Page MenuHomeSolus

Toolchain Upgrades (W12, 2022)
Closed, ResolvedPublic

Description

Toolchain upgrade (W12, 2022)

  • Pt0. BUILD BASH AS SHARED OR EVERYTHING WILL BREAK!!!

Explanation: static linked executables that use glibc NSS get borked on a glibc upgrade if there are changes to NSS. Leave as shared as this is defeating the point of it being static.

Pt1. Default to -fno-plt

  • Add -fno-plt to c/cxx flags in package-management
  • Add optimize : plt option to ypkg for the few packages that rely on it

Explanation: we already skip the PLT for the majority of packages as we build with BIND_NOW and -Bsymbolic-functions by default. The PLT mostly sits useless, removing it marginally decreases package sizes and improves startup time. A few oddball packages that employ lazy linking still use the PLT (xorg) or programs doing funky stuff (valgrind). If a package disables BIND_NOW it must enable the PLT, but the vice versa is not true.

Pt2. Rebootstrap toolchain

  • Update linux-headers to 5.15
  • Update glibc to 2.35, bump min kernel comp to 4.14 and enable default pie
  • Update binutils to 2.38
  • Rebuild gcc, enable default pie, disable pgo build and link against static libs for isl abi bump
  • Update isl to 0.24
  • Rebuild gcc against isl 0.24 and build with pgo + lto-lean
  • Rebootstrap glibc
  • Rebootstrap binutils & enable pgo + lto build
  • Rebootstrap gcc
  • Final glibc rebootstrap (optional, if needed)
  • Final binutils rebootstrap (optional, if needed)
  • Final gcc rebootstrap (optional, if needed)

Explaination: We already enable the majority of security features, however, PIE is notably missing. On x86_64 the performance impact is marginal. On i386 it's a different story but we don't ship i386 binaries anyway only libraries, so we need not worry. Now that glibc is starting to default to pie and clang-14 will likely default to pie, it's about time we enable it. Additionally, Glibc 2.36 will support DT_RELR and will likely default to it. To get the most from DT_RELR we need to ship PIE binaries. PIC/PIE and -Bsymbolic-functions normally generates a lot of relative relocations, DT_RELR will decrease package sizes by packing together relative relocations, which in turn will help performance.

Pt3. binutils rebuilds

  • linux-tools
  • amule
  • ocaml
  • openclonk

Pt4. Add PLT to packages that need it

  • Any others

Pt5. LLVM toolchain interoperability

  • Enable PIE by default for clang (backport patch from llvm14)
  • Rebootstrap with PIE'd LLVM

Pt6. Ensure compatibility, test, test, test, check steam, etc.

Pt7. ncurses and readline rebuilds

  • 1. readline rebuilds
  • 3. ncurses rebuilds (potentially)
  • 4. Handle steam compatibility for old abi version

Pt8. Safety rebuilds (mostly targetting glibc abi "deletions" as we don't have the tooling for a full repo rebuild)

  • 1. libc deletions
  • 2. librt (just a stub to libc now, all the symbols have been moved to libc)
  • 3. libutil (just a stub to libc now, all the symbols have been moved to libc)
  • 4. libpthread (just a stub to libc now, all the symbols have been moved to libc)
  • 5. libdl (just a stub to libc now, all the symbols have been moved to libc)

Pt9. Fix pie binaries occasionally being added to abi_libs

Event Timeline

joebonrichie triaged this task as Unbreak Now! priority.
joebonrichie created this task.
joebonrichie moved this task from Backlog to Improvement on the Software board.
Staudey added a subscriber: Staudey.
Jacek added a subscriber: Jacek.Mar 16 2022, 10:09 PM
joebonrichie updated the task description. (Show Details)Mar 21 2022, 4:02 PM
joebonrichie added a subscriber: DataDrake.
joebonrichie updated the task description. (Show Details)Mar 23 2022, 5:37 PM
joebonrichie updated the task description. (Show Details)Mar 23 2022, 8:28 PM
joebonrichie updated the task description. (Show Details)Mar 23 2022, 9:58 PM
joebonrichie updated the task description. (Show Details)Mar 24 2022, 7:40 PM
joebonrichie updated the task description. (Show Details)Mar 27 2022, 5:50 PM
joebonrichie updated the task description. (Show Details)Mar 30 2022, 3:54 PM
joebonrichie closed this task as Resolved.Apr 13 2022, 6:26 PM

Thanks to all global maintainers for their help on the safety rebuilds.