On 02/24/2018 06:32 PM, Jerry James wrote:
On Sat, Feb 24, 2018 at 10:24 AM, Florian Weimer <fweimer@xxxxxxxxxx> wrote:
We currently inject “-z now” hidden behind a -specs= option for the gcc
compiler driver. libtool drops this -specs= option from the linker command
line, but it preserves -Wl,-z,relro, so I'm trying whether listing
-Wl,-z,now directly improves the linker flag injection here.
I'm doing this in two stages and will remove -z now from the GCC specs file
only after I have rebuilt a couple of extension builders (python2, python3,
ruby), so that we do not lose -z now due to the non-synchronized switchover
between the hard-coded command line (in the extension builder) and the GCC
specs file contents (from redhat-rpm-config).
This will happen both in rawhide and Fedora 28.
Are you also implementing a way to disable it, as Philip Kovacs asked
for yesterday?
It's still for hardened builds only. Sorry, I should have mentioned
that. It's next to -specs=…/redhat-hardened-ld, not next to -Wl,-z,relro.
I also maintain some packages that use plugins, and
are broken by -z now. If you would like to look at any of them to see
what might be done, these are the packages that currently use
%undefine _hardened_build to work around the issue:
That should just work as before. Feel free to do a (scratch) build in
rawhide to verify.
Thanks,
Florian
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
