* [gentoo-hardened] SSP in GCC 4
@ 2010-01-25 0:34 Mike Williams
2010-01-25 2:26 ` Pavel Labushev
2010-01-25 3:28 ` Michael Edenfield
0 siblings, 2 replies; 9+ messages in thread
From: Mike Williams @ 2010-01-25 0:34 UTC (permalink / raw
To: gentoo-hardened
Hi!
I've had gcc-4.3 masked since it went stable back in October, due to the lack
of SSP.
Coming up soon I've got an opportunity to do some fairly major system upgrades
on the large number of servers we've got, it would be nice to include the
newer GCC.
So far we've had no insurmountable problem with 3.4.6, but the newer xen-
sources (>2.6.21) that support the NICs we're seeing in nehalem machines need
gcc-4 to build.
Is there any news on SSP in GCC 4?
Thanks
--
Mike Williams
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [gentoo-hardened] SSP in GCC 4
2010-01-25 0:34 [gentoo-hardened] SSP in GCC 4 Mike Williams
@ 2010-01-25 2:26 ` Pavel Labushev
2010-01-25 18:59 ` Mike Williams
2010-01-25 3:28 ` Michael Edenfield
1 sibling, 1 reply; 9+ messages in thread
From: Pavel Labushev @ 2010-01-25 2:26 UTC (permalink / raw
To: gentoo-hardened
Mike Williams ?????:
> Is there any news on SSP in GCC 4?
There is SSP in gcc 4. AFAIR it is not enabled in the specs due to some
problems on amd64 (correct me if I'm wrong, people). Howewer, it works
for me on x86 since gcc 4.1, and you could enable and test it in your
environment.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [gentoo-hardened] SSP in GCC 4
2010-01-25 2:26 ` Pavel Labushev
@ 2010-01-25 18:59 ` Mike Williams
0 siblings, 0 replies; 9+ messages in thread
From: Mike Williams @ 2010-01-25 18:59 UTC (permalink / raw
To: gentoo-hardened; +Cc: Pavel Labushev
On Monday 25 January 2010 02:26:19 Pavel Labushev wrote:
> Mike Williams ?????:
> > Is there any news on SSP in GCC 4?
>
> There is SSP in gcc 4. AFAIR it is not enabled in the specs due to some
> problems on amd64 (correct me if I'm wrong, people). Howewer, it works
> for me on x86 since gcc 4.1, and you could enable and test it in your
> environment.
Well that's a bit of an arse, we use amd64 :)
Thanks though.
--
Mike Williams
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [gentoo-hardened] SSP in GCC 4
2010-01-25 0:34 [gentoo-hardened] SSP in GCC 4 Mike Williams
2010-01-25 2:26 ` Pavel Labushev
@ 2010-01-25 3:28 ` Michael Edenfield
2010-01-25 19:10 ` Mike Williams
2010-02-14 11:31 ` Mike Williams
1 sibling, 2 replies; 9+ messages in thread
From: Michael Edenfield @ 2010-01-25 3:28 UTC (permalink / raw
To: gentoo-hardened
On Sunday January 24 2010 07:34:31 pm Mike Williams wrote:
> Is there any news on SSP in GCC 4?
Use the gcc-4.4 out of the hardened-development overlay. I've been using the
overlay (4.3, then 4.4) it on all of my servers, plus my personal machines,
for almost a year now and so far have only had problems with 1 package (sbcl).
--K
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [gentoo-hardened] SSP in GCC 4
2010-01-25 3:28 ` Michael Edenfield
@ 2010-01-25 19:10 ` Mike Williams
2010-01-25 20:15 ` Mike Edenfield
2010-02-14 11:31 ` Mike Williams
1 sibling, 1 reply; 9+ messages in thread
From: Mike Williams @ 2010-01-25 19:10 UTC (permalink / raw
To: gentoo-hardened
On Monday 25 January 2010 03:28:24 Michael Edenfield wrote:
> On Sunday January 24 2010 07:34:31 pm Mike Williams wrote:
> > Is there any news on SSP in GCC 4?
>
> Use the gcc-4.4 out of the hardened-development overlay. I've been using
> the overlay (4.3, then 4.4) it on all of my servers, plus my personal
> machines, for almost a year now and so far have only had problems with 1
> package (sbcl).
Nice, thanks.
Anything else I need to unmask? Installing gcc-4.4.2-r2 and rebuilding system
hasn't broken my build box yet!
--
Mike Williams
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [gentoo-hardened] SSP in GCC 4
2010-01-25 19:10 ` Mike Williams
@ 2010-01-25 20:15 ` Mike Edenfield
2010-01-25 22:14 ` [gentoo-hardened] " Peter Hjalmarsson
2010-01-27 13:23 ` [gentoo-hardened] " Ed W
0 siblings, 2 replies; 9+ messages in thread
From: Mike Edenfield @ 2010-01-25 20:15 UTC (permalink / raw
To: gentoo-hardened; +Cc: Mike Williams
On 1/25/2010 2:10 PM, Mike Williams wrote:
> On Monday 25 January 2010 03:28:24 Michael Edenfield wrote:
>> On Sunday January 24 2010 07:34:31 pm Mike Williams wrote:
>>> Is there any news on SSP in GCC 4?
>>
>> Use the gcc-4.4 out of the hardened-development overlay. I've been using
>> the overlay (4.3, then 4.4) it on all of my servers, plus my personal
>> machines, for almost a year now and so far have only had problems with 1
>> package (sbcl).
>
> Nice, thanks.
> Anything else I need to unmask? Installing gcc-4.4.2-r2 and rebuilding system
> hasn't broken my build box yet!
>
I also have glibc unmasked, but I think that's a remnant from a while
ago and probably not necessary. The latest version in the overlay is 2.9.
If you are running ~arch you'll pick up a few more things from the
overlay, like grub and hardened-sources, automatically. If you're not
running ~arch I'd suggest you unmask anything that the overlay has in
it, since there are often PIE or SSP patches included in those versions.
--Mike
^ permalink raw reply [flat|nested] 9+ messages in thread
* [gentoo-hardened] Re: SSP in GCC 4
2010-01-25 20:15 ` Mike Edenfield
@ 2010-01-25 22:14 ` Peter Hjalmarsson
2010-01-27 13:23 ` [gentoo-hardened] " Ed W
1 sibling, 0 replies; 9+ messages in thread
From: Peter Hjalmarsson @ 2010-01-25 22:14 UTC (permalink / raw
To: gentoo-hardened
mån 2010-01-25 klockan 15:15 -0500 skrev Mike Edenfield:
> I also have glibc unmasked, but I think that's a remnant from a while
> ago and probably not necessary. The latest version in the overlay is
> 2.9.
>
> If you are running ~arch you'll pick up a few more things from the
> overlay, like grub and hardened-sources, automatically. If you're not
>
> running ~arch I'd suggest you unmask anything that the overlay has in
> it, since there are often PIE or SSP patches included in those
> versions.
>
Just use latest stable glibc from portage (glibc in hardened-dev is
going away as soon as Zorry feel comfortable removing it).
The same goes for all other packages, use the versions from portage
unless you have problems compiling that version or told otherwise @
#gentoo-hardened.
When it comes to which arch, I have no bigger problem using the
gcc-4.4.2 on an ~amd64 machine... Bu that may be me that is lucky.;)
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [gentoo-hardened] SSP in GCC 4
2010-01-25 20:15 ` Mike Edenfield
2010-01-25 22:14 ` [gentoo-hardened] " Peter Hjalmarsson
@ 2010-01-27 13:23 ` Ed W
1 sibling, 0 replies; 9+ messages in thread
From: Ed W @ 2010-01-27 13:23 UTC (permalink / raw
To: gentoo-hardened
On 25/01/2010 20:15, Mike Edenfield wrote:
> On 1/25/2010 2:10 PM, Mike Williams wrote:
>> On Monday 25 January 2010 03:28:24 Michael Edenfield wrote:
>>> On Sunday January 24 2010 07:34:31 pm Mike Williams wrote:
>>>> Is there any news on SSP in GCC 4?
>>>
>>> Use the gcc-4.4 out of the hardened-development overlay. I've been
>>> using
>>> the overlay (4.3, then 4.4) it on all of my servers, plus my personal
>>> machines, for almost a year now and so far have only had problems
>>> with 1
>>> package (sbcl).
>>
>> Nice, thanks.
>> Anything else I need to unmask? Installing gcc-4.4.2-r2 and
>> rebuilding system
>> hasn't broken my build box yet!
>>
>
Another +1 for Gcc-4.4.x on AMD64. Working fine here for some months
Ed W
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [gentoo-hardened] SSP in GCC 4
2010-01-25 3:28 ` Michael Edenfield
2010-01-25 19:10 ` Mike Williams
@ 2010-02-14 11:31 ` Mike Williams
1 sibling, 0 replies; 9+ messages in thread
From: Mike Williams @ 2010-02-14 11:31 UTC (permalink / raw
To: gentoo-hardened
On Monday 25 January 2010 03:28:24 Michael Edenfield wrote:
> > Is there any news on SSP in GCC 4?
>
> Use the gcc-4.4 out of the hardened-development overlay. I've been using
> the overlay (4.3, then 4.4) it on all of my servers, plus my personal
> machines, for almost a year now and so far have only had problems with 1
> package (sbcl).
The majority of our servers are now running gcc-4.4.2-r2! And we've had no
trouble we can attribute to the compiler.
Our build machines did the whole emerge -e thing, but on the servers we just
installed gcc (emerge gcc -Nu1Kv), switched compiler, then updated world
(emerge world -DNuKv). They all had between 1/2 and 3/4 of their packages
updated, including all the important stuff (apache, php, rails, nginx, mysql,
postgres, etc).
I can now build modern Xen kernels too!
Thanks very much.
--
Mike Williams
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2010-02-14 12:02 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-01-25 0:34 [gentoo-hardened] SSP in GCC 4 Mike Williams
2010-01-25 2:26 ` Pavel Labushev
2010-01-25 18:59 ` Mike Williams
2010-01-25 3:28 ` Michael Edenfield
2010-01-25 19:10 ` Mike Williams
2010-01-25 20:15 ` Mike Edenfield
2010-01-25 22:14 ` [gentoo-hardened] " Peter Hjalmarsson
2010-01-27 13:23 ` [gentoo-hardened] " Ed W
2010-02-14 11:31 ` Mike Williams
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox