lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 14 Oct 2022 08:37:52 +0200
From:   Florian Weimer <fweimer@...hat.com>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     "Jason A. Donenfeld" <Jason@...c4.com>,
        Mark Brown <broonie@...nel.org>,
        linux-toolchains@...r.kernel.org,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: gcc 5 & 6 & others already out of date?

* Nick Desaulniers:

> On Thu, Oct 13, 2022 at 11:44 AM Florian Weimer <fweimer@...hat.com> wrote:
>>
>> * Jason A. Donenfeld:
>>
>> > It's also easy, nearly trivial, to download toolchains. Arnd provides a
>> > bunch with his crosstool. "Must use a toolchain from your distro" is a
>> > requirement that affects nobody.
>>
>> But not everything will be built with the cross-compiler.  For the
>> kernel build tools and other userspace components, you'll need a native
>> toolchain that can build programs that can actually run on the build
>> host.
>
> ... when using GCC. We don't have this pain when using clang.
>
> https://docs.kernel.org/kbuild/llvm.html#llvm-utilities
>
> i.e.
> $ make ARCH=arm LLVM=1
>
> will build with one instance of a clang binary (and ld.lld and
> llvm-objcopy etc.) for Target AND Host.  No need for multiple
> toolchain binaries.

I'm sure it's nice if it works.  But someone has to do the distribution
integration work.  If that has already happened upstream, that's great.
(There are many little details which may or may not matter for kernel
builds, e.g., static libraries have to be PIC or PIE because Clang now
defaults to PIE links.)

But it's also sort of irrelevant in the context of this thread.
<https://llvm.org/docs/GettingStarted.html#software> says GCC 7 is
required, and this:

| LLVM is very demanding of the host C++ compiler, and as such tends to
| expose bugs in the compiler. We also attempt to follow improvements
| and developments in the C++ language and library reasonably
| closely. As such, we require a modern host C++ toolchain, both
| compiler and standard library, in order to build LLVM.

So a LLVM build from upstream sources won't be an easy escape hatch if
the kernel bumps toolchain version requirements.

Historically, GCC has been much more conservative when it comes to host
toolchain requirements.  But there are other traps (fixincludes can have
nasty side effects, for example).

I'm not saying the kernel shouldn't change version requirements.  But I
do think it's unreasonable to expect that people will be able to build
their own newer toolchains from upstream sources as a workaround.

Thanks,
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ