From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 121AB138247 for ; Fri, 10 Jan 2014 05:10:01 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4E313E0B1E; Fri, 10 Jan 2014 05:09:56 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 547CAE0B0C for ; Fri, 10 Jan 2014 05:09:55 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 6E7EE33F2B1 for ; Fri, 10 Jan 2014 05:09:54 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Flag: NO X-Spam-Score: -1.014 X-Spam-Level: X-Spam-Status: No, score=-1.014 tagged_above=-999 required=5.5 tests=[AWL=-1.011, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no Received: from smtp.gentoo.org ([IPv6:::ffff:127.0.0.1]) by localhost (smtp.gentoo.org [IPv6:::ffff:127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DGiwV-8bR9K6 for ; Fri, 10 Jan 2014 05:09:19 +0000 (UTC) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8641033ECD6 for ; Fri, 10 Jan 2014 05:09:18 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1W1ULJ-0005Q1-2w for gentoo-dev@gentoo.org; Fri, 10 Jan 2014 06:09:13 +0100 Received: from 71-17-69-121.yktn.hsdb.sasknet.sk.ca ([71.17.69.121]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 10 Jan 2014 06:09:13 +0100 Received: from dirtyepic by 71-17-69-121.yktn.hsdb.sasknet.sk.ca with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 10 Jan 2014 06:09:13 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Ryan Hill Subject: [gentoo-dev] Re: [PATCH] To enable ssp default in Gcc the toolchain.eclass need some changes. Date: Thu, 9 Jan 2014 23:18:28 -0600 Organization: Gentoo Message-ID: <20140109231828.48629961@caribou.gateway.pace.com> References: <7554031.Sacz2dxc8i@laptop1.gw.ume.nu> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/snzsTZMR+oAcHGCAqJ3QUJC"; protocol="application/pgp-signature" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 71-17-69-121.yktn.hsdb.sasknet.sk.ca X-Newsreader: Claws Mail 3.9.3 (GTK+ 2.24.22; x86_64-pc-linux-gnu) X-Archives-Salt: fe61c680-2d18-43a2-b78d-6809b5ebc53e X-Archives-Hash: 904a77520c5f19a86a58124f6b3f7e2f --Sig_/snzsTZMR+oAcHGCAqJ3QUJC Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Thu, 09 Jan 2014 21:58:46 +0100 Magnus Granberg wrote: > Some time ago we discussed that we should enable stack smashing=20 > (-fstack-protector) by default. So we opened a bug to track this [1]. =20 > The affected Gcc version will be 4.8.2 and newer. Only amd64, x86, mips, = ppc,=20 > ppc64 and arm will be affected by this change.=20 >=20 > You can turn off ssp by using the nossp USE flag or by adding=20 > -fno-stack-protector to the CFLAGS and/or CXXFLAGS. We are using the same= =20 > patch as Debian/Ubuntu but with some Gentoo fixes. >=20 > The patch will move the sed for the HARD_CFLAGS, ALLCFLAGS and=20 > ALLCXXFLAGS from do_gcc_PIE_patches() to make_gcc_hard(). We will=20 > make_gcc_hard() the default for all Gcc versions 4.8 and newer, and turn= =20 > it on or off with hardened_gcc_works() that will make some sanity checks. I went ahead and spun a new patchset for the compiler-side stuff if anyone wants to start playing around. - apply the eclass patch from bug #484714 (the one attached to Magnus' email wouldn't apply for me but maybe my mailer mangled it) - in gcc-4.8.2.ebuild do: -PATCH_VER=3D"1.3" +PATCH_VER=3D"1.4-ssptest" =20 -PIE_VER=3D"0.5.8" +PIE_VER=3D"0.5.9-ssptest" BTW Magnus, thanks for doing this. --=20 Ryan Hill psn: dirtyepic_sk gcc-porting/toolchain/wxwidgets @ gentoo.org 47C3 6D62 4864 0E49 8E9E 7F92 ED38 BD49 957A 8463 --Sig_/snzsTZMR+oAcHGCAqJ3QUJC Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBCgAGBQJSz4KrAAoJEO04vUmVeoRj6yEH/Rsp2I+TeN2Sc7kfYwk3OL37 bbAf+ieGRWUJhQFDKnQPOnk4xYnAXsU/2YtoMjOVjoznLBAL8NWdySbifeBmvYGV Fb0vwVmuy40Zs2n0XhIyLeUjfAhJ6v6eRbSrPfwWCQT8xq84j8XkVcNAxOgssIaH D477L4OsFvvlF+oIHg1yNt8xuA90WO6Jl5xYABbXGlqPDARyqeZWlEDG6HSL8i4O LuKjfo7zf1IjyjV6rBg693PTxQ9zB6h8ctyNa+WPSQT/Ih8qx+7jzaRUNwjqBmLf OK8eSPVGIYHKQp8NsPtQP3P/Dh8gPZuX6XmPcKHNmzfH+0NPwj2DoxBkQR3nG/k= =1OX0 -----END PGP SIGNATURE----- --Sig_/snzsTZMR+oAcHGCAqJ3QUJC--