From: Simon Ruderich Date: Wed, 14 Aug 2013 13:33:53 +0000 (+0200) Subject: Sync architecture specific hardening support with dpkg 1.17.1. X-Git-Tag: 0.05~22 X-Git-Url: https://ruderich.org/simon/gitweb/?a=commitdiff_plain;h=4a632b4ff1fd63e85196fe3fcbea273d75b4b4ed;p=blhc%2Fblhc.git Sync architecture specific hardening support with dpkg 1.17.1. --- diff --git a/bin/blhc b/bin/blhc index e2658ae..b5177bd 100755 --- a/bin/blhc +++ b/bin/blhc @@ -920,7 +920,7 @@ foreach my $file (@ARGV) { # Option or auto detected. if ($arch) { - # The following was partially copied from dpkg-dev 1.16.4.3 + # The following was partially copied from dpkg-dev 1.17.1 # (/usr/share/perl5/Dpkg/Vendor/Debian.pm, add_hardening_flags()), # copyright Raphaël Hertzog , Kees Cook # , Canonical, Ltd. licensed under GPL version 2 or @@ -930,7 +930,12 @@ foreach my $file (@ARGV) { my ($abi, $os, $cpu) = Dpkg::Arch::debarch_to_debtriplet($arch); # Disable unsupported hardening options. - if ($cpu =~ /^(?:ia64|alpha|mips|mipsel|hppa)$/ or $arch eq 'arm') { + if ($os !~ /^(?:linux|knetbsd|hurd)$/ or + $cpu =~ /^(?:hppa|mips|mipsel|avr32)$/) { + $harden_pie = 0; + } + if ($cpu =~ /^(?:ia64|alpha|mips|mipsel|hppa|arm64)$/ + or $arch eq 'arm') { $harden_stack = 0; } if ($cpu =~ /^(?:ia64|hppa|avr32)$/) {