The current stable version has a locking bug that can cause failures
when building in a chroot. The current unstable version breaks building
kernels with the hardened compiler. Just disable ccache all-together...
The workaround for using the new ccache version with a hardened compiler
in commit 923a6b17 was insufficient and produced a broken kernel. Roll
back that commit along with the ccache version update, 0ba2d4d4.
Apparently didn't recompile enough stuff to test the ccache change. From
the ccache 3.2 release notes:
ccache no longer passes preprocessor options like -D and -I to the
compiler when compiling preprocessed output. This fixes warnings
emitted by clang.
The hardened compiler, at least as of gcc-4.8.3, uses -D__KERNEL__ to
detect kernel compiles and in that case avoids enabling PIE by default.
Mixing PIE and kernel compiles can lead to the following error:
error: code model kernel does not support PIC mode
Upstream bug: https://bugs.gentoo.org/show_bug.cgi?id=535984
The current ccache has some sort of locking bug that causes build
failures when the cache directory is being created for the first time.
This typically results in the first build in a fresh SDK failing.
While moving from systemd-sysv-utils to systemd w/ USE=sysv-utils I
forgot that USE=symlink-usr needed special handling to ensure the
symlinks were created correctly.
The `build_toolchains` process upgrades the @system package set rather
than @world before building the cross toolchains. This means systemd
will be upgraded, replacing systemd-sysv-utils, but not
hard-host-depends which previously depended on systemd-sysv-utils.
Mixing the older hard-host-depends with the latest systemd creates a
conflict. Fortunately we can work around this by providing the older
ebuild revision with the newer dependency list. Portage will use the
dependency list from the ebuild rather than the installed package.
`hard-host-depends-0.0.1-r170.ebuild` can be removed once the SDK
version is 457.0.0 or later.
Setting environment options in a systemd overlay is not getting
honoured; presumably because those options aren't passed through docker
to flanneld. To work around this, pass arguments explicitly, using an
environment file.
Some minor updates from upstream such as a fix for building without
openssl which doesn't impact our current configuration. Additionally,
our 'examples' use flag was non-functional because 4.2.8 now includes
scripts in its normal build system and installs them to bin. Instead add
a better named 'perl' use flag and patch the build.
By default /usr/share/oem/lib64 is included in ld.so.conf but if for any
reason ld.so.cache is generated incorrectly vmtoolsd will fail. Using
rpath instead avoids depending on the state of ld.so.cache.
This release includes some important security updates:
http://www.kb.cert.org/vuls/id/852879
Also, support for the ntpdc client in ntpd has been removed upstream.
The ntpq client must be used instead.
