From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 213B4138247 for ; Fri, 10 Jan 2014 00:08:43 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B31B3E0CD7; Fri, 10 Jan 2014 00:08:38 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 7666CE0CA0 for ; Fri, 10 Jan 2014 00:08:37 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id A288433F5BC for ; Fri, 10 Jan 2014 00:08:36 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Flag: NO X-Spam-Score: -1.078 X-Spam-Level: X-Spam-Status: No, score=-1.078 tagged_above=-999 required=5.5 tests=[AWL=-0.955, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.121, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no Received: from smtp.gentoo.org ([IPv6:::ffff:127.0.0.1]) by localhost (smtp.gentoo.org [IPv6:::ffff:127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ujyzixtmPXF4 for ; Fri, 10 Jan 2014 00:08:30 +0000 (UTC) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8AABD33E1C2 for ; Fri, 10 Jan 2014 00:08:28 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1W1PeD-00067g-3D for gentoo-dev@gentoo.org; Fri, 10 Jan 2014 01:08:25 +0100 Received: from 71-17-69-121.yktn.hsdb.sasknet.sk.ca ([71.17.69.121]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 10 Jan 2014 01:08:25 +0100 Received: from dirtyepic by 71-17-69-121.yktn.hsdb.sasknet.sk.ca with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 10 Jan 2014 01:08:25 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Ryan Hill Subject: [gentoo-dev] Re: [PATCH] To enable ssp default in Gcc the toolchain.eclass need some changes. Date: Thu, 9 Jan 2014 18:17:48 -0600 Organization: Gentoo Message-ID: <20140109181748.6ce650fc@caribou.gateway.pace.com> References: <7554031.Sacz2dxc8i@laptop1.gw.ume.nu> <1389304629.424.44.camel@belkin5> <52CF1D7C.4030700@gentoo.org> <20140109232116.398080f1@gentoo.org> <52CF22C6.6030907@gentoo.org> <20140109173046.65952ac8@caribou.gateway.pace.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/RElV._05CQIi4d8_nmkMfKt"; protocol="application/pgp-signature" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 71-17-69-121.yktn.hsdb.sasknet.sk.ca X-Newsreader: Claws Mail 3.9.3 (GTK+ 2.24.22; x86_64-pc-linux-gnu) X-Archives-Salt: 577d50fb-ca7d-423f-a8b3-3e975227b650 X-Archives-Hash: 8cc53089bd91da85a64840245e74f138 --Sig_/RElV._05CQIi4d8_nmkMfKt Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Thu, 9 Jan 2014 17:30:46 -0600 Ryan Hill wrote: > On Thu, 09 Jan 2014 17:29:26 -0500 > "Rick \"Zero_Chaos\" Farina" wrote: >=20 > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > >=20 > > On 01/09/2014 05:21 PM, Micha=C5=82 G=C3=B3rny wrote: > > > Dnia 2014-01-09, o godz. 17:06:52 > > > "Anthony G. Basile" napisa=C5=82(a): > > >=20 > > >> On 01/09/2014 04:57 PM, Pacho Ramos wrote: > > >>> What are the advantages of disabling SSP to deserve that "special" > > >>> handling via USE flag or easily disabling it appending the flag? > > >> > > >> There are some cases where ssp could break things. I know of once c= ase=20 > > >> right now, but its somewhat exotic. Also, sometimes we *want* to br= eak=20 > > >> things for testing. I'm thinking here of instance where we want to = test=20 > > >> a pax hardened kernel to see if it catches abuses of memory which wo= uld=20 > > >> otherwise be caught by executables emitted from a hardened toolchain= . =20 > > >> Take a look at the app-admin/paxtest suite. > > >=20 > > > Just to be clear, are we talking about potential system-wide breakage > > > or single, specific packages being broken by SSP? In other words, are > > > there cases when people will really want to disable SSP completely? > > >=20 > > > Unless I'm misunderstanding something, your examples sound like you > > > just want -fno-stack-protector per-package. I don't really think you > > > actually want to rebuild whole gcc just to do some testing on a single > > > package... > > >=20 > > Or just as easily set -fno-stack-protector in CFLAGS in make.conf. > >=20 > > I never felt manipulating cflags with use flags was a great idea, but in > > this case is does feel extra pointless. > >=20 > > Personally I don't feel this is needed, and the added benefit of > > clearing up a bogus "noblah" use flag makes me smile. > >=20 > > Zorry, do we really need this flag? >=20 > Yes, we do. I want a way to disable it at a toolchain level. Let me clarify. I would like to be able to disable it without relying on CFLAGS or anything the user could fiddle with. I need a big red off switch, at least for now. --=20 Ryan Hill psn: dirtyepic_sk gcc-porting/toolchain/wxwidgets @ gentoo.org 47C3 6D62 4864 0E49 8E9E 7F92 ED38 BD49 957A 8463 --Sig_/RElV._05CQIi4d8_nmkMfKt Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBCgAGBQJSzzwtAAoJEO04vUmVeoRjcRIH/2FPID8RRgSCQqnVih7vSZSD KsVGLz+egXKXb9gbJCbszX4saO8EzJgnGiwdt0dKgNNWzlN0OInQkLphzbE04V7T CYn4kPXMAucjtLutrxpggNHxd95TeJm5ruMcRsAw92puuI9fQ5RHhXNLtFsdTTJ3 vVZK0uvEbqxCD7qJrT9lZRZ2eK6QdSrbDLEO4tmjHGEWmlcQXq6+IE0FiJdGrDdA NW4nVieDgiVobbiTYAReR+0L3O6rYefXLyPFrFy3RWuT9KfWXLVjvb5HLutC6s6B YKbESaPteNeronm8O9OvBpKu4pgT7Jhfi0y9wrbc8nYRSiKTt9LeMBv/lj4hSzo= =fqKM -----END PGP SIGNATURE----- --Sig_/RElV._05CQIi4d8_nmkMfKt--