From e66a937c7cc0f7ba73b7b6df1838f5bf67f5e144 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Fri, 9 Jun 2023 14:01:04 +0200 Subject: [PATCH] disable pch when building boost with gcc 8.x according to https://bugzilla.redhat.com/show_bug.cgi?id=1806545 GCC's PCH mechanism is fundamentally incompatible with the security hardening requirements for RHEL (PIE in particular). We are currently evaluating the best way to present a more friendly diagnostic for this issue. and also we don't turn on hardening the compiler and its binaries in DTS 9. --- cmake/boost.cmake | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cmake/boost.cmake b/cmake/boost.cmake index 66a26670c..b08cb2f08 100644 --- a/cmake/boost.cmake +++ b/cmake/boost.cmake @@ -7,6 +7,9 @@ include(ExternalProject) if(CMAKE_CXX_COMPILER_ID MATCHES "GNU") set(_toolset "gcc") + if (CMAKE_CXX_COMPILER_VERSION VERSION_LESS "9.0") + set(_extra "pch=off") + endif() elseif(CMAKE_CXX_COMPILER_ID MATCHES ".*Clang") set(_toolset "clang") elseif(CMAKE_CXX_COMPILER_ID MATCHES "Intel") @@ -19,7 +22,7 @@ SET(Boost_LIBRARY_DIRS "${INSTALL_LOCATION}/lib") LINK_DIRECTORIES("${Boost_LIBRARY_DIRS}") set(_cxxargs "-fPIC -DBOOST_NO_AUTO_PTR -fvisibility=default") -set(_b2args cxxflags=${_cxxargs};cflags=-fPIC;threading=multi; toolset=${_toolset} --without-python;--prefix=${INSTALL_LOCATION}) +set(_b2args cxxflags=${_cxxargs};cflags=-fPIC;threading=multi;${_extra};toolset=${_toolset} --without-python;--prefix=${INSTALL_LOCATION}) SET(byproducts) FOREACH(name chrono filesystem program_options regex system thread)