Attachment #476316 for bug #618160

Lines 264-277 setup_flags() { Link Here

(-)a/eclass/toolchain-glibc.eclass (-9 / +16 lines)
264	filter-flags -fstack-protector*	264	filter-flags -fstack-protector*
265	gcc-specs-ssp && append-flags $(test-flags -fno-stack-protector)	265	gcc-specs-ssp && append-flags $(test-flags -fno-stack-protector)
266		266
267	if use hardened && gcc-specs-pie ; then	267	# Spec files are only used in <sys-devel/gcc-6. We can skip the check and depend
268	# Force PIC macro definition for all compilations since they're all	268	# on default enable/disable via the useflags on >=sys-devel/gcc-6
269	# either -fPIC or -fPIE with the default-PIE compiler.	269	if has_version '<sys-devel/gcc-6' ; then
270	append-cppflags -DPIC	270	if use hardened && gcc-specs-pie ; then
271	else	271	# Force PIC macro definition for all compilations since they're all
272	# Don't build -fPIE without the default-PIE compiler and the	272	# either -fPIC or -fPIE with the default-PIE compiler.
273	# hardened-pie patch	273	append-cppflags -DPIC
274	filter-flags -fPIE	274	else
		275	# Don't build -fPIE without the default-PIE compiler and the
		276	# hardened-pie patch
		277	filter-flags -fPIE
		278	fi
275	fi	279	fi
276	}	280	}
277		281
Lines 533-540 toolchain-glibc_pkg_pretend() { Link Here
533	ewarn "hypervisor, which is probably not what you want."	537	ewarn "hypervisor, which is probably not what you want."
534	fi	538	fi
535		539
536	use hardened && ! gcc-specs-pie && \	540	# Spec files are only avaliable in <sys-devel/gcc-6
		541	has_version '<sys-devel/gcc-6' && \
		542	use hardened && ! gcc-specs-pie && \
537	ewarn "PIE hardening not applied, as your compiler doesn't default to PIE"	543	ewarn "PIE hardening not applied, as your compiler doesn't default to PIE"
		544
538		545
539	# Make sure host system is up to date #394453	546	# Make sure host system is up to date #394453
540	if has_version '<sys-libs/glibc-2.13' && \	547	if has_version '<sys-libs/glibc-2.13' && \

Return to bug 618160