<br><br><div class="gmail_quote">2010/8/10 Brian Harring <span dir="ltr">&lt;<a href="mailto:ferringb@...">ferringb@...</a>&gt;</span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div></div><div class="h5">On Mon, Aug 09, 2010 at 07:05:11PM -0400, Mike Frysinger wrote:<br>
&gt; On Mon, Aug 9, 2010 at 7:03 PM, Markos Chandras wrote:<br>
&gt; &gt; On Sat, Aug 07, 2010 at 10:16:24PM -0400, Mike Frysinger wrote:<br>
&gt; &gt;&gt; obviously you only mean linux x86/amd64 dev profiles.  i dont have a strong<br>
&gt; &gt;&gt; opinion on that small subset in either direction.<br>
&gt; &gt;<br>
&gt; &gt; So do you agree to make this linker option default to linux x86/amd64 dev/<br>
&gt; &gt; profiles?<br>
&gt;<br>
&gt; add them or dont add them, &quot;i dont have a [...] opinion [...] in<br>
&gt; either direction&quot;.  if put to a vote, i&#39;d abstain.<br>
<br>
</div></div>Possibly a stupid question, but any reason we&#39;ve not looked at<br>
injecting something that has lower actual affect but can still be used<br>
for a canary?  I&#39;m thinking of --build-id specifically...<br>
<font color="#888888"><br>
~brian<br></font></blockquote><div><br></div><div>I don&#39;t know how --hash-style=gnu is used to check for LDFLAGS, so this may be OT.</div><div><br></div><div>On my personal and _breakable_ desktop I do use</div><div>
LDFLAGS=&quot;${LDFLAGS} -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,--sort-common -Wl,--build-id&quot;</div><div>in make.conf.</div><div><br></div><div>Would this two liners tell me which package who install binaries in /usr/bin does not respect ldflags?</div>
<div><br></div><div># for i in /usr/bin/* ; do eu-unstrip -n -e  $i ; done &amp;&gt; build-id.txt</div><div># qfile $(grep &#39;0x[0-9]*+0x[0-9]* - &#39; build-id.txt | awk &#39;{ print $3 }&#39;)</div><div><br></div><div>
On a side note, I&#39;ve noticed that build-id change at every re-compilation of the package, even if nothing changed in the system, since it&#39;s supposed to be a &quot;160-bit SHA1 hash on the normative parts of the output contents&quot; should it be the same if the package is compiled on the same system with no changes?</div>
<div><br></div><div>Output of the two liners for this system:</div><div><br></div><div>sys-apps/turbotail (/usr/bin/turbotail)</div><div>app-arch/rzip (/usr/bin/runzip)</div><div>app-arch/rzip (/usr/bin/rzip)</div><div>dev-lang/go (/usr/bin/6a)</div>
<div>dev-lang/go (/usr/bin/6cov)</div><div>dev-lang/go (/usr/bin/6l)</div><div>dev-lang/go (/usr/bin/6nm)</div><div>dev-lang/xharbour (/usr/bin/pprun)</div><div>dev-lang/xharbour (/usr/bin/hbmake)</div><div>dev-lang/xharbour (/usr/bin/hbdict)</div>
<div>dev-lang/xharbour (/usr/bin/xbscript)</div><div>dev-lang/perl (/usr/bin/perl)</div><div>dev-lang/perl (/usr/bin/perl5.12.1)</div><div>dev-lang/R (/usr/bin/Rscript)</div><div>x11-misc/xcb (/usr/bin/xcb)</div><div>dev-libs/dietlibc (/usr/bin/dnsd)</div>
<div>dev-libs/dietlibc (/usr/bin/elftrunc)</div><div>app-text/o3read (/usr/bin/utf8tolatin1)</div><div>app-accessibility/festival (/usr/bin/audsp)</div><div>app-accessibility/espeak (/usr/bin/espeak)</div><div>sys-devel/gcc (/usr/bin/x86_64-pc-linux-gnu-gcjh-4.4.4)</div>
<div>sys-devel/gcc (/usr/bin/gcjh-4.4.4)</div><div>sys-devel/llvm-gcc (/usr/bin/llvm-gcov)</div><div>sys-devel/qconf (/usr/bin/qconf)</div><div>www-plugins/lightspark (/usr/bin/lightspark)</div><div> </div></div><br>