[gentoo-commits] repo/gentoo:master commit in: sys-devel/clang-common/

Thu, 12 Jan 2023 21:54:18 -0800 

commit:     9c142d1ca08af5ee6862cae427d8d3e60289f29a
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 13 05:53:47 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Jan 13 05:53:47 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9c142d1c

sys-devel/clang-common: add comments for USE=hardened in .cfg

Signed-off-by: Sam James <sam <AT> gentoo.org>

 sys-devel/clang-common/clang-common-15.0.6.9999.ebuild | 3 +++
 sys-devel/clang-common/clang-common-16.0.0.9999.ebuild | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/sys-devel/clang-common/clang-common-15.0.6.9999.ebuild 
b/sys-devel/clang-common/clang-common-15.0.6.9999.ebuild
index 709c93681448..0fe74d23d15c 100644
--- a/sys-devel/clang-common/clang-common-15.0.6.9999.ebuild
+++ b/sys-devel/clang-common/clang-common-15.0.6.9999.ebuild
@@ -91,6 +91,8 @@ src_install() {
 
        # Baseline hardening (bug #851111)
        newins - gentoo-hardened.cfg <<-EOF
+               # Some of these options are added unconditionally, regardless of
+               # USE=hardened, for parity with sys-devel/gcc.
                -fstack-clash-protection
                -fstack-protector-strong
                -fPIE
@@ -113,6 +115,7 @@ src_install() {
 
        if use hardened ; then
                cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
+                       # Options below are conditional on USE=hardened.
                        -D_GLIBCXX_ASSERTIONS
 
                        # Analogue to GLIBCXX_ASSERTIONS

diff --git a/sys-devel/clang-common/clang-common-16.0.0.9999.ebuild 
b/sys-devel/clang-common/clang-common-16.0.0.9999.ebuild
index 1b9640fcebe0..2fdd5cbe6a13 100644
--- a/sys-devel/clang-common/clang-common-16.0.0.9999.ebuild
+++ b/sys-devel/clang-common/clang-common-16.0.0.9999.ebuild
@@ -91,6 +91,8 @@ src_install() {
 
        # Baseline hardening (bug #851111)
        newins - gentoo-hardened.cfg <<-EOF
+               # Some of these options are added unconditionally, regardless of
+               # USE=hardened, for parity with sys-devel/gcc.
                -fstack-clash-protection
                -fstack-protector-strong
                -fPIE
@@ -113,6 +115,7 @@ src_install() {
 
        if use hardened ; then
                cat >> "${ED}/etc/clang/gentoo-hardened.cfg" <<-EOF || die
+                       # Options below are conditional on USE=hardened.
                        -D_GLIBCXX_ASSERTIONS
 
                        # Analogue to GLIBCXX_ASSERTIONS

Reply via email to