1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
On 19.02.2012 20:06, "Tóth Attila" wrote: |
5 |
> The email I replied to was originally posted by "Hinnerk van |
6 |
> Bruinehsen". |
7 |
> |
8 |
> Let's see my question in details, that might clarify it. Here is |
9 |
> the part of the ebuild I'm asking questions about: |
10 |
> |
11 |
> " if [[ $(gcc-major-version) -lt 4 ]]; then append-cxxflags |
12 |
> -fno-stack-protector elif [[ $(gcc-major-version) -gt 4 || |
13 |
> $(gcc-minor-version) -gt 3 ]]; then if use amd64 || use x86; then |
14 |
> append-flags -mno-avx fi fi " |
15 |
> |
16 |
> Break it down: |
17 |
> |
18 |
> " if [[ $(gcc-major-version) -lt 4 ]]; then append-cxxflags |
19 |
> -fno-stack-protector " The first part is a historical remnant from |
20 |
> times before Zorry. We used gcc-3.4.6 for a long time. It used a |
21 |
> different implementation for SSP. |
22 |
> |
23 |
> " elif [[ $(gcc-major-version) -gt 4 || $(gcc-minor-version) -gt 3 |
24 |
> ]]; then if use amd64 || use x86; then append-flags -mno-avx fi fi |
25 |
> " |
26 |
> |
27 |
> The second part disables avx optimisations if the gcc version is |
28 |
> newer than 4.3. However avx support isn't around so long and it's |
29 |
> not mature. Avx is an instruction set extension, that is getting |
30 |
> some attention lately. I'm lucky to have a system, with a capable |
31 |
> processor. The block disabling the optimisations resides right |
32 |
> besides the stack-protector statement. That's why I thought some |
33 |
> hardened floks put it there. And I'm curious about the reason. |
34 |
> |
35 |
> Of course it might be simply there, because enabling avx |
36 |
> optimizations can actually decrease performance. Like you can see |
37 |
> it here: |
38 |
> http://www.phoronix.com/scan.php?page=article&item=intel_avx_gcc&num=1 |
39 |
> |
40 |
> Security is more important for me compared to speed. That's why |
41 |
> I'm interested in any security effect of a compiler option (like |
42 |
> creating textrels or so). If it's a security problem, I won't use |
43 |
> corei7-avx, but rather go for simple corei7. |
44 |
> |
45 |
> Regards: Dw. |
46 |
|
47 |
Hi, |
48 |
|
49 |
that part is in the normal icecat-ebuild in the tree. It's also within |
50 |
the firefox ebuild. |
51 |
I don't know if it's needed, but mozilla herd as maintainers may be |
52 |
the right people to ask. |
53 |
|
54 |
Regards, |
55 |
|
56 |
Hinnerk |
57 |
|
58 |
-----BEGIN PGP SIGNATURE----- |
59 |
Version: GnuPG v2.0.18 (GNU/Linux) |
60 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ |
61 |
|
62 |
iQEcBAEBAgAGBQJPQWgMAAoJEJwwOFaNFkYc1UMH/3kAIY4TaptxnzmgcPMKswJS |
63 |
GxkLqsLxYcO3WJpSpW6+U/fCfVdZko6Tz/qG5P6kiLNSdFTwz6gesH/DJnnNcBq5 |
64 |
wSh4k6MSyPw26ifdTBlp4Inhi2Gmn/ZhtpUQVKXjX3z7zHXXgj4TwBpGvojGbglO |
65 |
pbSUxGhYy+qEDdufvqR50Ti67Gaxgcf7VYitfhUgDyMWMuGZIxRYeqQFpMI0jO9L |
66 |
vIoD4fey0ZIEdTdiJpW6ONXvE76d3CJ86TFAqTUMyxqqUNBoPstH2Zh+btp5c03C |
67 |
Pn6XGscSOxcpKLxbeBxRZHv9EfUqoCs9pc7gn/T6+r1s2t74hcHF+K5c/13Df+k= |
68 |
=+Ef/ |
69 |
-----END PGP SIGNATURE----- |