Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 476316 Details for
Bug 618160
PIE hardening warning building sys-libs/glibc-2.23-r3 with sys-devel/gcc-6.3.0
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
disable checks that use spec files on >=sys-devel/gcc-6
toolchain-glibc-gcc-6.patch (text/plain), 1.60 KB, created by
Jory A. Pratt
on 2017-06-14 00:06:56 UTC
(
hide
)
Description:
disable checks that use spec files on >=sys-devel/gcc-6
Filename:
MIME Type:
Creator:
Jory A. Pratt
Created:
2017-06-14 00:06:56 UTC
Size:
1.60 KB
patch
obsolete
>diff --git a/eclass/toolchain-glibc.eclass b/eclass/toolchain-glibc.eclass >index ef9d91acae..ce79977962 100644 >--- a/eclass/toolchain-glibc.eclass >+++ b/eclass/toolchain-glibc.eclass >@@ -264,14 +264,18 @@ setup_flags() { > filter-flags -fstack-protector* > gcc-specs-ssp && append-flags $(test-flags -fno-stack-protector) > >- if use hardened && gcc-specs-pie ; then >- # Force PIC macro definition for all compilations since they're all >- # either -fPIC or -fPIE with the default-PIE compiler. >- append-cppflags -DPIC >- else >- # Don't build -fPIE without the default-PIE compiler and the >- # hardened-pie patch >- filter-flags -fPIE >+ # Spec files are only used in <sys-devel/gcc-6. We can skip the check and depend >+ # on default enable/disable via the useflags on >=sys-devel/gcc-6 >+ if has_version '<sys-devel/gcc-6' ; then >+ if use hardened && gcc-specs-pie ; then >+ # Force PIC macro definition for all compilations since they're all >+ # either -fPIC or -fPIE with the default-PIE compiler. >+ append-cppflags -DPIC >+ else >+ # Don't build -fPIE without the default-PIE compiler and the >+ # hardened-pie patch >+ filter-flags -fPIE >+ fi > fi > } > >@@ -533,8 +537,11 @@ toolchain-glibc_pkg_pretend() { > ewarn "hypervisor, which is probably not what you want." > fi > >- use hardened && ! gcc-specs-pie && \ >+ # Spec files are only avaliable in <sys-devel/gcc-6 >+ has_version '<sys-devel/gcc-6' && \ >+ use hardened && ! gcc-specs-pie && \ > ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" >+ > > # Make sure host system is up to date #394453 > if has_version '<sys-libs/glibc-2.13' && \
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=476316">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 618160
:
472460
|
476314
| 476316
