3755,7 @@
+ TOOL_DTraceAndVBoxTpG_DTRACE_HDR_CMDS =
+ define TOOL_DTraceAndVBoxTpG_DTRACE_HDR_CMDS
+       $(TOOL_StandardDTrace_DTRACE_HDR_CMDS)
++      $(QUIET)paxmark.sh -m "$(VBOX_VBOXTPG)"
+       $(QUIET)$(VBOX_VBOXTPG) --generate-wrapper-header 
--host-$(VBOX_HC_ARCH_BITS)-bit --ring-3-context \
+               $(filter-out -C, $(filter-out -h,$(flags))) \
+               -o "$(out).tmp" -s "$(source)"
+--- a/src/VBox/VMM/Makefile.kmk        2018-04-10 15:26:24.622867735 +0300
++++ b/src/VBox/VMM/Makefile.kmk        2018-04-10 15:24:35.901998796 +0300
+@@ -896,6 +896,7 @@
+   $$(VMMLibDTrace_0_OUTDIR)/$1: $2 $$(VBOX_VBOXCPP) | $$$$(dir $$$$@)
+       $$(call KB_FN_AUTO_CMD_DEPS_COMMANDS)
+       $$(QUIET)$$(call MSG_GENERATE,VMMLibDTrace,$$@,$2)
++      $$(QUIET)paxmark.sh -m "$(VBOX_VBOXCPP)"
+       $$(QUIET)$(VBOX_VBOXCPP) -d \
+               -D VBOX_FOR_DTRACE_LIB \
+               -D VBOX_FOR_DTRACE_LIB_$(toupper $(KBUILD_TARGET_ARCH)) \
+--- a/src/VBox/Main/Makefile.kmk       2018-04-10 15:26:15.292793067 +0300
++++ b/src/VBox/Main/Makefile.kmk       2018-04-10 15:25:14.042303341 +0300
+@@ -607,6 +607,7 @@
+               $(PATH_SUB_CURRENT)/src-server/usb.ids 
$(PATH_SUB_CURRENT)/src-server/custom.ids | $$(dir $$@)
+       $(call KB_FN_AUTO_CMD_DEPS_COMMANDS)
+       $(call MSG_GENERATE,USBIdDatabase,$@,$(USBIdDatabaseGenerator_1_TARGET))
++      $(QUIET)paxmark.sh -m "$(USBIdDatabaseGenerator_1_TARGET)"
+       $(QUIET)$(USBIdDatabaseGenerator_1_TARGET) -o "$@" $(filter %.ids,$^)
+ 
+  BLDPROGS += USBIdDatabaseGenerator

diff --git a/app-emulation/virtualbox/virtualbox-5.2.8.ebuild 
b/app-emulation/virtualbox/virtualbox-5.2.8.ebuild
index 40b4975b1e8..54d2ee97669 100644
--- a/app-emulation/virtualbox/virtualbox-5.2.8.ebuild
+++ b/app-emulation/virtualbox/virtualbox-5.2.8.ebuild
@@ -185,12 +185,12 @@ src_prepare() {
 
        # Only add nopie patch when we're on hardened
        if  gcc-specs-pie ; then
-               eapply "${FILESDIR}/050_virtualbox-5.1.24-nopie.patch"
+               eapply "${FILESDIR}/050_virtualbox-5.2.8-nopie.patch"
        fi
 
        # Only add paxmark patch when we're on pax_kernel
        if use pax_kernel ; then
-               eapply "${FILESDIR}"/virtualbox-5.1.4-paxmark-bldprogs.patch
+               eapply "${FILESDIR}"/virtualbox-5.2.8-paxmark-bldprogs.patch
        fi
 
        eapply "${WORKDIR}/patches"

Reply via email to