eclass/toolchain: Sync with Gentoo

It's from Gentoo commit 4c9b4d49518302cbe0982834b279a90bf7c5b304.

sdk_container/src/third_party/portage-stable/eclass/toolchain.eclass

@@ -380,17 +380,13 @@ fi
 # Set the source directory depending on whether we're using
 # a live git tree, snapshot, or release tarball.
 if [[ ${TOOLCHAIN_SET_S} == yes ]] ; then
-	s_path=
 	if tc_is_live ; then
-		s_path=${EGIT_CHECKOUT_DIR}
+		S=${EGIT_CHECKOUT_DIR}
 	elif [[ -n ${SNAPSHOT} ]] ; then
-		s_path=${WORKDIR}/gcc-${SNAPSHOT}
+		S=${WORKDIR}/gcc-${SNAPSHOT}
 	else
-		s_path=${WORKDIR}/gcc-${GCC_RELEASE_VER}
+		S=${WORKDIR}/gcc-${GCC_RELEASE_VER}
 	fi
-
-	S="${s_path}"
-	unset s_path
 fi
 
 gentoo_urls() {
@@ -573,7 +569,7 @@ toolchain_src_prepare() {
 	eapply_user
 
 	if ! use vanilla ; then
-		make_gcc_hard
+		tc_enable_hardened_gcc
 	fi
 
 	# Make sure the pkg-config files install into multilib dirs.
@@ -657,8 +653,8 @@ do_gcc_gentoo_patches() {
 }
 
 # configure to build with the hardened GCC specs as the default
-make_gcc_hard() {
+tc_enable_hardened_gcc() {
-	local gcc_hard_flags=""
+	local hardened_gcc_flags=""
 
 	if _tc_use_if_iuse pie ; then
 		einfo "Updating gcc to use automatic PIE building ..."
@@ -671,13 +667,13 @@ make_gcc_hard() {
 	if _tc_use_if_iuse default-stack-clash-protection ; then
 		# The define DEF_GENTOO_SCP is checked in 24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch
 		einfo "Updating gcc to use automatic stack clash protection ..."
-		gcc_hard_flags+=" -DDEF_GENTOO_SCP"
+		hardened_gcc_flags+=" -DDEF_GENTOO_SCP"
 	fi
 
 	if _tc_use_if_iuse default-znow ; then
 		# The define DEF_GENTOO_ZNOW is checked in 23_all_DEF_GENTOO_ZNOW-z-now.patch
 		einfo "Updating gcc to request symbol resolution at start (-z now) ..."
-		gcc_hard_flags+=" -DDEF_GENTOO_ZNOW"
+		hardened_gcc_flags+=" -DDEF_GENTOO_ZNOW"
 	fi
 
 	if _tc_use_if_iuse hardened ; then
@@ -685,14 +681,14 @@ make_gcc_hard() {
 		# * -fstack-clash-protection
 		# * -z now
 		# See gcc *_all_extra-options.patch patches.
-		gcc_hard_flags+=" -DEXTRA_OPTIONS"
+		hardened_gcc_flags+=" -DEXTRA_OPTIONS"
 		# Default to -D_FORTIFY_SOURCE=3 instead of -D_FORTIFY_SOURCE=2
-		gcc_hard_flags+=" -DGENTOO_FORTIFY_SOURCE_LEVEL=3"
+		hardened_gcc_flags+=" -DGENTOO_FORTIFY_SOURCE_LEVEL=3"
 		# Add -D_GLIBCXX_ASSERTIONS
-		gcc_hard_flags+=" -DDEF_GENTOO_GLIBCXX_ASSERTIONS"
+		hardened_gcc_flags+=" -DDEF_GENTOO_GLIBCXX_ASSERTIONS"
 
 		if _tc_use_if_iuse cet && [[ ${CTARGET} == *x86_64*-linux* ]] ; then
-			gcc_hard_flags+=" -DEXTRA_OPTIONS_CF"
+			hardened_gcc_flags+=" -DEXTRA_OPTIONS_CF"
 		fi
 
 		# Rebrand to make bug reports easier
@@ -710,7 +706,7 @@ make_gcc_hard() {
 		-i "${S}"/gcc/Makefile.in || die
 
 	sed -i \
-		-e "/^HARD_CFLAGS = /s|=|= ${gcc_hard_flags} |" \
+		-e "/^HARD_CFLAGS = /s|=|= ${hardened_gcc_flags} |" \
 		"${S}"/gcc/Makefile.in || die
 
 }
@@ -1287,6 +1283,14 @@ toolchain_src_configure() {
 		fi
 	fi
 
+	if in_iuse default-znow && tc_version_is_at_least 14.0.0_pre20230619 ${PV}; then
+		# See https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=33ebb0dff9bb022f1e0709e0e73faabfc3df7931.
+		# TODO: Add to LDFLAGS_FOR_TARGET?
+		confgcc+=(
+			$(use_enable default-znow host-bind-now)
+		)
+	fi
+
 	if in_iuse ssp ; then
 		confgcc+=(
 			# This defaults to -fstack-protector-strong.