Re: git: 518e0275a660 - main - security/libgcrypt: Fix regression
- In reply to: Vladimir Druzenko : "Re: git: 518e0275a660 - main - security/libgcrypt: Fix regression"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 13 Jul 2024 12:21:08 UTC
On Sat, 13 Jul 2024 14:58:24 +0300 Vladimir Druzenko <vvd@freebsd.org> wrote: > 13.07.2024 07:46, Cy Schubert пишет: > > The branch main has been updated by cy: > > > > URL: https://cgit.FreeBSD.org/ports/commit/?id=518e0275a6603c913816be0f6cb4efab3ba56815 > > > > commit 518e0275a6603c913816be0f6cb4efab3ba56815 > > Author: Daniel Engberg <diizzy@FreeBSD.org> > > AuthorDate: 2024-07-13 04:35:25 +0000 > > Commit: Cy Schubert <cy@FreeBSD.org> > > CommitDate: 2024-07-13 04:45:27 +0000 > > > > security/libgcrypt: Fix regression > > > > In order to harvest the best entropy jitterentropy-base.c requires > > that the compiler not optimize out any of its code. To ensure this > > the cipher and randmom makefiles remove optmization options. This > > will work in cases where the user has specified, for instance, > > CFLAGS=-O3 but will not work when CFLAGS+=-O3 is specified. These > > makefiles will only remove the first occurrence of the optimization > > flag, resulting in a build failure. This patch alters the "munging" > > sed command to remove all optimization options. > > > > PR: 280081 > > MFH: 2024Q3 > > --- > > security/libgcrypt/files/patch-cipher_Makefile.in | 11 +++++++++++ > > security/libgcrypt/files/patch-random_Makefile.in | 11 +++++++++++ > > 2 files changed, 22 insertions(+) > > > > diff --git a/security/libgcrypt/files/patch-cipher_Makefile.in b/security/libgcrypt/files/patch-cipher_Makefile.in > > new file mode 100644 > > index 000000000000..01f0f32e578b > > --- /dev/null > > +++ b/security/libgcrypt/files/patch-cipher_Makefile.in > > @@ -0,0 +1,11 @@ > > +--- cipher/Makefile.in.orig 2024-07-13 04:19:00 UTC > > ++++ cipher/Makefile.in > > +@@ -643,7 +643,7 @@ EXTRA_libcipher_la_SOURCES = \ > > + blake2s-amd64-avx.S blake2s-amd64-avx512.S > > + > > + @ENABLE_O_FLAG_MUNGING_FALSE@o_flag_munging = cat > > +-@ENABLE_O_FLAG_MUNGING_TRUE@o_flag_munging = sed -e 's/[[:blank:]]-O\([2-9sgz][2-9sgz]*\)/ -O1 /' -e 's/[[:blank:]]-Ofast/ -O1 /g' > > ++@ENABLE_O_FLAG_MUNGING_TRUE@o_flag_munging = sed -e 's/[[:blank:]]-O\([2-9sgz][2-9sgz]*\)/ -O1 /g' -e 's/[[:blank:]]-Ofast/ -O1 /g' > > + @ENABLE_INSTRUMENTATION_MUNGING_FALSE@instrumentation_munging = cat > > + > > + # We need to disable instrumentation for these modules as they use cc as > > diff --git a/security/libgcrypt/files/patch-random_Makefile.in b/security/libgcrypt/files/patch-random_Makefile.in > > new file mode 100644 > > index 000000000000..4543139606bf > > --- /dev/null > > +++ b/security/libgcrypt/files/patch-random_Makefile.in > > @@ -0,0 +1,11 @@ > > +--- random/Makefile.in.orig 2024-07-13 04:20:47 UTC > > ++++ random/Makefile.in > > +@@ -407,7 +407,7 @@ jitterentropy-base.c jitterentropy.h jitterentropy-bas > > + @ENABLE_O_FLAG_MUNGING_FALSE@o_flag_munging = cat > > + > > + # The rndjent module needs to be compiled without optimization. */ > > +-@ENABLE_O_FLAG_MUNGING_TRUE@o_flag_munging = sed -e 's/[[:blank:]]-O\([1-9sgz][1-9sgz]*\)/ -O0 /' -e 's/[[:blank:]]-Ofast/ -O0 /g' > > ++@ENABLE_O_FLAG_MUNGING_TRUE@o_flag_munging = sed -e 's/[[:blank:]]-O\([1-9sgz][1-9sgz]*\)/ -O0 /g' -e 's/[[:blank:]]-Ofast/ -O0 /g' > > + all: all-am > > + > > + .SUFFIXES: > > Maybe a bump is needed? > This only affects builds with CFLAGS+=-O3 in make.conf. Those without CFLAGS+=-O3 (+= as opposed to =) or no CFLAGS whatsoever in make.conf, the package will not build differently and the binaries will be the same as before. So, no. -- Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org NTP: <cy@nwtime.org> Web: https://nwtime.org e^(i*pi)+1=0