| 1 |
On 05/10/2017 09:52 AM, Alexis Ballier wrote: |
| 2 |
> On Tue, 09 May 2017 18:58:42 -0500 |
| 3 |
> Matthias Maier <tamiko@g.o> wrote: |
| 4 |
> |
| 5 |
>> This is a reworded news item (assuming we proceed with the plan to |
| 6 |
>> default-enable USE=pie). Suggestions for improving the emerge command |
| 7 |
>> to fix static archives is highly welcomed. |
| 8 |
>> |
| 9 |
> |
| 10 |
> Really, I think the slot to have pie for gcc 6 has been missed by |
| 11 |
> default-enabling it only recently. We should aim for gcc 7 at least and |
| 12 |
> have proper testing. |
| 13 |
> |
| 14 |
> And add a few safety nets: A portage warning when installing non-pie |
| 15 |
> binaries, something that dies with FEATURES=strict or stricter, like |
| 16 |
> the textrel one we have. That is to avoid the quick n dirty |
| 17 |
> 'append-ldflags -no-pie' that makes the whole thing about forcing pie |
| 18 |
> questionable. If possible, detect static archives that have relocations |
| 19 |
> too. |
| 20 |
> |
| 21 |
> Ideally provide a system scanning tool for the above too. |
| 22 |
> |
| 23 |
> |
| 24 |
> After a few months of masked gcc7 like that we'll have enough data to |
| 25 |
> decide on a proper plan. It'll probably be good to get QA in the loop |
| 26 |
> and make this a QA goal too. |
| 27 |
> |
| 28 |
|
| 29 |
Sounds like a reasonable action plan. The consequences of such a change |
| 30 |
definitely seems to be sufficiently high to merit a proper migration |
| 31 |
plan which doesn't seem to have been established at this point. Whether |
| 32 |
that can be added to a later point with gcc6 (e.g by adding a new |
| 33 |
profile, or a later point release) I don't have strong opinions on, but |
| 34 |
there should be a plan and proper overview of the consequences. |
| 35 |
|
| 36 |
-- |
| 37 |
Kristian Fiskerstrand |
| 38 |
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net |
| 39 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |
Archives