1 |
All, |
2 |
|
3 |
I'm hoping for some suggestions particularly from the toolchain and |
4 |
hardened profile folk. |
5 |
|
6 |
We have a compiler that goes via C and uses gcc as it's backend. This |
7 |
compiler does some pretty unpleasant things with the assembler output of |
8 |
gcc. For one thing it doesn't use the C stack. It strips off the prelude |
9 |
and epilogue of each function. Anyway, Suffice to say that it doesn't |
10 |
work with hardened gcc; that is both PIE and the stack protector. |
11 |
|
12 |
However turning these features off (by passing -nopie |
13 |
-fno-stack-protector to gcc) is not so easy when we consider that people |
14 |
can upgrade their gcc or change from a vanilla to a hardened profile |
15 |
*after* emerging ghc. |
16 |
|
17 |
gcc-3 supports both -nopie and -fno-stack-protector. So always using |
18 |
these would be ok if it were not for gcc-4 which doesn't grok |
19 |
-fno-stack-protector. |
20 |
|
21 |
If we don't use -fno-stack-protector then if someone changes from a |
22 |
vanilla gcc profile to a hardened one then the users will get breakage |
23 |
when they start using ghc again. |
24 |
|
25 |
We could have the ghc driver script work out dynamically which flags to |
26 |
pass to gcc to suppress the hardened stuff but I think we can all see |
27 |
the downside to that. |
28 |
|
29 |
We could say "don't switch to a hardened gcc profile - it doesn't work". |
30 |
|
31 |
We could say "don't use gcc 4 - it' not supported". However this will |
32 |
not last forever. |
33 |
|
34 |
We could ask the gcc-config people for some assistance. Perhaps by |
35 |
adding an extra env var GHC_CFLAGS that gives us the right flags. Or |
36 |
perhaps by hooking into gcc-config to have our flags updated whenever |
37 |
the user changes profile. |
38 |
|
39 |
Does anyone have any other suggestions? |
40 |
|
41 |
-- |
42 |
Duncan Coutts : Gentoo Developer (Haskell herd team lead) |
43 |
email : dcoutts at gentoo dot org |
44 |
|
45 |
-- |
46 |
gentoo-dev@g.o mailing list |