* [gentoo-dev] [RFC] News item: GCC 6 defaults to USE="pie ssp"
@ 2017-05-09 17:26 99% Matthias Maier
0 siblings, 0 replies; 1+ results
From: Matthias Maier @ 2017-05-09 17:26 UTC (permalink / raw
To: gentoo-dev; +Cc: toolchain
[-- Attachment #1: Type: text/plain, Size: 1522 bytes --]
Title: GCC 6 defaults to USE="pie ssp"
Author: Matthias Maier <tamiko@gentoo.org>
Content-Type: text/plain
Posted: 2017-05-07
Revision: 1
News-Item-Format: 1.0
Display-If-Installed: >=sys-devel/gcc-6.3.0
Display-If-Keyword: amd64
In Gentoo, several GCC features can be default disabled or enabled
via use-flags of sys-devel/gcc. Starting with gcc-4.8.3 we have already
enabled default SSP [1]. Since the PIE patchset for default position
independent executable support was integrated upstream [2,3], starting
with gcc-6.3 we are also enabling PIE by default (via a default-enabled
use-flag pie) in regular (non-hardened) profiles.
[Additionally, following Gentoo policies, the default-off use-flags
nopie (only present in Hardened) and nossp are replaced starting with
gcc-6 by default-on use-flags pie and ssp.]
Be advised that switching from an older version to GCC 6 will enable the
PIE feature by default. This should not cause many problems, but it may
be necessary to recompile parts of your userland. An indicator are
linker errors of the form [4]
relocation R_X86_64_32 against `.rodata.str1.1' can not be used when
making a shared object; recompile with -fPIC
[1] https://www.gentoo.org/support/news-items/2014-06-15-gcc48_ssp.html
[2] https://gcc.gnu.org/gcc-6/changes.html
[3] A big thanks to all developers and members of the Gentoo community that
made upstreaming the pie patchset and other hardening options possible!
[4] https://bugs.gentoo.org/617698
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 850 bytes --]
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2017-05-09 17:26 99% [gentoo-dev] [RFC] News item: GCC 6 defaults to USE="pie ssp" Matthias Maier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox