summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergei Trofimovich <slyfox@gentoo.org>2020-03-15 15:17:09 +0000
committerSergei Trofimovich <slyfox@gentoo.org>2020-03-15 15:46:25 +0000
commit551958422d949b8e43393b6c9c00a2ce7c4cc4c6 (patch)
treea346b7fa9234df1e9d921c2bf0473440d10e291d
parentdev-util/gn: fix install with USE=vim-syntax (diff)
downloadgentoo-551958422d949b8e43393b6c9c00a2ce7c4cc4c6.tar.gz
gentoo-551958422d949b8e43393b6c9c00a2ce7c4cc4c6.tar.bz2
gentoo-551958422d949b8e43393b6c9c00a2ce7c4cc4c6.zip
sys-libs/glibc: switch -fstack-protector-all to -strong, bug #712356
--enable-stack-protector=all adds protection to functions that don't have a chance to corrupt stack. On top of that glibc's own tests fail on static IFUNC resolver. Let's use -fstack-protector-strong which matches Gentoo's gcc default. Should fix at least the following test failures: FAIL: elf/ifuncmain9picstatic FAIL: elf/ifuncmain9static Reported-by: Toralf Förster Bug: https://bugs.gentoo.org/712356 Bug: https://sourceware.org/PR25680 Package-Manager: Portage-2.3.94, Repoman-2.3.20 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
-rw-r--r--sys-libs/glibc/glibc-2.31-r1.ebuild6
-rw-r--r--sys-libs/glibc/glibc-9999.ebuild6
2 files changed, 10 insertions, 2 deletions
diff --git a/sys-libs/glibc/glibc-2.31-r1.ebuild b/sys-libs/glibc/glibc-2.31-r1.ebuild
index d303115a4a6d..00feda902bda 100644
--- a/sys-libs/glibc/glibc-2.31-r1.ebuild
+++ b/sys-libs/glibc/glibc-2.31-r1.ebuild
@@ -870,7 +870,11 @@ glibc_do_configure() {
myconf+=( --enable-stack-protector=no )
;;
*)
- myconf+=( --enable-stack-protector=$(usex ssp all no) )
+ # Use '=strong' instead of '=all' to protect only functions
+ # worth protecting from stack smashes.
+ # '=all' is also known to have a problem in IFUNC resolution
+ # tests: https://sourceware.org/PR25680, bug #712356.
+ myconf+=( --enable-stack-protector=$(usex ssp strong no) )
;;
esac
myconf+=( --enable-stackguard-randomization )
diff --git a/sys-libs/glibc/glibc-9999.ebuild b/sys-libs/glibc/glibc-9999.ebuild
index 229af08f2ca8..b77e0177feb2 100644
--- a/sys-libs/glibc/glibc-9999.ebuild
+++ b/sys-libs/glibc/glibc-9999.ebuild
@@ -869,7 +869,11 @@ glibc_do_configure() {
myconf+=( --enable-stack-protector=no )
;;
*)
- myconf+=( --enable-stack-protector=$(usex ssp all no) )
+ # Use '=strong' instead of '=all' to protect only functions
+ # worth protecting from stack smashes.
+ # '=all' is also known to have a problem in IFUNC resolution
+ # tests: https://sourceware.org/PR25680, bug #712356.
+ myconf+=( --enable-stack-protector=$(usex ssp strong no) )
;;
esac
myconf+=( --enable-stackguard-randomization )