Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 542100

Summary: sys-apps/util-linux: doesn't compile with CFLAGS="-D_FORTIFY_SOURCE"
Product: Gentoo Linux Reporter: Philipp Ammann <philipp.ammann>
Component: HardenedAssignee: Gentoo's Team for Core System packages <base-system>
Status: RESOLVED NEEDINFO    
Severity: normal CC: hardened
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: patch for util-linux-2.26.ebuild
build log
emerge --info

Description Philipp Ammann 2015-03-04 14:33:13 UTC 
I tried to globally enable CFLAGS="-D_FORTIFY_SOURCE=2" in make.conf. Filtering that flag in the ebuild works (see patch).

Reproducible: Always

Steps to Reproduce:
1. add CFLAGS="-D_FORTIFY_SOURCE=2 in make.conf
2. try to compile util-linux
Comment 1 Philipp Ammann 2015-03-04 14:34:53 UTC 
Created attachment 398036 [details, diff]
patch for util-linux-2.26.ebuild
Comment 2 Magnus Granberg gentoo-dev 2015-03-04 16:39:38 UTC 
Emerge --info and buildlog
We enable -D_FORTIFY_SOURCE=2 in the gcc with a patch
so no need to add it to CFLAGS.
Comment 3 Anthony Basile gentoo-dev 2015-03-04 19:34:01 UTC 
(In reply to Magnus Granberg from comment #2)
> Emerge --info and buildlog
> We enable -D_FORTIFY_SOURCE=2 in the gcc with a patch
> so no need to add it to CFLAGS.

I'd also like to see the build.log so we can pingpoint the failure.  I'm not htting this with hardened gcc 4.8 amd64.  There are a few other suspicious changes with 2.26 so I don't doubt something is going on here, but its not as simple as just masking out "-D_FORTIFY_SOURCE=2".
Comment 4 SpanKY gentoo-dev 2015-03-04 22:14:00 UTC 
ignoring the fact that -D flags go into CPPFLAGS, not CFLAGS, please attach an actual build log.  you must do this for every report.
Comment 5 Philipp Ammann 2015-03-05 17:54:30 UTC 
Created attachment 398178 [details]
build log
Comment 6 Philipp Ammann 2015-03-05 17:54:47 UTC 
Created attachment 398180 [details]
emerge --info
Comment 7 Philipp Ammann 2015-03-05 18:05:10 UTC 
Additional info:

 * util-linux-2.25-r2 compiles just fine (with gcc 4.9.2)
 * on my musl-box util-linux-2.25-r99::hardened-dev also works (with gcc 4.8.4)
 * LTO is not the cause for that error

I admit my make.conf is pretty experimental - I'm looking into how far i can go with hardening and optimizing (got some free time ATM ;-) ).

If you want to close the bug INVALID please don't hesitate to do so.
Comment 8 SpanKY gentoo-dev 2015-03-05 23:18:16 UTC 
the problem starts earlier:
configure: WARNING: scanf string alloc modifier not found; not building libmount

can you attach your config.log please