Add logic for NEED_PAX_DECLS when gelf.h is present but lacks them

On a gentoo system <sys-libs/glibc-2.16, elf.h is no longer patched
to provide PT_PAX_FLAGS and PF_* for the PAX program header of ELF
binaries.  As a result, we must include them.  These will eventuall
be exported by upstream PAX team in a separate header but for now
we test 1) do we want PT_PAX, if yes, then test for gelf.h and for
the DECLS.  If we don't have the DECLS, then include our local copy.
or 2) so we want only XATTR PAX, in which case don't test for gelf.h,
don't include it and provide our local DECLS.

1 files changed, 6 insertions, 1 deletions

diff --git a/src/paxctl-ng.c b/src/paxctl-ng.c
index e58cebb..d5acaf8 100644
--- a/src/paxctl-ng.c
+++ b/src/paxctl-ng.c
@@ -29,13 +29,18 @@
 
 #ifdef PTPAX
  #include <gelf.h>
-#else
+#endif
+
+#ifdef NEED_PAX_DECLS
+ #define PT_PAX_FLAGS    0x65041580      /* Indicates PaX flag markings */
  #define PF_PAGEEXEC     (1 << 4)        /* Enable  PAGEEXEC */
  #define PF_NOPAGEEXEC   (1 << 5)        /* Disable PAGEEXEC */
  #define PF_SEGMEXEC     (1 << 6)        /* Enable  SEGMEXEC */
  #define PF_NOSEGMEXEC   (1 << 7)        /* Disable SEGMEXEC */
  #define PF_MPROTECT     (1 << 8)        /* Enable  MPROTECT */
  #define PF_NOMPROTECT   (1 << 9)        /* Disable MPROTECT */
+ #define PF_RANDEXEC     (1 << 10)       /* DEPRECATED: Enable  RANDEXEC */
+ #define PF_NORANDEXEC   (1 << 11)       /* DEPRECATED: Disable RANDEXEC */
  #define PF_EMUTRAMP     (1 << 12)       /* Enable  EMUTRAMP */
  #define PF_NOEMUTRAMP   (1 << 13)       /* Disable EMUTRAMP */
  #define PF_RANDMMAP     (1 << 14)       /* Enable  RANDMMAP */