Permalink
Browse files

Merge branch 'master' of git.funtoo.org:funtoo-overlay

  • Loading branch information...
2 parents 3103e09 + be6a475 commit 0f6945972e4611fc15c4c905dab3055298c97403 @angryvincent angryvincent committed Sep 9, 2013
Showing with 114 additions and 6 deletions.
  1. +1 −0 sys-devel/gcc/Manifest
  2. +113 −6 sys-devel/gcc/gcc-4.6.4.ebuild
@@ -27,6 +27,7 @@ DIST gcc-4.6.3-patches-1.6.tar.bz2 17072 SHA256 9ea15c9e289de83954ee5c2ae374a7a5
DIST gcc-4.6.3-piepatches-v0.5.2.tar.bz2 15002 SHA256 6606d47a8bbaa9cba0dd3b022cbf6ed14325b8560dd17f7601dbaa4697df3691 SHA512 21ec5bcd43ec0075f8885ef6f567fd9ffd0a64f4c4f9340262900b91a8f22f73a22cd320d6c5a9211083a0a4d21f61ff42e4d9368b5768b395d6ec1b17fc47eb WHIRLPOOL f38666e7c47d9e10b96a22b85c90659800ecfa86d7cf9d5ff69385dc5584fc6ea4b90265ec62d8066adab63a647c1a4bd0f0d1cc69057fcc08c4aa6856cd5766
DIST gcc-4.6.3-uclibc-patches-1.0.tar.bz2 3023 SHA256 4219a3582c5f98bf8437bfc3feb8c264f8aabd8078caaddef46dd38be33f089f SHA512 e0763dc7f3f94cb9ba6e34233d1a2fa6913918a5100dd029ae76b3b086529b8fafae3086dc22f3294f7d378e5548294264cb2faa80866e8a1ecc666bf60fe010 WHIRLPOOL 1744810d5928b1869929ebd608e1d817e4bcb4f666647bc873e9bdb41c65833a40745e58de5ef4beb98ef4ac539c8560733100a3bbee280c76525ee518ae88c8
DIST gcc-4.6.3.tar.bz2 71999439 SHA256 e8f5853d4eec2f5ebaf8a72ae4d53c436aacf98153b2499f8635b48c4718a093 SHA512 efedecc1a6d1c36eb91cbecfae9a4414d01051e99965de8a284d1164df3cad13fa99a6dd5a4ceaa03ef63a66884eaf729b49d602ac82088f788bab045ce1eb26 WHIRLPOOL a50059cc5ec5bcf7c7d7108e38087c2168ff0c6817d06b709be901a87007f84cd231ebae0752cdc94fa99c93ecd30ba810d3213aba9f3639292b1e831818ec0c
+DIST gcc-4.6.4-piepatches-v0.5.2.tar.bz2 14888 SHA256 a6a853197fb0de66c07e6183e686dbdb1f4b55108efd4c8363662cb2b971f43c SHA512 2fd1993b0dc7fc2096e17198f70ff6328ac4d3b7c0db597e3bc119df10eb0b9744f8e6cc659ae1ddd8afdb14f94cb85fdd12033a5d76026c7f84aca44ce9c9b8 WHIRLPOOL 61babd71167114a3f8579e8fb4bba5ed0c217cff4f3760b89de8a67d69c05de43b49bd9f567e6417b69874a878ecdc0e98d807a0e25a9dc80ef5c67594e15a0d
DIST gcc-4.6.4.tar.bz2 72006076 SHA256 35af16afa0b67af9b8eb15cafb76d2bc5f568540552522f5dc2c88dd45d977e8 SHA512 b5a5395782e0b9e61cda052f6e00c8575d1aa0b7e8db9e34c06e4e45f12ff37b436018536b7fa69a04a4235b5b368895652e3ed8fab2fe11763f9782ed9161dc WHIRLPOOL ab1b035f43aec669640b36037e65ae0edceb3b13b1ce4f7900aeff5ee06686dc2d66c3dd81156f53c4e9a9a806e4becd4462f72a6c4ad7e646b632c10c23356c
DIST gcc-4.7.2-patches-1.5.tar.bz2 40393 SHA256 31c9590aff8c41ca5f704b2b85bfd45e1c60796e3004f9ea7b4b0544cc4b876d SHA512 ca941b897ac480ff4e1d144a34a66cdbbb94d7178b2246dad9430599c903d2b30423db428884bf47f542632602aa0e0390cb5f75c7c1a812ea373dc0934194cd WHIRLPOOL 517f1f8f74fe334acab24ad6f68b50d16625b3aea7805b1bb3e8a1d255a8703dab07e4cd2031c7e0e181de4cd4a3d8c6ef4f5ed10264285d28fa9a68ba74f68f
DIST gcc-4.7.2-piepatches-v0.5.5.tar.bz2 15347 SHA256 ea7b7f7af30569f98b3cd37459b257e8bc96ef4691841779b28e93a96764a8c1 SHA512 1e3d20c38af31953b3a82c3f2204b9cc73a8bc9c80f3b3300106d1f1b6d299eb5ae5f67839fdcc690b4b8510d400053f431a1ef4850c9a4d2ca25db68daf35b6 WHIRLPOOL a22e77f63306fab350749b0778002e0cf610e300ef960631013aa545569385faa9ed1787fcdec5cf0dec89ed7dc4c9dc3d7dec28bbdb9665c0c957ba6dfa67de
@@ -2,7 +2,7 @@
EAPI=5
-inherit multilib
+inherit multilib eutils
# Ebuild notes:
#
@@ -18,11 +18,65 @@ inherit multilib
# Note: multi-stage bootstrapping is currently not being performed.
+# Parse information from CBUILD/CHOST/CTARGET rather than
+# use external variables from the profile.
+tc-ninja_magic_to_arch() {
+ninj() { [[ ${type} == "kern" ]] && echo $1 || echo $2 ; }
+
+ local type=$1
+ local host=$2
+ [[ -z ${host} ]] && host=${CTARGET:-${CHOST}}
+
+ case ${host} in
+ alpha*) echo alpha;;
+ arm*) echo arm;;
+ avr*) ninj avr32 avr;;
+ bfin*) ninj blackfin bfin;;
+ cris*) echo cris;;
+ hppa*) ninj parisc hppa;;
+ i?86*) echo x86;;
+ ia64*) echo ia64;;
+ m68*) echo m68k;;
+ mips*) echo mips;;
+ nios2*) echo nios2;;
+ nios*) echo nios;;
+ powerpc*)
+ if [[ ${host} == powerpc64* ]] ; then
+ echo ppc64
+ elif [[ ${PROFILE_ARCH} == "ppc64" ]] ; then
+ ninj ppc64 ppc
+ else
+ echo ppc
+ fi
+ ;;
+ s390*) echo s390;;
+ sh64*) ninj sh64 sh;;
+ sh*) echo sh;;
+ sparc64*) ninj sparc64 sparc;;
+ sparc*) [[ ${PROFILE_ARCH} == "sparc64" ]] \
+ && ninj sparc64 sparc \
+ || echo sparc
+ ;;
+ vax*) echo vax;;
+ x86_64*freebsd*) echo amd64;;
+ x86_64*)
+ ninj x86_64 amd64;;
+ *) echo unknown;;
+ esac
+}
+
+# @FUNCTION: tc-arch
+# @USAGE: [toolchain prefix]
+# @RETURN: name of the portage arch according to the compiler target
+tc-arch() {
+ tc-ninja_magic_to_arch portage "$@"
+}
+
RESTRICT="strip"
FEATURES=${FEATURES/multilib-strict/}
IUSE="ada cxx fortran f77 f95 objc objc++ openmp" # languages
-IUSE="$IUSE multislot nls nptl vanilla doc multilib altivec libssp" # other stuff
+IUSE="$IUSE multislot nls nptl vanilla doc multilib altivec libssp hardened" # other stuff
# USE Notes:
#
@@ -32,7 +86,6 @@ IUSE="$IUSE multislot nls nptl vanilla doc multilib altivec libssp" # other stuf
# test is not currently supported.
# objc-gc is enabled by default when objc is enabled.
# gcj is not currently supported by this ebuild.
-# hardened is not currently supported by this ebuild.
# graphite is not currently supported by this ebuild.
# multislot is a good USE flag to set when testing this ebuild.
# It allows this gcc to co-exist along identical x.y versions.
@@ -43,17 +96,37 @@ else
SLOT="${PV%.*}"
fi
-PATCH_VER="1.6"
+#Not used:
+#PATCH_VER="1.6"
+
+#Hardened Support:
+#
+# PIE_VER specifies the version of the PIE patches that will be downloaded and applied.
+#
+# SPECS_VER and SPECS_GCC_VER specifies the version of the "minispecs" files that will
+# be used. Minispecs are compiler definitions that are installed that can be used to
+# select various permutations of the hardened compiler, as well as a non-hardened
+# compiler, and are typically selected via Gentoo's gcc-config tool.
+
+PIE_VER="0.5.2"
+SPECS_VER="0.2.0"
+SPECS_GCC_VER="4.4.3"
+SPECS_A="gcc-${SPECS_GCC_VER}-specs-${SPECS_VER}.tar.bz2"
+PIE_A="gcc-${PV}-piepatches-v${PIE_VER}.tar.bz2"
+
GMP_VER="5.1.1"
MPFR_VER="3.1.2"
MPC_VER="1.0.1"
-GCC_A="gcc-${PV}.tar.bz2"
+GCC_A="gcc-${PV}.tar.bz2"
SRC_URI="mirror://gnu/gcc/gcc-${PV}/${GCC_A}"
SRC_URI="$SRC_URI http://www.multiprecision.org/mpc/download/mpc-${MPC_VER}.tar.gz"
SRC_URI="$SRC_URI http://www.mpfr.org/mpfr-${MPFR_VER}/mpfr-${MPFR_VER}.tar.xz"
SRC_URI="$SRC_URI mirror://gnu/gmp/gmp-${GMP_VER}.tar.xz"
+#Hardened Support:
+SRC_URI="$SRC_URI hardened? ( mirror://gentoo/${SPECS_A} mirror://gentoo/${PIE_A} )"
+
DESCRIPTION="The GNU Compiler Collection"
LICENSE="GPL-3 LGPL-3 || ( GPL-3 libgcc libstdc++ gcc-runtime-library-exception-3.1 ) FDL-1.2"
@@ -81,12 +154,18 @@ src_unpack() {
( unpack mpc-${MPC_VER}.tar.gz && mv ${WORKDIR}/mpc-${MPC_VER} ${S}/mpc ) || die "mpc setup fail"
( unpack mpfr-${MPFR_VER}.tar.xz && mv ${WORKDIR}/mpfr-${MPFR_VER} ${S}/mpfr ) || die "mpfr setup fail"
( unpack gmp-${GMP_VER}.tar.xz && mv ${WORKDIR}/gmp-${GMP_VER} ${S}/gmp ) || die "gmp setup fail"
+ unpack $PIE_A || die "pie unpack fail"
+ unpack $SPECS_A || die "specs unpack fail"
cd $S
mkdir ${WORKDIR}/objdir
}
src_prepare() {
+
+ # TODO - APPLY PIE PATCHES
+ # TODO - ALL_CFLAGS vs HARD_CFLAGS (see do_gcc_PIE_patches() in toolchain.eclass)
+
# For some reason, when upgrading gcc, the gcc Makefile will install stuff
# like crtbegin.o into a subdirectory based on the name of the currently-installed
# gcc version, rather than *our* gcc version. Manually fix this:
@@ -111,9 +190,17 @@ src_prepare() {
# Here is hack #1 to make that happen - hard-code the configure script with the full path to gfortran:
sed -i -e "s:^FC=.*:FC=${WORKDIR}/objdir/gcc/gfortran:" ${WORKDIR}/gcc-${PV}/libgfortran/configure || die libgfortran prep
+
+ if use hardened; then
+ local gcc_hard_flags="-DEFAULT_RELRO -DEFAULT_BIND_NOW -DEFAULT_PIE_SSP"
+ sed -i -e "/^HARD_CFLAGS = /s|=|= ${gcc_hard_flags} |" "${S}"/gcc/Makefile.in || die
+ einfo "Applying PIE patches..."
+ epatch "${WORKDIR}"/piepatch/
+ fi
}
src_configure() {
+
# Determine language support:
local confgcc
local GCC_LANG="c"
@@ -129,9 +216,13 @@ src_configure() {
use ada && GCC_LANG+=",ada"
confgcc+=" $(use_enable openmp libgomp)"
confgcc+=" --enable-languages=${GCC_LANG} --disable-libgcj"
+ confgcc+=" $(use_enable hardened esp)"
use libssp || export gcc_cv_libc_provides_ssp=yes
+ local branding="Funtoo"
+ use hardened && branding="$branding Hardened, pie=${PIE_VER}"
+
cd ${WORKDIR}/objdir && ../gcc-${PV}/configure \
$(use_enable libssp) \
$(use_enable multilib) \
@@ -154,7 +245,7 @@ src_configure() {
--enable-secureplt \
--disable-lto \
--with-bugurl=http://bugs.funtoo.org \
- --with-pkgversion="Funtoo ${PVR}" \
+ --with-pkgversion="$branding ${PVR}" \
--with-mpfr-include=${S}/mpfr/src \
--with-mpfr-lib=${WORKDIR}/objdir/mpfr/src/.libs \
$confgcc \
@@ -181,12 +272,19 @@ create_gcc_env_entry() {
dodir /etc/env.d/gcc
local gcc_envd_base="/etc/env.d/gcc/${CTARGET}-${GCC_CONFIG_VER}"
local gcc_envd_file="${D}${gcc_envd_base}"
+ if [ -z $1 ]; then
+ gcc_specs_file=""
+ else
+ gcc_envd_file="$gcc_envd_file-$1"
+ gcc_specs_file="${LIBPATH}/$1.specs"
+ fi
cat <<-EOF > ${gcc_envd_file}
GCC_PATH="${BINPATH}"
LDPATH="${LIBPATH}:${LIBPATH}/32"
MANPATH="${DATAPATH}/man"
INFOPATH="${DATAPATH}/info"
STDCXX_INCDIR="${STDCXX_INCDIR##*/}"
+ GCC_SPECS="${gcc_specs_file}"
EOF
}
@@ -271,6 +369,15 @@ src_install() {
dodir /etc/env.d/gcc
create_gcc_env_entry
+ if use hardened; then
+ create_gcc_env_entry hardenednopiessp
+ create_gcc_env_entry hardenednopie
+ create_gcc_env_entry hardenednossp
+ create_gcc_env_entry vanilla
+ insinto ${LIBPATH}
+ doins "${WORKDIR}"/specs/*.specs
+ fi
+
# CLEANUPS:
# Punt some tools which are really only useful while building gcc

0 comments on commit 0f69459

Please sign in to comment.