From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 46C3C138247 for ; Fri, 10 Jan 2014 20:08:11 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9F71CE0E53; Fri, 10 Jan 2014 20:08:01 +0000 (UTC) Received: from virtual.dyc.edu (mail.virtual.dyc.edu [67.222.116.22]) by pigeon.gentoo.org (Postfix) with ESMTP id 41BCDE0B45 for ; Fri, 10 Jan 2014 20:08:00 +0000 (UTC) Received: from [192.168.3.7] (cpe-74-77-145-97.buffalo.res.rr.com [74.77.145.97]) by virtual.dyc.edu (Postfix) with ESMTPSA id 1DB557E0638 for ; Fri, 10 Jan 2014 15:07:58 -0500 (EST) Message-ID: <52D05322.4060807@opensource.dyc.edu> Date: Fri, 10 Jan 2014 15:08:02 -0500 From: "Anthony G. Basile" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Re: [PATCH] To enable ssp default in Gcc the toolchain.eclass need some changes. References: <7554031.Sacz2dxc8i@laptop1.gw.ume.nu> <52CF1080.7010400@gentoo.org> <20140109172603.659c630f@caribou.gateway.pace.com> <201401100030.11205.dilfridge@gentoo.org> <20140109234108.GA8840@laptop.home> <20140109181200.6c1ca1e8@caribou.gateway.pace.com> <52CF949D.9010501@gentoo.org> <20140110095054.1b8a1017@caribou.gateway.pace.com> In-Reply-To: <20140110095054.1b8a1017@caribou.gateway.pace.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 475cd3b5-6a95-421d-918f-adf2bd953205 X-Archives-Hash: 08899403433d9e3e8b3fec4b71b07bbc On 01/10/2014 10:50 AM, Ryan Hill wrote: > On Fri, 10 Jan 2014 01:35:09 -0500 > "Rick \"Zero_Chaos\" Farina" wrote: > >> More to the point, "this specific use flag" appears to have no purpose >> what-so-ever. If a user can do exactly the same with >> CFLAGS=-fno-stack-protector in make.conf, and it would be INSANE for a >> package to dep on gcc[nossp] then this is has got to be one of the most >> useless use flags in gentoo. > > Having slept on it I'm starting to agree. My first argument was that on > hardened ssp is -fstack-protector-all, which is much more expensive, and it > adds -fstack-check and -z,now to the linker by default as well. The pie half I'm pretty sure we're not adding -fstack-check unless something has changed. Where are you seeing that? The reason I'm concerned is because of situations like bug #471756. stack-check incumbers a register which in some situations (like the asm in ffmpeg) can get you into trouble with not enough GENERAL_REGS. > adds -fPIE but also a crtbeginP section for linking static libs with -pie. So > there are situations where you want to disable one or both, if only for > testing. But what I forgot is that hardened installs multiple gcc-config > profiles to switch these out on the fly. So there goes that idea. > > It might be useful to have these flags so we can mask them on archs that don't > support ssp/pie. But that's always been true and it looks like sh is the only > place we've bothered for some reason. Yes please. I had this issue on mips where gcc didn't support ssp for early versions of gcc 4.x. > >> Not saying I would block this patch, not saying it has to be this >> second, but I see this use flag as a small example of things in >> toolchain which could probably be cleaned up if fresh eyes were to see >> things. > > Yes, and believe it or not I appreciate the input. I know I'm stubborn as hell > but eventually common sense gets through. > > -- Anthony G. Basile, Ph. D. Chair of Information Technology D'Youville College Buffalo, NY 14201 (716) 829-8197