From: dkwo <dkwo@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [PR PATCH] [Updated] [rfc] build-style: go: set buildmode=pie globally
Date: Mon, 08 Jan 2024 15:15:56 +0100 [thread overview]
Message-ID: <20240108141556.tkMmFo1oz3jx-idoV6VI8RDd8HfQYfSYHvIHvBDYePY@z> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-46958@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 860 bytes --]
There is an updated pull request by dkwo against master on the void-packages repository
https://github.com/dkwo/void-packages gopie
https://github.com/void-linux/void-packages/pull/46958
[rfc] build-style: go: set buildmode=pie globally
I rebuilt all packages natively on x86_64-glibc.
Packages that failed to build with `pie` have `nopie` set.
Pending:
- sbctl #46165
- lxd, lxd-lts #47573
Missing distfiles:
- clipman @travankor (builds fine with pie otherwise)
Building with pie may interfere with static binaries (e.g. if set CGO_ENABLED=0) and cross-compiling.
Up to now I disabled it for
- go-bindata
- go-md2man
- grafana
but further investigation/tests are needed.
See also https://go-review.googlesource.com/c/go/+/248199
[ci skip]
A patch file from https://github.com/void-linux/void-packages/pull/46958.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-gopie-46958.patch --]
[-- Type: text/x-diff, Size: 8510 bytes --]
From aeb217752fc4cac23512e53ea06321563189532c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
<congdanhqx@gmail.com>
Date: Sat, 12 Sep 2020 07:07:13 +0700
Subject: [PATCH 01/10] build-style: go: allow -buildmode=pie
---
common/build-style/go.sh | 8 ++++++--
common/environment/build-style/go.sh | 1 -
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/common/build-style/go.sh b/common/build-style/go.sh
index 50524b07f768c..a54f3813183cc 100644
--- a/common/build-style/go.sh
+++ b/common/build-style/go.sh
@@ -29,7 +29,11 @@ do_build() {
fi
done
+ local buildmode
go_package=${go_package:-$go_import_path}
+ if [ -z "$nopie" ]; then
+ buildmode=-buildmode=pie
+ fi
# Build using Go modules if there's a go.mod file
if [ "${go_mod_mode}" != "off" ] && [ -f go.mod ]; then
@@ -50,13 +54,13 @@ do_build() {
# default behavior.
go_mod_mode=
fi
- go install -p "$XBPS_MAKEJOBS" -mod="${go_mod_mode}" -modcacherw -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
+ go install -p "$XBPS_MAKEJOBS" -mod="${go_mod_mode}" $buildmode -modcacherw -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
if [[ -n "${_go_mod_path}" ]]; then
popd
fi
else
# Otherwise, build using GOPATH
- go get -p "$XBPS_MAKEJOBS" -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
+ go get -p "$XBPS_MAKEJOBS" $buildmode -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
fi
}
diff --git a/common/environment/build-style/go.sh b/common/environment/build-style/go.sh
index 223bba83ff11b..92a049411e0fb 100644
--- a/common/environment/build-style/go.sh
+++ b/common/environment/build-style/go.sh
@@ -4,7 +4,6 @@ if [ -z "$hostmakedepends" -o "${hostmakedepends##*gcc-go-tools*}" ]; then
archs="aarch64* armv[567]* i686* x86_64* ppc64le* riscv64*"
fi
hostmakedepends+=" go"
- nopie=yes
else
# gccgo compiler
if [ -z "$archs" ]; then
From aecb23c74380ab53fc3bb7047852ccdf69691468 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:01:32 -0500
Subject: [PATCH 02/10] cni-plugins: set nopie
---
srcpkgs/cni-plugins/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/cni-plugins/template b/srcpkgs/cni-plugins/template
index c88498d19dfbf..496433b8c73d0 100644
--- a/srcpkgs/cni-plugins/template
+++ b/srcpkgs/cni-plugins/template
@@ -10,6 +10,7 @@ license="Apache-2.0"
homepage="https://github.com/containernetworking/plugins"
distfiles="https://github.com/containernetworking/plugins/archive/v${version}.tar.gz"
checksum=f9871b9f6ccb51d2b264532e96521e44f926928f91434b56ce135c95becf2901
+nopie=unverified
do_build() {
./build_linux.sh \
From e5f77dbabb25bf98efbf87780d622c9cf00684a5 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:02:54 -0500
Subject: [PATCH 03/10] coyim: set nopie
---
srcpkgs/coyim/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/coyim/template b/srcpkgs/coyim/template
index 0d928b05cfde3..a8408d59fccdd 100644
--- a/srcpkgs/coyim/template
+++ b/srcpkgs/coyim/template
@@ -12,6 +12,7 @@ license="GPL-3.0-only"
homepage="https://coy.im"
distfiles="https://github.com/coyim/coyim/archive/v${version}.tar.gz"
checksum=f2bf1e73562fbcc3a0b264a30f92dfe427dffe2046e9f44459087ecac5890098
+nopie=unverified
case "$XBPS_TARGET_MACHINE" in
x86_64*) ;;
From ecdfef416727d23bd3a38059bfedf7b4792309de Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:03:42 -0500
Subject: [PATCH 04/10] kubernetes: set nopie
---
srcpkgs/kubernetes/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/kubernetes/template b/srcpkgs/kubernetes/template
index d0b936775cbb6..5c050b7b14fe3 100644
--- a/srcpkgs/kubernetes/template
+++ b/srcpkgs/kubernetes/template
@@ -17,6 +17,7 @@ nocross=yes
system_accounts="kube"
make_dirs="/var/lib/kubelet 0755 kube kube"
conf_files="/etc/kubernetes/*"
+nopie=unverified
do_build() {
make
From 23f28232024e28cac75e3a1a39e45dde7b39f92b Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:04:26 -0500
Subject: [PATCH 05/10] moby: set nopie
---
srcpkgs/moby/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/moby/template b/srcpkgs/moby/template
index 50e0e83c70918..b175280862ea6 100644
--- a/srcpkgs/moby/template
+++ b/srcpkgs/moby/template
@@ -21,6 +21,7 @@ distfiles="https://github.com/moby/moby/archive/v${version}.tar.gz>moby-$version
checksum="16a2cb4cf4d314a070085e0df06e3a6bd9ec678d28715b64060af694fc9051d5
5c5e3aa7599e85036438a65016796aa11df4afb44d13b5927dcfb0ec5947a86b"
system_groups="docker"
+nopie=unverified
_moby_builddir="moby-$version"
_libnetwork_builddir="libnetwork-$_libnetwork_commit"
From 0d9bfc1684f6986e5b5321a480397dcaa4a3c39d Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:05:07 -0500
Subject: [PATCH 06/10] nncp: set nopie
---
srcpkgs/nncp/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/nncp/template b/srcpkgs/nncp/template
index 6975d7a51ef1b..acc5f487aeb73 100644
--- a/srcpkgs/nncp/template
+++ b/srcpkgs/nncp/template
@@ -10,6 +10,7 @@ license="GPL-3.0-only"
homepage="http://www.nncpgo.org/"
distfiles="http://www.nncpgo.org/download/${pkgname}-${version}.tar.xz"
checksum=154e13ba15c0ea93f54525793b0699e496b2db7281e1555f08d785a528f3f7fc
+nopie=unverified
do_build() {
./bin/build
From 8a13808f4c1cda2e56cb0c6991dd08ad871dfe03 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:05:49 -0500
Subject: [PATCH 07/10] yggdrasil: set nopie
---
srcpkgs/yggdrasil/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/yggdrasil/template b/srcpkgs/yggdrasil/template
index c6f7a2395b9ba..24a81e3d799ff 100644
--- a/srcpkgs/yggdrasil/template
+++ b/srcpkgs/yggdrasil/template
@@ -11,6 +11,7 @@ homepage="https://yggdrasil-network.github.io/"
changelog="https://raw.githubusercontent.com/yggdrasil-network/yggdrasil-go/develop/CHANGELOG.md"
distfiles="https://github.com/yggdrasil-network/yggdrasil-go/archive/v${version}.tar.gz"
checksum=c1cceb9a7a4a8959536b1d930ca081bcfbc76ab655e4bcb55d5d0ab6520d9241
+nopie=unverified
do_build() {
PKGNAME=${pkgname} PKGVER=${version} ./build
From 8938a30c50c53f7838fd256830a79e04d6ceaf7e Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Sun, 7 Jan 2024 18:33:20 +0100
Subject: [PATCH 08/10] go-bindata: set nopie
---
srcpkgs/go-bindata/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/go-bindata/template b/srcpkgs/go-bindata/template
index dad00443ee529..8a85286c726cd 100644
--- a/srcpkgs/go-bindata/template
+++ b/srcpkgs/go-bindata/template
@@ -12,3 +12,4 @@ license="Public Domain"
homepage="https://github.com/jteeuwen/go-bindata"
distfiles="https://github.com/jteeuwen/go-bindata/archive/${_commit}.tar.gz"
checksum=65cf65ac422fb8072abfaabec86c20a74e448a93b489e896a36642e7049f5d32
+nopie=static
From dd540277b2b9b47fc79057e601983439700d1eff Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Sun, 7 Jan 2024 18:35:32 +0100
Subject: [PATCH 09/10] go-md2man: set nopie
---
srcpkgs/go-md2man/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/go-md2man/template b/srcpkgs/go-md2man/template
index 39e92c22803e0..bbe0123ebaf33 100644
--- a/srcpkgs/go-md2man/template
+++ b/srcpkgs/go-md2man/template
@@ -10,6 +10,7 @@ license="MIT"
homepage="https://github.com/cpuguy83/go-md2man"
distfiles="https://github.com/cpuguy83/go-md2man/archive/v${version}.tar.gz"
checksum=7ca3a04bb4ab83387538235decc42a535097a05d2fb9f2266d0c47b33119501f
+nopie=static
post_install() {
vlicense LICENSE.md
From a4834487f9f86adf6ac046bd6a42ed057f5e3551 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Sun, 7 Jan 2024 20:59:34 +0100
Subject: [PATCH 10/10] grafana: set nopie
---
srcpkgs/grafana/template | 1 +
1 file changed, 1 insertion(+)
diff --git a/srcpkgs/grafana/template b/srcpkgs/grafana/template
index 9f634d6268d28..13362ce761f92 100644
--- a/srcpkgs/grafana/template
+++ b/srcpkgs/grafana/template
@@ -22,6 +22,7 @@ make_dirs="/var/log/grafana 0755 _grafana _grafana"
conf_files="/etc/grafana/grafana.ini"
go_ldflags="-X main.version=${version}"
+nopie=static
post_extract() {
# remove prebuilt binaries
next prev parent reply other threads:[~2024-01-08 14:15 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-29 18:04 [PR PATCH] [rfc] build-style: go: allow pie (v2) dkwo
2023-10-29 18:12 ` [PR PATCH] [Updated] " dkwo
2023-10-31 21:01 ` dkwo
2023-11-21 16:41 ` dkwo
2023-11-21 16:42 ` dkwo
2023-11-22 15:04 ` leahneukirchen
2023-11-24 22:06 ` dkwo
2023-11-27 14:29 ` dkwo
2023-11-27 14:30 ` dkwo
2023-11-28 14:14 ` dkwo
2023-11-28 20:49 ` dkwo
2023-11-28 20:52 ` dkwo
2023-11-28 20:52 ` dkwo
2023-11-28 20:56 ` dkwo
2023-11-28 20:58 ` dkwo
2023-11-28 20:59 ` dkwo
2023-11-28 21:06 ` [PR PATCH] [Updated] " dkwo
2023-11-28 21:09 ` dkwo
2023-11-29 15:58 ` dkwo
2023-11-29 16:00 ` [PR PATCH] [Updated] " dkwo
2023-11-29 17:51 ` CameronNemo
2023-11-29 18:34 ` benalb
2023-11-29 20:59 ` benalb
2023-11-30 0:22 ` dkwo
2023-11-30 0:22 ` dkwo
2023-11-30 0:23 ` dkwo
2023-12-01 17:28 ` benalb
2023-12-02 15:17 ` [PR PATCH] [Updated] " dkwo
2023-12-02 15:20 ` dkwo
2023-12-02 22:00 ` dkwo
2023-12-03 19:47 ` [PR PATCH] [Updated] " dkwo
2023-12-04 15:42 ` dkwo
2023-12-06 21:25 ` dkwo
2023-12-06 21:28 ` dkwo
2023-12-07 15:04 ` [PR PATCH] [Updated] " dkwo
2023-12-07 15:07 ` dkwo
2023-12-07 15:12 ` dkwo
2023-12-08 21:35 ` leahneukirchen
2023-12-10 0:49 ` classabbyamp
2023-12-10 15:26 ` [PR PATCH] [Updated] " dkwo
2023-12-10 15:27 ` dkwo
2023-12-10 15:35 ` [PR PATCH] [Updated] " dkwo
2023-12-10 15:36 ` dkwo
2023-12-21 9:12 ` dkwo
2023-12-26 17:59 ` dkwo
2024-01-06 22:45 ` dkwo
2024-01-07 21:27 ` [PR PATCH] [Updated] [rfc] build-style: go: set pie globally dkwo
2024-01-08 14:15 ` dkwo [this message]
2024-02-15 15:06 ` [PR PATCH] [Updated] [rfc] build-style: go: set buildmode=pie globally dkwo
2024-05-16 1:46 ` github-actions
2024-05-16 14:18 ` [PR PATCH] [Updated] " dkwo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240108141556.tkMmFo1oz3jx-idoV6VI8RDd8HfQYfSYHvIHvBDYePY@z \
--to=dkwo@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).