On 03/15/2011 04:28 PM, Grant wrote: >>>>> A dev is asking me to switch to a hardened profile in order to test a >>>>> fix. I'm happy to go through the process, but is there a chance my >>>>> laptop could be unusable after the switch? If that happens I'll be in >>>>> real trouble. Will I be able to switch back to a non-hardened profile >>>>> afterward? I plan to follow this guide: >>>>> >>>>> http://www.gentoo.org/proj/en/hardened/hardenedfaq.xml#hardenedprofile >>>>> >>>>> BTW, are emerge -e world and emerge -e system both necessary? I >>>>> thought emerge -e world would rebuild everything. >>>> >>>> Switching to hardened is safe. The switch back should be, too, although >>>> I haven't personally tried it. (Why would you switch back?) >>> >>> I originally had my laptop on a hardened profile (I think it was a >>> couple laptops back) but there were so many problems I eventually gave >>> up. I remember doing a lot of system reinstalling as I switched >>> profiles around. I don't have time to reinstall my system right now >>> so I'm trying to be sure I can switch to hardened (and from hardened >>> if necessary) without reinstalling. >> >> If you don't run a hardened kernel, "sudo gcc-config 5" (assuming 5 is >> the vanilla gcc on your machine...) will switch you back to the vanilla >> gcc. No need to switch profiles or recompile anything. > > I do run a hardened kernel, but you're saying if I switch to gcc-5 I > should be able to test for a crash that was previously exhibited under > a hardened profile? >
I think (completely unscientifically) that most of the day-to-day problems are caused by the hardening features in the kernel rather than by GCC's hardening features. When you compile a hardened GCC, you also get the vanilla, unhardened GCC installed. So if you see e.g. a compile failure using hardened GCC, you can just switch to the vanilla GCC to see if that fixes it. On my machine, $ sudo gcc-config -l [1] x86_64-pc-linux-gnu-4.4.5 * [2] x86_64-pc-linux-gnu-4.4.5-hardenednopie [3] x86_64-pc-linux-gnu-4.4.5-hardenednopiessp [4] x86_64-pc-linux-gnu-4.4.5-hardenednossp [5] x86_64-pc-linux-gnu-4.4.5-vanilla it's the fifth option. Summary: if you have problems on hardened, you can always switch to vanilla GCC and reboot to a non-hardened kernel. You don't have to recompile anything or switch profiles again.
