aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2010-10-20 20:06:12 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2010-10-20 20:06:12 +0000
commit3e1613b949a65ae8d6c782334ecafb56cb3ba8d5 (patch)
treeec74e89f9730af751607353003312d5a7ab3f846
parentfacc84c66328379eaa64b2643a309ead9eb50afe (diff)
downloadaports-3e1613b949a65ae8d6c782334ecafb56cb3ba8d5.tar.bz2
aports-3e1613b949a65ae8d6c782334ecafb56cb3ba8d5.tar.xz
main/gcc: enable ssp and pie
was disabled by mistake. There was some issues with building last stage with PIE so we workaround by removing -g from CFLAGS
-rw-r--r--main/gcc/APKBUILD24
1 files changed, 18 insertions, 6 deletions
diff --git a/main/gcc/APKBUILD b/main/gcc/APKBUILD
index f1a02c403f..b1260d5163 100644
--- a/main/gcc/APKBUILD
+++ b/main/gcc/APKBUILD
@@ -15,7 +15,7 @@ else
_with_arch="i486"
fi
-pkgrel=5
+pkgrel=6
pkgdesc="The GNU Compiler Collection"
url="http://gcc.gnu.org"
license="GPL LGPL"
@@ -30,7 +30,6 @@ source="ftp://gcc.gnu.org/pub/gcc/releases/gcc-$pkgver/gcc-core-$pkgver.tar.bz2
09_all_gcc-4.5-Wtrampolines.patch
15_all_gcc-libgomp-no-werror.patch
- 50_all_pr45312-kernel-miscompile.patch
51_all_gcc-3.4-libiberty-pic.patch
gcc-spec-env.patch
@@ -39,6 +38,7 @@ source="ftp://gcc.gnu.org/pub/gcc/releases/gcc-$pkgver/gcc-core-$pkgver.tar.bz2
gcc-4.5-dynamic-linker.patch
PR32219.patch
"
+# 50_all_pr45312-kernel-miscompile.patch
_gccdir="$srcdir"/gcc-$pkgver
prepare() {
@@ -60,12 +60,26 @@ prepare() {
;;
esac
done
- sed -i 's/use_fixproto=yes/:/' gcc/config.gcc #PR33200
+
+ #PR33200
+ sed -i 's/use_fixproto=yes/:/' gcc/config.gcc || return 1
+
+ # enable hardened cflags by default
+ local _hard_cflags="-DEFAULT_PIE_SSP -DEFAULT_RELRO -DEFAULT_BIND_NOW"
+ sed -e "/^ALL_CFLAGS/iHARD_CFLAGS = ${_hard_cflags}" \
+ -e 's|^ALL_CFLAGS = |ALL_CFLAGS = $(HARD_CFLAGS) |' \
+ -i gcc/Makefile.in || return 1
+ # in stage3 building insn-attrtab.o seems to run out of some kind
+ # of resource. This doesnt happen in earlier stages due to PIE is
+ # not enabled. It seems to also help to disable debug so we do so.
+ sed -e '/^BOOT_CFLAGS/s/-g//' \
+ -i Makefile.in || return 1
}
build() {
cd "$_gccdir"
echo ${pkgver} > gcc/BASE-VER
+ export CFLAGS="-fno-stack-protector"
mkdir build
cd build
../configure --prefix=/usr \
@@ -84,7 +98,7 @@ build() {
--disable-werror \
--enable-__cxa_atexit \
--enable-cld \
- --enable-espf \
+ --enable-esp \
--enable-languages=c,c++,objc \
--enable-shared \
--enable-target-optspace \
@@ -97,7 +111,6 @@ build() {
--with-system-zlib \
--without-system-libunwind
-
make || return 1
}
@@ -169,7 +182,6 @@ b294953ff0bb2f20c7acb2bf005d832a gcc-g++-4.5.1.tar.bz2
441c76504e1d97170117c294e65c7a72 gcc-4.4.3-specs-0.2.0.tar.bz2
ab090760506eb70aa4436a349c6bd788 09_all_gcc-4.5-Wtrampolines.patch
1c00bd9d12891a3e2311b32b98deb6fa 15_all_gcc-libgomp-no-werror.patch
-01d331b786b4884b8a2663ea5f921b71 50_all_pr45312-kernel-miscompile.patch
45951dd3bbc979c9e043c7203745cf31 51_all_gcc-3.4-libiberty-pic.patch
c4045bfa85d8be780affd465be9d8ca8 gcc-spec-env.patch
2db1e3482c5dd59dab70f701afa2ca80 pt_gnu_eh_frame.patch