From 8853b11c62c09faa19a49a580a103c9eab274154 Mon Sep 17 00:00:00 2001 From: Flatcar Buildbot Date: Mon, 3 Jul 2023 07:17:02 +0000 Subject: [PATCH] eclass/toolchain: Sync with Gentoo It's from Gentoo commit 4c9b4d49518302cbe0982834b279a90bf7c5b304. --- .../portage-stable/eclass/toolchain.eclass | 38 ++++++++++--------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/sdk_container/src/third_party/portage-stable/eclass/toolchain.eclass b/sdk_container/src/third_party/portage-stable/eclass/toolchain.eclass index 51b28b3805..dabdd3a8f4 100644 --- a/sdk_container/src/third_party/portage-stable/eclass/toolchain.eclass +++ b/sdk_container/src/third_party/portage-stable/eclass/toolchain.eclass @@ -380,17 +380,13 @@ fi # Set the source directory depending on whether we're using # a live git tree, snapshot, or release tarball. if [[ ${TOOLCHAIN_SET_S} == yes ]] ; then - s_path= if tc_is_live ; then - s_path=${EGIT_CHECKOUT_DIR} + S=${EGIT_CHECKOUT_DIR} elif [[ -n ${SNAPSHOT} ]] ; then - s_path=${WORKDIR}/gcc-${SNAPSHOT} + S=${WORKDIR}/gcc-${SNAPSHOT} else - s_path=${WORKDIR}/gcc-${GCC_RELEASE_VER} + S=${WORKDIR}/gcc-${GCC_RELEASE_VER} fi - - S="${s_path}" - unset s_path fi gentoo_urls() { @@ -573,7 +569,7 @@ toolchain_src_prepare() { eapply_user if ! use vanilla ; then - make_gcc_hard + tc_enable_hardened_gcc fi # Make sure the pkg-config files install into multilib dirs. @@ -657,8 +653,8 @@ do_gcc_gentoo_patches() { } # configure to build with the hardened GCC specs as the default -make_gcc_hard() { - local gcc_hard_flags="" +tc_enable_hardened_gcc() { + local hardened_gcc_flags="" if _tc_use_if_iuse pie ; then einfo "Updating gcc to use automatic PIE building ..." @@ -671,13 +667,13 @@ make_gcc_hard() { if _tc_use_if_iuse default-stack-clash-protection ; then # The define DEF_GENTOO_SCP is checked in 24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch einfo "Updating gcc to use automatic stack clash protection ..." - gcc_hard_flags+=" -DDEF_GENTOO_SCP" + hardened_gcc_flags+=" -DDEF_GENTOO_SCP" fi if _tc_use_if_iuse default-znow ; then # The define DEF_GENTOO_ZNOW is checked in 23_all_DEF_GENTOO_ZNOW-z-now.patch einfo "Updating gcc to request symbol resolution at start (-z now) ..." - gcc_hard_flags+=" -DDEF_GENTOO_ZNOW" + hardened_gcc_flags+=" -DDEF_GENTOO_ZNOW" fi if _tc_use_if_iuse hardened ; then @@ -685,14 +681,14 @@ make_gcc_hard() { # * -fstack-clash-protection # * -z now # See gcc *_all_extra-options.patch patches. - gcc_hard_flags+=" -DEXTRA_OPTIONS" + hardened_gcc_flags+=" -DEXTRA_OPTIONS" # Default to -D_FORTIFY_SOURCE=3 instead of -D_FORTIFY_SOURCE=2 - gcc_hard_flags+=" -DGENTOO_FORTIFY_SOURCE_LEVEL=3" + hardened_gcc_flags+=" -DGENTOO_FORTIFY_SOURCE_LEVEL=3" # Add -D_GLIBCXX_ASSERTIONS - gcc_hard_flags+=" -DDEF_GENTOO_GLIBCXX_ASSERTIONS" + hardened_gcc_flags+=" -DDEF_GENTOO_GLIBCXX_ASSERTIONS" if _tc_use_if_iuse cet && [[ ${CTARGET} == *x86_64*-linux* ]] ; then - gcc_hard_flags+=" -DEXTRA_OPTIONS_CF" + hardened_gcc_flags+=" -DEXTRA_OPTIONS_CF" fi # Rebrand to make bug reports easier @@ -710,7 +706,7 @@ make_gcc_hard() { -i "${S}"/gcc/Makefile.in || die sed -i \ - -e "/^HARD_CFLAGS = /s|=|= ${gcc_hard_flags} |" \ + -e "/^HARD_CFLAGS = /s|=|= ${hardened_gcc_flags} |" \ "${S}"/gcc/Makefile.in || die } @@ -1287,6 +1283,14 @@ toolchain_src_configure() { fi fi + if in_iuse default-znow && tc_version_is_at_least 14.0.0_pre20230619 ${PV}; then + # See https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=33ebb0dff9bb022f1e0709e0e73faabfc3df7931. + # TODO: Add to LDFLAGS_FOR_TARGET? + confgcc+=( + $(use_enable default-znow host-bind-now) + ) + fi + if in_iuse ssp ; then confgcc+=( # This defaults to -fstack-protector-strong.