commit: d30a8e0729b55b469d1f63ee074655cf21ae84c1
Author: Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Tue Aug 23 20:24:01 2016 +0000
Commit: Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Tue Aug 23 20:24:01 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-dev.git/commit/?id=d30a8e07
Bump gcc 6 to 6.2
eclass/toolchain.eclass | 116 ++++++++++++++++++++++++-----------------
sys-devel/gcc/gcc-6.2.0.ebuild | 39 ++++++++++++++
2 files changed, 108 insertions(+), 47 deletions(-)
diff --git a/eclass/toolchain.eclass b/eclass/toolchain.eclass
index 247dcee..130e952 100644
--- a/eclass/toolchain.eclass
+++ b/eclass/toolchain.eclass
@@ -131,7 +131,7 @@ else
LICENSE="GPL-2+ LGPL-2.1+ FDL-1.1+"
fi
-IUSE="multislot regression-test vanilla"
+IUSE="regression-test vanilla"
IUSE_DEF=( nls nptl )
if [[ ${PN} != "kgcc64" && ${PN} != gcc-* ]] ; then
@@ -152,9 +152,9 @@ if [[ ${PN} != "kgcc64" && ${PN} != gcc-* ]] ; then
# versions which we dropped. Since graphite was also experimental in
# the older versions, we don't want to bother supporting it. #448024
tc_version_is_at_least 4.8 && IUSE+=" graphite" IUSE_DEF+=( sanitize )
- tc_version_is_at_least 4.9 && IUSE+=" cilk"
- tc_version_is_at_least 5.0 && IUSE+=" jit pch"
- tc_version_is_at_least 6.0 && IUSE+=" pie +ssp"
+ tc_version_is_at_least 4.9 && IUSE+=" cilk +vtv"
+ tc_version_is_at_least 5.0 && IUSE+=" jit mpx"
+ tc_version_is_at_least 6.0 && IUSE+=" pie +ssp +pch"
fi
IUSE+=" ${IUSE_DEF[*]/#/+}"
@@ -627,20 +627,47 @@ do_gcc_PIE_patches() {
# configure to build with the hardened GCC specs as the default
make_gcc_hard() {
- # Gcc >= 6.X we don't need to sed in Makefile
- # It have configurations options to turn pie/ssp on as default
+ local gcc_hard_flags=""
+ # Gcc >= 6.X we can use configurations options to turn pie/ssp on as
default
if tc_version_is_at_least 6.0 ; then
- if use hardened ; then
- # rebrand to make bug reports easier
-
BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened}
- fi
if use pie ; then
einfo "Updating gcc to use automatic PIE building ..."
fi
if use ssp ; then
einfo "Updating gcc to use automatic SSP building ..."
fi
- return 1
+ if use hardened ; then
+ # Will add some optimatizion as default.
+ gcc_hard_flags+=" -DHARDENED_OPTIMATIZON"
+ # rebrand to make bug reports easier
+
BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened}
+ fi
+ else
+ if use hardened ; then
+ # rebrand to make bug reports easier
+
BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened}
+ if hardened_gcc_works ; then
+ einfo "Updating gcc to use automatic PIE + SSP
building ..."
+ gcc_hard_flags+=" -DEFAULT_PIE_SSP"
+ elif hardened_gcc_works pie ; then
+ einfo "Updating gcc to use automatic PIE
building ..."
+ ewarn "SSP has not been enabled by default"
+ gcc_hard_flags+=" -DEFAULT_PIE"
+ elif hardened_gcc_works ssp ; then
+ einfo "Updating gcc to use automatic SSP
building ..."
+ ewarn "PIE has not been enabled by default"
+ gcc_hard_flags+=" -DEFAULT_SSP"
+ else
+ # do nothing if hardened isn't supported, but
don't die either
+ ewarn "hardened is not supported for this arch
in this gcc version"
+ return 0
+ fi
+ else
+ if hardened_gcc_works ssp ; then
+ einfo "Updating gcc to use automatic SSP
building ..."
+ gcc_hard_flags+=" -DEFAULT_SSP"
+ fi
+ fi
fi
# we want to be able to control the pie patch logic via something other
@@ -651,36 +678,8 @@ make_gcc_hard() {
# Need to add HARD_CFLAGS to ALL_CXXFLAGS on >= 4.7
if tc_version_is_at_least 4.7 ; then
sed -e '/^ALL_CXXFLAGS/iHARD_CFLAGS = ' \
- -e 's|^ALL_CXXFLAGS = |ALL_CXXFLAGS = $(HARD_CFLAGS)
|' \
- -i "${S}"/gcc/Makefile.in
- fi
-
- # defaults to enable for all toolchains
- local gcc_hard_flags=""
- if use hardened ; then
- if hardened_gcc_works ; then
- einfo "Updating gcc to use automatic PIE + SSP building
..."
- gcc_hard_flags+=" -DEFAULT_PIE_SSP"
- elif hardened_gcc_works pie ; then
- einfo "Updating gcc to use automatic PIE building ..."
- ewarn "SSP has not been enabled by default"
- gcc_hard_flags+=" -DEFAULT_PIE"
- elif hardened_gcc_works ssp ; then
- einfo "Updating gcc to use automatic SSP building ..."
- ewarn "PIE has not been enabled by default"
- gcc_hard_flags+=" -DEFAULT_SSP"
- else
- # do nothing if hardened isn't supported, but don't die
either
- ewarn "hardened is not supported for this arch in this
gcc version"
- return 0
- fi
- # rebrand to make bug reports easier
- BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo
Hardened}
- else
- if hardened_gcc_works ssp ; then
- einfo "Updating gcc to use automatic SSP building ..."
- gcc_hard_flags+=" -DEFAULT_SSP"
- fi
+ -e 's|^ALL_CXXFLAGS = |ALL_CXXFLAGS = $(HARD_CFLAGS) |'
\
+ -i "${S}"/gcc/Makefile.in
fi
sed -i \
@@ -1187,6 +1186,17 @@ toolchain_src_configure() {
confgcc+=( $(use_enable cilk libcilkrts) )
fi
+ if in_iuse mpx ; then
+ confgcc+=( $(use_enable mpx libmpx) )
+ fi
+
+ if in_iuse vtv ; then
+ confgcc+=(
+ $(use_enable vtv vtable-verify)
+ $(use_enable vtv libvtv)
+ )
+ fi
+
# newer gcc's come with libquadmath, but only fortran uses
# it, so auto punt it when we don't care
if tc_version_is_at_least 4.6 && ! is_fortran ; then
@@ -1756,13 +1766,29 @@ toolchain_src_install() {
if ! is_crosscompile ; then
insinto "${DATAPATH}"
newins "${GCC_FILESDIR}"/awk/fixlafiles.awk-no_gcc_la
fixlafiles.awk || die
- find "${D}/${LIBPATH}" -name libstdc++.la -type f -delete
- find "${D}/${LIBPATH}" -name 'lib*san.la' -type f -delete
#487550 #546700
exeinto "${DATAPATH}"
doexe "${GCC_FILESDIR}"/fix_libtool_files.sh || die
doexe "${GCC_FILESDIR}"/c{89,99} || die
fi
+ find "${D}/${LIBPATH}" \
+ '(' \
+ -name libstdc++.la -o \
+ -name libstdc++fs.la -o \
+ -name libsupc++.la -o \
+ -name libcc1.la -o \
+ -name libcc1plugin.la -o \
+ -name 'libgomp.la' -o \
+ -name 'libgomp-plugin-*.la' -o \
+ -name libgfortran.la -o \
+ -name libgfortranbegin.la -o \
+ -name libmpx.la -o \
+ -name libmpxwrappers.la -o \
+ -name libitm.la -o \
+ -name libvtv.la -o \
+ -name 'lib*san.la' \
+ ')' -type f -delete
+
# Use gid of 0 because some stupid ports don't have
# the group 'root' set to gid 0. Send to /dev/null
# for people who are testing as non-root.
@@ -2122,10 +2148,6 @@ should_we_gcc_config() {
local curr_branch_ver=$(get_version_component_range 1-2
${curr_config_ver})
- # If we're using multislot, just run gcc-config if we're installing
- # to the same profile as the current one.
- use multislot && return $([[ ${curr_config_ver} == ${GCC_CONFIG_VER} ]])
-
if [[ ${curr_branch_ver} == ${GCC_BRANCH_VER} ]] ; then
return 0
else
diff --git a/sys-devel/gcc/gcc-6.2.0.ebuild b/sys-devel/gcc/gcc-6.2.0.ebuild
new file mode 100644
index 0000000..b425590
--- /dev/null
+++ b/sys-devel/gcc/gcc-6.2.0.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+
+PATCH_VER="1.0"
+#UCLIBC_VER="1.0"
+
+# Hardened gcc 4 stuff
+#PIE_VER="0.6.5"
+#SPECS_VER="0.2.0"
+#SPECS_GCC_VER="4.4.3"
+# arch/libc configurations known to be stable with {PIE,SSP}-by-default
+#PIE_GLIBC_STABLE="x86 amd64 mips ppc ppc64 arm ia64"
+#PIE_UCLIBC_STABLE="x86 arm amd64 mips ppc ppc64"
+#SSP_STABLE="amd64 x86 mips ppc ppc64 arm"
+# uclibc need tls and nptl support for SSP support
+# uclibc need to be >= 0.9.33
+#SSP_UCLIBC_STABLE="x86 amd64 mips ppc ppc64 arm"
+#end Hardened stuff
+
+inherit toolchain
+
+KEYWORDS=""
+
+RDEPEND=""
+DEPEND="${RDEPEND}
+ elibc_glibc? ( >=sys-libs/glibc-2.8 )
+ >=${CATEGORY}/binutils-2.20"
+
+if [[ ${CATEGORY} != cross-* ]] ; then
+ PDEPEND="${PDEPEND} elibc_glibc? ( >=sys-libs/glibc-2.8 )"
+fi
+
+src_prepare() {
+
+ toolchain_src_prepare
+}
