Received: from mail-lj1-f195.google.com (mail-lj1-f195.google.com [209.85.208.195])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 21D2D780FAF
	for <~alpine/devel@lists.alpinelinux.org>; Mon, 17 Feb 2020 08:42:38 +0000 (UTC)
Received: by mail-lj1-f195.google.com with SMTP id n18so17849365ljo.7
        for <~alpine/devel@lists.alpinelinux.org>; Mon, 17 Feb 2020 00:42:38 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=nyVmjUSKoAM1pThhTX3I1TA12cW+Bc7rxBbChWQj3Jc=;
        b=tPP3fPox1pHj6n8Zf3ZIAGrlqeTjOGIQnXqlTnVwVnOyq2ZKwEWgzIWChm3cNXfWof
         Ee/emU83j3c7+IjsAs9Pdm4Sy8X1GI7hI2XPK+kBa0v8hklD4PieMK7QwRSgMVjV+rL7
         RpTMGIa/MotqYiMD4NvkJ+MnLsTc+6XXEeutyG39wPyl7jaLK76NxxR21YJs6yhbrgBK
         hhNi3ZDNhLtiOECaIDJLGsbZ/vNyCxvrq4luOW/jLwXvUMNfN6TfpTNj7iSOi0R0OtHT
         CQH2oQ+Am6o4ztl2kiutN5PaHNTTYFlMYXKfz7yLOFKfGQ4JZ+x8tNXXzu//CiodtFbk
         bcSw==
X-Gm-Message-State: APjAAAVqffI2YUigLckm9jCICoMh+GGd4GMisBQQxSulc2qAFlLg7pA6
	9gvbFFgEgKVhTGkYyB5C4c4=
X-Google-Smtp-Source: APXvYqymZxRkiCUUJ9n9o59wsqZgln9zd5QGnc2D3enxFt+3zYm11HfIItnudj1rqehi9ZOlW02wfg==
X-Received: by 2002:a2e:870b:: with SMTP id m11mr9243026lji.93.1581928957820;
        Mon, 17 Feb 2020 00:42:37 -0800 (PST)
Received: from vostro.wlan (dtc5qkyyyyyyyyyyyyx9y-3.rev.dnainternet.fi. [2001:14ba:80b2:d400::4fa])
        by smtp.gmail.com with ESMTPSA id w6sm7076119lfq.95.2020.02.17.00.42.37
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 17 Feb 2020 00:42:37 -0800 (PST)
Date: Mon, 17 Feb 2020 10:42:34 +0200
From: Timo Teras <timo.teras@iki.fi>
To: =?UTF-8?B?U8O2cmVu?= Tempel <soeren@soeren-tempel.net>
Cc: Wolf <wolf@wolfsden.cz>, ~alpine/devel@lists.alpinelinux.org
Subject: Re: community/go and buildmode pie
Message-ID: <20200217104234.0475f206@vostro.wlan>
In-Reply-To: <36NQ9KC6PLT7B.30TAJMQSFWPSF@8pit.net>
References: <20191129221308.hy6ybayxu2nsu5dy@wolfsden.cz>
	<20191202121828.5ba2a735@vostro>
	<36NQ9KC6PLT7B.30TAJMQSFWPSF@8pit.net>
X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; x86_64-alpine-linux-musl)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Sun, 16 Feb 2020 12:30:50 +0100
S=C3=B6ren Tempel <soeren@soeren-tempel.net> wrote:

> Timo Teras <timo.teras@iki.fi> wrote:
> > Alpine standard is to ship PIE if possible because full ASLR does
> > not work without it. =20
>=20
> While this is true and I definitely agree that this a good idea I
> would like to point out that compiling all go packages as PIEs is
> possible without the default-buildmode-pie.patch.
>=20
> My solution to this issue is setting GOFLAGS to -buildmode=3Dpie on the
> builders using /etc/abuild.conf. This is also how we pass -Os for
> C/C++ software currently. Contrary to CFLAGS, GOFLAGS is actually
> picked up by the go compiler itself (see `go help environment`).
>=20
> This has the advantage that it fixes the warning mentioned by Wolf and
> more importantly it would allows us to make more parts of the go
> compiler testsuite pass in the future.
>=20
> See: https://gitlab.alpinelinux.org/alpine/aports/merge_requests/4138
>=20
> Timo, do you have any thoughts on this change?

Sound OK idea. Prefer to set GOFLAGS also in function.sh as abuild.conf
might not get updated if it's modified. Should probably ship defaults
for all flags there. Commented in the MR also.

Timo