From owner-freebsd-ports@FreeBSD.ORG Wed Jun 2 19:20:04 2010 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DF98B1065675 for ; Wed, 2 Jun 2010 19:20:04 +0000 (UTC) (envelope-from amdmi3@amdmi3.ru) Received: from smtp.timeweb.ru (smtp.timeweb.ru [92.53.116.15]) by mx1.freebsd.org (Postfix) with ESMTP id 964968FC19 for ; Wed, 2 Jun 2010 19:20:04 +0000 (UTC) Received: from [213.148.20.85] (helo=hive.panopticon) by smtp.timeweb.ru with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.71) (envelope-from ) id 1OJtTt-0003Sr-5g; Wed, 02 Jun 2010 23:20:01 +0400 Received: from hades.panopticon (hades.panopticon [192.168.0.32]) by hive.panopticon (Postfix) with ESMTP id B3036B84D; Wed, 2 Jun 2010 23:20:00 +0400 (MSD) Received: by hades.panopticon (Postfix, from userid 1000) id AD7D3B84B; Wed, 2 Jun 2010 23:20:00 +0400 (MSD) Date: Wed, 2 Jun 2010 23:20:00 +0400 From: Dmitry Marakasov To: Janne Snabb Message-ID: <20100602192000.GE21354@hades.panopticon> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-ports@freebsd.org Subject: Re: Building ports with stack-protector X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2010 19:20:05 -0000 * Janne Snabb (snabb@epipe.com) wrote: > Based on these variables the port infrastructure would decide whether > to add "-fstack-protector" to CFLAGS or not: > > Port Makefile > USE_STACK_PROTECTOR > yes undef no > In /etc/make.conf: +-------------------- > WITH_STACK_PROTECTOR yes | yes yes no > undef | yes no no > no | no no no I'd perfer variables to be named and to work similarily to existing MAKE_JOBS framework. There should be a way to force stack-protector to be able to check which ports can be build with it with a exp-run, and for courageous users who may want to enable stack-protector by default and are not afraid to send PRs if something fails. Also, AFAIR there was certain performance penalty with stack-protector, no? Judging on how noticeable it is (are any linux distros using it by default? If yes, may look through phoronix comparisons), I'd make it enabled or disabled by default. It may be implemented by mere copypasting MAKE_JOBS implementation, like this: http://people.freebsd.org/~amdmi3/stack-protector.patch (not tested and lacks variable descriptions at the top of the file). As you can see, there're condition lines for both enabled-by-default, and disabled-by-default, and I think the latter can be added to port.mk right now with a possible switch to the former later, if we find it useful enough. Also note, that unlike MAKE_JOBS (for which build failures are non-deterministic), this can probably be tested with a single exp-run and all ports marked with STACK_PROTECTOR_{UN,}SAFE. If that's considered useful enough as well. -- Dmitry Marakasov . 55B5 0596 FF1E 8D84 5F56 9510 D35A 80DD F9D2 F77D amdmi3@amdmi3.ru ..: jabber: amdmi3@jabber.ru http://www.amdmi3.ru