Hi, On Tuesday 09 November 2010 09:19:54 François Bissey wrote: > > Hi, > > > > my next migration victim will be mpir, the friendly clone of gmp. The > > current ebuild is the same in sage-on-gentoo and science. It has this > > assembler stuff in it that I don't understand. Who did this? What is > > the latest here, can we remove the fat TODO-banner (or DO it?). > > > > Any other hints/objections? (Yes, I know that there is a bump > > waiting...) > > Hi Thomas, > > Christopher did it. mpir like gmp suffer from executable stacks.
I followed the instructions listed in number 6 of the following page: http://www.gentoo.org/proj/en/hardened/gnu-stack.xml . However, the fix is incomplete (some architectures still have executable stacks) and I had some problems with BASH: for i in $(find . -type f -name '*.asm') ; do echo $i >/dev/null cat >> $i <<-EOF #if defined(__linux__) && defined(__ELF__) .section .note.GNU-stack,"",%progbits #endif EOF done If I remove the line with "echo" (which *should* be completely useless), the cat command does not patch files - WHY ?! Also, mpir seemed to have dropped yasm beginning with mpir-2.1 (?), so I think at least one loop in mpir's ebuild is superfluous. > There are talk on sage-devel which is very close to mpir upstream > to take a different approach: using an m4 macro and a linker flag > to remove them -Wl,-z,noexecstack. This seems to be a better idea. > The motivation to fix this is fedora 14 which doesn't allow executable > stacks by default. > I think the warning could be removed for now but the ebuild will probably > need a little TLC in the near future. > > Francois Christopher
