diff options
| author | V3n3RiX <venerix@koprulu.sector> | 2023-04-17 05:52:09 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@koprulu.sector> | 2023-04-17 05:52:09 +0100 |
| commit | 269581204f3555e3dee67f4ecf29dca64a118e48 (patch) | |
| tree | 83e6fa02f080563b2acc586ad71143c5318a538b /profiles/use.local.desc | |
| parent | 3e488f4a5f53b007af8cc3180f9ac0abfe5a0be8 (diff) | |
gentoo auto-resync : 17:04:2023 - 05:52:08
Diffstat (limited to 'profiles/use.local.desc')
| -rw-r--r-- | profiles/use.local.desc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/profiles/use.local.desc b/profiles/use.local.desc index 95ecc0a48f4d..f104b13b30a7 100644 --- a/profiles/use.local.desc +++ b/profiles/use.local.desc @@ -8161,6 +8161,7 @@ sys-devel/distcc:gssapi - Enable support for net-libs/libgssglue sys-devel/gcc:ada - Build the ADA language (GNAT) frontend sys-devel/gcc:cet - Enable support for Intel Control Flow Enforcement Technology (CET). Only effective on amd64/x86. Only provides benefits on newer CPUs. For Intel, the CPU must be at least as new as Tiger Lake. For AMD, it must be at least as new as Zen 3. This is harmless on older CPUs, but provides no benefit either. When combined with USE=hardened, GCC will set -fcf-protection by default when building software. The effect is minimal on systems which do not support it, other than a possible small increase in codesize for the NOPs. The generated code is therefore compatible with i686 at the earliest. sys-devel/gcc:d - Enable support for the D programming language +sys-devel/gcc:debug - Enables GCC's 'checking' facility via --enable-checking=yes,extra,rtl. This adds checks to various compiler passes for integrity and input validation. This can help catch possible miscompilations early as well as latent bugs which could become real problems in future, but at the cost of slower compile times when using GCC. Unrelated to backtraces. sys-devel/gcc:default-stack-clash-protection - Build packages with stack clash protection on by default as a hardening measure. This enables -fstack-clash-protection by default which protects against large memory allocations allowing stack smashing. May cause slightly increased codesize, but modern compilers have been adapted to optimize well for this case, as this mitigation is now quite common. See https://developers.redhat.com/blog/2020/05/22/stack-clash-mitigation-in-gcc-part-3 and https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt. sys-devel/gcc:default-znow - Request full relocation on start from ld.so by default. This sets the -z,now (BIND_NOW) flag by default on all linker invocations. By resolving all dynamic symbols at application startup, parts of the program can be made read-only as a hardening measure. This is closely related to RELRO which is also separately enabled by default. In some applications with many unresolved symbols (heavily plugin based, for example), startup time may be impacted. sys-devel/gcc:fixed-point - Enable fixed-point arithmetic support for MIPS targets in gcc (Warning: significantly increases compile time!) |