[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#812834: marked as done (gcc-5: Please add support for hardened1-linux-amd64)

Your message dated Wed, 23 Jan 2019 10:00:21 +0000
with message-id <E1gmFKX-000B2o-7A@fasolo.debian.org>
and subject line Bug#920166: Removed package(s) from unstable
has caused the Debian Bug report #812834,
regarding gcc-5: Please add support for hardened1-linux-amd64
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
812834: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812834
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: gcc-5
Version: 5.3.1-7
Severity: wishlist
Tags: patch
User: balint@balintreczey.hu
Usertags: hardened1-linux-amd64

Dear GCC Maintainers,

I have successfully bootstrapped the hardened1-linux-amd64 [1]
port using a set of patches [2].
I'm working towards making the port ready for being accepted to
Debian and the attached patches are adding the port support to
GCC.

The first patch allows cross building GCC to a port enabling PIE
by default from a host witout PIE by default.
It may be useful on its own.

Dpkg support for the port is being discussed in #812782.

Accepting this patch would make (re-)bootstrapping the new
port easier.

Thank you in advance,
Balint

[1] http://balintreczey.hu/blog/proposing-amd64-hardened-architecture-for-debian/
[2] https://anonscm.debian.org/cgit/users/rbalint/rebootstrap.git/


>From f1d664b0ae440163d85f85ab6f014ad6d7daab4c Mon Sep 17 00:00:00 2001
From: Balint Reczey <balint@balintreczey.hu>
Date: Mon, 25 Jan 2016 17:56:30 +0100
Subject: [PATCH 1/3] Re-enable -fPIC when -fno-PIE is used in bootstrapping

---
 debian/patches/gcc-configure-pie.diff | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/patches/gcc-configure-pie.diff b/debian/patches/gcc-configure-pie.diff
index 7abe92a..f58ccf3 100644
--- a/debian/patches/gcc-configure-pie.diff
+++ b/debian/patches/gcc-configure-pie.diff
@@ -381,7 +381,7 @@ Index: b/src/gcc/Makefile.in
  	echo INHIBIT_LIBC_CFLAGS = '$(INHIBIT_LIBC_CFLAGS)' >> tmp-libgcc.mvars
  	echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
 +	if test @enable_default_pie@ = yes; then \
-+	  NO_PIE_CFLAGS="-fno-PIE"; \
++	  NO_PIE_CFLAGS="-fno-PIE -fPIC"; \
 +	else \
 +	  NO_PIE_CFLAGS=; \
 +	fi; \
-- 
2.1.4


>From 568bc9d19bdf9dbe505e7904fdc2ddd22ba9e767 Mon Sep 17 00:00:00 2001
From: Balint Reczey <balint@balintreczey.hu>
Date: Mon, 25 Jan 2016 19:23:23 +0100
Subject: [PATCH 2/3] Add support for hardened1-linux-amd64 architecture

---
 debian/libasan2.symbols |  4 ++--
 debian/rules.defs       | 37 ++++++++++++++++++++++---------------
 debian/rules2           |  2 +-
 3 files changed, 25 insertions(+), 18 deletions(-)

diff --git a/debian/libasan2.symbols b/debian/libasan2.symbols
index fa170da..23a06a7 100644
--- a/debian/libasan2.symbols
+++ b/debian/libasan2.symbols
@@ -1,7 +1,7 @@
 libasan.so.2 libasan2 #MINVER#
 #include "libasan.symbols.common"
-(arch=!arm64 !alpha !amd64 !ia64 !ppc64 !ppc64el !s390x !sparc64 !kfreebsd-amd64)#include "libasan.symbols.32"
-(arch=arm64 alpha amd64 ia64 ppc64 ppc64el s390x sparc64 kfreebsd-amd64)#include "libasan.symbols.64"
+(arch=!arm64 !alpha !amd64 !ia64 !ppc64 !ppc64el !s390x !sparc64 !kfreebsd-amd64 !hardened1-linux-amd64)#include "libasan.symbols.32"
+(arch=arm64 alpha amd64 ia64 ppc64 ppc64el s390x sparc64 kfreebsd-amd64 hardened1-linux-amd64)#include "libasan.symbols.64"
 (arch=armel armhf sparc64 x32)#include "libasan.symbols.16"
 # these are missing on some archs ...
  (arch=!arm64 !armel !armhf !powerpc !ppc64 !ppc64el !sparc !sparc64)__interceptor_ptrace@Base 4.9
diff --git a/debian/rules.defs b/debian/rules.defs
index a108f12..6d775f1 100644
--- a/debian/rules.defs
+++ b/debian/rules.defs
@@ -418,7 +418,7 @@ multiarch_xarch_map = \
 	amd64=i386-linux-gnu,x86_64-linux-gnux32 \
 	armel=arm-linux-gnueabi \
 	armhf=arm-linux-gnueabihf \
-	i386=x86_64-linux-gnu,x86_64-linux-gnux32 \
+	i386=x86_64-linux-gnu,x86_64-linux-gnux32,x86_64-linux-gnuhardened1 \
 	powerpc=powerpc64-linux-gnu \
 	ppc64=powerpc-linux-gnu \
 	sparc=sparc64-linux-gnu \
@@ -431,8 +431,9 @@ multiarch_xarch_map = \
 	mipsn32el=mipsel-linux-gnu,mips64el-linux-gnuabi64 \
 	mips64=mips-linux-gnu,mips64-linux-gnuabin32 \
 	mips64el=mipsel-linux-gnu,mips64el-linux-gnuabin32 \
-	x32=x86_64-linux-gnu,i386-linux-gnu \
-	kfreebsd-amd64=i386-kfreebsd-gnu
+	x32=x86_64-linux-gnu,i386-linux-gnu, x86_64-linux-gnuhardened1 \
+	kfreebsd-amd64=i386-kfreebsd-gnu \
+	hardened1-linux-amd64=i386-linux-gnu,x86_64-linux-gnux32
 xarch_multiarch_names = $(subst $(COMMA),$(SPACE),$(patsubst $(DEB_TARGET_ARCH)=%,%, \
 		$(filter $(DEB_TARGET_ARCH)=%,$(multiarch_xarch_map))))
 
@@ -464,7 +465,8 @@ multilib_multiarch_map = \
 	mips64el/n32=mips64el-linux-gnuabin32 \
 	x32/32=i386-linux-gnu \
 	x32/64=x86_64-linux-gnu \
-	kfreebsd-amd64/32=i386-kfreebsd-gnu
+	kfreebsd-amd64/32=i386-kfreebsd-gnu \
+	hardened1-linux-amd64/32=i386-linux-gnu
 # $(call mlib_to_march,<empty>|32|64|n32|x32|hf|sf)
 mlib_to_march = $(patsubst $(DEB_TARGET_ARCH)/$(1)=%,%, \
 		   $(filter $(DEB_TARGET_ARCH)/$(1)=%,$(multilib_multiarch_map)))
@@ -927,7 +929,7 @@ ifeq ($(with_d)-$(with_separate_gdc),yes-yes)
 endif
 
 ifeq ($(with_d),yes)
-  libphobos_archs = amd64 armel armhf i386 x32 kfreebsd-amd64 kfreebsd-i386
+  libphobos_archs = amd64 hardened1-linux-amd64 armel armhf i386 x32 kfreebsd-amd64 kfreebsd-i386
   ifneq (,$(filter $(DEB_TARGET_ARCH), $(libphobos_archs)))
     with_libphobos := yes
   endif
@@ -1106,7 +1108,7 @@ ifneq (,$(filter $(DEB_TARGET_ARCH),$(gomp_no_archs)))
 endif
 
 # itm --------------------
-itm_archs = amd64 arm64 i386 x32 ppc64 ppc64el
+itm_archs = amd64 hardened1-linux-amd64 arm64 i386 x32 ppc64 ppc64el
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(itm_archs)))
   with_itm := yes
 endif
@@ -1129,7 +1131,7 @@ endif
 # asan / sanitizer --------------------
 with_asan :=
 with_asan := $(call envfilt, asan, , , $(with_asan))
-asan_archs = amd64 armel armhf arm64 i386 powerpc ppc64 ppc64el x32 sparc sparc64
+asan_archs = amd64 hardened1-linux-amd64 armel armhf arm64 i386 powerpc ppc64 ppc64el x32 sparc sparc64
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(asan_archs)))
   with_asan := yes
 endif
@@ -1137,7 +1139,7 @@ endif
 # lsan / sanitizer --------------------
 with_lsan :=
 with_lsan := $(call envfilt, lsan, , , $(with_lsan))
-lsan_archs = amd64
+lsan_archs = amd64 hardened1-linux-amd64
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(lsan_archs)))
   with_lsan := yes
 endif
@@ -1145,7 +1147,7 @@ endif
 # tsan / sanitizer --------------------
 with_tsan :=
 with_tsan := $(call envfilt, tsan, , , $(with_tsan))
-tsan_archs = amd64
+tsan_archs = amd64 hardened1-linux-amd64
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(tsan_archs)))
   with_tsan := yes
 endif
@@ -1155,7 +1157,7 @@ endif # with_cdev
 # ubsan / sanitizer --------------------
 with_ubsan :=
 with_ubsan := $(call envfilt, ubsan, , , $(with_ubsan))
-ubsan_archs = amd64 armel armhf arm64 i386 powerpc ppc64 ppc64el x32 sparc sparc64
+ubsan_archs = amd64 hardened1-linux-amd64 armel armhf arm64 i386 powerpc ppc64 ppc64el x32 sparc sparc64
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(ubsan_archs)))
   with_ubsan := yes
 endif
@@ -1163,7 +1165,7 @@ endif
 # libvtv --------------------
 with_vtv :=
 with_vtv := $(call envfilt, vtv, , , $(with_vtv))
-vtv_archs = amd64 i386 x32
+vtv_archs = amd64 hardened1-linux-amd64 i386 x32
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(vtv_archs)))
   with_vtv := yes
   with_libvtv := yes
@@ -1175,7 +1177,7 @@ with_libvtv :=
 # libcilkrts --------------------
 with_cilkrts :=
 with_cilkrts := $(call envfilt, cilkrts, , , $(with_cilkrts))
-cilkrts_archs = amd64 i386 x32
+cilkrts_archs = amd64 hardened1-linux-amd64 i386 x32
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(cilkrts_archs)))
   with_cilkrts := yes
 endif
@@ -1183,7 +1185,7 @@ endif
 # libmpx --------------------
 with_mpx :=
 with_mpx := $(call envfilt, mpx, , , $(with_mpx))
-mpx_archs = amd64 i386
+mpx_archs = amd64 hardened1-linux-amd64 i386
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(mpx_archs)))
   # requires newer binutils, or else libmpxwrappers isn't built
   ifeq (,$(filter $(distrelease),squeeze lucid precise))
@@ -1207,7 +1209,7 @@ endif
 
 # gold --------------------
 # armel with binutils 2.20.51 only
-gold_archs = amd64 armel armhf i386 powerpc powerpcspe ppc64 ppc64el sparc sparc64 x32 hurd-i386
+gold_archs = amd64 hardened1-linux-amd64 armel armhf i386 powerpc powerpcspe ppc64 ppc64el sparc sparc64 x32 hurd-i386
 ifneq (,$(filter $(DEB_TARGET_ARCH),$(gold_archs)))
   with_gold := yes
 endif
@@ -1346,6 +1348,11 @@ else
     #with_lib32gmath := yes
     #with_libgmathdev := yes
   endif
+  ifeq ($(DEB_TARGET_ARCH),hardened1-linux-amd64)
+    #with_libgccmath := yes
+    #with_lib32gmath := yes
+    #with_libgmathdev := yes
+  endif
 
   # hppa64 build ----------------
   hppa64_no_snap := no
@@ -1593,7 +1600,7 @@ define gen_biarch
     export TARGET64_MACHINE
   endif
 endef
-biarch32archs := /amd64/ppc64/kfreebsd-amd64/s390x/sparc64/x32/mipsn32/mipsn32el/mips64/mips64el/
+biarch32archs := /amd64/hardened1-linux-amd64/ppc64/kfreebsd-amd64/s390x/sparc64/x32/mipsn32/mipsn32el/mips64/mips64el/
 biarch64archs := /i386/powerpc/sparc/s390/mips/mipsel/mipsn32/mipsn32el/x32/
 biarchn32archs := /mips/mipsel/mips64/mips64el/
 ifeq ($(derivative),Ubuntu)
diff --git a/debian/rules2 b/debian/rules2
index 52c6b31..c8bf542 100644
--- a/debian/rules2
+++ b/debian/rules2
@@ -397,7 +397,7 @@ ifneq (,$(filter $(DEB_TARGET_GNU_TYPE), i486-linux-gnu i586-linux-gnu i686-linu
     endif
 endif
 
-ifneq (,$(filter $(DEB_TARGET_GNU_TYPE), x86_64-linux-gnu x86_64-linux-gnux32 x86_64-kfreebsd-gnu s390x-linux-gnu sparc64-linux-gnu))
+ifneq (,$(filter $(DEB_TARGET_GNU_TYPE), x86_64-linux-gnu x86_64-linux-gnuhardened1 x86_64-linux-gnux32 x86_64-kfreebsd-gnu s390x-linux-gnu sparc64-linux-gnu))
     ifneq ($(biarch32),yes)
       CONFARGS += --disable-multilib
     endif
-- 
2.1.4


>From edbe56950ee7c8830ca22dcd8bd122a839d27c52 Mon Sep 17 00:00:00 2001
From: Balint Reczey <balint@balintreczey.hu>
Date: Mon, 25 Jan 2016 19:38:30 +0100
Subject: [PATCH 3/3] Set multiarch and multilib dirs for hardened1-linux-amd64

---
 .../patches/gcc-multilib-multiarch-hardened1.diff  | 22 ++++++++++++++++++++++
 debian/rules.patch                                 |  3 +++
 2 files changed, 25 insertions(+)
 create mode 100644 debian/patches/gcc-multilib-multiarch-hardened1.diff

diff --git a/debian/patches/gcc-multilib-multiarch-hardened1.diff b/debian/patches/gcc-multilib-multiarch-hardened1.diff
new file mode 100644
index 0000000..2db549f
--- /dev/null
+++ b/debian/patches/gcc-multilib-multiarch-hardened1.diff
@@ -0,0 +1,22 @@
+diff --git a/src/gcc/config/i386/t-linux64 b/src/gcc/config/i386/t-linux64
+index 04d001c..7d34500 100644
+--- a/src/gcc/config/i386/t-linux64
++++ b/src/gcc/config/i386/t-linux64
+@@ -38,7 +38,7 @@ MULTILIB_OSDIRNAMES = m64=../lib64$(call if_multiarch,:x86_64-linux-gnu)
+ MULTILIB_OSDIRNAMES+= m32=../lib32$(call if_multiarch,:i386-linux-gnu)
+ MULTILIB_OSDIRNAMES+= mx32=../lib$(call if_multiarch,:x86_64-linux-gnux32)
+ else ifneq (,$(findstring x86_64,$(target)))
+-MULTILIB_OSDIRNAMES = m64=../lib$(call if_multiarch,:x86_64-linux-gnu)
++MULTILIB_OSDIRNAMES = m64=../lib$(call if_multiarch,:x86_64-linux-gnuhardened1)
+ MULTILIB_OSDIRNAMES+= m32=../lib32$(call if_multiarch,:i386-linux-gnu)
+ MULTILIB_OSDIRNAMES+= mx32=../libx32$(call if_multiarch,:x86_64-linux-gnux32)
+ else
+@@ -51,7 +51,7 @@ ifneq (,$(findstring x86_64,$(target)))
+   ifneq (,$(findstring biarchx32.h,$(tm_include_list)))
+   MULTIARCH_DIRNAME = $(call if_multiarch,x86_64-linux-gnux32)
+   else
+-  MULTIARCH_DIRNAME = $(call if_multiarch,x86_64-linux-gnu)
++  MULTIARCH_DIRNAME = $(call if_multiarch,x86_64-linux-gnuhardened1)
+   endif
+ else
+   MULTIARCH_DIRNAME = $(call if_multiarch,i386-linux-gnu)
diff --git a/debian/rules.patch b/debian/rules.patch
index 005a964..7294940 100644
--- a/debian/rules.patch
+++ b/debian/rules.patch
@@ -312,6 +312,9 @@ ifneq (,$(filter $(build_type), build-cross cross-build-cross))
   endif
 endif
 debian_patches += gcc-multilib-multiarch
+ifeq ($(DEB_TARGET_ARCH),hardened1-linux-amd64)
+  debian_patches += gcc-multilib-multiarch-hardened1
+endif
 
 ifneq (,$(filter $(derivative),Ubuntu))
   ifeq (,$(filter $(distrelease),dapper hardy intrepid jaunty karmic lucid maverick))
-- 
2.1.4

--- End Message ---
--- Begin Message --- 
Version: 5.5.0-12+rm

Dear submitter,

as the package gcc-5 has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/920166

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)

--- End Message ---
Reply to: