[gentoo-commits] proj/hardened-gccpatchset:master commit in: gcc-4.7.0/piepatch/

["Magnus Granberg" <zorry@gentoo.org>]

commit:     252205a3612155769c1c4b6b6db687c044e9f558
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Tue Oct  2 16:12:52 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Tue Oct  2 16:12:52 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=252205a3

Add configure.ac patches

---
 gcc-4.7.0/piepatch/01_all_gcc47_configure.ac.patch |  139 ++++++++++++++++++++
 gcc-4.7.0/piepatch/01_all_gcc47_configure.patch    |    2 +-
 gcc-4.7.0/piepatch/README.Changelog                |   10 ++
 gcc-4.7.0/piepatch/README.history                  |    3 +
 4 files changed, 153 insertions(+), 1 deletions(-)

diff --git a/gcc-4.7.0/piepatch/01_all_gcc47_configure.ac.patch b/gcc-4.7.0/piepatch/01_all_gcc47_configure.ac.patch
new file mode 100644
index 0000000..ed49cd9
--- /dev/null
+++ b/gcc-4.7.0/piepatch/01_all_gcc47_configure.ac.patch
@@ -0,0 +1,139 @@
+2011-04-27	Magnus Granberg		<zorry@gentoo.org>
+
+		* configure.ac		Add --enable-esp.  Add -fno-stack-protector
+		to stage1_cflags.
+		* gcc/configure.ac		Add --enable-esp and check if SSP works.
+		Define ENABLE_ESP ENABLE_ESP_SSP.
+		Check if we support crtbeginP and define ENABLE_CRTBEGINP.
+
+--- a/configure.ac	2011-11-29 22:36:43.000000000 +0100
++++ b/configure.ac	2011-12-07 23:29:26.125712475 +0100
+@@ -419,6 +419,25 @@ if test "${ENABLE_LIBADA}" != "yes" ; th
+   noconfigdirs="$noconfigdirs gnattools"
+ fi
+ 
++# Check whether --enable-esp was given and target have the support.
++AC_ARG_ENABLE([esp],
++[AS_HELP_STRING([--enable-esp],
++		[Enable Stack protector, Position independent executable as 
++		 default if we have suppot for it when compiling
++		 and link with -z relro and -z now as default.
++		 Linux targets supported i*86, x86_64, x86_x32, powerpc, powerpc64, ia64 and arm.])],
++[
++  case $target in
++    i?86*-*-linux* | x86_??*-*-linux* | powerpc-*-linux* | powerpc64-*-linux* | arm*-*-linux* | ia64-*-linux*)
++      enable_espf=yes
++      ;;
++    *)
++      AC_MSG_WARN([*** --enable-esp is not supported on this $target target.])
++      ;;
++  esac
++])
++AC_SUBST([enable_esp])
++
+ AC_ARG_ENABLE(libssp,
+ [AS_HELP_STRING([--enable-libssp], [build libssp directory])],
+ ENABLE_LIBSSP=$enableval,
+@@ -3211,6 +3230,11 @@ if test "$GCC" = yes -a "$ENABLE_BUILD_W
+   CFLAGS="$saved_CFLAGS"
+ fi
+ 
++# Disable -fstack-protector on stage1
++if test x$enable_esp = xyes; then
++  stage1_cflags="$stage1_cflags -fno-stack-protector"
++fi
++
+ AC_SUBST(stage1_cflags)
+ 
+ # Enable --enable-checking in stage1 of the compiler.
+--- a/gcc/configure.ac	2011-11-18 11:52:32.000000000 +0100
++++ b/gcc/configure.ac	2012-10-02 17:39:15.649526241 +0200
+@@ -5130,6 +5237,88 @@ if test x"${LINKER_HASH_STYLE}" != x; th
+                                          [The linker hash style])
+ fi
+ 
++# --------------
++# Esp checks
++# --------------
++
++# Check whether --enable-esp was given and target have the support.
++AC_ARG_ENABLE([esp],
++[AS_HELP_STRING([--enable-esp],
++		[Enable Stack protector, Position independent executable and
++		 Fortify_sources as default if we have suppot for it when compiling
++		 and link -z now as default.
++		 Linux targets supported i*86, x86_64, x86_x32, powerpc, powerpc64, ia64 and arm])],
++	set_enable_espf=$enableval,
++	set_enable_espf=no)
++if test $set_enable_esp = yes ; then
++  AC_MSG_CHECKING(if $target support esp)
++if test $set_enable_esp = yes ; then
++  case "$target" in
++    i?86*-*-linux* | x86_??*-*-linux* | powerpc-*-linux* | powerpc64-*-linux* | arm*-*-linux* | ia64-*-linux*)
++      enable_esp=yes
++      AC_DEFINE(ENABLE_ESP, 1,
++        [Define if your target support esp and you have enable it.])
++      ;;
++    *)
++      enable_esp=no
++      ;;
++  esac
++else
++ enable_esp=no
++fi
++AC_MSG_RESULT($enable_esp)
++fi
++AC_SUBST([enable_esp])
++if test $enable_esp = yes ; then
++
++ AC_MSG_CHECKING(if we can default to use -fstack-protector-all)
++  ssp_link_test=no
++  if test x$gcc_cv_libc_provides_ssp = xyes && test x$set_have_as_tls = xyes; then
++    if $EGREP '^ 	*#[ 	]*define[ 	]+__UCLIBC__[ 	]+1' \
++       $target_header_dir/features.h > /dev/null; then
++      if test -f $target_header_dir/bits/uClibc_config.h && \
++	 $EGREP '^ 	*#[ 	]*define[ 	]+__UCLIBC_SUBLEVEL__[ 	]+([3-9][2-9]|[4-9][0-9])' \
++	 $target_header_dir/bits/uClibc_config.h > /dev/null && \
++	 $EGREP '^ 	*#[ 	]*define[ 	]+__UCLIBC_HAS_TLS__[ 	]+1' \
++	 $target_header_dir/bits/uClibc_config.h > /dev/null; then
++	ssp_link_test=yes
++      fi
++    else
++      ssp_link_test=yes
++    fi
++  fi
++  if test x$ssp_link_test=xyes ; then
++    saved_CFLAGS="$CFLAGS"
++    CFLAGS="$CFLAGS -O2 -fstack-protector-all -Werror"
++    AC_TRY_LINK(,,
++      [AC_MSG_RESULT([yes]); enable_esp_ssp=yes],
++      [AC_MSG_RESULT([no]); enable_esp_ssp=no])
++    CFLAGS="$saved_CFLAGS"
++  else
++    [AC_MSG_RESULT([no]); enable_esp_ssp=no]
++  fi
++  if test $enable_esp_ssp = yes ; then
++    AC_DEFINE(ENABLE_ESP_SSP, 1,
++      [Define if your compiler will default to use -fstack-protector-all.])
++  fi
++  AC_MSG_CHECKING(checking for crtbeginP.o support)
++    if test x$enable_esp = xyes ; then
++      case "$target" in
++	ia64*-*-linux*)
++          enable_crtbeginP=no ;;
++        *-*-linux*)
++          if test x$gcc_cv_ld_pie = xyes && test x$lt_cv_prog_compiler_static_works = xyes; then
++            enable_crtbeginP=yes
++            AC_DEFINE(ENABLE_CRTBEGINP, 1,
++              [Define if your compiler will support crtbeginP.])
++     	  fi
++          ;;
++  	*) enable_crtbeginP=no ;;
++      esac
++    fi
++  AC_MSG_RESULT($enable_crtbeginP)
++fi
++
+ # Configure the subdirectories
+ # AC_CONFIG_SUBDIRS($subdirs)
+ 

diff --git a/gcc-4.7.0/piepatch/01_all_gcc47_configure.patch b/gcc-4.7.0/piepatch/01_all_gcc47_configure.patch
index 3823f1b..1a48f49 100644
--- a/gcc-4.7.0/piepatch/01_all_gcc47_configure.patch
+++ b/gcc-4.7.0/piepatch/01_all_gcc47_configure.patch
@@ -125,7 +125,7 @@
 +$as_echo_n "checking if $target support esp... " >&6; }
 +if test $set_enable_esp = yes ; then
 +  case "$target" in
-+    i?86*-*-linux* | x86_??*-*-linux* | powerpc-*-linux* | powerpc64-*-linux* | arm*-*-linux* | ia64-*-linux* | mips*-*-linux*)
++    i?86*-*-linux* | x86_??*-*-linux* | powerpc-*-linux* | powerpc64-*-linux* | arm*-*-linux* | ia64-*-linux*)
 +      enable_esp=yes
 +
 +$as_echo "#define ENABLE_ESP 1" >>confdefs.h

diff --git a/gcc-4.7.0/piepatch/README.Changelog b/gcc-4.7.0/piepatch/README.Changelog
index b6252ed..009e128 100644
--- a/gcc-4.7.0/piepatch/README.Changelog
+++ b/gcc-4.7.0/piepatch/README.Changelog
@@ -1,3 +1,13 @@
+0.5.4 Magnus Granberg		<zorry@gentoo.org>
+
+		#436924
+		* configure.ac			Add --enable-esp.  Add -fno-stack-protector
+		to stage1_cflags.
+		* gcc/configure.ac		Add --enable-esp and check if SSP works.
+		Define ENABLE_ESP ENABLE_ESP_SSP.
+		Check if we support crtbeginP and define ENABLE_CRTBEGINP.
+		* gcc/configure			Fix a typo
+		
 0.5.3 Magnus Granberg		<zorry@gentoo.org>
 
 		* gcc/configure			Clean up the checks and added

diff --git a/gcc-4.7.0/piepatch/README.history b/gcc-4.7.0/piepatch/README.history
index 537cc48..82b2ee3 100644
--- a/gcc-4.7.0/piepatch/README.history
+++ b/gcc-4.7.0/piepatch/README.history
@@ -1,3 +1,6 @@
+0.5.4		02 Oct 2012
+		U 01_all_gcc47_configure.patch
+		+  01_all_gcc47_configure.ac.patch
 0.5.3		06 Apr 2012
 		U 01_all_gcc47_configure.patch
 		+ 02_all_gcc47_config.in.patch