# Doesn't build correctly with fPIC %undefine _hardened_build # fails to find annobin plugin, as we're building in a seprate # prefix, and also annobin plugin is built for a newer gcc %undefine _annotated_build # libcpp/expr.c triggers format-security # Build fails in libgcc %undefine _lto_cflags # Ignore harmless problem XXX: # ERROR 0020: file '/usr/x86_64-intel-sgx/lib64/libcc1.so.0.0.0' contains a runpath referencing '..' of an absolute path [/usr/x86_64-intel-sgx/lib64/../lib64] %global __brp_check_rpaths %{nil} # Warnings triggered which interact with code that forces Werror %global _fortify_level 0 %define _warning_options -Wall %undefine _missing_build_ids_terminate_build Summary: C & C++ compilers for SGX enclaves Name: sgx-compat-gcc9.5.0 Version: 9.5.0 Release: 1%{?dist} # Sync from native gcc.spec License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD URL: http://gcc.gnu.org Source: https://ftp.gnu.org/gnu/gcc/gcc-%{version}/gcc-%{version}.tar.xz Patch1: gcc9-libtool-no-rpath.patch BuildRequires: sgx-srpm-macros BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: libmpc-devel # SGX is a technology that only exists in Intel x86 CPUs ExclusiveArch: x86_64 %description This package contains the C & C++ compilers required for reproducible builds of signed SGX architectural enclaves. %prep %autosetup -p0 -n gcc-%{version} %build # This older GCC doesn't support newer ABI levels CFLAGS=$(echo $CFLAGS | sed -e 's/x86-64-v3/x86-64/') CXXFLAGS=$(echo $CFLAGS | sed -e 's/x86-64-v3/x86-64/') FFLAGS=$(echo $FFLAGS | sed -e 's/x86-64-v3/x86-64/') FCFLAGS=$(echo $FCFLAGS | sed -e 's/x86-64-v3/x86-64/') export CFLAGS CXXFLAGS FFLAGS FCFLAGS # Disabling all libraries that aren't needed for SGX builds # Disabling bootstrap since this is not a general system # compiler, it is just used for SGX architectural enclaves ./configure \ --prefix=%{_prefix} \ --libdir=%{_libdir}/%{sgx_triplet} \ --libexecdir=%{_libexecdir}/%{sgx_triplet} \ --bindir=%{_bindir} \ --datadir=%{_datadir} \ --enable-version-specific-runtime-libs \ --disable-multilib \ --disable-bootstrap \ --enable-languages=c,c++ \ --without-isl \ --disable-gcov \ --disable-libgomp \ --disable-libmpx \ --disable-libquadmath \ --disable-libsanitizer \ --disable-libssp \ --disable-libcc1 \ --disable-libatomic \ --disable-libitm \ --disable-werror \ --program-prefix="%{sgx_triplet}-" \ --program-suffix="-%{version}" \ --with-specs='%{!fno-common:%{!fcommon:-fcommon}}' %make_build %install %make_install %{_smp_mflags} %define sgx_gcc_libdir %{_libdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version} ( # Build system created these from %{_includedir}, but # we want %{sgx_includedir}, so re-create rm -rf %{buildroot}%{_libdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/include-fixed cd ./host-x86_64-pc-linux-gnu/fixincludes/ TARGET_MACHINE=x86_64-pc-linux-gnu \ target_canonical=x86_64-pc-linux-gnu \ MACRO_LIST=../gcc/macro_list \ /bin/sh fixinc.sh \ %{buildroot}%{sgx_gcc_libdir}/include-fixed/ \ %{sgx_includedir}/ # These aren't processed by fixinc.sh, instead created # from pieces in the GCC tree, so we can copy them over again cp ../gcc/include-fixed/limits.h %{buildroot}%{sgx_gcc_libdir}/include-fixed/ cp ../gcc/include-fixed/syslimits.h %{buildroot}%{sgx_gcc_libdir}/include-fixed/ ) rm -rf %{buildroot}%{_datadir} rm -rf %{buildroot}%{_libdir}/gcc/x86_64-pc-linux-gnu/%{version}/plugin rm -rf %{buildroot}%{_libdir}/gcc/x86_64-pc-linux-gnu/%{version}/install-tools rm -rf %{buildroot}%{_libdir}/gcc/x86_64-pc-linux-gnu/%{version}/finclude # Remove binaries with the build-target prefix, # as they're just duplicating the binaries with # the %{sgx_triplet} prefix, as we don't require # them. rm -f %{buildroot}%{_bindir}/x86_64-pc-linux-gnu-* # Also don't want unversioned gcov rm -f %{buildroot}%{_bindir}/%{sgx_triplet}-gcov* rm -f %{buildroot}%{_libdir}/libstdc++.a rm -f %{buildroot}%{_libdir}/libstdc++.so*-gdb.py rm -f %{buildroot}%{_libdir}/libstdc++fs.a rm -f %{buildroot}%{_libdir}/libsupc++.a find %{buildroot} -name *.la | xargs rm # make install is a little confused by the extra level in # our libdir arg, and puts libgcc_s one level too deep. # Move it to where it will be found by the -L arg GCC passes # to the ld program. mv %{buildroot}%{_libdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{_lib}/libgcc* \ %{buildroot}%{_libdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/ %files %license gcc/COPYING* COPYING.RUNTIME %{_bindir}/%{sgx_triplet}-c++-%{version} %{_bindir}/%{sgx_triplet}-cpp-%{version} %{_bindir}/%{sgx_triplet}-g++-%{version} %{_bindir}/%{sgx_triplet}-gcc-%{version} %{_bindir}/%{sgx_triplet}-gcc-ar-%{version} %{_bindir}/%{sgx_triplet}-gcc-nm-%{version} %{_bindir}/%{sgx_triplet}-gcc-ranlib-%{version} %dir %{_libdir}/%{sgx_triplet}/gcc %dir %{_libdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu %dir %{_libdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version} %{_libdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/* %dir %{_libexecdir}/%{sgx_triplet} %dir %{_libexecdir}/%{sgx_triplet}/gcc %dir %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/ %dir %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version} %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/cc1 %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/cc1plus %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/collect2 %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/install-tools %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/liblto_plugin.so* %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/lto-wrapper %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/lto1 %{_libexecdir}/%{sgx_triplet}/gcc/x86_64-pc-linux-gnu/%{version}/plugin