dev-libs/wayland: Fix wayland-scanner executable stack in v1.10.0

dev-libs/wayland/files/1.10.0-scanner-avoid-executable-stack.patch

@@ -0,0 +1,45 @@
+From f8f3e54aa7bc15871ca4296cbc16ae065b07de4e Mon Sep 17 00:00:00 2001
+From: Pekka Paalanen <[email protected]>
+Date: Wed, 2 Mar 2016 11:00:35 +0200
+Subject: [PATCH] scanner: avoid executable stack
+
+Before this patch:
+$ scanelf -lpqe ./wayland-scanner
+RWX --- ---  ./wayland-scanner
+
+That indicates the stack is executable, which is a bad thing for
+security. Wayland-scanner does not actually need an executable stack, it
+is just an oversight from using an .S file in the sources.
+
+Add a special incantation in dtddata.S to make it not cause the stack to
+become executable.
+
+Reported-by: Mart Raudsepp <[email protected]>
+Signed-off-by: Pekka Paalanen <[email protected]>
+Tested-by: Mart Raudsepp <[email protected]>
+---
+ src/dtddata.S | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/dtddata.S b/src/dtddata.S
+index 68e3435..ce51133 100644
+--- a/src/dtddata.S
++++ b/src/dtddata.S
+@@ -20,6 +20,14 @@
+  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+  */
+
++/*
++ * Avoid executable stack.
++ * from: https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart
++ */
++#if defined(__linux__) && defined(__ELF__)
++.section .note.GNU-stack,"",%progbits
++#endif
++
+ /* from: http://www.linuxjournal.com/content/embedding-file-executable-aka-hello-world-version-5967#comment-348129 */
+
+ .macro binfile name file
+-- 
+2.6.4
+

dev-libs/wayland/wayland-1.10.0.ebuild → dev-libs/wayland/wayland-1.10.0-r1.ebuild

@@ -40,8 +40,10 @@ DEPEND="${RDEPEND}
 	)
 	virtual/pkgconfig"
 
-# dtd validation configure patch is upstream and will be part of 1.11
-PATCHES=( "${FILESDIR}/${PV}-build-fix-configure-disable-dtd-validation.patch" )
+PATCHES=(
+	"${FILESDIR}/${PV}-build-fix-configure-disable-dtd-validation.patch"
+	"${FILESDIR}/${PV}-scanner-avoid-executable-stack.patch"
+)
 
 multilib_src_configure() {
 	local myeconfargs=(