| 1 |
commit: 8274b84fb061ddcb1318f1ba5625b41b197e6987 |
| 2 |
Author: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Tue Feb 14 10:01:08 2017 +0000 |
| 4 |
Commit: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Tue Feb 14 22:16:39 2017 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8274b84f |
| 7 |
|
| 8 |
ghc: spell '-nopie' as '-no-pie' for gcc-6.3.0, bug #606666 |
| 9 |
|
| 10 |
Gentoo upstreamed -pie/-nopie patch to GCC upstream but |
| 11 |
there is a twist: '-nopie' gentoo flag became '-no-pie'. |
| 12 |
|
| 13 |
But at least '-no-pie' is accessible in both vanilla |
| 14 |
and hardened profiles of gcc-6.3.0. |
| 15 |
|
| 16 |
Reported-by: Toralf Förster |
| 17 |
Bug: https://bugs.gentoo.org/606666 |
| 18 |
Signed-off-by: Sergei Trofimovich <slyfox <AT> gentoo.org> |
| 19 |
|
| 20 |
dev-lang/ghc/ghc-7.10.3.ebuild | 10 ++++++++-- |
| 21 |
dev-lang/ghc/ghc-8.0.2.ebuild | 10 ++++++++-- |
| 22 |
2 files changed, 16 insertions(+), 4 deletions(-) |
| 23 |
|
| 24 |
diff --git a/dev-lang/ghc/ghc-7.10.3.ebuild b/dev-lang/ghc/ghc-7.10.3.ebuild |
| 25 |
index ac9989cf6e..a963d059c6 100644 |
| 26 |
--- a/dev-lang/ghc/ghc-7.10.3.ebuild |
| 27 |
+++ b/dev-lang/ghc/ghc-7.10.3.ebuild |
| 28 |
@@ -244,9 +244,15 @@ ghc_setup_cflags() { |
| 29 |
append-ghc-cflags link ${flag} |
| 30 |
done |
| 31 |
|
| 32 |
- # hardened-gcc needs to be disabled, because the mangler doesn't accept |
| 33 |
- # its output. |
| 34 |
+ # hardened-gcc needs to be disabled, because our prebuilt binaries/libraries |
| 35 |
+ # are not built with fPIC, bug #606666 |
| 36 |
gcc-specs-pie && append-ghc-cflags persistent compile link -nopie |
| 37 |
+ tc-is-gcc && version_is_at_least 6.3 $(gcc-version) && if ! use ghcbootstrap; then |
| 38 |
+ # gcc-6.3 has support for -no-pie upstream, but spelling differs from |
| 39 |
+ # gentoo-specific '-nopie'. We enable it in non-bootstrap to allow |
| 40 |
+ # hardened users try '-pie' in USE=ghcbootstrap mode. |
| 41 |
+ append-ghc-cflags persistent compile link -no-pie |
| 42 |
+ fi |
| 43 |
gcc-specs-ssp && append-ghc-cflags persistent compile -fno-stack-protector |
| 44 |
|
| 45 |
# prevent from failind building unregisterised ghc: |
| 46 |
|
| 47 |
diff --git a/dev-lang/ghc/ghc-8.0.2.ebuild b/dev-lang/ghc/ghc-8.0.2.ebuild |
| 48 |
index e6dc320cb7..e5abb43d94 100644 |
| 49 |
--- a/dev-lang/ghc/ghc-8.0.2.ebuild |
| 50 |
+++ b/dev-lang/ghc/ghc-8.0.2.ebuild |
| 51 |
@@ -236,9 +236,15 @@ ghc_setup_cflags() { |
| 52 |
append-ghc-cflags link ${flag} |
| 53 |
done |
| 54 |
|
| 55 |
- # hardened-gcc needs to be disabled, because the mangler doesn't accept |
| 56 |
- # its output. |
| 57 |
+ # hardened-gcc needs to be disabled, because our prebuilt binaries/libraries |
| 58 |
+ # are not built with fPIC, bug #606666 |
| 59 |
gcc-specs-pie && append-ghc-cflags persistent compile link -nopie |
| 60 |
+ tc-is-gcc && version_is_at_least 6.3 $(gcc-version) && if ! use ghcbootstrap; then |
| 61 |
+ # gcc-6.3 has support for -no-pie upstream, but spelling differs from |
| 62 |
+ # gentoo-specific '-nopie'. We enable it in non-bootstrap to allow |
| 63 |
+ # hardened users try '-pie' in USE=ghcbootstrap mode. |
| 64 |
+ append-ghc-cflags persistent compile link -no-pie |
| 65 |
+ fi |
| 66 |
gcc-specs-ssp && append-ghc-cflags persistent compile -fno-stack-protector |
| 67 |
|
| 68 |
# prevent from failind building unregisterised ghc: |
Archives