about summary refs log tree commit diff
path: root/pkgs/development/compilers/gcc/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/compilers/gcc/default.nix')
-rw-r--r--pkgs/development/compilers/gcc/default.nix23
1 files changed, 19 insertions, 4 deletions
diff --git a/pkgs/development/compilers/gcc/default.nix b/pkgs/development/compilers/gcc/default.nix
index 5e017a21fa1f5..2b806301bd1ce 100644
--- a/pkgs/development/compilers/gcc/default.nix
+++ b/pkgs/development/compilers/gcc/default.nix
@@ -8,6 +8,8 @@
 , reproducibleBuild ? true
 , profiledCompiler ? false
 , langJit ? false
+, langRust ? false
+, cargo
 , staticCompiler ? false
 , enableShared ? stdenv.targetPlatform.hasSharedLibraries
 , enableLTO ? stdenv.hostPlatform.hasSharedLibraries
@@ -33,6 +35,7 @@
 , nukeReferences
 , callPackage
 , majorMinorVersion
+, cctools
 , darwin
 
 # only for gcc<=6.x
@@ -127,6 +130,7 @@ let
       inherit
         binutils
         buildPackages
+        cargo
         cloog
         withoutTargetLibc
         darwin
@@ -152,6 +156,7 @@ let
         langJit
         langObjC
         langObjCpp
+        langRust
         lib
         libcCross
         libmpc
@@ -280,7 +285,7 @@ pipe ((callFile ./common/builder.nix {}) ({
 
   libc_dev = stdenv.cc.libc_dev;
 
-  hardeningDisable = [ "format" "pie" ]
+  hardeningDisable = [ "format" "pie" "stackclashprotection" ]
   ++ optionals (is11 && langAda) [ "fortify3" ];
 
   postPatch = optionalString atLeast7 ''
@@ -425,8 +430,18 @@ pipe ((callFile ./common/builder.nix {}) ({
     inherit langC langCC langObjC langObjCpp langAda langFortran langGo langD langJava version;
     isGNU = true;
     hardeningUnsupportedFlags = optional is48 "stackprotector"
+      ++ optional (
+        (targetPlatform.isAarch64 && !atLeast9) || !atLeast8
+      ) "stackclashprotection"
       ++ optional (!atLeast11) "zerocallusedregs"
       ++ optionals (!atLeast12) [ "fortify3" "trivialautovarinit" ]
+      ++ optional (!(
+        atLeast8
+        && targetPlatform.isLinux
+        && targetPlatform.isx86_64
+        && targetPlatform.libc == "glibc"
+      )) "shadowstack"
+      ++ optional (!(atLeast9 && targetPlatform.isLinux && targetPlatform.isAarch64)) "pacret"
       ++ optionals (langFortran) [ "fortify" "format" ];
   };
 
@@ -446,15 +461,15 @@ pipe ((callFile ./common/builder.nix {}) ({
     badPlatforms =
       # avr-gcc8 is maintained for the `qmk` package
       if (is8 && targetPlatform.isAvr) then []
-      else if !(is48 || is49) then [ "aarch64-darwin" ]
+      else if !(is48 || is49 || is6) then [ "aarch64-darwin" ]
       else platforms.darwin;
-  } // optionalAttrs is11 {
+  } // optionalAttrs is10 {
     badPlatforms = if targetPlatform != hostPlatform then [ "aarch64-darwin" ] else [ ];
   };
 } // optionalAttrs (!atLeast10 && stdenv.targetPlatform.isDarwin) {
   # GCC <10 requires default cctools `strip` instead of `llvm-strip` used by Darwin bintools.
   preBuild = ''
-    makeFlagsArray+=('STRIP=${getBin darwin.cctools-port}/bin/${stdenv.cc.targetPrefix}strip')
+    makeFlagsArray+=('STRIP=${getBin cctools}/bin/${stdenv.cc.targetPrefix}strip')
   '';
 } // optionalAttrs (!atLeast8) {
   doCheck = false; # requires a lot of tools, causes a dependency cycle for stdenv
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-20 12:36:06 +0000