From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sun, 5 Jan 2014 00:55:29 +0000 (-0800)
Subject: Port to GNU/Linux with recent grsecurity/PaX patches (Bug#16343).
X-Git-Tag: emacs-24.3.90~173^2^2~42^2~45^2~387^2~73
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=81da295eebcfd94dcbd16531ceaecbf1cbad1804;p=emacs.git

Port to GNU/Linux with recent grsecurity/PaX patches (Bug#16343).

Problem and proposed patch reported by Ulrich Mueller;
this patch uses a somewhat-different approach.
* configure.ac (SETFATTR): New variable.
* src/Makefile.in (SETFATTR): New macro.
(temacs$(EXEEXT)): Use it.
---

diff --git a/ChangeLog b/ChangeLog
index 24ff1b50abf..9cee33c4526 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2014-01-05  Paul Eggert  <eggert@cs.ucla.edu>
+
+	Port to GNU/Linux with recent grsecurity/PaX patches (Bug#16343).
+	Problem and proposed patch reported by Ulrich Mueller;
+	this patch uses a somewhat-different approach.
+	* configure.ac (SETFATTR): New variable.
+
 2014-01-03  Paul Eggert  <eggert@cs.ucla.edu>
 
 	Merge from gnulib, incorporating:
diff --git a/configure.ac b/configure.ac
index 6d46c5b67c5..3822f4a8927 100644
--- a/configure.ac
+++ b/configure.ac
@@ -988,6 +988,24 @@ if test $opsys = gnu-linux; then
       [if $PAXCTL -v conftest$EXEEXT >/dev/null 2>&1; then AC_MSG_RESULT(yes)
       else AC_MSG_RESULT(no); PAXCTL=""; fi])
   fi
+
+  if test "${SETFATTR+set}" != set; then
+    AC_CACHE_CHECK([for setfattr],
+      [emacs_cv_prog_setfattr],
+      [touch conftest.tmp
+       if (setfattr -n user.pax.flags conftest.tmp) >/dev/null 2>&1; then
+	 emacs_cv_prog_setfattr=yes
+       else
+	 emacs_cv_prog_setfattr=no
+       fi])
+    if test "$emacs_cv_prog_setfattr" = yes; then
+      SETFATTR=setfattr
+    else
+      SETFATTR=no
+    fi
+    rm -f conftest.tmp
+    AC_SUBST([SETFATTR])
+  fi
 fi
 
 ## Need makeinfo >= 4.7 (?) to build the manuals.
diff --git a/src/ChangeLog b/src/ChangeLog
index 2c4c7921147..42f79d2ae46 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,9 @@
+2014-01-05  Paul Eggert  <eggert@cs.ucla.edu>
+
+	Port to GNU/Linux with recent grsecurity/PaX patches (Bug#16343).
+	* Makefile.in (SETFATTR): New macro.
+	(temacs$(EXEEXT)): Use it.
+
 2014-01-04  Martin Rudalics  <rudalics@gmx.at>
 
 	Fix maximization behavior on Windows (Bug#16300).
diff --git a/src/Makefile.in b/src/Makefile.in
index 78e555d8733..00889e9a277 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -108,11 +108,12 @@ LD_SWITCH_SYSTEM_TEMACS=@LD_SWITCH_SYSTEM_TEMACS@
 ## Flags to pass to ld only for temacs.
 TEMACS_LDFLAGS = $(LD_SWITCH_SYSTEM) $(LD_SWITCH_SYSTEM_TEMACS)
 
-## If available, the full path to the paxctl program.
+## If available, the names of the paxctl and setfattr programs.
 ## On grsecurity/PaX systems, unexec will fail due to a gap between
-## the bss section and the heap.  This can be prevented by disabling
-## memory randomization in temacs with "paxctl -r".  See bug#11398.
+## the bss section and the heap.  Older versions nee paxctl to work
+## around this, newer ones setfattr.  See Bug#11398 and Bug#16343.
 PAXCTL = @PAXCTL@
+SETFATTR = @SETFATTR@
 
 ## Some systems define this to request special libraries.
 LIBS_SYSTEM=@LIBS_SYSTEM@
@@ -494,6 +495,8 @@ temacs$(EXEEXT): $(LIBXMENU) $(ALLOBJS) \
 	$(TEMACS_POST_LINK)
 	test "$(CANNOT_DUMP)" = "yes" || \
 	  test "X$(PAXCTL)" = X || $(PAXCTL) -r temacs$(EXEEXT)
+	test "$(CANNOT_DUMP)" = "yes" || test -z "$(SETFATTR)" || \
+	  $(SETFATTR) -n user.pax.flags -v r $@
 
 ## The following oldxmenu-related rules are only (possibly) used if
 ## HAVE_X11 && !USE_GTK, but there is no harm in always defining them.