From d1ad4013179c639433bdbfa5025ca403aac0767b Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Sun, 17 Mar 2024 12:49:11 +0000
Subject: gentoo auto-resync : 17:03:2024 - 12:49:11

---
 eclass/Manifest.gz      | Bin 39623 -> 39628 bytes
 eclass/toolchain.eclass |   9 +++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

(limited to 'eclass')

diff --git a/eclass/Manifest.gz b/eclass/Manifest.gz
index 54e2b34e7909..4ad2dff19c1b 100644
Binary files a/eclass/Manifest.gz and b/eclass/Manifest.gz differ
diff --git a/eclass/toolchain.eclass b/eclass/toolchain.eclass
index 2acfad8162ac..59d51d9c1e38 100644
--- a/eclass/toolchain.eclass
+++ b/eclass/toolchain.eclass
@@ -677,6 +677,11 @@ tc_enable_hardened_gcc() {
 		hardened_gcc_flags+=" -DDEF_GENTOO_ZNOW"
 	fi
 
+	if _tc_use_if_iuse cet && [[ ${CTARGET} == *x86_64*-linux-gnu* ]] ; then
+		einfo "Updating gcc to use x86-64 control flow protection by default ..."
+		hardened_gcc_flags+=" -DEXTRA_OPTIONS_CF"
+	fi
+
 	if _tc_use_if_iuse hardened ; then
 		# Will add some hardened options as default, e.g. for gcc-12
 		# * -fstack-clash-protection
@@ -688,10 +693,6 @@ tc_enable_hardened_gcc() {
 		# Add -D_GLIBCXX_ASSERTIONS
 		hardened_gcc_flags+=" -DDEF_GENTOO_GLIBCXX_ASSERTIONS"
 
-		if _tc_use_if_iuse cet && [[ ${CTARGET} == *x86_64*-linux* ]] ; then
-			hardened_gcc_flags+=" -DEXTRA_OPTIONS_CF"
-		fi
-
 		# Rebrand to make bug reports easier
 		BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened}
 	fi
-- 
cgit v1.2.3