Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New package: go-pie #20450

Closed
wants to merge 1 commit into from
Closed

New package: go-pie #20450

wants to merge 1 commit into from

Conversation

ericonr
Copy link
Member

@ericonr ericonr commented Mar 29, 2020

This package makes it possible to build Go binaries with PIE.

Both Arch Linux and Alpine already implement this feature. Arch has a package called go-pie that's used for most of their PKGBUILDs, while the only version of Go on Alpine is one capable of producing PIE binaries.

The patch used here is actually adapted from the one used by Arch, and if adopted can allow us to remove the nostrip flag from the go build_style.

I'm getting some weird build output, where it says

loadinternal: cannot find runtime/cgo

so I'm not completely certain that it's 100% complete. Building a program that uses cgo does work cleanly, so I'm not sure what it means.

It's referenced in this issue, but without any solution.

@ericonr
New package: go-pie-1.14
af1ca56 
This package makes it possible to build Go binaries with PIE.
@ericonr
Copy link
Member Author

ericonr commented Mar 30, 2020

Given that #20435 was closed, I will have to rewrite this one. I will close it and reopen it later, then. Make an issue to discuss it as well.

@ericonr ericonr closed this Mar 30, 2020
@q66
Copy link
Contributor

q66 commented Mar 30, 2020
edited
Loading

do we need a separate PIE compiler? if this works reliably, we could just have it do that always, we already do default-pie for the primary system toolchain, but my knowledge of the toolchain is limited, so I'll refrain from making any claims here; maybe @the-maldridge can provide some insight

what we definitely do not want is another template that's more or less a copy of the original, that's just a pain to maintain and get synchronized, no matter how much of it you try to move into build-style

@the-maldridge
Copy link
Member

For a long time PIE had problems with Go which is why we disabled it. If we were to run a universe build and observe that there was no serious breakage, I could see turning it on in the default compiler.

@q66
Copy link
Contributor

q66 commented Mar 30, 2020
edited
Loading

universe rebuild shouldn't exactly be an issue, should be done in a day or so... another matter is testing, everything would need to get tested for brokenness :P

@ericonr
Copy link
Member Author

ericonr commented Mar 31, 2020

@q66 what sort of testing would have to be done? I just installed Void on my Rasp, so I have one more arch target to test this change against. How would the packages of a rebuild be offered? (I can also script a detection for packages with the go build_style, and try and build them locally).

Should I open a PR with just the patch then?

@the-maldridge
Copy link
Member

If we were to adopt this then it would be for the compiler itself that is the main one. there's not a really good way to test that easily though, so I don't have tips for what the acceptance process would be.

@ericonr ericonr mentioned this pull request Apr 10, 2020
Closed
@ericonr ericonr deleted the go-pie branch August 3, 2020 04:37
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 14, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ericonr @q66 @the-maldridge