[tor-commits] [tor-browser-build/master] Bug 26165: make it possible to use gcc:var/setup without hardening wrapper
gk at torproject.org
gk at torproject.org
Tue May 29 08:07:07 UTC 2018
commit 2b3a35530ece4f61f86786bc524d18448bc009eb
Author: Nicolas Vigier <boklm at torproject.org>
Date: Tue May 22 18:21:28 2018 +0200
Bug 26165: make it possible to use gcc:var/setup without hardening wrapper
This allows us to use it to setup the gcc host compiler for the Windows
build in projects/firefox/build.
---
projects/firefox/build | 10 ++--------
projects/gcc/config | 36 ++++++++++++++++++++----------------
2 files changed, 22 insertions(+), 24 deletions(-)
diff --git a/projects/firefox/build b/projects/firefox/build
index a7441bd..aa5fd73 100644
--- a/projects/firefox/build
+++ b/projects/firefox/build
@@ -2,16 +2,10 @@
[% c("var/setarch") -%]
[% c("var/set_default_env") -%]
[% IF c("var/windows") -%]
- mkdir -p /var/tmp/dist
- tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/gcc') %]
- hgccdir=/var/tmp/dist/gcc
+ [% pc('gcc', 'var/setup', { compiler_tarfile => c('input_files_by_name/gcc') }) %]
# We need a link to our GCC, otherwise the system cc gets used which points to
# /usr/bin/gcc.
- ln -s gcc $hgccdir/bin/cc
- # Make sure our GCC (as host compiler) get used. We do that before
- # compiler setup so that mingw is first in the PATH.
- export LD_LIBRARY_PATH=$hgccdir/lib64
- export PATH=$hgccdir/bin:$PATH
+ ln -s gcc /var/tmp/dist/gcc/bin/cc
[% END -%]
[% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %]
distdir=/var/tmp/dist/[% project %]
diff --git a/projects/gcc/config b/projects/gcc/config
index 1d74a0a..b13a738 100644
--- a/projects/gcc/config
+++ b/projects/gcc/config
@@ -18,23 +18,25 @@ var:
export LD_LIBRARY_PATH=/var/tmp/dist/gcc/lib64
[% END -%]
- # Config options for hardening-wrapper
- export DEB_BUILD_HARDENING=1
- export DEB_BUILD_HARDENING_STACKPROTECTOR=1
- export DEB_BUILD_HARDENING_FORTIFY=1
- export DEB_BUILD_HARDENING_FORMAT=1
- export DEB_BUILD_HARDENING_PIE=1
+ [% IF c("hardened_gcc") -%]
+ # Config options for hardening-wrapper
+ export DEB_BUILD_HARDENING=1
+ export DEB_BUILD_HARDENING_STACKPROTECTOR=1
+ export DEB_BUILD_HARDENING_FORTIFY=1
+ export DEB_BUILD_HARDENING_FORMAT=1
+ export DEB_BUILD_HARDENING_PIE=1
- # Make sure we use the hardening wrapper
- pushd /var/tmp/dist/gcc/bin
- cp /usr/bin/hardened-cc ./
- mv gcc gcc.real
- mv c++ c++.real
- mv g++ g++.real
- ln -sf hardened-cc gcc
- ln -sf hardened-cc c++
- ln -sf hardened-cc g++
- popd
+ # Make sure we use the hardening wrapper
+ pushd /var/tmp/dist/gcc/bin
+ cp /usr/bin/hardened-cc ./
+ mv gcc gcc.real
+ mv c++ c++.real
+ mv g++ g++.real
+ ln -sf hardened-cc gcc
+ ln -sf hardened-cc c++
+ ln -sf hardened-cc g++
+ popd
+ [% END -%]
targets:
windows:
@@ -43,6 +45,8 @@ targets:
arch_deps:
- libc6-dev
- zlib1g-dev
+ linux:
+ hardened_gcc: 1
linux-i686:
var:
configure_opt: --enable-multilib --enable-languages=c,c++ --with-system-zlib
More information about the tor-commits
mailing list