[gentoo-commits] repo/gentoo:master commit in: sys-libs/glibc/

Mon, 11 Mar 2024 12:20:28 -0700 

commit:     99fb7418c7de7029635ba480eb53450e423cf953
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Mar 11 19:05:21 2024 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Mar 11 19:20:17 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=99fb7418

sys-libs/glibc: pass -mbranch-protection=none if USE=-cet on arm64

Quoting NEWS:
"""
 [...]
 User code can use PAC-RET
 without libc support, but BTI requires a libc that is built with BTI
 support, otherwise runtime objects linked into user code will not be
 BTI compatible.
"""

This is the same as 0b7eace724b0035856311008c95cc7fe18b8231b but for
newly-introduced-in-Gentoo support for default -mbranch-protection in GCC.

Bug: https://bugs.gentoo.org/916381
Signed-off-by: Sam James <sam <AT> gentoo.org>

 sys-libs/glibc/glibc-2.39-r2.ebuild | 8 ++++++--
 sys-libs/glibc/glibc-9999.ebuild    | 8 ++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/sys-libs/glibc/glibc-2.39-r2.ebuild 
b/sys-libs/glibc/glibc-2.39-r2.ebuild
index b176c2198555..236484af1eeb 100644
--- a/sys-libs/glibc/glibc-2.39-r2.ebuild
+++ b/sys-libs/glibc/glibc-2.39-r2.ebuild
@@ -512,8 +512,12 @@ setup_flags() {
        # should not be a problem, but for glibc it matters as it is
        # dealing with CET in ld.so. So if CET is supposed to be
        # disabled for glibc, be explicit about it.
-       if (use amd64 || use x86) && ! use cet; then
-               append-flags '-fcf-protection=none'
+       if ! use cet; then
+               if use amd64 || use x86; then
+                       append-flags '-fcf-protection=none'
+               elif use arm64; then
+                       append-flags '-mbranch-protection=none'
+               fi
        fi
 }
 

diff --git a/sys-libs/glibc/glibc-9999.ebuild b/sys-libs/glibc/glibc-9999.ebuild
index f82a00f91c2f..5a0caff2e597 100644
--- a/sys-libs/glibc/glibc-9999.ebuild
+++ b/sys-libs/glibc/glibc-9999.ebuild
@@ -512,8 +512,12 @@ setup_flags() {
        # should not be a problem, but for glibc it matters as it is
        # dealing with CET in ld.so. So if CET is supposed to be
        # disabled for glibc, be explicit about it.
-       if (use amd64 || use x86) && ! use cet; then
-               append-flags '-fcf-protection=none'
+       if ! use cet; then
+               if use amd64 || use x86; then
+                       append-flags '-fcf-protection=none'
+               elif use arm64; then
+                       append-flags '-mbranch-protection=none'
+               fi
        fi
 }

Reply via email to