Skip to content

Commit 780eba1

Browse files
slipherslipher
committed
spam no-pie/no-pic
1 parent ae7176a commit 780eba1

File tree

2 files changed

+14
-5
lines changed

2 files changed

+14
-5
lines changed

Dockerfile

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,6 @@ RUN curl -LO http://github.com/openssl/openssl/releases/download/openssl-3.6.0/o
6161
sha256sum --check sha256sums-openssl.txt
6262
RUN tar -xzf openssl-3.6.0.tar.gz
6363
WORKDIR /build-ssl/openssl-3.6.0
64-
RUN ./config --prefix=/openssl --openssldir=/dev/null no-shared no-apps no-autoload-config no-capieng no-dso no-dynamic-engine no-engine no-loadereng no-module -Os
6564
RUN make -j`nproc` && make install_sw && rm -rf /build-ssl
6665

6766
############
@@ -73,7 +72,7 @@ ARG release
7372
# Note: {foo:+bar} here is a syntax of the Dockerfile, not the shell!
7473
ENV IPO_ARG=${release:+-DCMAKE_INTERPROCEDURAL_OPTIMIZATION=ON}
7574
RUN echo IPO_ARG ${IPO_ARG}
76-
RUN BUILDQT_CMAKE_ARGS=${IPO_ARG} PKG_CONFIG_PATH=/openssl/lib64/pkgconfig ./build-qt.sh && mv qt /qt && rm -rf /build-qt
75+
RUN BUILDQT_CMAKE_ARGS="${IPO_ARG} -DCMAKE_POSITION_INDEPENDENT_CODE=OFF -DFEATURE_reduce_relocations=OFF" CXXFLAGS='-fno-pic -no-pie' CFLAGS='-fno-pic -no-pie' PKG_CONFIG_PATH=/openssl/lib64/pkgconfig ./build-qt.sh && mv qt /qt && rm -rf /build-qt
7776

7877
###############
7978
# Build aria2 #
@@ -83,16 +82,15 @@ COPY .git/modules/aria2 /updater/.git/modules/aria2
8382
COPY build-aria.sh /updater/
8483
WORKDIR /updater/aria2
8584
RUN OPENSSL_LIBS='-L/openssl/lib64 -lssl -lcrypto -lpthread -ldl' OPENSSL_CFLAGS='-I /openssl/include' \
86-
CFLAGS=-Os CXXFLAGS=-Os ../build-aria.sh --with-openssl
85+
CFLAGS='-Os -fno-pic -no-pie' CXXFLAGS='-Os -fno-pic -no-pie' ../build-aria.sh --with-openssl
8786

8887
#################
8988
# Build updater #
9089
#################
9190
COPY . /updater
9291
RUN set -e; for D in . quazip fluid; do cd /updater/$D && git clean -dXff; done
9392
WORKDIR /build
94-
# TODO no-pie?
95-
RUN PKG_CONFIG_PATH=/openssl/lib64/pkgconfig cmake -G Ninja -DCMAKE_FIND_ROOT_PATH=/qt -DCMAKE_BUILD_TYPE=MinSizeRel ${IPO_ARG} /updater && ninja
93+
RUN PKG_CONFIG_PATH=/openssl/lib64/pkgconfig CXXFLAGS='-no-pie -fno-pic' CFLAGS='-no-pie -fno-pic' cmake -G Ninja -DCMAKE_POSITION_INDEPENDENT_CODE=OFF -DCMAKE_FIND_ROOT_PATH=/qt -DCMAKE_BUILD_TYPE=MinSizeRel ${IPO_ARG} /updater && ninja
9694
RUN mv updater updater-nonstripped && strip updater-nonstripped -o updater
9795
# Version check: do not depend on glibc > 2.31
9896
RUN echo GLIBC_2.31 > target_version && \

qtbase.patch

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,17 @@ diff -u -r qtbase.old/cmake/3rdparty/extra-cmake-modules/find-modules/FindXCB.cm
1010
set(XCB_RENDERUTIL_component_deps XCB RENDER)
1111
set(XCB_XFIXES_component_deps XCB RENDER SHAPE)
1212
set(XCB_XVMC_component_deps XCB XV)
13+
diff -u -r qtbase.old/cmake/QtBuildHelpers.cmake qtbase.new/cmake/QtBuildHelpers.cmake
14+
--- qtbase.old/cmake/QtBuildHelpers.cmake 2025-02-13 11:45:28.000000000 -0600
15+
+++ qtbase.new/cmake/QtBuildHelpers.cmake 2025-11-15 00:50:19.933641770 -0600
16+
@@ -414,7 +414,6 @@
17+
# Depends on qt_internal_set_cmake_build_type
18+
qt_internal_setup_cmake_config_postfix()
19+
20+
- qt_internal_setup_position_independent_code()
21+
qt_internal_set_link_depends_no_shared()
22+
qt_internal_setup_default_install_prefix()
23+
qt_internal_set_qt_source_tree_var()
1324
diff -u -r qtbase.old/src/tools/rcc/rcc.cpp qtbase.new/src/tools/rcc/rcc.cpp
1425
--- qtbase.old/src/tools/rcc/rcc.cpp 2025-02-13 11:45:28.000000000 -0600
1526
+++ qtbase.new/src/tools/rcc/rcc.cpp 2025-11-14 00:12:48.076214506 -0600

0 commit comments

Comments
 (0)