Bug 1548397

Summary: redhat-rpm-config: Move -z now from GCC specs file to GCC command line
Product: [Fedora] Fedora Reporter: Florian Weimer <fweimer>
Component: redhat-rpm-configAssignee: Florian Festi <ffesti>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: ajax, ffesti, fweimer, ignatenko, john.j5live, jonathan, pmatilai, praiskup
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: redhat-rpm-config-102-1.fc29 redhat-rpm-config-102-1.fc28 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-02-24 22:12:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1548418    

Description Florian Weimer 2018-02-23 12:10:44 UTC 
-z now is not conditional on PIC vs PIE, so it is not necessary to specify it in redhat-hardened-ld.  We can put it directly into %_hardening_ldflags.  This should improve the injection success for shared objects somewhat, in case a linker invocation is used which strips the -specs= argument.
Comment 1 Igor Gnatenko 2018-02-23 12:36:27 UTC 
How would this affect clang?
Comment 2 Florian Weimer 2018-02-23 12:47:00 UTC 
Clang would recognize -Wl,-z,now as a linker flag and pass it to ld, so it would produce by accident the full set of required linker flags for shared objects after this change.

(Keep in mind that clang is not a supported compiler for building RPMs.)
Comment 3 Florian Weimer 2018-02-24 17:06:59 UTC 
I'm implementing this gradually, first leaving -z now in the GCC specs file in place, and removing that only after rebuilding some of the extension builders.