From nobody Wed Oct 26 08:34:45 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4My2DP2h9Gz4gNfH;
	Wed, 26 Oct 2022 08:34:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4My2DP28vXz3grJ;
	Wed, 26 Oct 2022 08:34:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1666773285;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=EpQ5gKmUhArAFnyUQzD5JakXLP97hS5D3v0Fk8C5dQs=;
	b=I1JQ3kZarzxztmGNvFD4ecSJAwRT9XK6gD9yvspMzEyQFMCvxCxQraoD53SzcL75zIqQvo
	HxPn3HlkBM2HpcdUN8pZdHaEfdYr1TJD8WAQqEnJ8IkG+rW3FGntBRJudeN42GINWXJcGy
	Szk8dbyCgqP8+ne1O3me3n5NW3cWFpsUmvYBI8iqczQw6cOIT7p5jRRZ0vnMQ5RER02wb9
	qfsO/LgWy0K0QwfB0hnbdhDBlBbuZXQbt/v69IjzIQXPvZZdrjTfPaCuv6GaEGBsq5AZlS
	HKALRlI5dAgVCoRzvua5jaSTZvlq0Z0a14+5lwnPI0sVoaADxnIL5Azq45jWAg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4My2DP1DCgz19sB;
	Wed, 26 Oct 2022 08:34:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 29Q8Yj6B092606;
	Wed, 26 Oct 2022 08:34:45 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 29Q8YjAJ092605;
	Wed, 26 Oct 2022 08:34:45 GMT
	(envelope-from git)
Date: Wed, 26 Oct 2022 08:34:45 GMT
Message-Id: <202210260834.29Q8YjAJ092605@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Baptiste Daroussin <bapt@FreeBSD.org>
Subject: git: c6e7c894c665 - main - features: Add support to build ports as PIE executables.
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: bapt
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: c6e7c894c6657af42a49dfdffee5de8b8c69e422
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1666773285;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=EpQ5gKmUhArAFnyUQzD5JakXLP97hS5D3v0Fk8C5dQs=;
	b=jvCJf0BaE/Zqmd9ZmAYItNxmBLPTUAl4eMxNFMX9c2w/YRFmumXjCDQGJS+1SDZhjRuwVX
	/JaNdtecfaZeyphuBL4/dUdN8o88x/64ArLXmMlywzek9FgdFNDt7FQnAWkrwwNZdhNo1L
	2eZCeHDhz7idKt2dvk5maUmlSmChpVEasuOVLxpBBiiS1pMqHRhStDe/Bmd39mltV9/155
	apYURnV5dbO5lHwmnWBA2wrNfxkooCGmAtzJ8nvhEyoTjYYt+Qd72N5i0UMpxaxy3UTPFi
	W4VVbav8ULb9jQvwIsyUwXdSeyAA0TGDH4hKwZ1CNHtvQRoUQd//QDgYi3rEdA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1666773285; a=rsa-sha256; cv=none;
	b=UdLeBRKVzSTKXkNlNWthM5juASYQ+OoaO1U3ydBZ8VPIBbwPL+RG0kpQsa6Q00YbXSPevK
	vOsJlyhNJ7V/PI6cu4GeRHtJgXde8o3Ko/+17oLOMsP95TUzjZ+ukgK4lmeyMUBFQtgpBt
	NV0nOgu4rLOOPBdv8Vgxfu1X6naS+9t4T3cBBEtLDZtAKDYTt2GUMAfNgl8wfO5RtfCtT7
	2KTJa708/7h9WB/8riNqcVOnQfELlZ1smBJnSebaH9qVvIwPjFFkBpF52E5yID2BBa2qo9
	Sw+kKsvQxwIn1pZnAdzLmh8Z25s3N5RasGMMU/dSQbeKl89FeJzj9xLzz1XAig==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by bapt:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c6e7c894c6657af42a49dfdffee5de8b8c69e422

commit c6e7c894c6657af42a49dfdffee5de8b8c69e422
Author:     Jatin Kataria <jatinkataria1@gmail.com>
AuthorDate: 2022-10-14 22:27:35 +0000
Commit:     Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2022-10-26 08:22:12 +0000

    features: Add support to build ports as PIE executables.
    
    This will allow utilization of ASLR provided by the kernel.
    
    Sponsored by:   Netflix
---
 Mk/Features/pie.mk | 14 ++++++++++++++
 Mk/Uses/go.mk      |  7 ++++++-
 Mk/bsd.port.mk     |  9 ++++++---
 3 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/Mk/Features/pie.mk b/Mk/Features/pie.mk
new file mode 100644
index 000000000000..73bbe9b24c19
--- /dev/null
+++ b/Mk/Features/pie.mk
@@ -0,0 +1,14 @@
+# PIE Support
+
+.if !defined(_PIE_MK_INCLUDED)
+_PIE_MK_INCLUDED=	yes
+PIE_Include_MAINTAINER=	portmgr@FreeBSD.org
+
+.  if !defined(PIE_UNSAFE)
+PIE_CFLAGS?=	-fPIE -fPIC
+CFLAGS+=	${PIE_CFLAGS}
+CXXFLAGS+=	${PIE_CFLAGS}
+LDFLAGS+=	-pie
+.  endif
+.endif
+
diff --git a/Mk/Uses/go.mk b/Mk/Uses/go.mk
index 9ae32ca267bc..d75c4c2f0fe1 100644
--- a/Mk/Uses/go.mk
+++ b/Mk/Uses/go.mk
@@ -90,7 +90,12 @@ GO_PKGNAME=	${PORTNAME}
 GO_TARGET?=	${GO_PKGNAME}
 GO_TESTTARGET?=	./...
 
-GO_BUILDFLAGS+=	-v -buildmode=exe -trimpath
+.if !defined(PIE_UNSAFE)
+GO_BUILDFLAGS+= -buildmode=pie
+.else
+GO_BUILDFLAGS+= -buildmode=exe
+.endif
+GO_BUILDFLAGS+= -v -trimpath
 .  if !defined(WITH_DEBUG) && empty(GO_BUILDFLAGS:M-ldflags*)
 GO_BUILDFLAGS+=	-ldflags=-s
 .  endif
diff --git a/Mk/bsd.port.mk b/Mk/bsd.port.mk
index a6543b0e069f..717a0efdee6f 100644
--- a/Mk/bsd.port.mk
+++ b/Mk/bsd.port.mk
@@ -339,6 +339,11 @@ FreeBSD_MAINTAINER=	portmgr@FreeBSD.org
 #				  can be used in Makefiles by port maintainers
 #				  if a port breaks with it (it should be
 #				  extremely rare).
+# PIE_CFLAGS	- Defaults to -fPIE -fPIC. This value
+#				  is added to CFLAGS and the necessary flags
+#				  are added to LDFLAGS. Note that PIE_UNSAFE
+#				  can be used in Makefiles by port maintainers
+#				  if a port breaks with it.
 ##
 # USE_LOCALE	- LANG and LC_ALL are set to the value of this variable in
 #				  CONFIGURE_ENV and MAKE_ENV.  Example: USE_LOCALE=en_US.UTF-8
@@ -1012,7 +1017,7 @@ LC_ALL=		C
 # These need to be absolute since we don't know how deep in the ports
 # tree we are and thus can't go relative.  They can, of course, be overridden
 # by individual Makefiles or local system make configuration.
-_LIST_OF_WITH_FEATURES=	debug lto ssp
+_LIST_OF_WITH_FEATURES=	debug lto ssp pie
 _DEFAULT_WITH_FEATURES=	ssp
 PORTSDIR?=		/usr/ports
 LOCALBASE?=		/usr/local
@@ -1776,8 +1781,6 @@ CFLAGS:=	${CFLAGS:C/${_CPUCFLAGS}//}
 .      endif
 .    endfor
 
-# XXX PIE support to be added here
-MAKE_ENV+=	NO_PIE=yes
 # We will control debug files.  Don't let builds that use /usr/share/mk
 # split out debug symbols since the plist won't know to expect it.
 MAKE_ENV+=	MK_DEBUG_FILES=no