[Toybox] debian patch applying $CFLAGS to $HOSTCC

Rob Landley rob at landley.net
Tue Sep 13 23:20:17 PDT 2022


You added
https://salsa.debian.org/debian/toybox/-/blob/master/debian/patches/silent-blhc.patch
as part of https://salsa.debian.org/debian/toybox/-/commit/7d0ba6d99364 with the
comment "debianize" and no further explanation (in the commit comment or the
patch itself). Google found:

  https://packages.debian.org/sid/blhc

So I'm assuming you're shutting up "security" infrastructure by making sure that
build-time tools that don't ship are built with fortify and friends. (Did you
know if you build that ancient version of kconfig harvested from something like
Linux 2.6.12 with ASAN, it dies with a debug dump, whereas if you don't it's run
fine for 20 years? Yeah, creepy. I found that out a few days ago. I already said
the whole directory needs to be completely replaced, that's inching up the todo
list...)

Anyway, I'm assuming this means whatever hardening flag you added didn't
actually find anything, but you still need it for your bureaucratic checklist.
That's fine, but adding the target $CFLAGS to the host compiler will beak
several cross compiler setups (not just -march but when I'm using the Android
NDK as the target compiler, I'm generally using gcc as the host compiler) so
that's not something I'm likely to merge upstream.

I note that while HOSTCC defaults to "cc" if it hasn't been set, if you set it
to something yourself it uses the exported value, so you should be able to do
something like:

  HOSTCC="cc --bureaucracy" make distclean defconfig toybox install

Would that be a viable approach instead of patching the source?

Rob


More information about the Toybox mailing list