From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1614895-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id 641FA158041
for <garchives@archives.gentoo.org>; Tue, 26 Mar 2024 13:40:15 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 49EE0E2A1F;
Tue, 26 Mar 2024 13:40:14 +0000 (UTC)
Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id D5A34E2A1F
for <gentoo-commits@lists.gentoo.org>; Tue, 26 Mar 2024 13:40:13 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(No client certificate requested)
by smtp.gentoo.org (Postfix) with ESMTPS id F08D5335D7B
for <gentoo-commits@lists.gentoo.org>; Tue, 26 Mar 2024 13:40:12 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
by oystercatcher.gentoo.org (Postfix) with ESMTP id 3F54B15E4
for <gentoo-commits@lists.gentoo.org>; Tue, 26 Mar 2024 13:40:11 +0000 (UTC)
From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" <mgorny@gentoo.org>
Message-ID: <1711460200.a026c9c2fc47f40331bad89a40d2e953a8a90a79.mgorny@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-devel/clang-common/
X-VCS-Repository: repo/gentoo
X-VCS-Files: sys-devel/clang-common/clang-common-15.0.7-r8.ebuild sys-devel/clang-common/clang-common-16.0.6-r3.ebuild sys-devel/clang-common/clang-common-17.0.6-r2.ebuild sys-devel/clang-common/clang-common-17.0.6-r3.ebuild sys-devel/clang-common/clang-common-18.1.2-r1.ebuild sys-devel/clang-common/clang-common-18.1.2-r2.ebuild sys-devel/clang-common/clang-common-19.0.0.9999.ebuild sys-devel/clang-common/clang-common-19.0.0_pre20240322-r1.ebuild sys-devel/clang-common/clang-common-19.0.0_pre20240322.ebuild
X-VCS-Directories: sys-devel/clang-common/
X-VCS-Committer: mgorny
X-VCS-Committer-Name: Michał Górny
X-VCS-Revision: a026c9c2fc47f40331bad89a40d2e953a8a90a79
X-VCS-Branch: master
Date: Tue, 26 Mar 2024 13:40:11 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: b5ffc186-dfe6-4609-b637-84fb2466e65d
X-Archives-Hash: 59575f4d7508a6190c2540926387a035
commit: a026c9c2fc47f40331bad89a40d2e953a8a90a79
Author: Sv. Lockal <lockalsash <AT> gmail <DOT> com>
AuthorDate: Tue Mar 26 10:54:31 2024 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Tue Mar 26 13:36:40 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a026c9c2
sys-devel/clang-common: add -Xarch_host to fix GPU compilation
Add -Xarch_host to CPU-specific flags, so that it does not affects
heterogenous code (e. g. HIP).
For stack-protector flags: fixes compiler crashes like
https://github.com/llvm/llvm-project/issues/83777. Clang 18.1.0 does
not try to apply these flags to GPU code, but current ROCm libraries use
Clang 17, so add "-Xarch_host" there too. This will allow to drop
"-fno-stack-protector" patches from rocm-comgr, hip and hipcc
eventually.
For -fcf-protection: fixes error: option 'cf-protection=return' cannot
be specified on this target.
For -fPIE: do not touch, as at least since Clang 15 it only affects host
relocation model. See also:
https://github.com/llvm/llvm-project/blob/llvmorg-15.0.7/clang/test/Driver/hip-fpie-option.hip
Bug: https://github.com/llvm/llvm-project/issues/86450
Closes: https://bugs.gentoo.org/927752
Signed-off-by: Sv. Lockal <lockalsash <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/35926
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
...0.6-r2.ebuild => clang-common-15.0.7-r8.ebuild} | 164 ++++-----------------
...0.6-r2.ebuild => clang-common-16.0.6-r3.ebuild} | 132 ++---------------
...0.6-r2.ebuild => clang-common-17.0.6-r3.ebuild} | 6 +-
...1.2-r1.ebuild => clang-common-18.1.2-r2.ebuild} | 6 +-
.../clang-common/clang-common-19.0.0.9999.ebuild | 6 +-
...d => clang-common-19.0.0_pre20240322-r1.ebuild} | 6 +-
6 files changed, 53 insertions(+), 267 deletions(-)
diff --git a/sys-devel/clang-common/clang-common-17.0.6-r2.ebuild b/sys-devel/clang-common/clang-common-15.0.7-r8.ebuild
similarity index 53%
copy from sys-devel/clang-common/clang-common-17.0.6-r2.ebuild
copy to sys-devel/clang-common/clang-common-15.0.7-r8.ebuild
index 987b7b40aa50..ddefc1b716bb 100644
--- a/sys-devel/clang-common/clang-common-17.0.6-r2.ebuild
+++ b/sys-devel/clang-common/clang-common-15.0.7-r8.ebuild
@@ -3,17 +3,17 @@
EAPI=8
-inherit bash-completion-r1 llvm.org multilib
+inherit bash-completion-r1 llvm.org
DESCRIPTION="Common files shared between multiple slots of clang"
HOMEPAGE="https://llvm.org/"
LICENSE="Apache-2.0-with-LLVM-exceptions UoI-NCSA"
SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~arm64-macos ~ppc-macos ~x64-macos"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~ppc-macos ~x64-macos"
IUSE="
- default-compiler-rt default-libcxx default-lld
- bootstrap-prefix cet hardened llvm-libunwind
+ default-compiler-rt default-libcxx default-lld llvm-libunwind
+ hardened stricter
"
PDEPEND="
@@ -63,73 +63,6 @@ pkg_pretend() {
fi
}
-_doclang_cfg() {
- local triple="${1}"
-
- local tool
- for tool in ${triple}-clang{,++}; do
- newins - "${tool}.cfg" <<-EOF
- # This configuration file is used by ${tool} driver.
- @gentoo-common.cfg
- @gentoo-common-ld.cfg
- EOF
- done
-
- if use kernel_Darwin; then
- cat >> "${ED}/etc/clang/${triple}-clang++.cfg" <<-EOF || die
- -lc++abi
- EOF
- fi
-
- newins - "${triple}-clang-cpp.cfg" <<-EOF
- # This configuration file is used by the ${triple}-clang-cpp driver.
- @gentoo-common.cfg
- EOF
-
- # Install symlinks for triples with other vendor strings since some
- # programs insist on mangling the triple.
- local vendor
- for vendor in gentoo pc unknown; do
- local vendor_triple="${triple%%-*}-${vendor}-${triple#*-*-}"
- for tool in clang{,++,-cpp}; do
- if [[ ! -f "${ED}/etc/clang/${vendor_triple}-${tool}.cfg" ]]; then
- dosym "${triple}-${tool}.cfg" "/etc/clang/${vendor_triple}-${tool}.cfg"
- fi
- done
- done
-}
-
-doclang_cfg() {
- local triple="${1}"
-
- _doclang_cfg ${triple}
-
- # LLVM may have different arch names in some cases. For example in x86
- # profiles the triple uses i686, but llvm will prefer i386 if invoked
- # with "clang" on x86 or "clang -m32" on x86_64. The gentoo triple will
- # be used if invoked through ${CHOST}-clang{,++,-cpp} though.
- #
- # To make sure the correct triples are installed,
- # see Triple::getArchTypeName() in llvm/lib/TargetParser/Triple.cpp
- # and compare with CHOST values in profiles.
-
- local abi=${triple%%-*}
- case ${abi} in
- armv4l|armv4t|armv5tel|armv6j|armv7a)
- _doclang_cfg ${triple/${abi}/arm}
- ;;
- i686)
- _doclang_cfg ${triple/${abi}/i386}
- ;;
- sparc)
- _doclang_cfg ${triple/${abi}/sparcel}
- ;;
- sparc64)
- _doclang_cfg ${triple/${abi}/sparcv9}
- ;;
- esac
-}
-
src_install() {
newbashcomp bash-autocomplete.sh clang
@@ -158,43 +91,17 @@ src_install() {
-include "${EPREFIX}/usr/include/gentoo/maybe-stddefs.h"
EOF
- # clang-cpp does not like link args being passed to it when directly
- # invoked, so use a separate configuration file.
- newins - gentoo-common-ld.cfg <<-EOF
- # This file contains flags common to clang and clang++
- @gentoo-hardened-ld.cfg
- EOF
-
# Baseline hardening (bug #851111)
+ # (-fstack-clash-protection is omitted because of a possible Clang bug,
+ # see bug #892537 and bug #865339.)
newins - gentoo-hardened.cfg <<-EOF
# Some of these options are added unconditionally, regardless of
# USE=hardened, for parity with sys-devel/gcc.
- -fstack-clash-protection
- -fstack-protector-strong
+ -Xarch_host -fstack-protector-strong
-fPIE
-include "${EPREFIX}/usr/include/gentoo/fortify.h"
EOF
- if use amd64; then
- cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
- -fcf-protection=$(usex cet full none)
- EOF
- fi
-
- if use kernel_Darwin; then
- newins - gentoo-hardened-ld.cfg <<-EOF
- # There was -Wl,-z,relro here, but it's not supported on Mac
- # TODO: investigate whether -bind_at_load or -read_only_stubs will do the job
- EOF
- else
- newins - gentoo-hardened-ld.cfg <<-EOF
- # Some of these options are added unconditionally, regardless of
- # USE=hardened, for parity with sys-devel/gcc.
- -Wl,-z,relro
- -Wl,-z,now
- EOF
- fi
-
dodir /usr/include/gentoo
cat >> "${ED}/usr/include/gentoo/maybe-stddefs.h" <<-EOF || die
@@ -220,19 +127,12 @@ src_install() {
# define __GENTOO_HAS_FEATURE(x) 0
# endif
#
- # if defined(__STDC_HOSTED__) && __STDC_HOSTED__ == 1
- # define __GENTOO_NOT_FREESTANDING 1
- # else
- # define __GENTOO_NOT_FREESTANDING 0
- # endif
- #
- # if defined(__OPTIMIZE__) && __OPTIMIZE__ > 0 && __GENTOO_NOT_FREESTANDING > 0
+ # if defined(__OPTIMIZE__) && __OPTIMIZE__ > 0
# if !defined(__SANITIZE_ADDRESS__) && !__GENTOO_HAS_FEATURE(address_sanitizer) && !__GENTOO_HAS_FEATURE(memory_sanitizer)
# define _FORTIFY_SOURCE ${fortify_level}
# endif
# endif
# undef __GENTOO_HAS_FEATURE
- # undef __GENTOO_NOT_FREESTANDING
#endif
EOF
@@ -243,43 +143,33 @@ src_install() {
# Analogue to GLIBCXX_ASSERTIONS
# https://libcxx.llvm.org/UsingLibcxx.html#assertions-mode
- # https://libcxx.llvm.org/Hardening.html#using-hardened-mode
-D_LIBCPP_ENABLE_ASSERTIONS=1
EOF
-
- cat >> "${ED}/etc/clang/gentoo-hardened-ld.cfg" <<-EOF || die
- # Options below are conditional on USE=hardened.
- EOF
fi
- # We only install config files for supported ABIs because unprefixed tools
- # might be used for crosscompilation where e.g. PIE may not be supported.
- # See bug #912237 and bug #901247. Just ${CHOST} won't do due to bug #912685.
- local abi
- for abi in $(get_all_abis); do
- local abi_chost=$(get_abi_CHOST "${abi}")
- doclang_cfg "${abi_chost}"
- done
+ if use stricter; then
+ newins - gentoo-stricter.cfg <<-EOF
+ # This file increases the strictness of older clang versions
+ # to match the newest upstream version.
+
+ # clang-16 defaults
+ -Werror=implicit-function-declaration
+ -Werror=implicit-int
+ -Werror=incompatible-function-pointer-types
+ EOF
- if use kernel_Darwin; then
cat >> "${ED}/etc/clang/gentoo-common.cfg" <<-EOF || die
- # Gentoo Prefix on Darwin
- -Wl,-search_paths_first
- -Wl,-rpath,${EPREFIX}/usr/lib
- -L ${EPREFIX}/usr/lib
- -isystem ${EPREFIX}/usr/include
- -isysroot ${EPREFIX}/MacOSX.sdk
+ @gentoo-stricter.cfg
EOF
- if use bootstrap-prefix ; then
- # bootstrap-prefix is only set during stage2 of bootstrapping
- # Prefix, where EPREFIX is set to EPREFIX/tmp.
- # Here we need to point it at the future lib dir of the stage3's
- # EPREFIX.
- cat >> "${ED}/etc/clang/gentoo-common.cfg" <<-EOF || die
- -Wl,-rpath,${EPREFIX}/../usr/lib
- EOF
- fi
fi
+
+ local tool
+ for tool in clang{,++,-cpp}; do
+ newins - "${tool}.cfg" <<-EOF
+ # This configuration file is used by ${tool} driver.
+ @gentoo-common.cfg
+ EOF
+ done
}
pkg_preinst() {
diff --git a/sys-devel/clang-common/clang-common-17.0.6-r2.ebuild b/sys-devel/clang-common/clang-common-16.0.6-r3.ebuild
similarity index 61%
copy from sys-devel/clang-common/clang-common-17.0.6-r2.ebuild
copy to sys-devel/clang-common/clang-common-16.0.6-r3.ebuild
index 987b7b40aa50..2b4f5f8e714b 100644
--- a/sys-devel/clang-common/clang-common-17.0.6-r2.ebuild
+++ b/sys-devel/clang-common/clang-common-16.0.6-r3.ebuild
@@ -3,7 +3,7 @@
EAPI=8
-inherit bash-completion-r1 llvm.org multilib
+inherit bash-completion-r1 llvm.org
DESCRIPTION="Common files shared between multiple slots of clang"
HOMEPAGE="https://llvm.org/"
@@ -13,7 +13,7 @@ SLOT="0"
KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~arm64-macos ~ppc-macos ~x64-macos"
IUSE="
default-compiler-rt default-libcxx default-lld
- bootstrap-prefix cet hardened llvm-libunwind
+ bootstrap-prefix hardened llvm-libunwind
"
PDEPEND="
@@ -63,73 +63,6 @@ pkg_pretend() {
fi
}
-_doclang_cfg() {
- local triple="${1}"
-
- local tool
- for tool in ${triple}-clang{,++}; do
- newins - "${tool}.cfg" <<-EOF
- # This configuration file is used by ${tool} driver.
- @gentoo-common.cfg
- @gentoo-common-ld.cfg
- EOF
- done
-
- if use kernel_Darwin; then
- cat >> "${ED}/etc/clang/${triple}-clang++.cfg" <<-EOF || die
- -lc++abi
- EOF
- fi
-
- newins - "${triple}-clang-cpp.cfg" <<-EOF
- # This configuration file is used by the ${triple}-clang-cpp driver.
- @gentoo-common.cfg
- EOF
-
- # Install symlinks for triples with other vendor strings since some
- # programs insist on mangling the triple.
- local vendor
- for vendor in gentoo pc unknown; do
- local vendor_triple="${triple%%-*}-${vendor}-${triple#*-*-}"
- for tool in clang{,++,-cpp}; do
- if [[ ! -f "${ED}/etc/clang/${vendor_triple}-${tool}.cfg" ]]; then
- dosym "${triple}-${tool}.cfg" "/etc/clang/${vendor_triple}-${tool}.cfg"
- fi
- done
- done
-}
-
-doclang_cfg() {
- local triple="${1}"
-
- _doclang_cfg ${triple}
-
- # LLVM may have different arch names in some cases. For example in x86
- # profiles the triple uses i686, but llvm will prefer i386 if invoked
- # with "clang" on x86 or "clang -m32" on x86_64. The gentoo triple will
- # be used if invoked through ${CHOST}-clang{,++,-cpp} though.
- #
- # To make sure the correct triples are installed,
- # see Triple::getArchTypeName() in llvm/lib/TargetParser/Triple.cpp
- # and compare with CHOST values in profiles.
-
- local abi=${triple%%-*}
- case ${abi} in
- armv4l|armv4t|armv5tel|armv6j|armv7a)
- _doclang_cfg ${triple/${abi}/arm}
- ;;
- i686)
- _doclang_cfg ${triple/${abi}/i386}
- ;;
- sparc)
- _doclang_cfg ${triple/${abi}/sparcel}
- ;;
- sparc64)
- _doclang_cfg ${triple/${abi}/sparcv9}
- ;;
- esac
-}
-
src_install() {
newbashcomp bash-autocomplete.sh clang
@@ -158,43 +91,16 @@ src_install() {
-include "${EPREFIX}/usr/include/gentoo/maybe-stddefs.h"
EOF
- # clang-cpp does not like link args being passed to it when directly
- # invoked, so use a separate configuration file.
- newins - gentoo-common-ld.cfg <<-EOF
- # This file contains flags common to clang and clang++
- @gentoo-hardened-ld.cfg
- EOF
-
# Baseline hardening (bug #851111)
newins - gentoo-hardened.cfg <<-EOF
# Some of these options are added unconditionally, regardless of
# USE=hardened, for parity with sys-devel/gcc.
- -fstack-clash-protection
- -fstack-protector-strong
+ -Xarch_host -fstack-clash-protection
+ -Xarch_host -fstack-protector-strong
-fPIE
-include "${EPREFIX}/usr/include/gentoo/fortify.h"
EOF
- if use amd64; then
- cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
- -fcf-protection=$(usex cet full none)
- EOF
- fi
-
- if use kernel_Darwin; then
- newins - gentoo-hardened-ld.cfg <<-EOF
- # There was -Wl,-z,relro here, but it's not supported on Mac
- # TODO: investigate whether -bind_at_load or -read_only_stubs will do the job
- EOF
- else
- newins - gentoo-hardened-ld.cfg <<-EOF
- # Some of these options are added unconditionally, regardless of
- # USE=hardened, for parity with sys-devel/gcc.
- -Wl,-z,relro
- -Wl,-z,now
- EOF
- fi
-
dodir /usr/include/gentoo
cat >> "${ED}/usr/include/gentoo/maybe-stddefs.h" <<-EOF || die
@@ -220,19 +126,12 @@ src_install() {
# define __GENTOO_HAS_FEATURE(x) 0
# endif
#
- # if defined(__STDC_HOSTED__) && __STDC_HOSTED__ == 1
- # define __GENTOO_NOT_FREESTANDING 1
- # else
- # define __GENTOO_NOT_FREESTANDING 0
- # endif
- #
- # if defined(__OPTIMIZE__) && __OPTIMIZE__ > 0 && __GENTOO_NOT_FREESTANDING > 0
+ # if defined(__OPTIMIZE__) && __OPTIMIZE__ > 0
# if !defined(__SANITIZE_ADDRESS__) && !__GENTOO_HAS_FEATURE(address_sanitizer) && !__GENTOO_HAS_FEATURE(memory_sanitizer)
# define _FORTIFY_SOURCE ${fortify_level}
# endif
# endif
# undef __GENTOO_HAS_FEATURE
- # undef __GENTOO_NOT_FREESTANDING
#endif
EOF
@@ -243,22 +142,16 @@ src_install() {
# Analogue to GLIBCXX_ASSERTIONS
# https://libcxx.llvm.org/UsingLibcxx.html#assertions-mode
- # https://libcxx.llvm.org/Hardening.html#using-hardened-mode
-D_LIBCPP_ENABLE_ASSERTIONS=1
EOF
-
- cat >> "${ED}/etc/clang/gentoo-hardened-ld.cfg" <<-EOF || die
- # Options below are conditional on USE=hardened.
- EOF
fi
- # We only install config files for supported ABIs because unprefixed tools
- # might be used for crosscompilation where e.g. PIE may not be supported.
- # See bug #912237 and bug #901247. Just ${CHOST} won't do due to bug #912685.
- local abi
- for abi in $(get_all_abis); do
- local abi_chost=$(get_abi_CHOST "${abi}")
- doclang_cfg "${abi_chost}"
+ local tool
+ for tool in clang{,++,-cpp}; do
+ newins - "${tool}.cfg" <<-EOF
+ # This configuration file is used by ${tool} driver.
+ @gentoo-common.cfg
+ EOF
done
if use kernel_Darwin; then
@@ -279,6 +172,9 @@ src_install() {
-Wl,-rpath,${EPREFIX}/../usr/lib
EOF
fi
+ cat >> "${ED}/etc/clang/clang++.cfg" <<-EOF || die
+ -lc++abi
+ EOF
fi
}
diff --git a/sys-devel/clang-common/clang-common-17.0.6-r2.ebuild b/sys-devel/clang-common/clang-common-17.0.6-r3.ebuild
similarity index 98%
rename from sys-devel/clang-common/clang-common-17.0.6-r2.ebuild
rename to sys-devel/clang-common/clang-common-17.0.6-r3.ebuild
index 987b7b40aa50..f6796cb95d4e 100644
--- a/sys-devel/clang-common/clang-common-17.0.6-r2.ebuild
+++ b/sys-devel/clang-common/clang-common-17.0.6-r3.ebuild
@@ -169,15 +169,15 @@ src_install() {
newins - gentoo-hardened.cfg <<-EOF
# Some of these options are added unconditionally, regardless of
# USE=hardened, for parity with sys-devel/gcc.
- -fstack-clash-protection
- -fstack-protector-strong
+ -Xarch_host -fstack-clash-protection
+ -Xarch_host -fstack-protector-strong
-fPIE
-include "${EPREFIX}/usr/include/gentoo/fortify.h"
EOF
if use amd64; then
cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
- -fcf-protection=$(usex cet full none)
+ -Xarch_host -fcf-protection=$(usex cet full none)
EOF
fi
diff --git a/sys-devel/clang-common/clang-common-18.1.2-r1.ebuild b/sys-devel/clang-common/clang-common-18.1.2-r2.ebuild
similarity index 98%
rename from sys-devel/clang-common/clang-common-18.1.2-r1.ebuild
rename to sys-devel/clang-common/clang-common-18.1.2-r2.ebuild
index 085bc3ca2202..986593dfbbc2 100644
--- a/sys-devel/clang-common/clang-common-18.1.2-r1.ebuild
+++ b/sys-devel/clang-common/clang-common-18.1.2-r2.ebuild
@@ -169,15 +169,15 @@ src_install() {
newins - gentoo-hardened.cfg <<-EOF
# Some of these options are added unconditionally, regardless of
# USE=hardened, for parity with sys-devel/gcc.
- -fstack-clash-protection
- -fstack-protector-strong
+ -Xarch_host -fstack-clash-protection
+ -Xarch_host -fstack-protector-strong
-fPIE
-include "${EPREFIX}/usr/include/gentoo/fortify.h"
EOF
if use amd64; then
cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
- -fcf-protection=$(usex cet full none)
+ -Xarch_host -fcf-protection=$(usex cet full none)
EOF
fi
diff --git a/sys-devel/clang-common/clang-common-19.0.0.9999.ebuild b/sys-devel/clang-common/clang-common-19.0.0.9999.ebuild
index 290d4ee063fe..4cc526c1c3d1 100644
--- a/sys-devel/clang-common/clang-common-19.0.0.9999.ebuild
+++ b/sys-devel/clang-common/clang-common-19.0.0.9999.ebuild
@@ -168,15 +168,15 @@ src_install() {
newins - gentoo-hardened.cfg <<-EOF
# Some of these options are added unconditionally, regardless of
# USE=hardened, for parity with sys-devel/gcc.
- -fstack-clash-protection
- -fstack-protector-strong
+ -Xarch_host -fstack-clash-protection
+ -Xarch_host -fstack-protector-strong
-fPIE
-include "${EPREFIX}/usr/include/gentoo/fortify.h"
EOF
if use amd64; then
cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
- -fcf-protection=$(usex cet full none)
+ -Xarch_host -fcf-protection=$(usex cet full none)
EOF
fi
diff --git a/sys-devel/clang-common/clang-common-19.0.0_pre20240322.ebuild b/sys-devel/clang-common/clang-common-19.0.0_pre20240322-r1.ebuild
similarity index 98%
rename from sys-devel/clang-common/clang-common-19.0.0_pre20240322.ebuild
rename to sys-devel/clang-common/clang-common-19.0.0_pre20240322-r1.ebuild
index 290d4ee063fe..4cc526c1c3d1 100644
--- a/sys-devel/clang-common/clang-common-19.0.0_pre20240322.ebuild
+++ b/sys-devel/clang-common/clang-common-19.0.0_pre20240322-r1.ebuild
@@ -168,15 +168,15 @@ src_install() {
newins - gentoo-hardened.cfg <<-EOF
# Some of these options are added unconditionally, regardless of
# USE=hardened, for parity with sys-devel/gcc.
- -fstack-clash-protection
- -fstack-protector-strong
+ -Xarch_host -fstack-clash-protection
+ -Xarch_host -fstack-protector-strong
-fPIE
-include "${EPREFIX}/usr/include/gentoo/fortify.h"
EOF
if use amd64; then
cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
- -fcf-protection=$(usex cet full none)
+ -Xarch_host -fcf-protection=$(usex cet full none)
EOF
fi