diff options
Diffstat (limited to 'eclass')
-rw-r--r-- | eclass/Manifest.gz | bin | 39029 -> 39020 bytes | |||
-rw-r--r-- | eclass/fcaps.eclass | 35 | ||||
-rw-r--r-- | eclass/llvm.org.eclass | 3 | ||||
-rw-r--r-- | eclass/toolchain.eclass | 16 |
4 files changed, 36 insertions, 18 deletions
diff --git a/eclass/Manifest.gz b/eclass/Manifest.gz Binary files differindex d1dc7f0e9579..387bc0b27c17 100644 --- a/eclass/Manifest.gz +++ b/eclass/Manifest.gz diff --git a/eclass/fcaps.eclass b/eclass/fcaps.eclass index 477e1e954ab8..5cb781a7a75d 100644 --- a/eclass/fcaps.eclass +++ b/eclass/fcaps.eclass @@ -1,4 +1,4 @@ -# Copyright 1999-2023 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 # @ECLASS: fcaps.eclass @@ -66,6 +66,12 @@ esac # # Note: If you override pkg_postinst, you must call fcaps_pkg_postinst yourself. +# @ECLASS_VARIABLE: FCAPS_DENY_WORLD_READ +# @USER_VARIABLE +# @DEFAULT_UNSET +# @DESCRIPTION: +# When set, deny read access on files updated by the fcaps function. + # @FUNCTION: fcaps # @USAGE: [-o <owner>] [-g <group>] [-m <mode>] [-M <caps mode>] <capabilities> <file[s]> # @DESCRIPTION: @@ -96,8 +102,13 @@ fcaps() { # Process the user options first. local owner='0' local group='0' - local mode='4711' - local caps_mode='711' + local mode=u+s + local caps_mode= + + if [[ -n ${FCAPS_DENY_WORLD_READ} ]]; then + mode=u+s,go-r + caps_mode=go-r + fi while [[ $# -gt 0 ]] ; do case $1 in @@ -137,9 +148,10 @@ fcaps() { # fs doesn't support it, but abort on all others. debug-print "${FUNCNAME}: setting caps '${caps}' on '${file}'" - # If everything goes well, we don't want the file to be readable - # by people. - chmod ${caps_mode} "${file}" || die + # Remove the read bits if requested. + if [[ -n ${caps_mode} ]]; then + chmod ${caps_mode} "${file}" || die + fi if ! out=$(LC_ALL=C setcap "${caps}" "${file}" 2>&1) ; then case ${out} in @@ -170,9 +182,14 @@ fcaps() { fi # If we're still here, setcaps failed. - debug-print "${FUNCNAME}: setting owner/mode on '${file}'" - chown "${owner}:${group}" "${file}" || die - chmod ${mode} "${file}" || die + if [[ -n ${owner} || -n ${group} ]]; then + debug-print "${FUNCNAME}: setting owner on '${file}'" + chown "${owner}:${group}" "${file}" || die + fi + if [[ -n ${mode} ]]; then + debug-print "${FUNCNAME}: setting mode on '${file}'" + chmod ${mode} "${file}" || die + fi done } diff --git a/eclass/llvm.org.eclass b/eclass/llvm.org.eclass index 22cbeb6c0fc6..e332e6d1804c 100644 --- a/eclass/llvm.org.eclass +++ b/eclass/llvm.org.eclass @@ -72,6 +72,9 @@ if [[ -z ${_LLVM_SOURCE_TYPE+1} ]]; then _LLVM_SOURCE_TYPE=snapshot case ${PV} in + 20.0.0_pre20241118) + EGIT_COMMIT=a6385a3fc8a88f092d07672210a1e773481c2919 + ;; 20.0.0_pre20241113) EGIT_COMMIT=c7df10643bda4acdc9a02406a2eee8aa4ced747f ;; diff --git a/eclass/toolchain.eclass b/eclass/toolchain.eclass index 8fe3cde2a69f..f131da7dbd68 100644 --- a/eclass/toolchain.eclass +++ b/eclass/toolchain.eclass @@ -1185,11 +1185,13 @@ toolchain_src_configure() { if grep -q "experimental" gcc/DEV-PHASE ; then # Tell users about the non-obvious behavior here so they don't think # e.g. the next GCC release is super slow to compile things. - ewarn "Unreleased GCCs default to extra runtime checks even with USE=-debug," - ewarn "matching upstream default behavior. We recommend keeping these enabled." - ewarn "The checks (sometimes substantially) increase build time but provide important protection" - ewarn "from potential miscompilations (wrong code) by turning them into build-time errors." - ewarn "To override (not recommended), set: GCC_CHECKS_LIST=\"release\"." + if ! use debug ; then + ewarn "Unreleased GCCs default to extra runtime checks even with USE=-debug," + ewarn "matching upstream default behavior. We recommend keeping these enabled." + ewarn "The checks (sometimes substantially) increase build time but provide important protection" + ewarn "from potential miscompilations (wrong code) by turning them into build-time errors." + ewarn "To override (not recommended), set: GCC_CHECKS_LIST=\"release\"." + fi # - USE=debug for pre-releases: yes,extra,rtl (stornger than USE=debug for releases) # - USE=-debug for pre-releases: yes,extra (following upstream default) @@ -2268,10 +2270,6 @@ toolchain_src_test() { GCC_TESTS_CFLAGS+=" -fno-stack-clash-protection" GCC_TESTS_CXXFLAGS+=" -fno-stack-clash-protection" - # configure defaults to '-O2 -g' and some tests expect it - # accordingly. - GCC_TESTS_CFLAGS+=" -g" - # TODO: Does this handle s390 (-m31) correctly? # TODO: What if there are multiple ABIs like x32 too? # XXX: Disabled until validate_failures.py can handle 'variants' |