diff options
| author |   Kevin F. Quinn <kevquinn@gentoo.org> | 2006-12-30 10:01:43 +0000 |
|---|---|---|
| committer | Kevin F. Quinn <kevquinn@gentoo.org> | 2006-12-30 10:01:43 +0000 |
| commit | 4a0c72fcdd74f1c6ca6dfe9eb7e81f02e3ebf4d1 (patch) | |
| tree | 89e8a55f6460313a6c516913464d061e6502e21e | |
| parent | Update manifest (diff) | |
| download | kevquinn-4a0c72fcdd74f1c6ca6dfe9eb7e81f02e3ebf4d1.tar.gz kevquinn-4a0c72fcdd74f1c6ca6dfe9eb7e81f02e3ebf4d1.tar.bz2 kevquinn-4a0c72fcdd74f1c6ca6dfe9eb7e81f02e3ebf4d1.zip | |
Align with current CVS, remove old (commented-out) junk.
svn path=/; revision=139
| -rw-r--r-- | hardened/toolchain/branches/gcc-glibc-nopie/eclass/flag-o-matic.eclass | 5 | ||||
| -rw-r--r-- | hardened/toolchain/branches/gcc-glibc-nopie/eclass/toolchain.eclass | 75 |
2 files changed, 7 insertions, 73 deletions
diff --git a/hardened/toolchain/branches/gcc-glibc-nopie/eclass/flag-o-matic.eclass b/hardened/toolchain/branches/gcc-glibc-nopie/eclass/flag-o-matic.eclass index 2bfe95d..2f9d1a4 100644 --- a/hardened/toolchain/branches/gcc-glibc-nopie/eclass/flag-o-matic.eclass +++ b/hardened/toolchain/branches/gcc-glibc-nopie/eclass/flag-o-matic.eclass @@ -1,6 +1,6 @@ # Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/flag-o-matic.eclass,v 1.113 2006/11/15 22:46:52 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/eclass/flag-o-matic.eclass,v 1.114 2006/12/27 00:52:12 vapier Exp $ # # Maintainer: base-system@gentoo.org @@ -112,7 +112,8 @@ setup-allowed-flags() { -mtls-direct-seg-refs -mno-tls-direct-seg-refs \ -mflat -mno-flat -mno-faster-structs -mfaster-structs \ -m32 -m64 -mabi -mlittle-endian -mbig-endian -EL -EB -fPIC \ - -mlive-g0 -mcmodel -mstack-bias -mno-stack-bias -msecure-plt" + -mlive-g0 -mcmodel -mstack-bias -mno-stack-bias \ + -msecure-plt" # C[XX]FLAGS that we are think is ok, but needs testing # NOTE: currently -Os have issues with gcc3 and K6* arch's diff --git a/hardened/toolchain/branches/gcc-glibc-nopie/eclass/toolchain.eclass b/hardened/toolchain/branches/gcc-glibc-nopie/eclass/toolchain.eclass index 247668f..302f0bf 100644 --- a/hardened/toolchain/branches/gcc-glibc-nopie/eclass/toolchain.eclass +++ b/hardened/toolchain/branches/gcc-glibc-nopie/eclass/toolchain.eclass @@ -1,6 +1,6 @@ # Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/toolchain.eclass,v 1.316 2006/11/13 18:57:10 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/eclass/toolchain.eclass,v 1.319 2006/12/27 06:04:03 vapier Exp $ HOMEPAGE="http://gcc.gnu.org/" LICENSE="GPL-2 LGPL-2.1" @@ -825,29 +825,6 @@ concat_minispecs() { gcc_pkg_setup() { [[ -z ${ETYPE} ]] && die "Your ebuild needs to set the ETYPE variable" -# Forcing no-fPIE for gcc build makes these conditions obsolete -# # Building a fully hardened compiler with a compiler that doesn't generate -# # PIEs by default causes conflicts between normal and PIE objects generated -# # at various stages in the build process. All stages of the build process -# # must build the same type of objects. -# if use hardened && ! gcc-specs-pie; then -# eerror "You have requested USE=hardened, but you are not using a hardened (PIE)" -# eerror "spec compiler. Select a hardened-pie-spec compiler with gcc-config," -# eerror "and try again. If you do not have a hardened-spec compiler (see the" -# eerror "output of gcc-config -l), emerge with USE='-hardened' first, then select" -# eerror "the hardened-spec compiler and emerge again with USE=hardened." -# die "You must build full hardened compilers with hardened-spec compilers" -# fi -# # The situation is similar when trying to build a non-hardened compiler with a -# # hardened compiler. -# if gcc-specs-pie && ! use hardened; then -# eerror "You have requested a non-hardened compiler, but you are using a hardened" -# eerror "compiler to do so, which is inadvisable. If you really want to build a" -# eerror "non-hardened compiler, switch to the vanilla compiler with gcc-config" -# eerror "first." -# die "You must build non-hardened compilers with vanilla-spec compilers." -# fi - if [[ ( $(tc-arch) == "amd64" || $(tc-arch) == "ppc64" ) && ( ${LD_PRELOAD} == "/lib/libsandbox.so" || ${LD_PRELOAD} == "/usr/lib/libsandbox.so" ) ]] && is_multilib ; then eerror "Sandbox in your installed portage does not support compilation." eerror "of a multilib gcc. Please set FEATURES=-sandbox and try again." @@ -1218,10 +1195,6 @@ gcc-compiler-configure() { [[ ${GCC_PV:0:1} == "3" ]] && \ confgcc="${confgcc} --enable-sjlj-exceptions" ;; - ppc|ppc64|alpha|sparc) - tc_version_is_at_least "4.1" && - confgcc="${confgcc} --enable-secureplt" - ;; esac GCC_LANG="c" @@ -1303,6 +1276,7 @@ gcc_do_configure() { --with-system-zlib \ --disable-checking \ --disable-werror \ + --enable-secureplt \ --disable-libunwind-exceptions" # etype specific configuration @@ -1339,7 +1313,7 @@ gcc_do_configure() { fi if [[ ${GCCMAJOR}.${GCCMINOR} > 4.1 ]] ; then - confgcc="${confgcc} --disable-bootstrap" + confgcc="${confgcc} --disable-bootstrap --disable-libgomp" fi elif [[ ${CHOST} != mingw* ]] ; then confgcc="${confgcc} --enable-shared --enable-threads=posix" @@ -1348,6 +1322,7 @@ gcc_do_configure() { confgcc="${confgcc} --enable-bootstrap" fi fi + [[ ${CTARGET} == *-elf ]] && confgcc="${confgcc} --with-newlib" # __cxa_atexit is "essential for fully standards-compliant handling of # destructors", but apparently requires glibc. # --enable-sjlj-exceptions : currently the unwind stuff seems to work @@ -2189,21 +2164,6 @@ do_gcc_PIE_patches() { return 0 fi -# # New multilib approach - drop pie from specs -# # x86 and x86_64 only for the moment -# sed -e "s:^MULTILIB_OPTIONS = m64/m32$:MULTILIB_OPTIONS = m64/m32 fpie|fPIE:" \ -# -e 's:^MULTILIB_DIRNAMES = 64 32$:MULTILIB_DIRNAMES = 64 32 pie:' \ -# -e 's:^MULTILIB_OSDIRNAMES = ../lib64 ../lib$:MULTILIB_OSDIRNAMES = ../lib64 ../lib pie' \ -# -i "${S}"/gcc/config/i386/t-linux64 || -# die "Failed to fixup x86_64 configuration for hardened multilib" -# -# printf "MULTILIB_OPTIONS = fpie|fPIE\n" >> "${S}"/gcc/config/t-linux -# printf "MULTILIB_DIRNAMES = pie\n" >> "${S}"/gcc/config/t-linux -# printf "MULTILIB_MATCHES = fpie=fPIE\n" >> "${S}"/gcc/config/t-linux -# printf "MULTILIB_OSDIRNAMS = pie\n" >> "${S}"/gcc/config/t-linux -# -# return 0 - want_boundschecking \ && rm -f "${WORKDIR}"/piepatch/*/*-boundschecking-no.patch* \ || rm -f "${WORKDIR}"/piepatch/*/*-boundschecking-yes.patch* @@ -2219,33 +2179,6 @@ do_gcc_PIE_patches() { EPATCH_MULTI_MSG="Applying non-default pie patches ..." \ epatch "${WORKDIR}"/piepatch/nondef -# # Force crt{begin,end}.o to be built normally; for all linux -# # If Gentoo/FreeBSD ever want hardened, need to do the same to t-freebsd -# # If an arch has t-crtstuff, it'll take precedence over t-linux*. If the -# # arch doesn't have t-crtstuff, try t-linux/t-linux64; then try the -# # generic t-linux. -# einfo "Fixing up make configuration to build crtstuff properly with pie compiler" -# for arch in $(ls -1 "${S}"/gcc/config); do -# [[ -d "${S}"/gcc/config/${arch} ]] || continue -# fixup_crtstuff_for_nopie gcc/config/${arch}/t-crtstuff -# fixup_crtstuff_for_nopie gcc/config/${arch}/t-linux -# fixup_crtstuff_for_nopie gcc/config/${arch}/t-linux64 -# done -# fixup_crtstuff_for_nopie gcc/config/t-linux -# # powerpc (32) is an exception - it sets CRTSTUFF_T_CFLAGS in t-ppccomm -# fixup_crtstuff_for_nopie gcc/config/rs6000/t-ppccomm -# # Lastly, rig it in Makefile.in (the last fall-back) -# fixup_crtstuff_for_nopie gcc/Makefile.in -# -# # Now fix libgcc.a and friends - add '-fno-PIE' to CFLAGS for the .a's -# ed "${S}"/gcc/Makefile.in > /dev/null 2>&1 <<EOF || die "Failed to fixup gcc/Makefile.in for libgcc.a and friends" -#/libgcc.a: -#/CFLAGS= -#s/"/"-fno-PIE / -#w -#q -#EOF - # adds default pie support (rs6000 too) if DEFAULT_PIE[_SSP] is defined want_minispecs || EPATCH_MULTI_MSG="Applying default pie patches ..." \ |