diff options
author | V3n3RiX <venerix@koprulu.sector> | 2023-01-23 12:55:08 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2023-01-23 12:55:08 +0000 |
commit | 47bb4031ea0e98a9423d423f2181c0e3d06f256b (patch) | |
tree | 6a54fb70ac916b8ae725d002ac4a71386c8b6e2f /sys-devel/gcc | |
parent | 9a1d1c6b10a4640cea10e7040ed173cf593f4cab (diff) |
gentoo auto-resync : 23:01:2023 - 12:55:07
Diffstat (limited to 'sys-devel/gcc')
-rw-r--r-- | sys-devel/gcc/Manifest | 2 | ||||
-rw-r--r-- | sys-devel/gcc/metadata.xml | 84 |
2 files changed, 77 insertions, 9 deletions
diff --git a/sys-devel/gcc/Manifest b/sys-devel/gcc/Manifest index 130e29a76ce3..1659daeacee3 100644 --- a/sys-devel/gcc/Manifest +++ b/sys-devel/gcc/Manifest @@ -42,4 +42,4 @@ EBUILD gcc-13.0.1.9999.ebuild 1252 BLAKE2B e8feaecedb676e0ddce69ec0e7fc5e944d8df EBUILD gcc-13.0.1_pre20230122.ebuild 1286 BLAKE2B 613958f9d883c696a477fe6d25782dfc6ae9c37af2169c370912eed43e7f21fd33ac2b5640b5cac0cf5ec964efca42ef3d0d1d36c3a372296f45e88c79a51bf5 SHA512 c7e0a73749cc56c95d60d8ed9326cb48d968e1ecb0905b3af6c0024d75e0ee8cbefc5c5ab2fbae6aac32348c51d41cfcaf470180b05243e3a55dd0c46f58f0ab EBUILD gcc-8.5.0-r1.ebuild 473 BLAKE2B 40d3b651d0aed62ceb1df973f1f7e2b6ce419df22da63e49d335fcd0bf7b349d1e7be40dc16e80fe143222d48ac6139d35bf47558d83c30aab4b25dba6fcf6cb SHA512 b88761a3495a1eab0de5321c9230c77cd621ae545d3be49a13273cfcd8e94cc21dbb062bfdebb64dc5bfe1ddd600ee8fb60df6fd7709a7be90915b7e99a8db29 EBUILD gcc-9.5.0.ebuild 844 BLAKE2B 7bee440ddb624d5489ebaa9be899c530bdf7d9563453a9abf45e60d1f3ed66a78535cb9227e66e93524071fbca447786e2133ea316b5b2b55366e2599c587be6 SHA512 4b578a481eb06ff5b445bbd81cf18d4d63ec2d65230e33f95377f270b391bde02c2083a1b46b43838bd115be7d75c3957258f72fb5e7d89ba79185d08195b9ec -MISC metadata.xml 2675 BLAKE2B 71118d3d0fa3110e555c735d0e98a7790fd70b47fce637ef5e550b7e2e9eff24b008f758dcd2af5503113a44639461ad33ac7004b64fdb30d2ba1014a031d586 SHA512 0e5724c9e90e53859992ab17f4fa202d027f620015c15c1560fb2069d6c75b1ee9405358308e6df0aa5f0da21aded5fb74e79ba18ed803a39fbb3922f6664505 +MISC metadata.xml 4885 BLAKE2B 2029ff68e73fa6d97abb5d03df8efbfd03b2145ad6ced9ca7a048d48d16e5f50e12448b9d0343f8d22262dccdf4c7c4fb2554b1894a13eddc502924f9ad70220 SHA512 9c22fba4bcdb7ac3f1e8a6a36903e940f9b53c284b446e240cf3bf51590efe8af0b9219688693dad233bf8593dd306b85af9c18fb9ef253a8e3413e3b926fd9e diff --git a/sys-devel/gcc/metadata.xml b/sys-devel/gcc/metadata.xml index 4d9f63a02b27..d1c5c038131d 100644 --- a/sys-devel/gcc/metadata.xml +++ b/sys-devel/gcc/metadata.xml @@ -7,29 +7,97 @@ </maintainer> <use> <flag name="ada">Build the ADA language (GNAT) frontend</flag> - <flag name="cet" restrict=">=sys-devel/gcc-10">Enable support for Intel Control Flow Enforcement Technology (CET)</flag> + <flag name="cet" restrict=">=sys-devel/gcc-10"> + Enable support for Intel Control Flow Enforcement Technology (CET). + + Only effective on amd64/x86. + + Only provides benefits on newer CPUs. For Intel, the CPU + must be at least as new as Tiger Lake. For AMD, it must be + at least as new as Zen 3. This is harmless on older CPUs, + but provides no benefit either. + + When combined with USE=hardened, GCC will set -fcf-protection + by default when building software. The effect is minimal + on systems which do not support it, other than a possible + small increase in codesize for the NOPs. The generated + code is therefore compatible with i686 at the earliest. + </flag> <flag name="d">Enable support for the D programming language</flag> - <flag name="default-stack-clash-protection">Build packages with stack clash protection on by default</flag> - <flag name="default-znow">Request full relocation on start from ld.so by default</flag> + <flag name="default-stack-clash-protection"> + Build packages with stack clash protection on by default as + a hardening measure. + + This enables -fstack-clash-protection by default which protects against + large memory allocations allowing stack smashing. + + May cause slightly increased codesize, but modern compilers + have been adapted to optimize well for this case, as + this mitigation is now quite common. + + See https://developers.redhat.com/blog/2020/05/22/stack-clash-mitigation-in-gcc-part-3 + and https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt. + </flag> + <flag name="default-znow"> + Request full relocation on start from ld.so by default. + + This sets the -z,now (BIND_NOW) flag by default on all linker invocations. By + resolving all dynamic symbols at application startup, parts of the program + can be made read-only as a hardening measure. + + This is closely related to RELRO which is also separately + enabled by default. + + In some applications with many unresolved symbols (heavily plugin based, + for example), startup time may be impacted. + </flag> <flag name="fixed-point">Enable fixed-point arithmetic support for MIPS targets in gcc (Warning: significantly increases compile time!)</flag> <flag name="go">Build the GCC Go language frontend.</flag> <flag name="graphite">Add support for the framework for loop optimizations based on a polyhedral intermediate representation</flag> <flag name="ieee-long-double">Use accelerated 128-bit IEEE long double ABI (ppc64le only)</flag> <flag name="jit">Enable libgccjit so other applications can embed gcc for Just-In-Time compilation.</flag> <flag name="libssp">Build SSP support into a dedicated library rather than use the code in the C library (DO NOT ENABLE THIS IF YOU DON'T KNOW WHAT IT DOES)</flag> - <flag name="lto">Build using Link Time Optimizations (LTO)</flag> + <flag name="lto"> + Build using Link Time Optimizations (LTO). + + Note that GCC is always built with support for building + other programs with LTO. This USE flag is for whether + GCC itself is built and optimized with LTO. + </flag> <flag name="mpx">Enable support for Intel Memory Protection Extensions (MPX)</flag> <flag name="nptl">Enable support for Native POSIX Threads Library, the new threading module (requires linux-2.6 or better usually)</flag> <flag name="objc">Build support for the Objective C code language</flag> <flag name="objc++">Build support for the Objective C++ language</flag> <flag name="objc-gc">Build support for the Objective C code language Garbage Collector</flag> - <flag name="pgo">Build GCC using Profile Guided Optimization (PGO)</flag> + <flag name="pgo"> + Build GCC using Profile Guided Optimization (PGO). + + GCC will build itself and then analyze the just-built + binary and then rebuild itself using the data obtained + from analysis of codepaths taken. + + It does not affect whether GCC itself supports PGO + when building other software. + + This substantially increases the build time needed for + building GCC itself. + </flag> <flag name="rust">Build support for the Rust language, installs gccrs.</flag> - <flag name="sanitize">Build support for various sanitizer functions (ASAN/TSAN/etc...)</flag> - <flag name="ssp">Build packages with stack smashing protector on by default</flag> + <flag name="sanitize"> + Build support for various sanitizer functions (ASAN/TSAN/etc...) + to find runtime problems in applications. + </flag> + <flag name="ssp">Build packages with stack smashing protection on by default</flag> <flag name="systemtap">enable systemtap static probe points</flag> <flag name="valgrind">Enable valgrind annotations for gcc internals (useful for gcc debugging).</flag> - <flag name="vtv">Build support for virtual table verification (a C++ hardening feature)</flag> + <flag name="vtv"> + Build support for virtual table verification (a C++ hardening feature). + + This does not control whether GCC defaults to using VTV> + + Note that actually using VTV breaks ABI and hence the whole + system must be built with -fvtable-verify. + </flag> </use> <upstream> <remote-id type="cpe">cpe:/a:gnu:gcc</remote-id> |