commit: 8274b84fb061ddcb1318f1ba5625b41b197e6987 Author: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> AuthorDate: Tue Feb 14 10:01:08 2017 +0000 Commit: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> CommitDate: Tue Feb 14 22:16:39 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8274b84f
ghc: spell '-nopie' as '-no-pie' for gcc-6.3.0, bug #606666 Gentoo upstreamed -pie/-nopie patch to GCC upstream but there is a twist: '-nopie' gentoo flag became '-no-pie'. But at least '-no-pie' is accessible in both vanilla and hardened profiles of gcc-6.3.0. Reported-by: Toralf Förster Bug: https://bugs.gentoo.org/606666 Signed-off-by: Sergei Trofimovich <slyfox <AT> gentoo.org> dev-lang/ghc/ghc-7.10.3.ebuild | 10 ++++++++-- dev-lang/ghc/ghc-8.0.2.ebuild | 10 ++++++++-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/dev-lang/ghc/ghc-7.10.3.ebuild b/dev-lang/ghc/ghc-7.10.3.ebuild index ac9989cf6e..a963d059c6 100644 --- a/dev-lang/ghc/ghc-7.10.3.ebuild +++ b/dev-lang/ghc/ghc-7.10.3.ebuild @@ -244,9 +244,15 @@ ghc_setup_cflags() { append-ghc-cflags link ${flag} done - # hardened-gcc needs to be disabled, because the mangler doesn't accept - # its output. + # hardened-gcc needs to be disabled, because our prebuilt binaries/libraries + # are not built with fPIC, bug #606666 gcc-specs-pie && append-ghc-cflags persistent compile link -nopie + tc-is-gcc && version_is_at_least 6.3 $(gcc-version) && if ! use ghcbootstrap; then + # gcc-6.3 has support for -no-pie upstream, but spelling differs from + # gentoo-specific '-nopie'. We enable it in non-bootstrap to allow + # hardened users try '-pie' in USE=ghcbootstrap mode. + append-ghc-cflags persistent compile link -no-pie + fi gcc-specs-ssp && append-ghc-cflags persistent compile -fno-stack-protector # prevent from failind building unregisterised ghc: diff --git a/dev-lang/ghc/ghc-8.0.2.ebuild b/dev-lang/ghc/ghc-8.0.2.ebuild index e6dc320cb7..e5abb43d94 100644 --- a/dev-lang/ghc/ghc-8.0.2.ebuild +++ b/dev-lang/ghc/ghc-8.0.2.ebuild @@ -236,9 +236,15 @@ ghc_setup_cflags() { append-ghc-cflags link ${flag} done - # hardened-gcc needs to be disabled, because the mangler doesn't accept - # its output. + # hardened-gcc needs to be disabled, because our prebuilt binaries/libraries + # are not built with fPIC, bug #606666 gcc-specs-pie && append-ghc-cflags persistent compile link -nopie + tc-is-gcc && version_is_at_least 6.3 $(gcc-version) && if ! use ghcbootstrap; then + # gcc-6.3 has support for -no-pie upstream, but spelling differs from + # gentoo-specific '-nopie'. We enable it in non-bootstrap to allow + # hardened users try '-pie' in USE=ghcbootstrap mode. + append-ghc-cflags persistent compile link -no-pie + fi gcc-specs-ssp && append-ghc-cflags persistent compile -fno-stack-protector # prevent from failind building unregisterised ghc:
