[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     abb126ad0df0aa7ee373e4254452a1d944c20991
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Nov 13 21:13:21 2013 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Nov 13 21:13:21 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=abb126ad

Update the doc for gcc4.9 upstream

---
 upstream/gcc49_default_pie_doc.patch | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/upstream/gcc49_default_pie_doc.patch b/upstream/gcc49_default_pie_doc.patch
index 961d75f..d10c930 100644
--- a/upstream/gcc49_default_pie_doc.patch
+++ b/upstream/gcc49_default_pie_doc.patch
@@ -1,5 +1,5 @@
---- gcc-4.9-20131006/gcc/doc/install.texi	2013-10-01 19:29:40.000000000 +0200
-+++ gcc-4.9-20131006-work/gcc/doc/install.texi	2013-11-09 15:40:20.831402110 +0100
+--- a/gcc/doc/install.texi	2013-10-01 19:29:40.000000000 +0200
++++ b/gcc/doc/install.texi	2013-11-09 15:40:20.831402110 +0100
 @@ -1421,6 +1421,11 @@ do a @samp{make -C gcc gnatlib_and_tools
  Specify that the run-time libraries for stack smashing protection
  should not be built.
@@ -12,8 +12,8 @@
  @item --disable-libquadmath
  Specify that the GCC quad-precision math library should not be built.
  On some systems, the library is required to be linkable when building
---- gcc-4.8-20120302/gcc/doc/invoke.texi	2012-03-01 10:57:59.000000000 +0100
-+++ gcc-4.8-20120302-work/gcc/doc/invoke.texi	2012-07-30 00:57:03.766847851 +0200
+--- a/gcc/doc/invoke.texi	2012-03-01 10:57:59.000000000 +0100
++++ b/gcc/doc/invoke.texi	2012-07-30 00:57:03.766847851 +0200
 @@ -9457,6 +9480,12 @@ For predictable results, you must also s
  that were used to generate code (@option{-fpie}, @option{-fPIE},
  or model suboptions) when you specify this option.

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     081253a1029a71cc9a10af9a96058e9c9d33f945
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Nov 13 20:59:55 2013 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Nov 13 20:59:55 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=081253a1

Update the changlog for gcc4.9 upstream

---
 upstream/gcc49_default_pie_Changlog.txt | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/upstream/gcc49_default_pie_Changlog.txt b/upstream/gcc49_default_pie_Changlog.txt
index 59ce7d5..dac21e0 100644
--- a/upstream/gcc49_default_pie_Changlog.txt
+++ b/upstream/gcc49_default_pie_Changlog.txt
@@ -15,8 +15,7 @@
 	* testsuite/gcc.dg/other/anon5.C: Add skip test as it fail to link
 	on effective_target default_pie.
 	* testsuite/lib/target-supports.exp (check_profiling_available):
-	We can't use profiling on effective target default_pie.
-	* testsuite/lib/target-supports.exp (check_effective_target_pie):
-	Add check_effective_target_default_pie.
+	We can't use profiling on effective target default_pie. 
+	(check_effective_target_pie): Add check_effective_target_default_pie.
 	/libgcc
 	* Makefile.in: Disable PIE when building the crtbegin/end files.

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     ec80df40d20243d3d534a5ea798424705927dcfb
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Sun Nov 10 10:22:48 2013 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Sun Nov 10 10:22:48 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=ec80df40

Add default PIE patches for gcc 4.9.X

---
 upstream/gcc49_default_pie_Changlog.txt    |  22 +++++
 upstream/gcc49_default_pie_doc.patch       |  42 +++++++++
 upstream/gcc49_default_pie_main.patch      | 133 +++++++++++++++++++++++++++++
 upstream/gcc49_default_pie_testsuite.patch |  53 ++++++++++++
 4 files changed, 250 insertions(+)

diff --git a/upstream/gcc49_default_pie_Changlog.txt b/upstream/gcc49_default_pie_Changlog.txt
new file mode 100644
index 0000000..59ce7d5
--- /dev/null
+++ b/upstream/gcc49_default_pie_Changlog.txt
@@ -0,0 +1,22 @@
+2013-11-10  Magnus Granberg  <zorry@gentoo.org>
+
+	/gcc
+	* config/gnu-user.h: Define PIE_DRIVER_SELF_SPECS for PIE 
+	as default and GNU_DRIVER_SELF_SPECS.
+	* config/i386/gnu-user-common.h: Define DRIVER_SELF_SPECS
+	* configure.ac: Add new option that enable PIE as default.
+	* configure, config.in: Rebuild.
+	* Makefile.in: Disable PIE when building the compiler.
+	* doc/install.texi: Add the new configure option default PIE.
+	* doc/invoke.texi: Add note for the new configure option default
+	PIE.
+	* testsuite/gcc/default-pie.c: New test for new configure option
+	--enale-default-pie
+	* testsuite/gcc.dg/other/anon5.C: Add skip test as it fail to link
+	on effective_target default_pie.
+	* testsuite/lib/target-supports.exp (check_profiling_available):
+	We can't use profiling on effective target default_pie.
+	* testsuite/lib/target-supports.exp (check_effective_target_pie):
+	Add check_effective_target_default_pie.
+	/libgcc
+	* Makefile.in: Disable PIE when building the crtbegin/end files.

diff --git a/upstream/gcc49_default_pie_doc.patch b/upstream/gcc49_default_pie_doc.patch
new file mode 100644
index 0000000..961d75f
--- /dev/null
+++ b/upstream/gcc49_default_pie_doc.patch
@@ -0,0 +1,42 @@
+--- gcc-4.9-20131006/gcc/doc/install.texi	2013-10-01 19:29:40.000000000 +0200
++++ gcc-4.9-20131006-work/gcc/doc/install.texi	2013-11-09 15:40:20.831402110 +0100
+@@ -1421,6 +1421,11 @@ do a @samp{make -C gcc gnatlib_and_tools
+ Specify that the run-time libraries for stack smashing protection
+ should not be built.
+ 
++@item --enable-default-pie
++We will turn on @option{-fPIE} and @option{-pie} as default when
++compileing and linking if the support is there. We only support 
++i?86-*-linux* and x86-64-*-linux* as target for now.
++
+ @item --disable-libquadmath
+ Specify that the GCC quad-precision math library should not be built.
+ On some systems, the library is required to be linkable when building
+--- gcc-4.8-20120302/gcc/doc/invoke.texi	2012-03-01 10:57:59.000000000 +0100
++++ gcc-4.8-20120302-work/gcc/doc/invoke.texi	2012-07-30 00:57:03.766847851 +0200
+@@ -9457,6 +9480,12 @@ For predictable results, you must also s
+ that were used to generate code (@option{-fpie}, @option{-fPIE},
+ or model suboptions) when you specify this option.
+ 
++NOTE: With configure --enable-default-pie  this option is enabled by default 
++for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie}, 
++@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic}, 
++@option{-nostdlib}, @option{-nostartfiles}, @option{-shared}, 
++@option{-nodefaultlibs}, nor @option{static} are found.
++
+ @item -rdynamic
+ @opindex rdynamic
+ Pass the flag @option{-export-dynamic} to the ELF linker, on targets
+@@ -19125,6 +19154,12 @@ used during linking.
+ @code{__pie__} and @code{__PIE__}.  The macros have the value 1
+ for @option{-fpie} and 2 for @option{-fPIE}.
+ 
++NOTE: With configure --enable-default-pie  this option is enabled by default 
++for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie}, 
++@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic}, 
++@option{-nostdlib}, @option{-nostartfiles}, @option{-shared}, 
++@option{-nodefaultlibs}, nor @option{static} are found.
++
+ @item -fno-jump-tables
+ @opindex fno-jump-tables
+ Do not use jump tables for switch statements even where it would be

diff --git a/upstream/gcc49_default_pie_main.patch b/upstream/gcc49_default_pie_main.patch
new file mode 100644
index 0000000..37eb527
--- /dev/null
+++ b/upstream/gcc49_default_pie_main.patch
@@ -0,0 +1,133 @@
+--- a/gcc/config/gnu-user.h	2013-08-20 10:31:40.000000000 +0200
++++ b/gcc/config/gnu-user.h	2013-10-23 22:01:42.337238981 +0200
+@@ -134,3 +134,17 @@ see the files COPYING3 and COPYING.RUNTI
+ /* Additional libraries needed by -static-libtsan.  */
+ #undef STATIC_LIBTSAN_LIBS
+ #define STATIC_LIBTSAN_LIBS "-ldl -lpthread"
++
++/* We use this to make the compiler use -fPIE as default and link
++   with -pie.  */
++#ifdef ENABLE_DEFAULT_PIE
++#define PIE_DRIVER_SELF_SPECS \
++"%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \
++  shared|static|nostdlib|nostartfiles:;:-fPIE -pie}"
++#else
++#define PIE_DRIVER_SELF_SPECS ""
++#endif
++
++#ifndef GNU_DRIVER_SELF_SPECS
++#define GNU_DRIVER_SELF_SPECS PIE_DRIVER_SELF_SPECS
++#endif
+--- a/gcc/config/i386/gnu-user-common.h	2013-01-10 21:38:27.000000000 +0100
++++ b/gcc/config/i386/gnu-user-common.h	2013-10-23 17:37:45.432767049 +0200
+@@ -70,3 +70,8 @@ along with GCC; see the file COPYING3.
+ 
+ /* Static stack checking is supported by means of probes.  */
+ #define STACK_CHECK_STATIC_BUILTIN 1
++
++/* Use GNU_DRIVER_SELF_SPECS.  */
++#ifndef DRIVER_SELF_SPECS
++#define DRIVER_SELF_SPECS GNU_DRIVER_SELF_SPECS
++#endif
+--- a/gcc/configure.ac	2013-09-25 18:10:35.000000000 +0200
++++ b/gcc/configure.ac	2013-10-22 21:26:56.287602139 +0200
+@@ -5434,6 +5434,31 @@ if test x"${LINKER_HASH_STYLE}" != x; th
+                                          [The linker hash style])
+ fi
+ 
++# Check whether --enable-default-pie was given and target have the support.
++AC_ARG_ENABLE(default-pie,
++[AS_HELP_STRING([--enable-default-pie], [Enable Position independent executable as default.
++                 If we have suppot for it when compiling and linking.
++                 Linux targets supported i?86 and x86_64.])],
++enable_default_pie=$enableval,
++enable_default_pie=no)
++if test x$enable_default_pie = xyes; then
++  AC_MSG_CHECKING(if $target support to default with -fPIE and link with -pie as default)
++  enable_default_pie=no
++  case $target in
++    i?86*-*-linux* | x86_64*-*-linux*)
++      enable_default_pie=yes
++      ;;
++    *)
++      ;;
++    esac
++  AC_MSG_RESULT($enable_default_pie)
++fi
++if test x$enable_default_pie == xyes ; then
++  AC_DEFINE(ENABLE_DEFAULT_PIE, 1,
++      [Define if your target support default-pie and you have enable it.])
++fi
++AC_SUBST([enable_default_pie])
++
+ # Configure the subdirectories
+ # AC_CONFIG_SUBDIRS($subdirs)
+ 
+--- a/gcc/Makefile.in	2013-10-02 21:52:27.000000000 +0200
++++ b/gcc/Makefile.in	2013-10-24 17:46:22.055357122 +0200
+@@ -957,14 +957,23 @@ CONTEXT_H = context.h
+ # cross compiler which does not use the native headers and libraries.
+ INTERNAL_CFLAGS = -DIN_GCC @CROSS@
+ 
++# We don't want to compile the compiler with -fPIE, it make PCH fail.
++enable_default_pie = @enable_default_pie@
++ifeq ($(enable_default_pie),yes)
++NOPIE_CFLAGS = -fno-PIE
++else
++NOPIE_CFLAGS=
++endif
++
+ # This is the variable actually used when we compile. If you change this,
+ # you probably want to update BUILD_CFLAGS in configure.ac
+-ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \
++ALL_CFLAGS = $(NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \
+   $(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@
+ 
+ # The C++ version.
+-ALL_CXXFLAGS = $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) $(INTERNAL_CFLAGS) \
+-  $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) $(WARN_CXXFLAGS) @DEFS@
++ALL_CXXFLAGS = $(NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) \
++  $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) \
++  $(WARN_CXXFLAGS) @DEFS@
+ 
+ # Likewise.  Put INCLUDES at the beginning: this way, if some autoconf macro
+ # puts -I options in CPPFLAGS, our include files in the srcdir will always
+@@ -1805,6 +1814,7 @@ libgcc.mvars: config.status Makefile spe
+ 	echo GCC_CFLAGS = '$(GCC_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo INHIBIT_LIBC_CFLAGS = '$(INHIBIT_LIBC_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
++	echo enable_default_pie = '$(enable_default_pie)' >> tmp-libgcc.mvars
+ 
+ 	mv tmp-libgcc.mvars libgcc.mvars
+ 
+@@ -3460,6 +3470,9 @@ site.exp: ./config.status Makefile
+ 	@if test "@enable_lto@" = "yes" ; then \
+ 	  echo "set ENABLE_LTO 1" >> ./site.tmp; \
+ 	fi
++	@if test "@enable_default_pie@" = "yes" ; then \
++	  echo "set ENABLE_DEFAULT_PIE 1" >> ./site.tmp; \
++	fi
+ # If newlib has been configured, we need to pass -B to gcc so it can find
+ # newlib's crt0.o if it exists.  This will cause a "path prefix not used"
+ # message if it doesn't, but the testsuite is supposed to ignore the message -
+--- a/libgcc/Makefile.in	2011-11-22 04:01:02.000000000 +0100
++++ b/libgcc/Makefile.in	2012-06-29 00:15:04.534016511 +0200
+@@ -275,11 +275,17 @@ override CFLAGS := $(filter-out -fprofil
+ INTERNAL_CFLAGS = $(CFLAGS) $(LIBGCC2_CFLAGS) $(HOST_LIBGCC2_CFLAGS) \
+ 		  $(INCLUDES) @set_have_cc_tls@ @set_use_emutls@
+ 
++#Don't use -fPIE when compiling crtbegin/end.
++ifeq ($(enable_default_pie),yes)
++NOPIE_CFLAGS = -fno-PIE
++else
++NOPIE_CFLAGS=
++endif
+ # Options to use when compiling crtbegin/end.
+ CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
+   -finhibit-size-directive -fno-inline -fno-exceptions \
+   -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
+-  -fno-stack-protector \
++  -fno-stack-protector $(NOPIE_CFLAGS) \
+   $(INHIBIT_LIBC_CFLAGS)
+ 
+ # Extra flags to use when compiling crt{begin,end}.o.

diff --git a/upstream/gcc49_default_pie_testsuite.patch b/upstream/gcc49_default_pie_testsuite.patch
new file mode 100644
index 0000000..de3d16d
--- /dev/null
+++ b/upstream/gcc49_default_pie_testsuite.patch
@@ -0,0 +1,53 @@
+--- a/gcc/testsuite/gcc.dg/default-pie.c	2013-11-09 21:07:16.741479728 +0100
++++ b/gcc/testsuite/gcc.dg/default-pie.c	2013-11-09 21:05:07.801479218 +0100
+@@ -0,0 +1,12 @@
++/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
++/* { dg-require-effective-target default_pie } */
++/* { dg-options "-O2" } */
++int foo (void);
++
++int
++main (void)
++{
++	return foo ();
++}
++
++/* { dg-final { scan-assembler "foo@PLT" } } */
+--- a/gcc/testsuite/g++.dg/other/anon5.C	2012-11-10 15:34:42.000000000 +0100
++++ b/gcc/testsuite/g++.dg/other/anon5.C	2013-11-09 14:49:52.281390127 +0100
+@@ -1,5 +1,6 @@
+ // PR c++/34094
+ // { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* } } } }
++// { dg-skip-if "" { default_pie } { "*" } { "" } }
+ // { dg-options "-g" }
+ // Ignore additional message on powerpc-ibm-aix
+ // { dg-prune-output "obtain more information" } */
+--- a/gcc/testsuite/lib/target-supports.exp	2013-10-01 11:18:30.000000000 +0200
++++ b/gcc/testsuite/lib/target-supports.exp	2013-10-25 22:01:46.743388469 +0200
+@@ -474,6 +474,11 @@ proc check_profiling_available { test_wh
+ 	}
+     }
+ 
++    # Profiling don't work with default -fPIE -pie.
++    if { [check_effective_target_default_pie] } {
++      return 0
++    }
++
+     # Support for -p on solaris2 relies on mcrt1.o which comes with the
+     # vendor compiler.  We cannot reliably predict the directory where the
+     # vendor compiler (and thus mcrt1.o) is installed so we can't
+@@ -839,6 +844,14 @@ proc check_effective_target_pie { } {
+     return 0
+ }
+ 
++# Return 1 if -pie, -fPIE are default enable, 0 otherwise.
++
++proc check_effective_target_default_pie { } {
++    global ENABLE_DEFAULT_PIE
++    return [info exists ENABLE_DEFAULT_PIE]
++    return 0
++}
++
+ # Return true if the target supports -mpaired-single (as used on MIPS).
+ 
+ proc check_effective_target_mpaired_single { } {

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     62670efba8685ece4c5670285c670c42c8e528df
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Sun Oct  7 16:54:01 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Sun Oct  7 16:54:01 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=62670efb

Add the testsuite

---
 upstream/configure.ac.patch           |    2 +-
 upstream/testsuite-espf-format.patch  |   87 +++++
 upstream/testsuite-espf-fortify.patch |   44 +++
 upstream/testsuite-espf-piessp.patch  |   98 ++++++
 upstream/testsuite-espf-pr39537.patch |  590 +++++++++++++++++++++++++++++++++
 5 files changed, 820 insertions(+), 1 deletions(-)

diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch
index 9d6f2bc..2e39577 100644
--- a/upstream/configure.ac.patch
+++ b/upstream/configure.ac.patch
@@ -104,7 +104,7 @@
 +if test $enable_espf = yes ; then
 +
 +# Check for FORTIFY_SOURCES support in target C library.
-+  AC_CACHE_CHECK(for _FORTIFY_SOURCES support  in target C library,
++  AC_CACHE_CHECK(for _FORTIFY_SOURCES support in target C library,
 +    gcc_cv_libc_provides_fortify, 
 +    [gcc_cv_libc_provides_fortify=no
 +    case "$target" in

diff --git a/upstream/testsuite-espf-format.patch b/upstream/testsuite-espf-format.patch
new file mode 100644
index 0000000..0d14c10
--- /dev/null
+++ b/upstream/testsuite-espf-format.patch
@@ -0,0 +1,87 @@
+--- a/gcc/testsuite/gcc.dg/charset/builtin2.c
++++ b/gcc/testsuite/gcc.dg/charset/builtin2.c
+@@ -4,6 +4,7 @@
+ /* { dg-do compile } */
+ /* { dg-require-iconv "IBM1047" } */
+ /* { dg-options "-O2 -fexec-charset=IBM1047" } */
++/* { dg-additional-options "-Wno-format" { target espf } } */
+ /* { dg-final { scan-assembler-not "printf" } } */
+ /* { dg-final { scan-assembler-not "fprintf" } } */
+ /* { dg-final { scan-assembler-not "sprintf" } } */
+--- a/gcc/testsuite/gcc.dg/format/format.exp
++++ b/gcc/testsuite/gcc.dg/format/format.exp
+@@ -24,9 +24,16 @@ if [is_remote host] {
+ 
+ load_lib gcc-dg.exp
+ load_lib torture-options.exp
++load_lib target-supports.exp
+ 
+ torture-init
+-set-torture-options [list { } { -DWIDE } ]
++
++# Disable -Wformat if we use espf.
++if  [check_effective_target_espf] {
++	set-torture-options [list { -Wno-format } { -DWIDE -Wno-format } ]
++} else {
++	set-torture-options [list { } { -DWIDE } ]
++}
+ 
+ dg-init
+ gcc-dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.\[cS\]]] ""
+
+--- a/gcc/testsuite/gcc.dg/pr30473.c
++++ b/gcc/testsuite/gcc.dg/pr30473.c
+@@ -2,6 +2,7 @@
+ /* Make sure this doesn't ICE.  */
+ /* { dg-do compile } */
+ /* { dg-options "-O2" } */
++/* { dg-additional-options "Wno-format" { target espf } } */
+ 
+ extern int sprintf (char *, const char *, ...);
+ 
+--- a/gcc/testsuite/gcc.dg/pr38902.c
++++ b/gcc/testsuite/gcc.dg/pr38902.c
+@@ -2,6 +2,7 @@
+ /* { dg-do run } */
+ /* { dg-options "-O2 -fstack-protector" } */
+ /* { dg-require-effective-target fstack_protector } */
++/* { dg-additional-options "Wno-format" { target espf } } */
+ 
+ #ifdef DEBUG
+ #include <stdio.h>
+--- a/gcc/testsuite/gcc.dg/ipa/ipa-sra-1.c	2010-09-10 01:38:23.000000000 +0200
++++b/gcc/testsuite/gcc.dg/ipa/ipa-sra-1.c	2012-07-31 14:37:53.238554197 +0200
+@@ -1,5 +1,6 @@
+ /* { dg-do run } */
+ /* { dg-options "-O2 -fipa-sra -fdump-tree-eipa_sra-details"  } */
++/* { dg-additional-options "-Wno-format" { target espf } } */
+ 
+ struct bovid
+ {
+--- a/gcc/testsuite/gcc.dg/torture/tls/tls-test.c	2011-06-22 19:27:07.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/torture/tls/tls-test.c	2012-08-21 23:51:33.205398132 +0200
+@@ -2,6 +2,7 @@
+ /* { dg-require-effective-target tls  }  */
+ /* { dg-require-effective-target pthread } */
+ /* { dg-options "-pthread" } */
++/* { dg-additional-options "-Wno-format" { target espf } } */
+ 
+ #include <pthread.h>
+ extern int printf (char *,...);
+--- a/gcc/testsuite/g++.dg/abi/pragma-pack1.C	2011-06-07 23:54:07.000000000 +0200
++++ b/gcc/testsuite/g++.dg/abi/pragma-pack1.C	2012-08-16 17:49:19.472877085 +0200
+@@ -1,4 +1,5 @@
+ // PR c++/7046
++// { dg-additional-options "-Wno-format" { target espf } }
+ 
+ extern "C" int printf (const char *, ...);
+ 
+--- a/gcc/testsuite/g++.dg/cpp0x/constexpr-tuple.C	2012-08-16 17:41:19.486862781 +0200
++++ b/gcc/testsuite/g++.dg/cpp0x/constexpr-tuple.C	2012-08-16 17:38:38.000000000 +0200
+@@ -1,5 +1,6 @@
+ // PR c++/53202
+ // { dg-do run { target c++11 } }
++// { dg-additional-options "-Wno-format" { target espf } }
+ 
+ #include <tuple>
+ 

diff --git a/upstream/testsuite-espf-fortify.patch b/upstream/testsuite-espf-fortify.patch
new file mode 100644
index 0000000..82456cc
--- /dev/null
+++ b/upstream/testsuite-espf-fortify.patch
@@ -0,0 +1,44 @@
+--- a/gcc/testsuite/lib/target-supports.exp	2012-02-22 12:00:21.000000000 +0100
++++ b/gcc/testsuite/lib/target-supports.exp	2012-07-27 19:19:30.849216278 +0200
+@@ -4419,6 +4419,14 @@ proc check_effective_target_lto { } {
+     return [info exists ENABLE_LTO]
+ }
+ 
++# Return 1 if the compiler has been configure with espf
++# (configure --enable-espf=(all|ssp|pie)) support.
++
++proc check_effective_target_espf { } {
++    global ENABLE_ESPF
++    return [info exists ENABLE_ESPF]
++}
++
+ # Return 1 if this target supports the -fsplit-stack option, 0
+ # otherwise.
+ 
+--- a/gcc/testsuite/gcc.c-torture/execute/memset-1.x	2012-08-18 14:43:31.963694252 +0200
++++ b/gcc/testsuite/gcc.c-torture/execute/memset-1.x	2012-07-27 21:47:01.000000000 +0200
+@@ -0,0 +1,6 @@
++load_lib target-supports.exp
++
++if { [check_effective_target_espf] } {
++        set additional_flags "-U_FORTIFY_SOURCE"
++}
++return 0
+--- a/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x	2012-07-30 02:31:20.573793905 +0200
++++ b/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x	2012-07-27 21:47:01.574480025 +0200
+@@ -0,0 +1,6 @@
++load_lib target-supports.exp
++
++if [check_effective_target_espf] {
++        set additional_flags "-U_FORTIFY_SOURCE"
++}
++return 0
+--- a/gcc/testsuite/gcc.c-torture/execute/vfprintf-chk-1.x	2012-07-30 02:31:07.366794031 +0200
++++ b/gcc/testsuite/gcc.c-torture/execute/vfprintf-chk-1.x	2012-07-27 21:47:01.000000000 +0200
+@@ -0,0 +1,6 @@
++load_lib target-supports.exp
++
++if [check_effective_target_espf] {
++        set additional_flags "-U_FORTIFY_SOURCE"
++}
++return 0

diff --git a/upstream/testsuite-espf-piessp.patch b/upstream/testsuite-espf-piessp.patch
new file mode 100644
index 0000000..8991a69
--- /dev/null
+++ b/upstream/testsuite-espf-piessp.patch
@@ -0,0 +1,98 @@
+--- a/gcc/testsuite/gcc.dg/20021014-1.c	2009-10-02 01:08:07.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/20021014-1.c	2012-08-14 23:50:16.724373103 +0200
+@@ -1,6 +1,7 @@
+ /* { dg-do run } */
+ /* { dg-require-profiling "-p" } */
+ /* { dg-options "-O2 -p" } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ /* { dg-options "-O2 -p -static" { target hppa*-*-hpux* } } */
+ /* { dg-error "profiler" "No profiler support" { target xstormy16-*-* } 0 } */
+ /* { dg-message "" "consider using `-pg' instead of `-p' with gprof(1)" { target *-*-freebsd* } 0 } */
+--- a/gcc/testsuite/gcc.dg/nest.c	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/nest.c	2012-08-14 23:51:44.797375728 +0200
+@@ -3,6 +3,7 @@
+ /* { dg-require-profiling "-pg" } */
+ /* { dg-options "-O2 -pg" } */
+ /* { dg-options "-O2 -pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ /* { dg-error "profiler" "No profiler support" { target xstormy16-*-* } 0 } */
+ 
+ extern void abort (void);
+--- a/gcc/testsuite/gcc.dg/nested-func-4.c	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/nested-func-4.c	2012-08-14 23:52:23.337376877 +0200
+@@ -1,6 +1,7 @@
+ /* { dg-do run } */
+ /* { dg-options "-pg" } */
+ /* { dg-options "-pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ /* { dg-require-profiling "-pg" } */
+ 
+ extern void abort(void);
+--- a/gcc/testsuite/gcc.dg/pr32450.c	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/pr32450.c	2012-08-14 23:53:38.125379106 +0200
+@@ -5,6 +5,7 @@
+ /* { dg-options "-O2 -pg" } */
+ /* { dg-options "-O2 -pg -mtune=core2" { target { i?86-*-* x86_64-*-* } } } */
+ /* { dg-options "-O2 -pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ 
+ extern void abort (void);
+ 
+--- a/gcc/testsuite/gcc.dg/pr43643.c	2010-04-14 18:47:15.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/pr43643.c	2012-08-14 23:54:20.084380356 +0200
+@@ -4,6 +4,7 @@
+ /* { dg-require-profiling "-pg" } */
+ /* { dg-options "-O2 -pg" } */
+ /* { dg-options "-O2 -pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ 
+ extern char *strdup (const char *);
+ 
+--- a/gcc.dg/tree-ssa/ssa-store-ccp-3.c	2011-08-07 09:45:57.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c	2012-08-14 23:59:24.489389427 +0200
+@@ -3,6 +3,7 @@
+    defined for executables as well as shared libraries.  */
+ /* { dg-skip-if "" { *-*-darwin* hppa*64*-*-* mips*-*-linux* mips*-*-irix* *-*-mingw* } { "*" } { "" } } */
+ /* { dg-options "-O2 -fno-common -fdump-tree-optimized" } */
++/* { dg-skip-if "" { espf } { "*" } { "" } } */ */
+ 
+ const int conststaticvariable;
+ 
+--- a/gcc/testsuite/gcc.dg/stack-usage-1.c	2012-02-23 19:10:53.000000000 +0100
++++ b/gcc/testsuite/gcc.dg/stack-usage-1.c	2012-08-14 23:55:37.558382664 +0200
+@@ -1,5 +1,6 @@
+ /* { dg-do compile } */
+ /* { dg-options "-fstack-usage" } */
++/* { dg-additional-options "-fno-stack-protector" { target espf } } */
+ 
+ /* This is aimed at testing basic support for -fstack-usage in the back-ends.
+    See the SPARC back-end for example (grep flag_stack_usage_info in sparc.c).
+--- a/gcc/testsuite/gcc.dg/superblock.c	2012-08-15 00:28:32.995441532 +0200
++++ b/gcc/testsuite/gcc.dg/superblock.c	2012-08-14 23:56:30.159384232 +0200
+@@ -1,5 +1,6 @@
+ /* { dg-do compile } */
+ /* { dg-options "-O2 -fno-asynchronous-unwind-tables -fsched2-use-superblocks -fdump-rtl-sched2 -fdump-rtl-bbro" } */
++/* { dg-additional-options "-fno-stack-protector" { target espf } } */
+ 
+ typedef int aligned __attribute__ ((aligned (64)));
+ extern void abort (void);
+--- a/gcc/testsuite/g++.dg/other/anon5.C	2012-08-16 17:33:08.842848160 +0200
++++ b/gcc/testsuite/g++.dg/other/anon5.C	2012-08-16 17:33:35.913848967 +0200
+@@ -1,6 +1,7 @@
+ // PR c++/34094
+ // { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* alpha*-dec-osf* mips-sgi-irix* } } } }
+ // { dg-options "-g" }
++// { dg-additional-options "-fno-PIE" { target espf } }
+ 
+ namespace {
+   struct c
+--- a/gcc/testsuite/g++.old-deja/g++.law/profile1.C	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/g++.old-deja/g++.law/profile1.C	2012-08-21 20:48:15.463070406 +0200
+@@ -2,6 +2,7 @@
+ // { dg-require-profiling "-pg" }
+ // { dg-options "-pg" }
+ // { dg-options "-pg -static" { target hppa*-*-hpux* } }
++// { dg-additional-options "-fno-PIE" { target espf } }
+ // GROUPS passed profiling
+ #include <stdio.h>
+ main()

diff --git a/upstream/testsuite-espf-pr39537.patch b/upstream/testsuite-espf-pr39537.patch
new file mode 100644
index 0000000..8ca807e
--- /dev/null
+++ b/upstream/testsuite-espf-pr39537.patch
@@ -0,0 +1,590 @@
+--- a/gcc/testsuite/g++.dg/ext/align1.C	2002-02-06 17:18:33.000000000 +0100
++++ b/gcc/testsuite/g++.dg/ext/align1.C	2012-08-11 02:14:51.533875779 +0200
+@@ -16,6 +16,5 @@ float f1 __attribute__ ((aligned));
+ int
+ main (void)
+ {
+-  printf ("%d %d\n", __alignof (a1), __alignof (f1));
+   return (__alignof (a1) < __alignof (f1));
+ }
+
+--- a/gcc/testsuite/g++.old-deja/g++.law/operators28.C
++++ b/gcc/testsuite/g++.old-deja/g++.law/operators28.C
+@@ -14,7 +14,8 @@
+ {
+   void *p;
+ 
+-  printf("%d %d %d\n", sz, count, type);
++  // ISO C++ does not support format size modifier "z", so use a cast
++  printf("%u %d %d\n", (unsigned int)sz, count, type);
+ 
+   p = new char[sz * count];
+   ((new_test *)p)->type = type;
+--- a/gcc/testsuite/gcc.dg/torture/matrix-2.c
++++ b/gcc/testsuite/gcc.dg/torture/matrix-2.c
+@@ -42,7 +42,7 @@
+     }
+   for (i = 0; i < ARCHnodes; i++)
+     for (j = 0; j < 3; j++)
+-      printf ("%x\n",vel[i][j]);
++      printf ("%p\n",vel[i][j]);
+       /*if (i!=1 || j!=1)*/
+       /*if (i==1 && j==1)
+         continue;
+@@ -83,14 +83,14 @@
+       for (j = 0; j < 3; j++)
+ 	{
+ 	  vel[i][j] = (int *) malloc (ARCHnodes1 * sizeof (int));
+-          printf ("%x %d %d\n",vel[i][j], ARCHnodes1, sizeof (int));
++          printf ("%p %d %d\n",vel[i][j], ARCHnodes1, (int)sizeof (int));
+ 	}
+     }
+    for (i = 0; i < ARCHnodes; i++)
+     {
+       for (j = 0; j < 3; j++)
+         {
+-          printf ("%x\n",vel[i][j]);
++          printf ("%p\n",vel[i][j]);
+         }
+     }
+ 
+@@ -99,7 +99,7 @@
+     {
+       for (j = 0; j < 3; j++)
+ 	{
+-	  printf ("%x\n",vel[i][j]);
++	  printf ("%p\n",vel[i][j]);
+           /*for (k = 0; k < ARCHnodes1; k++)
+ 	    {
+ 	      vel[i][j][k] = d;
+--- a/gcc/testsuite/gcc.dg/packed-vla.c
++++ b/gcc/testsuite/gcc.dg/packed-vla.c
+@@ -17,8 +17,8 @@
+     int			b[4];
+   } __attribute__ ((__packed__)) foo;
+ 
+-  printf("foo %d\n", sizeof(foo));
+-  printf("bar %d\n", sizeof(bar));
++  printf("foo %d\n", (int)sizeof(foo));
++  printf("bar %d\n", (int)sizeof(bar));
+ 
+   if (sizeof (foo) != sizeof (bar))
+     abort ();
+--- a/gcc/testsuite/g++.dg/opt/alias2.C
++++ b/gcc/testsuite/g++.dg/opt/alias2.C
+@@ -30,14 +30,14 @@
+ 
+ 
+ _Deque_base::~_Deque_base() {
+-  printf ("bb %x %x\n", this, *_M_start._M_node);
++  printf ("bb %p %x\n", this, *_M_start._M_node);
+ }
+ 
+ void
+ _Deque_base::_M_initialize_map()
+ {
+   yy = 0x123;
+-  printf ("aa %x %x\n", this, yy);
++  printf ("aa %p %x\n", this, yy);
+ 
+   _M_start._M_node = &yy;
+   _M_start._M_cur = yy;
+--- a/gcc/testsuite/g++.old-deja/g++.abi/vbase1.C
++++ b/gcc/testsuite/g++.old-deja/g++.abi/vbase1.C
+@@ -33,7 +33,7 @@
+   void Offset () const
+   {
+     printf ("VBase\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
+   }
+ };
+ 
+@@ -55,8 +55,8 @@
+   void Offset () const
+   {
+     printf ("VDerived\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
+-    printf ("  VDerived::member %d\n", &this->VDerived::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
++    printf ("  VDerived::member %d\n", (int)(&this->VDerived::member - (int *)this));
+   }
+ };
+ struct B : virtual VBase
+@@ -65,8 +65,8 @@
+   void Offset () const
+   {
+     printf ("B\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
+-    printf ("  B::member %d\n", &this->B::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
++    printf ("  B::member %d\n", (int)(&this->B::member - (int *)this));
+   }
+ };
+ struct MostDerived : B, virtual VDerived
+@@ -75,10 +75,10 @@
+   void Offset () const
+   {
+     printf ("MostDerived\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
+-    printf ("  B::member %d\n", &this->B::member - (int *)this);
+-    printf ("  VDerived::member %d\n", &this->VDerived::member - (int *)this);
+-    printf ("  MostDerived::member %d\n", &this->MostDerived::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
++    printf ("  B::member %d\n", (int)(&this->B::member - (int *)this));
++    printf ("  VDerived::member %d\n", (int)(&this->VDerived::member - (int *)this));
++    printf ("  MostDerived::member %d\n", (int)(&this->MostDerived::member - (int *)this));
+   }
+ };
+ 
+@@ -95,10 +95,10 @@
+     if (ctorVDerived != &dum.VDerived::member)
+       return 24;
+     
+-    printf ("  VBase::member %d\n", &dum.VBase::member - this_);
+-    printf ("  B::member %d\n", &dum.B::member - this_);
+-    printf ("  VDerived::member %d\n", &dum.VDerived::member - this_);
+-    printf ("  MostDerived::member %d\n", &dum.MostDerived::member - this_);
++    printf ("  VBase::member %d\n", (int)(&dum.VBase::member - this_));
++    printf ("  B::member %d\n", (int)(&dum.B::member - this_));
++    printf ("  VDerived::member %d\n", (int)(&dum.VDerived::member - this_));
++    printf ("  MostDerived::member %d\n", (int)(&dum.MostDerived::member - this_));
+     dum.MostDerived::Offset ();
+     dum.B::Offset ();
+     dum.VDerived::Offset ();
+--- a/gcc/testsuite/g++.old-deja/g++.brendan/template8.C
++++ b/gcc/testsuite/g++.old-deja/g++.brendan/template8.C
+@@ -15,6 +15,6 @@
+ 	
+ 	Double_alignt<20000> heap;
+ 
+-	printf(" &heap.array[0] = %d, &heap.for_alignt = %d\n", &heap.array[0], &heap.for_alignt);
++	printf(" &heap.array[0] = %p, &heap.for_alignt = %p\n", (void*)&heap.array[0], (void*)&heap.for_alignt);
+ 
+ }
+--- a/gcc/testsuite/g++.old-deja/g++.eh/ptr1.C
++++ b/gcc/testsuite/g++.old-deja/g++.eh/ptr1.C
+@@ -16,7 +16,7 @@
+   }
+ 
+   catch (E *&e) {
+-    printf ("address of e is 0x%lx\n", (__SIZE_TYPE__)e);
++    printf ("address of e is %p\n", (void *)e);
+     return !((__SIZE_TYPE__)e != 5 && e->x == 5);
+   }
+   return 2;
+--- a/gcc/testsuite/g++.old-deja/g++.jason/access23.C
++++ b/gcc/testsuite/g++.old-deja/g++.jason/access23.C
+@@ -42,19 +42,19 @@
+   void DoSomething() {
+     PUB_A = 0;
+     Foo::A = 0;
+-    printf("%x\n",pX);  
++    printf("%p\n",pX);  
+     Foo::PUB.A = 0;
+-    printf("%x\n",PUB.pX);  
++    printf("%p\n",PUB.pX);  
+     B = 0;			
+-    printf("%x\n",Foo::pY);  
++    printf("%p\n",Foo::pY);  
+     PRT_A = 0;
+     PRT.B = 0;		
+-    printf("%x\n",Foo::PRT.pY);	
++    printf("%p\n",Foo::PRT.pY);	
+     PRV_A = 0;			// { dg-error "" } 
+     Foo::C = 0;			// { dg-error "" } 
+-    printf("%x\n",pZ);  	// { dg-error "" } 
++    printf("%p\n",pZ);  	// { dg-error "" } 
+     Foo::PRV.C = 0;		// { dg-error "" } 
+-    printf("%x\n",PRV.pZ); 	// { dg-error "" } 
++    printf("%p\n",PRV.pZ); 	// { dg-error "" } 
+   }
+ };
+ 
+@@ -64,17 +64,17 @@
+ 
+   a.PUB_A = 0;
+   a.A = 0;
+-  printf("%x\n",a.pX);  
++  printf("%p\n",a.pX);  
+   a.PRT_A = 0;			// { dg-error "" } 
+   a.B = 0;			// { dg-error "" } 
+-  printf("%x\n",a.pY);  	// { dg-error "" } 
++  printf("%p\n",a.pY);  	// { dg-error "" } 
+   a.PRV_A = 0;			// { dg-error "" } 
+   a.C = 0;			// { dg-error "" } 
+-  printf("%x\n",a.pZ);  	// { dg-error "" } 
++  printf("%p\n",a.pZ);  	// { dg-error "" } 
+   a.PUB.A = 0;
+-  printf("%x\n",a.PUB.pX);  
++  printf("%p\n",a.PUB.pX);  
+   a.PRT.B = 0;			// { dg-error "" } 
+-  printf("%x\n",a.PRT.pY);  	// { dg-error "" } 
++  printf("%p\n",a.PRT.pY);  	// { dg-error "" } 
+   a.PRV.C = 0;			// { dg-error "" } 
+-  printf("%x\n",a.PRV.pZ);  	// { dg-error "" } 
++  printf("%p\n",a.PRV.pZ);  	// { dg-error "" } 
+ }
+--- a/gcc/testsuite/g++.old-deja/g++.law/cvt8.C
++++ b/gcc/testsuite/g++.old-deja/g++.law/cvt8.C
+@@ -20,12 +20,12 @@
+ B::operator const A&() const {
+         static A a;
+         a.i = i;
+-        printf("convert B to A at %x\n", &a);
++        printf("convert B to A at %p\n", (void*)&a);
+         return a;
+ }
+ 
+ void f(A &a) { // { dg-error "" } in passing argument
+-        printf("A at %x is %d\n", &a, a.i);
++        printf("A at %p is %d\n", (void*)&a, a.i);
+ }
+ 
+ int main() {
+--- a/gcc/testsuite/g++.old-deja/g++.mike/net35.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/net35.C
+@@ -17,10 +17,10 @@
+ 
+ int main() {
+   C c;
+-  printf("&c.x = %x\n", &c.x);
+-  printf("&c.B1::x = %x\n", &c.B1::x);
+-  printf("&c.B2::x = %x\n", &c.B2::x);
+-  printf("&c.A::x = %x\n", &c.A::x);
++  printf("&c.x = %p\n", (void*)&c.x);
++  printf("&c.B1::x = %p\n", (void*)&c.B1::x);
++  printf("&c.B2::x = %p\n", (void*)&c.B2::x);
++  printf("&c.A::x = %p\n", (void*)&c.A::x);
+   if (&c.x != &c.B1::x
+       || &c.x != &c.B2::x
+       || &c.x != &c.A::x)
+--- a/gcc/testsuite/g++.old-deja/g++.mike/offset1.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/offset1.C
+@@ -6,7 +6,7 @@
+ class Foo {
+ public:
+    virtual void setName() {
+-     printf("Foo at %x\n", this);
++     printf("Foo at %p\n", (void*)this);
+      if (vp != (void*)this)
+        fail = 1;
+    }
+@@ -15,7 +15,7 @@
+ class Bar : public Foo {
+ public:
+   virtual void init(int argc, char **argv) {
+-    printf("Bar's Foo at %x\n", (Foo*)this);
++    printf("Bar's Foo at %p\n", (void*)(Foo*)this);
+     vp = (void*)(Foo*)this;
+     setName();
+   }
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p12306.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p12306.C
+@@ -18,7 +18,7 @@
+     if (ptr2 != &(*this).slist)
+       fail = 6;
+ 
+-    if (0) printf("at %x %x\n", (RWSlistIterator*)this, &(*this).slist);
++    if (0) printf("at %p %p\n", (void*)(RWSlistIterator*)this, (void*)&(*this).slist);
+   }
+ };
+ 
+@@ -54,14 +54,14 @@
+ void Sim_Event_Manager::post_event () {
+   ptr1 = (RWSlistIterator*)&last_posted_event_position_;
+   ptr2 = &((RWSlistIterator*)&last_posted_event_position_)->slist;
+-  if (0) printf("at %x %x\n", (RWSlistIterator*)&last_posted_event_position_,
+-		&((RWSlistIterator*)&last_posted_event_position_)->slist);
++  if (0) printf("at %p %p\n", (void*)(RWSlistIterator*)&last_posted_event_position_,
++		(void*)&((RWSlistIterator*)&last_posted_event_position_)->slist);
+   if (ptr1 != (RWSlistIterator*)&last_posted_event_position_)
+     fail = 1;
+   if (ptr2 != &((RWSlistIterator&)last_posted_event_position_).slist)
+     fail = 2;
+-  if (0) printf("at %x ?%x\n", (RWSlistIterator*)&last_posted_event_position_,
+-		&((RWSlistIterator&)last_posted_event_position_).slist);
++  if (0) printf("at %p ?%p\n", (void*)(RWSlistIterator*)&last_posted_event_position_,
++		(void*)&((RWSlistIterator&)last_posted_event_position_).slist);
+   if (ptr1 != (RWSlistIterator*)&last_posted_event_position_)
+     fail = 3;
+   if (ptr2 != &((RWSlistIterator&)last_posted_event_position_).slist)
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3579.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3579.C
+@@ -7,26 +7,26 @@
+ 
+ class Y {
+ public:
+-  Y () { printf("Y()            this: %x\n", this); }
+-  ~Y () { printf("~Y()           this: %x\n", this); }
++  Y () { printf("Y()            this: %p\n", (void*)this); }
++  ~Y () { printf("~Y()           this: %p\n", (void*)this); }
+ };
+ 
+ class X {
+ public:
+   X () {
+     ++num_x;
+-    printf("X()            this: %x\n", this);
++    printf("X()            this: %p\n", (void*)this);
+     Y y;
+     *this = (X) y;
+   }
+ 
+-  X (const Y & yy) { printf("X(const Y&)    this: %x\n", this); ++num_x; }
++  X (const Y & yy) { printf("X(const Y&)    this: %p\n", (void*)this); ++num_x; }
+   X & operator = (const X & xx) {
+-    printf("X.op=(X&)      this: %x\n", this);
++    printf("X.op=(X&)      this: %p\n", (void*)this);
+     return *this;
+   }
+ 
+-  ~X () { printf("~X()           this: %x\n", this); --num_x; }
++  ~X () { printf("~X()           this: %p\n", (void*)this); --num_x; }
+ };
+ 
+ int main (int, char **) {
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3708a.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3708a.C
+@@ -38,7 +38,7 @@
+   virtual void xx(int doit) {
+     --num;
+     if (ptr != this)
+-      printf("FAIL\n%x != %x\n", ptr, this);
++      printf("FAIL\n%p != %p\n", ptr, (void*)this);
+     printf ("C is destructed.\n");
+     B::xx (0);
+     if (doit) A::xx (1);
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3708b.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3708b.C
+@@ -48,7 +48,7 @@
+   virtual void xx(int doit) {
+     --num;
+     if (ptr != this) {
+-      printf("FAIL\n%x != %x\n", ptr, this);
++      printf("FAIL\n%p != %p\n", ptr, (void*)this);
+       exit(1);
+     }
+     printf ("D is destructed.\n");
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3708.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3708.C
+@@ -38,7 +38,7 @@
+   virtual void xx(int doit) {
+     --num;
+     if (ptr != this)
+-      printf("FAIL\n%x != %x\n", ptr, this);
++      printf("FAIL\n%p != %p\n", ptr, (void*)this);
+     printf ("C is destructed.\n");
+     B::xx (0);
+     if (doit) A::xx (1);
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p646.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p646.C
+@@ -35,20 +35,20 @@
+ foo::foo ()
+ {
+   si++;
+-  printf ("new foo @ 0x%x; now %d foos\n", this, si);
++  printf ("new foo @ %p; now %d foos\n", (void*)this, si);
+ }
+ 
+ foo::foo (const foo &other)
+ {
+   si++;
+-  printf ("another foo @ 0x%x; now %d foos\n", this, si);
++  printf ("another foo @ %p; now %d foos\n", (void*)this, si);
+   *this = other;
+ }
+ 
+ foo::~foo ()
+ {
+   si--;
+-  printf ("deleted foo @ 0x%x; now %d foos\n", this, si);
++  printf ("deleted foo @ %p; now %d foos\n", (void*)this, si);
+ }
+ 
+ int
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p710.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p710.C
+@@ -30,7 +30,7 @@
+    virtual ~B() {}
+    void operator delete(void*,size_t s)
+   {
+-      printf("B::delete() %d\n",s);
++      printf("B::delete() %u\n",(unsigned int)s);
+    }
+    void operator delete(void*){}
+ };
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p789a.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p789a.C
+@@ -13,10 +13,10 @@
+   int x;
+   foo () {
+     x = count++;
+-    printf("this %d = %x\n", x, (void *)this);
++    printf("this %d = %p\n", x, (void *)this);
+   }
+   virtual ~foo () {
+-    printf("this %d = %x\n", x, (void *)this);
++    printf("this %d = %p\n", x, (void *)this);
+     --count;
+   }
+ };
+@@ -31,7 +31,7 @@
+       {
+ 	for (int j = 0; j < 3; j++)
+ 	  {
+-	    printf("&a[%d][%d] = %x\n", i, j, (void *)&array[i][j]);
++	    printf("&a[%d][%d] = %p\n", i, j, (void *)&array[i][j]);
+ 	  }
+       }
+       // The count should be nine, if not, fail the test.
+--- a/gcc/testsuite/g++.old-deja/g++.mike/pmf2.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/pmf2.C
+@@ -42,7 +42,7 @@
+ bar jar;
+ 
+ int main() {
+-  printf("ptr to B_table=%x, ptr to A_table=%x\n",&b,(A_table*)&b);
++  printf("ptr to B_table=%p, ptr to A_table=%p\n",(void*)&b,(void*)(A_table*)&b);
+   B_table::B_ti_fn z = &B_table::func1;
+   int j = 1;
+   jar.call_fn_fn1(j,(void *)&z);
+--- a/gcc/testsuite/g++.old-deja/g++.mike/temp.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/temp.C
+@@ -7,11 +7,11 @@
+ public:
+   T() {
+     i = 1;
+-    printf("T() at %x\n", this);
++    printf("T() at %p\n", (void*)this);
+   }
+   T(const T& o) {
+     i = o.i;
+-    printf("T(const T&) at %x <-- %x\n", this, &o);
++    printf("T(const T&) at %p <-- %p\n", (void*)this, (void*)&o);
+   }
+   T operator +(const T& o) {
+     T r;
+@@ -21,7 +21,7 @@
+   operator int () {
+     return i;
+   }
+-  ~T() { printf("~T() at %x\n", this); }
++  ~T() { printf("~T() at %p\n", (void*)this); }
+ } s, b;
+ 
+ int foo() { return getenv("TEST") == 0; }
+--- a/gcc/testsuite/g++.old-deja/g++.other/temporary1.C
++++ b/gcc/testsuite/g++.old-deja/g++.other/temporary1.C
+@@ -5,16 +5,16 @@
+ class Foo 
+ {
+ public:
+-   Foo() { printf("Foo() 0x%08lx\n", (__SIZE_TYPE__)this); ++c; }
+-   Foo(Foo const &) { printf("Foo(Foo const &) 0x%08lx\n", (__SIZE_TYPE__)this); }
+-   ~Foo() { printf("~Foo() 0x%08lx\n", (__SIZE_TYPE__)this); ++d; }
++   Foo() { printf("Foo() %p\n", (void*)this); ++c; }
++   Foo(Foo const &) { printf("Foo(Foo const &) %p\n", (void*)this); }
++   ~Foo() { printf("~Foo() %p\n", (void*)this); ++d; }
+ };
+ 
+ // Bar creates constructs a temporary Foo() as a default
+ class Bar 
+ {
+ public:
+-   Bar(Foo const & = Foo()) { printf("Bar(Foo const &) 0x%08lx\n", (__SIZE_TYPE__)this); }
++   Bar(Foo const & = Foo()) { printf("Bar(Foo const &) %p\n", (void*)this); }
+ };
+ 
+ void fakeRef(Bar *)
+--- a/gcc/testsuite/g++.old-deja/g++.other/virtual8.C
++++ b/gcc/testsuite/g++.old-deja/g++.other/virtual8.C
+@@ -4,7 +4,7 @@
+ struct A
+ {
+   virtual void f () {
+-    printf ("%x\n", this);
++    printf ("%p\n", (void*)this);
+   }
+ };
+ 
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp23.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp23.C
+@@ -13,7 +13,7 @@
+ 
+   template <class U>
+   void f(U u)
+-  { printf ("In S::f(U)\nsizeof(U) == %d\n", sizeof(u)); }
++  { printf ("In S::f(U)\nsizeof(U) == %d\n", (int)sizeof(u)); }
+ 
+   int c[16];
+ };
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp24.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp24.C
+@@ -13,7 +13,7 @@
+ 
+   template <class U>
+   void f(U u)
+-  { printf ("In S::f(U)\nsizeof(U) == %d\n", sizeof(u)); }
++  { printf ("In S::f(U)\nsizeof(U) == %d\n", (int)sizeof(u)); }
+ 
+   int c[16];
+ };
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp25.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp25.C
+@@ -6,7 +6,7 @@
+ struct S
+ {
+   template <class U>
+-  void f(U u) { printf ("%d\n", sizeof (U)); }
++  void f(U u) { printf ("%d\n", (int)sizeof (U)); }
+ 
+   int i[4];
+ };
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp26.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp26.C
+@@ -16,7 +16,7 @@
+ template <class U>
+ void S<X>::f(U u)
+ {
+-  printf ("%d\n", sizeof (U));
++  printf ("%d\n", (int)sizeof (U));
+ }
+ 
+ 
+--- a/gcc/testsuite/g++.old-deja/g++.pt/t39.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/t39.C
+@@ -10,9 +10,9 @@
+ 
+ template <class T>
+ void frob<T>::print () {
+-  printf ("this = %08x\n", this);
+-  printf (" ptr = %08x\n", ptr);
+-  printf (" values = %x %x %x ...\n", ptr[0], ptr[1], ptr[2]);
++  printf ("this = %p\n", (void*)this);
++  printf (" ptr = %p\n", (void*)ptr);
++  printf (" values = %x %x %x ...\n", (int)ptr[0], (int)ptr[1], (int)ptr[2]);
+ }
+ 
+   static int x[10];
+--- a/gcc/testsuite/g++.old-deja/g++.robertl/eb17.C
++++ b/gcc/testsuite/g++.old-deja/g++.robertl/eb17.C
+@@ -44,15 +44,15 @@
+     A * a = new B;
+     B * b = dynamic_cast<B *>(a);
+ 
+-    printf("%p\n",b);                // (*2*)
++    printf("%p\n",(void*)b);                // (*2*)
+     b->print();
+ 
+     a = b;
+-    printf("%p\n",a);
++    printf("%p\n",(void*)a);
+     a->print();
+ 
+     a = a->clone();
+-    printf("%p\n",a);
++    printf("%p\n",(void*)a);
+     a->print();                      // (*1*)
+ 
+     return 0;

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     df8bf548b501ad28ddb7a1ba4408054be6d97cf9
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Sun Oct  7 16:49:54 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Sun Oct  7 16:49:54 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=df8bf548

Add new Makefile patch

---
 upstream/Makefile.patch |  100 +++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 100 insertions(+), 0 deletions(-)

diff --git a/upstream/Makefile.patch b/upstream/Makefile.patch
new file mode 100644
index 0000000..a116e5f
--- /dev/null
+++ b/upstream/Makefile.patch
@@ -0,0 +1,100 @@
+--- a/Makefile.tpl	2012-01-02 11:59:04.000000000 +0100
++++ b/Makefile.tpl	2012-06-29 00:11:30.886010145 +0200
+@@ -362,9 +362,17 @@ WINDRES_FOR_BUILD = @WINDRES_FOR_BUILD@
+ BUILD_PREFIX = @BUILD_PREFIX@
+ BUILD_PREFIX_1 = @BUILD_PREFIX_1@
+ 
++# Disable SSP on BOOT_CFLAGS, LIBCFLAGS and LIBCXXFLAGS
++enable_espf = @enable_espf@
++ifeq ($(enable_espf),yes)
++ESPF_NOSSP_CFLAGS = -fno-stack-protector
++else
++ESPF_NOSSP_CFLAGS=
++endif
++
+ # Flags to pass to stage2 and later makes.  They are defined
+ # here so that they can be overridden by Makefile fragments.
+-BOOT_CFLAGS= -g -O2
++BOOT_CFLAGS= -g -O2 $(ESPF_NOSSP_CFLAGS)
+ BOOT_LDFLAGS=
+ BOOT_ADAFLAGS=-gnatpg -gnata
+ 
+@@ -410,9 +418,9 @@ GNATMAKE = @GNATMAKE@
+ 
+ CFLAGS = @CFLAGS@
+ LDFLAGS = @LDFLAGS@
+-LIBCFLAGS = $(CFLAGS)
++LIBCFLAGS = $(CFLAGS) $(ESPF_NOSSP_CFLAGS)
+ CXXFLAGS = @CXXFLAGS@
+-LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates
++LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates $(ESPF_NOSSP_CFLAGS)
+ GOCFLAGS = $(CFLAGS)
+ 
+ TFLAGS =
+--- a/gcc/Makefile.in	2012-02-11 09:50:23.000000000 +0100
++++ b/gcc/Makefile.in	2012-06-29 00:07:45.230003420 +0200
+@@ -973,14 +973,23 @@ LIBFUNCS_H = libfuncs.h $(HASHTAB_H)
+ # cross compiler which does not use the native headers and libraries.
+ INTERNAL_CFLAGS = -DIN_GCC @CROSS@
+ 
++# We don't want to compile the compiler with -fPIE, it make PCH fail.
++enable_espf = @enable_espf@
++ifeq ($(enable_espf),yes)
++ESPF_NOPIE_CFLAGS = -fno-PIE
++else
++ESPF_NOPIE_CFLAGS=
++endif
++
+ # This is the variable actually used when we compile. If you change this,
+ # you probably want to update BUILD_CFLAGS in configure.ac
+-ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \
++ALL_CFLAGS = $(ESPF_NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \
+   $(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@
+ 
+ # The C++ version.
+-ALL_CXXFLAGS = $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) $(INTERNAL_CFLAGS) \
+-  $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) $(WARN_CXXFLAGS) @DEFS@
++ALL_CXXFLAGS =$(ESPF_NOPIE_CFLAGS)  $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) \
++  $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) \
++  $(WARN_CXXFLAGS) @DEFS@
+ 
+ # Likewise.  Put INCLUDES at the beginning: this way, if some autoconf macro
+ # puts -I options in CPPFLAGS, our include files in the srcdir will always
+@@ -1815,6 +1824,7 @@ libgcc.mvars: config.status Makefile spe
+ 	echo GCC_CFLAGS = '$(GCC_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo INHIBIT_LIBC_CFLAGS = '$(INHIBIT_LIBC_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
++	echo enable_espf = '$(enable_espf)' >> tmp-libgcc.mvars
+ 
+ 	mv tmp-libgcc.mvars libgcc.mvars
+ 
+@@ -4893,6 +4903,9 @@ site.exp: ./config.status Makefile
+ 	@if test "@enable_lto@" = "yes" ; then \
+ 	  echo "set ENABLE_LTO 1" >> ./site.tmp; \
+ 	fi
++	@if test "@enable_espf@" = "yes" ; then \
++	  echo "set ENABLE_ESPF 1" >> ./site.tmp; \
++	fi
+ # If newlib has been configured, we need to pass -B to gcc so it can find
+ # newlib's crt0.o if it exists.  This will cause a "path prefix not used"
+ # message if it doesn't, but the testsuite is supposed to ignore the message -
+--- a/libgcc/Makefile.in	2011-11-22 04:01:02.000000000 +0100
++++ b/libgcc/Makefile.in	2012-06-29 00:15:04.534016511 +0200
+@@ -275,11 +275,16 @@ override CFLAGS := $(filter-out -fprofil
+ INTERNAL_CFLAGS = $(CFLAGS) $(LIBGCC2_CFLAGS) $(HOST_LIBGCC2_CFLAGS) \
+ 		  $(INCLUDES) @set_have_cc_tls@ @set_use_emutls@
+ 
++ifeq ($(enable_espf),yes)
++ESPF_NOPIE_CFLAGS = -fno-PIE
++else
++ESPF_NOPIE_CFLAGS=
++endif
+ # Options to use when compiling crtbegin/end.
+ CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
+   -finhibit-size-directive -fno-inline -fno-exceptions \
+   -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
+-  -fno-stack-protector \
++  -fno-stack-protector $(ESPF_NOPIE_CFLAGS) \
+   $(INHIBIT_LIBC_CFLAGS)
+ 
+ # Extra flags to use when compiling crt{begin,end}.o.

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     62a9d4c24e788232d2d8cb667d89a19c89af9328
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Mon Aug 27 23:34:10 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Mon Aug 27 23:34:10 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=62a9d4c2

add changelog to upstream patches

---
 upstream/Changelog.txt                          |  105 +++++++++++++++++++++++
 upstream/config.in.patch                        |    5 -
 upstream/gcc_doc.patch                          |    7 +-
 upstream/testsuite-hardening-format.patch       |    4 +-
 upstream/testsuite-hardening-printf-types.patch |    2 +-
 5 files changed, 112 insertions(+), 11 deletions(-)

diff --git a/upstream/Changelog.txt b/upstream/Changelog.txt
new file mode 100644
index 0000000..d8e4764
--- /dev/null
+++ b/upstream/Changelog.txt
@@ -0,0 +1,105 @@
+2012-08-24	Magnus Granberg <zorry@gentoo.org
+
+		* configure.ac				Add new configure options espf.
+		* Makefile.in				Add -fno-stack-protector when 
+		  needed for espf.
+	gcc/
+		* configure.ac			Add new configure options espf.
+		* Makefile.in			Add -fno-PIE  when needed for
+		  espf.
+		* config.in				Add ENABLE_ESPF, 
+		  ENABLE_ESPF_FORTIFY, ENABLE_ESPF_PIE and
+		  ENABLE_ESPF_SSP.
+		* config/linux.h			Define ESPF_GCC_PIE_SPEC, 
+		  ESPF_GCC_SSP_SPEC, ESPF_CPP_UNIQUE_OPTIONS_SPEC,
+		  ESPF_DRIVER_SELF_SPECS and ESPF_EXTRA_SPECS.
+		* config/i386/linux.h 		Define DRIVER_SELF_SPECS.
+		* config/i386/linux64.h	Likewise.
+		* config/i386/gnu-user.h	Add ESPF_EXTRA_SPECS to
+		  SUBTARGET_EXTRA_SPECS when needed.
+		* config/i386/i386.h		Likewise.
+		* gcc.c				Add espf_cpp_unique_options
+		  to cpp_unique_options when needed.
+		* c-family/c-common.c	Enable warn_format when espf is 
+		  enable.
+		* c-family/c-format.c	Enable warn_format_security when
+		  needed by espf.
+	libgcc/
+		* libgcc/Makefile.in		Add -fno-PIE  when needed for
+		  espf.
+
+2012-08-26	Magnus Granberg <zorry@gentoo.org>
+			Kees Cook <kees@ubuntu.com>
+
+	gcc/doc/
+		* invoke.texi		Add notes to -Wformat,
+		  -Wformat-security, -O2, -fstack-protector, -fPIE and
+		  -pie for espf.
+		* install.texi		Add new configure options
+
+2012-08-26	Magnus Granberg <zorry@gentoo.org>
+			Kees Cook <kees@ubuntu.com>
+
+	gcc/testsuite
+		* gcc.dg/charset/builtin2.c		Add 
+		  -Wno-format when effective_target is espf.
+		* gcc.dg/format/format.exp		Likewise.
+		* gcc.dg/pr30473.c			Likewise.
+		* gcc.dg/pr38902.c			Likewise.
+		* gcc.dg/ipa/ipa-sra-1.c		Likewise.
+		* gcc.dg/torture/tls/tls-test.c	Likewise.
+		* g++.dg/abi/pragma-pack1.C	Likewise.
+		* g++.dg/cpp0x/constexpr-tuple.C	Likewise.
+		* lib/target-supports.exp	Add
+		  check_effective_target_espf.
+		* gcc.c-torture/execute/memset-1.x	New file
+		* gcc.c-torture/execute/vprintf-chk-1.x		Likewise.
+		* gcc.c-torture/execute/vfprintf-chk-1.x	Likewise.
+		* gcc.dg/stack-usage-1.c		Add -fno-stack-protector
+		  when effective_target is espf.
+		* gcc.dg/superblock.c			Likewise.
+		* gcc.dg/20021014-1.c		Add -fno-PIE when
+		  effective_target is espf.
+		* gcc.dg/nest.c				Likewise.
+		* gcc.dg/nested-func-4.c		Likewise.
+		* gcc.dg/pr32450.c			Likewise.
+		* gcc.dg/pr43643.c			Likewise.
+		* g++.dg/other/anon5.C		Likewise.
+		* g++.old-deja/g++.law/profile1.C	Likewise.
+		* gcc.dg/tree-ssa/ssa-store-ccp-3.c	Skip the test.
+
+2012-08-27	Magnus Granberg <zorry@gentoo.org>
+			Kees Cook <kees@ubuntu.com>
+
+	gcc/testsuite/
+		PR 39537
+		* g++.dg/ext/align1.C		Remove printf
+		* g++.old-deja/g++.law/operators28.C	Fix format-string/type.
+		* gcc.dg/torture/matrix-2.c			Likewise.
+		* gcc.dg/packed-vla.c				Likewise.
+		* g++.dg/opt/alias2.C				Likewise.
+		* g++.old-deja/g++.abi/vbase1.C		Likewise.
+		* g++.old-deja/g++.brendan/template8.C	Likewise.
+		* g++.old-deja/g++.eh/ptr1.C				Likewise.
+		* g++.old-deja/g++.jason/access23.C		Likewise.
+		* g++.old-deja/g++.law/cvt8.C			Likewise.
+		* g++.old-deja/g++.mike/net35.C			Likewise.
+		* g++.old-deja/g++.mike/offset1.C			Likewise.
+		* g++.old-deja/g++.mike/p12306.C			Likewise.
+		* g++.old-deja/g++.mike/p3579.C			Likewise.
+		* g++.old-deja/g++.mike/p3708a.C			Likewise.
+		* g++.old-deja/g++.mike/p3708b.C			Likewise.
+		* g++.old-deja/g++.mike/p3708.C			Likewise.
+		* g++.old-deja/g++.mike/p646.C			Likewise.
+		* g++.old-deja/g++.mike/p710.C			Likewise.
+		* g++.old-deja/g++.mike/p789a.C			Likewise.
+		* g++.old-deja/g++.mike/pmf2.C			Likewise.
+		* g++.old-deja/g++.mike/temp.C			Likewise.
+		* g++.old-deja/g++.other/temporary1.C		Likewise.
+		* g++.old-deja/g++.other/virtual8.C		Likewise.
+		* g++.old-deja/g++.pt/memtemp23.C		Likewise.
+		* g++.old-deja/g++.pt/memtemp24.C		Likewise.
+		* g++.old-deja/g++.pt/memtemp25.C		Likewise.
+		* g++.old-deja/g++.pt/memtemp26.C		Likewise.
+		* g++.old-deja/g++.pt/t39.C				Likewise.
+		* g++.old-deja/g++.robertl/eb17.C			Likewise.

diff --git a/upstream/config.in.patch b/upstream/config.in.patch
index 7bd846e..7c1f849 100644
--- a/upstream/config.in.patch
+++ b/upstream/config.in.patch
@@ -1,8 +1,3 @@
-2012-04-08	Magnus Granberg		<zorry@gentoo.org>
-
-		* gcc/config.in	Add ENABLE_ESPF, ENABLE_ESPF_FORTIFY,
-		ENABLE_ESPF_PIE and ENABLE_ESPF_SSP
-
 --- a/gcc/config.in	2011-04-24 00:36:52.000000000 +0200
 +++ b/gcc/config.in	2011-06-24 14:17:05.166236726 +0200
 @@ -77,6 +77,29 @@

diff --git a/upstream/gcc_doc.patch b/upstream/gcc_doc.patch
index fc39347..3aa53ad 100644
--- a/upstream/gcc_doc.patch
+++ b/upstream/gcc_doc.patch
@@ -79,7 +79,7 @@
  Do not use jump tables for switch statements even where it would be
 --- a/gcc/doc/install.texi	2012-03-02 10:37:30.000000000 +0100
 +++ b/gcc/doc/install.texi	2012-07-23 18:05:14.160784593 +0200
-@@ -1392,6 +1392,17 @@ do a @samp{make -C gcc gnatlib_and_tools
+@@ -1392,6 +1392,18 @@ do a @samp{make -C gcc gnatlib_and_tools
  Specify that the run-time libraries for stack smashing protection
  should not be built.
  
@@ -91,8 +91,9 @@
 +@option{-fPIE} and @option{-pie} by default. if the support is there. If you
 +use @samp{ssp} it will turn on @option{-fstack-protection} by default if the
 +support is there. If you use @samp{pie} it will turn on @option{-fPIE} and
-+@option{-pie} by default if the support is there. We only support
-+i?86*-*-linux*, x86_32*-*-linux* and x86_64*-*-linux* as target for now.
++@option{-pie} by default if the support is there. If you use @samp{no} it will
++not turn on any options. We only support i?86*-*-linux*, x86_32*-*-linux*
++and x86_64*-*-linux* as target for now.
 +
  @item --disable-libquadmath
  Specify that the GCC quad-precision math library should not be built.

diff --git a/upstream/testsuite-hardening-format.patch b/upstream/testsuite-hardening-format.patch
index 3b9583d..0d14c10 100644
--- a/upstream/testsuite-hardening-format.patch
+++ b/upstream/testsuite-hardening-format.patch
@@ -59,8 +59,8 @@
  struct bovid
  {
 --- a/gcc/testsuite/gcc.dg/torture/tls/tls-test.c	2011-06-22 19:27:07.000000000 +0200
-+++ b/gcc/testsuite/gcc.dg/torture/tls/tls-test.c	2012-07-31 14:40:00.411552986 +0200
-@@ -1,7 +1,8 @@
++++ b/gcc/testsuite/gcc.dg/torture/tls/tls-test.c	2012-08-21 23:51:33.205398132 +0200
+@@ -2,6 +2,7 @@
  /* { dg-require-effective-target tls  }  */
  /* { dg-require-effective-target pthread } */
  /* { dg-options "-pthread" } */

diff --git a/upstream/testsuite-hardening-printf-types.patch b/upstream/testsuite-hardening-printf-types.patch
index 4fa6b5d..8ca807e 100644
--- a/upstream/testsuite-hardening-printf-types.patch
+++ b/upstream/testsuite-hardening-printf-types.patch
@@ -519,7 +519,7 @@
  
    int c[16];
  };
---- agcc/testsuite/g++.old-deja/g++.pt/memtemp24.C
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp24.C
 +++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp24.C
 @@ -13,7 +13,7 @@
  

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     5028e0f506538dee03ebdb782009c8d6d66e2e76
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 22 19:18:25 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Aug 22 19:18:25 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=5028e0f5

update the testsuite patches rename files

---
 ...ite.patch => testsuite-hardening-fortify.patch} |    0
 ...espf.patch => testsuite-hardening-piessp.patch} |    0
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/upstream/testsuite.patch b/upstream/testsuite-hardening-fortify.patch
similarity index 100%
rename from upstream/testsuite.patch
rename to upstream/testsuite-hardening-fortify.patch

diff --git a/upstream/testsuite_no_espf.patch b/upstream/testsuite-hardening-piessp.patch
similarity index 100%
rename from upstream/testsuite_no_espf.patch
rename to upstream/testsuite-hardening-piessp.patch

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     35167b3faba4a431156102e48c2375d3c036a40b
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Tue Aug 21 20:10:11 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Tue Aug 21 20:10:11 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=35167b3f

update the testsuite patches

---
 upstream/testsuite-hardening-format.patch       |   87 ++++
 upstream/testsuite-hardening-printf-types.patch |  590 +++++++++++++++++++++++
 upstream/testsuite.patch                        |    9 +
 upstream/testsuite_no_espf.patch                |   98 ++++
 4 files changed, 784 insertions(+), 0 deletions(-)

diff --git a/upstream/testsuite-hardening-format.patch b/upstream/testsuite-hardening-format.patch
new file mode 100644
index 0000000..3b9583d
--- /dev/null
+++ b/upstream/testsuite-hardening-format.patch
@@ -0,0 +1,87 @@
+--- a/gcc/testsuite/gcc.dg/charset/builtin2.c
++++ b/gcc/testsuite/gcc.dg/charset/builtin2.c
+@@ -4,6 +4,7 @@
+ /* { dg-do compile } */
+ /* { dg-require-iconv "IBM1047" } */
+ /* { dg-options "-O2 -fexec-charset=IBM1047" } */
++/* { dg-additional-options "-Wno-format" { target espf } } */
+ /* { dg-final { scan-assembler-not "printf" } } */
+ /* { dg-final { scan-assembler-not "fprintf" } } */
+ /* { dg-final { scan-assembler-not "sprintf" } } */
+--- a/gcc/testsuite/gcc.dg/format/format.exp
++++ b/gcc/testsuite/gcc.dg/format/format.exp
+@@ -24,9 +24,16 @@ if [is_remote host] {
+ 
+ load_lib gcc-dg.exp
+ load_lib torture-options.exp
++load_lib target-supports.exp
+ 
+ torture-init
+-set-torture-options [list { } { -DWIDE } ]
++
++# Disable -Wformat if we use espf.
++if  [check_effective_target_espf] {
++	set-torture-options [list { -Wno-format } { -DWIDE -Wno-format } ]
++} else {
++	set-torture-options [list { } { -DWIDE } ]
++}
+ 
+ dg-init
+ gcc-dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.\[cS\]]] ""
+
+--- a/gcc/testsuite/gcc.dg/pr30473.c
++++ b/gcc/testsuite/gcc.dg/pr30473.c
+@@ -2,6 +2,7 @@
+ /* Make sure this doesn't ICE.  */
+ /* { dg-do compile } */
+ /* { dg-options "-O2" } */
++/* { dg-additional-options "Wno-format" { target espf } } */
+ 
+ extern int sprintf (char *, const char *, ...);
+ 
+--- a/gcc/testsuite/gcc.dg/pr38902.c
++++ b/gcc/testsuite/gcc.dg/pr38902.c
+@@ -2,6 +2,7 @@
+ /* { dg-do run } */
+ /* { dg-options "-O2 -fstack-protector" } */
+ /* { dg-require-effective-target fstack_protector } */
++/* { dg-additional-options "Wno-format" { target espf } } */
+ 
+ #ifdef DEBUG
+ #include <stdio.h>
+--- a/gcc/testsuite/gcc.dg/ipa/ipa-sra-1.c	2010-09-10 01:38:23.000000000 +0200
++++b/gcc/testsuite/gcc.dg/ipa/ipa-sra-1.c	2012-07-31 14:37:53.238554197 +0200
+@@ -1,5 +1,6 @@
+ /* { dg-do run } */
+ /* { dg-options "-O2 -fipa-sra -fdump-tree-eipa_sra-details"  } */
++/* { dg-additional-options "-Wno-format" { target espf } } */
+ 
+ struct bovid
+ {
+--- a/gcc/testsuite/gcc.dg/torture/tls/tls-test.c	2011-06-22 19:27:07.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/torture/tls/tls-test.c	2012-07-31 14:40:00.411552986 +0200
+@@ -1,7 +1,8 @@
+ /* { dg-require-effective-target tls  }  */
+ /* { dg-require-effective-target pthread } */
+ /* { dg-options "-pthread" } */
++/* { dg-additional-options "-Wno-format" { target espf } } */
+ 
+ #include <pthread.h>
+ extern int printf (char *,...);
+--- a/gcc/testsuite/g++.dg/abi/pragma-pack1.C	2011-06-07 23:54:07.000000000 +0200
++++ b/gcc/testsuite/g++.dg/abi/pragma-pack1.C	2012-08-16 17:49:19.472877085 +0200
+@@ -1,4 +1,5 @@
+ // PR c++/7046
++// { dg-additional-options "-Wno-format" { target espf } }
+ 
+ extern "C" int printf (const char *, ...);
+ 
+--- a/gcc/testsuite/g++.dg/cpp0x/constexpr-tuple.C	2012-08-16 17:41:19.486862781 +0200
++++ b/gcc/testsuite/g++.dg/cpp0x/constexpr-tuple.C	2012-08-16 17:38:38.000000000 +0200
+@@ -1,5 +1,6 @@
+ // PR c++/53202
+ // { dg-do run { target c++11 } }
++// { dg-additional-options "-Wno-format" { target espf } }
+ 
+ #include <tuple>
+ 

diff --git a/upstream/testsuite-hardening-printf-types.patch b/upstream/testsuite-hardening-printf-types.patch
new file mode 100644
index 0000000..4fa6b5d
--- /dev/null
+++ b/upstream/testsuite-hardening-printf-types.patch
@@ -0,0 +1,590 @@
+--- a/gcc/testsuite/g++.dg/ext/align1.C	2002-02-06 17:18:33.000000000 +0100
++++ b/gcc/testsuite/g++.dg/ext/align1.C	2012-08-11 02:14:51.533875779 +0200
+@@ -16,6 +16,5 @@ float f1 __attribute__ ((aligned));
+ int
+ main (void)
+ {
+-  printf ("%d %d\n", __alignof (a1), __alignof (f1));
+   return (__alignof (a1) < __alignof (f1));
+ }
+
+--- a/gcc/testsuite/g++.old-deja/g++.law/operators28.C
++++ b/gcc/testsuite/g++.old-deja/g++.law/operators28.C
+@@ -14,7 +14,8 @@
+ {
+   void *p;
+ 
+-  printf("%d %d %d\n", sz, count, type);
++  // ISO C++ does not support format size modifier "z", so use a cast
++  printf("%u %d %d\n", (unsigned int)sz, count, type);
+ 
+   p = new char[sz * count];
+   ((new_test *)p)->type = type;
+--- a/gcc/testsuite/gcc.dg/torture/matrix-2.c
++++ b/gcc/testsuite/gcc.dg/torture/matrix-2.c
+@@ -42,7 +42,7 @@
+     }
+   for (i = 0; i < ARCHnodes; i++)
+     for (j = 0; j < 3; j++)
+-      printf ("%x\n",vel[i][j]);
++      printf ("%p\n",vel[i][j]);
+       /*if (i!=1 || j!=1)*/
+       /*if (i==1 && j==1)
+         continue;
+@@ -83,14 +83,14 @@
+       for (j = 0; j < 3; j++)
+ 	{
+ 	  vel[i][j] = (int *) malloc (ARCHnodes1 * sizeof (int));
+-          printf ("%x %d %d\n",vel[i][j], ARCHnodes1, sizeof (int));
++          printf ("%p %d %d\n",vel[i][j], ARCHnodes1, (int)sizeof (int));
+ 	}
+     }
+    for (i = 0; i < ARCHnodes; i++)
+     {
+       for (j = 0; j < 3; j++)
+         {
+-          printf ("%x\n",vel[i][j]);
++          printf ("%p\n",vel[i][j]);
+         }
+     }
+ 
+@@ -99,7 +99,7 @@
+     {
+       for (j = 0; j < 3; j++)
+ 	{
+-	  printf ("%x\n",vel[i][j]);
++	  printf ("%p\n",vel[i][j]);
+           /*for (k = 0; k < ARCHnodes1; k++)
+ 	    {
+ 	      vel[i][j][k] = d;
+--- a/gcc/testsuite/gcc.dg/packed-vla.c
++++ b/gcc/testsuite/gcc.dg/packed-vla.c
+@@ -17,8 +17,8 @@
+     int			b[4];
+   } __attribute__ ((__packed__)) foo;
+ 
+-  printf("foo %d\n", sizeof(foo));
+-  printf("bar %d\n", sizeof(bar));
++  printf("foo %d\n", (int)sizeof(foo));
++  printf("bar %d\n", (int)sizeof(bar));
+ 
+   if (sizeof (foo) != sizeof (bar))
+     abort ();
+--- a/gcc/testsuite/g++.dg/opt/alias2.C
++++ b/gcc/testsuite/g++.dg/opt/alias2.C
+@@ -30,14 +30,14 @@
+ 
+ 
+ _Deque_base::~_Deque_base() {
+-  printf ("bb %x %x\n", this, *_M_start._M_node);
++  printf ("bb %p %x\n", this, *_M_start._M_node);
+ }
+ 
+ void
+ _Deque_base::_M_initialize_map()
+ {
+   yy = 0x123;
+-  printf ("aa %x %x\n", this, yy);
++  printf ("aa %p %x\n", this, yy);
+ 
+   _M_start._M_node = &yy;
+   _M_start._M_cur = yy;
+--- a/gcc/testsuite/g++.old-deja/g++.abi/vbase1.C
++++ b/gcc/testsuite/g++.old-deja/g++.abi/vbase1.C
+@@ -33,7 +33,7 @@
+   void Offset () const
+   {
+     printf ("VBase\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
+   }
+ };
+ 
+@@ -55,8 +55,8 @@
+   void Offset () const
+   {
+     printf ("VDerived\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
+-    printf ("  VDerived::member %d\n", &this->VDerived::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
++    printf ("  VDerived::member %d\n", (int)(&this->VDerived::member - (int *)this));
+   }
+ };
+ struct B : virtual VBase
+@@ -65,8 +65,8 @@
+   void Offset () const
+   {
+     printf ("B\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
+-    printf ("  B::member %d\n", &this->B::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
++    printf ("  B::member %d\n", (int)(&this->B::member - (int *)this));
+   }
+ };
+ struct MostDerived : B, virtual VDerived
+@@ -75,10 +75,10 @@
+   void Offset () const
+   {
+     printf ("MostDerived\n");
+-    printf ("  VBase::member %d\n", &this->VBase::member - (int *)this);
+-    printf ("  B::member %d\n", &this->B::member - (int *)this);
+-    printf ("  VDerived::member %d\n", &this->VDerived::member - (int *)this);
+-    printf ("  MostDerived::member %d\n", &this->MostDerived::member - (int *)this);
++    printf ("  VBase::member %d\n", (int)(&this->VBase::member - (int *)this));
++    printf ("  B::member %d\n", (int)(&this->B::member - (int *)this));
++    printf ("  VDerived::member %d\n", (int)(&this->VDerived::member - (int *)this));
++    printf ("  MostDerived::member %d\n", (int)(&this->MostDerived::member - (int *)this));
+   }
+ };
+ 
+@@ -95,10 +95,10 @@
+     if (ctorVDerived != &dum.VDerived::member)
+       return 24;
+     
+-    printf ("  VBase::member %d\n", &dum.VBase::member - this_);
+-    printf ("  B::member %d\n", &dum.B::member - this_);
+-    printf ("  VDerived::member %d\n", &dum.VDerived::member - this_);
+-    printf ("  MostDerived::member %d\n", &dum.MostDerived::member - this_);
++    printf ("  VBase::member %d\n", (int)(&dum.VBase::member - this_));
++    printf ("  B::member %d\n", (int)(&dum.B::member - this_));
++    printf ("  VDerived::member %d\n", (int)(&dum.VDerived::member - this_));
++    printf ("  MostDerived::member %d\n", (int)(&dum.MostDerived::member - this_));
+     dum.MostDerived::Offset ();
+     dum.B::Offset ();
+     dum.VDerived::Offset ();
+--- a/gcc/testsuite/g++.old-deja/g++.brendan/template8.C
++++ b/gcc/testsuite/g++.old-deja/g++.brendan/template8.C
+@@ -15,6 +15,6 @@
+ 	
+ 	Double_alignt<20000> heap;
+ 
+-	printf(" &heap.array[0] = %d, &heap.for_alignt = %d\n", &heap.array[0], &heap.for_alignt);
++	printf(" &heap.array[0] = %p, &heap.for_alignt = %p\n", (void*)&heap.array[0], (void*)&heap.for_alignt);
+ 
+ }
+--- a/gcc/testsuite/g++.old-deja/g++.eh/ptr1.C
++++ b/gcc/testsuite/g++.old-deja/g++.eh/ptr1.C
+@@ -16,7 +16,7 @@
+   }
+ 
+   catch (E *&e) {
+-    printf ("address of e is 0x%lx\n", (__SIZE_TYPE__)e);
++    printf ("address of e is %p\n", (void *)e);
+     return !((__SIZE_TYPE__)e != 5 && e->x == 5);
+   }
+   return 2;
+--- a/gcc/testsuite/g++.old-deja/g++.jason/access23.C
++++ b/gcc/testsuite/g++.old-deja/g++.jason/access23.C
+@@ -42,19 +42,19 @@
+   void DoSomething() {
+     PUB_A = 0;
+     Foo::A = 0;
+-    printf("%x\n",pX);  
++    printf("%p\n",pX);  
+     Foo::PUB.A = 0;
+-    printf("%x\n",PUB.pX);  
++    printf("%p\n",PUB.pX);  
+     B = 0;			
+-    printf("%x\n",Foo::pY);  
++    printf("%p\n",Foo::pY);  
+     PRT_A = 0;
+     PRT.B = 0;		
+-    printf("%x\n",Foo::PRT.pY);	
++    printf("%p\n",Foo::PRT.pY);	
+     PRV_A = 0;			// { dg-error "" } 
+     Foo::C = 0;			// { dg-error "" } 
+-    printf("%x\n",pZ);  	// { dg-error "" } 
++    printf("%p\n",pZ);  	// { dg-error "" } 
+     Foo::PRV.C = 0;		// { dg-error "" } 
+-    printf("%x\n",PRV.pZ); 	// { dg-error "" } 
++    printf("%p\n",PRV.pZ); 	// { dg-error "" } 
+   }
+ };
+ 
+@@ -64,17 +64,17 @@
+ 
+   a.PUB_A = 0;
+   a.A = 0;
+-  printf("%x\n",a.pX);  
++  printf("%p\n",a.pX);  
+   a.PRT_A = 0;			// { dg-error "" } 
+   a.B = 0;			// { dg-error "" } 
+-  printf("%x\n",a.pY);  	// { dg-error "" } 
++  printf("%p\n",a.pY);  	// { dg-error "" } 
+   a.PRV_A = 0;			// { dg-error "" } 
+   a.C = 0;			// { dg-error "" } 
+-  printf("%x\n",a.pZ);  	// { dg-error "" } 
++  printf("%p\n",a.pZ);  	// { dg-error "" } 
+   a.PUB.A = 0;
+-  printf("%x\n",a.PUB.pX);  
++  printf("%p\n",a.PUB.pX);  
+   a.PRT.B = 0;			// { dg-error "" } 
+-  printf("%x\n",a.PRT.pY);  	// { dg-error "" } 
++  printf("%p\n",a.PRT.pY);  	// { dg-error "" } 
+   a.PRV.C = 0;			// { dg-error "" } 
+-  printf("%x\n",a.PRV.pZ);  	// { dg-error "" } 
++  printf("%p\n",a.PRV.pZ);  	// { dg-error "" } 
+ }
+--- a/gcc/testsuite/g++.old-deja/g++.law/cvt8.C
++++ b/gcc/testsuite/g++.old-deja/g++.law/cvt8.C
+@@ -20,12 +20,12 @@
+ B::operator const A&() const {
+         static A a;
+         a.i = i;
+-        printf("convert B to A at %x\n", &a);
++        printf("convert B to A at %p\n", (void*)&a);
+         return a;
+ }
+ 
+ void f(A &a) { // { dg-error "" } in passing argument
+-        printf("A at %x is %d\n", &a, a.i);
++        printf("A at %p is %d\n", (void*)&a, a.i);
+ }
+ 
+ int main() {
+--- a/gcc/testsuite/g++.old-deja/g++.mike/net35.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/net35.C
+@@ -17,10 +17,10 @@
+ 
+ int main() {
+   C c;
+-  printf("&c.x = %x\n", &c.x);
+-  printf("&c.B1::x = %x\n", &c.B1::x);
+-  printf("&c.B2::x = %x\n", &c.B2::x);
+-  printf("&c.A::x = %x\n", &c.A::x);
++  printf("&c.x = %p\n", (void*)&c.x);
++  printf("&c.B1::x = %p\n", (void*)&c.B1::x);
++  printf("&c.B2::x = %p\n", (void*)&c.B2::x);
++  printf("&c.A::x = %p\n", (void*)&c.A::x);
+   if (&c.x != &c.B1::x
+       || &c.x != &c.B2::x
+       || &c.x != &c.A::x)
+--- a/gcc/testsuite/g++.old-deja/g++.mike/offset1.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/offset1.C
+@@ -6,7 +6,7 @@
+ class Foo {
+ public:
+    virtual void setName() {
+-     printf("Foo at %x\n", this);
++     printf("Foo at %p\n", (void*)this);
+      if (vp != (void*)this)
+        fail = 1;
+    }
+@@ -15,7 +15,7 @@
+ class Bar : public Foo {
+ public:
+   virtual void init(int argc, char **argv) {
+-    printf("Bar's Foo at %x\n", (Foo*)this);
++    printf("Bar's Foo at %p\n", (void*)(Foo*)this);
+     vp = (void*)(Foo*)this;
+     setName();
+   }
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p12306.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p12306.C
+@@ -18,7 +18,7 @@
+     if (ptr2 != &(*this).slist)
+       fail = 6;
+ 
+-    if (0) printf("at %x %x\n", (RWSlistIterator*)this, &(*this).slist);
++    if (0) printf("at %p %p\n", (void*)(RWSlistIterator*)this, (void*)&(*this).slist);
+   }
+ };
+ 
+@@ -54,14 +54,14 @@
+ void Sim_Event_Manager::post_event () {
+   ptr1 = (RWSlistIterator*)&last_posted_event_position_;
+   ptr2 = &((RWSlistIterator*)&last_posted_event_position_)->slist;
+-  if (0) printf("at %x %x\n", (RWSlistIterator*)&last_posted_event_position_,
+-		&((RWSlistIterator*)&last_posted_event_position_)->slist);
++  if (0) printf("at %p %p\n", (void*)(RWSlistIterator*)&last_posted_event_position_,
++		(void*)&((RWSlistIterator*)&last_posted_event_position_)->slist);
+   if (ptr1 != (RWSlistIterator*)&last_posted_event_position_)
+     fail = 1;
+   if (ptr2 != &((RWSlistIterator&)last_posted_event_position_).slist)
+     fail = 2;
+-  if (0) printf("at %x ?%x\n", (RWSlistIterator*)&last_posted_event_position_,
+-		&((RWSlistIterator&)last_posted_event_position_).slist);
++  if (0) printf("at %p ?%p\n", (void*)(RWSlistIterator*)&last_posted_event_position_,
++		(void*)&((RWSlistIterator&)last_posted_event_position_).slist);
+   if (ptr1 != (RWSlistIterator*)&last_posted_event_position_)
+     fail = 3;
+   if (ptr2 != &((RWSlistIterator&)last_posted_event_position_).slist)
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3579.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3579.C
+@@ -7,26 +7,26 @@
+ 
+ class Y {
+ public:
+-  Y () { printf("Y()            this: %x\n", this); }
+-  ~Y () { printf("~Y()           this: %x\n", this); }
++  Y () { printf("Y()            this: %p\n", (void*)this); }
++  ~Y () { printf("~Y()           this: %p\n", (void*)this); }
+ };
+ 
+ class X {
+ public:
+   X () {
+     ++num_x;
+-    printf("X()            this: %x\n", this);
++    printf("X()            this: %p\n", (void*)this);
+     Y y;
+     *this = (X) y;
+   }
+ 
+-  X (const Y & yy) { printf("X(const Y&)    this: %x\n", this); ++num_x; }
++  X (const Y & yy) { printf("X(const Y&)    this: %p\n", (void*)this); ++num_x; }
+   X & operator = (const X & xx) {
+-    printf("X.op=(X&)      this: %x\n", this);
++    printf("X.op=(X&)      this: %p\n", (void*)this);
+     return *this;
+   }
+ 
+-  ~X () { printf("~X()           this: %x\n", this); --num_x; }
++  ~X () { printf("~X()           this: %p\n", (void*)this); --num_x; }
+ };
+ 
+ int main (int, char **) {
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3708a.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3708a.C
+@@ -38,7 +38,7 @@
+   virtual void xx(int doit) {
+     --num;
+     if (ptr != this)
+-      printf("FAIL\n%x != %x\n", ptr, this);
++      printf("FAIL\n%p != %p\n", ptr, (void*)this);
+     printf ("C is destructed.\n");
+     B::xx (0);
+     if (doit) A::xx (1);
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3708b.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3708b.C
+@@ -48,7 +48,7 @@
+   virtual void xx(int doit) {
+     --num;
+     if (ptr != this) {
+-      printf("FAIL\n%x != %x\n", ptr, this);
++      printf("FAIL\n%p != %p\n", ptr, (void*)this);
+       exit(1);
+     }
+     printf ("D is destructed.\n");
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p3708.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p3708.C
+@@ -38,7 +38,7 @@
+   virtual void xx(int doit) {
+     --num;
+     if (ptr != this)
+-      printf("FAIL\n%x != %x\n", ptr, this);
++      printf("FAIL\n%p != %p\n", ptr, (void*)this);
+     printf ("C is destructed.\n");
+     B::xx (0);
+     if (doit) A::xx (1);
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p646.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p646.C
+@@ -35,20 +35,20 @@
+ foo::foo ()
+ {
+   si++;
+-  printf ("new foo @ 0x%x; now %d foos\n", this, si);
++  printf ("new foo @ %p; now %d foos\n", (void*)this, si);
+ }
+ 
+ foo::foo (const foo &other)
+ {
+   si++;
+-  printf ("another foo @ 0x%x; now %d foos\n", this, si);
++  printf ("another foo @ %p; now %d foos\n", (void*)this, si);
+   *this = other;
+ }
+ 
+ foo::~foo ()
+ {
+   si--;
+-  printf ("deleted foo @ 0x%x; now %d foos\n", this, si);
++  printf ("deleted foo @ %p; now %d foos\n", (void*)this, si);
+ }
+ 
+ int
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p710.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p710.C
+@@ -30,7 +30,7 @@
+    virtual ~B() {}
+    void operator delete(void*,size_t s)
+   {
+-      printf("B::delete() %d\n",s);
++      printf("B::delete() %u\n",(unsigned int)s);
+    }
+    void operator delete(void*){}
+ };
+--- a/gcc/testsuite/g++.old-deja/g++.mike/p789a.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/p789a.C
+@@ -13,10 +13,10 @@
+   int x;
+   foo () {
+     x = count++;
+-    printf("this %d = %x\n", x, (void *)this);
++    printf("this %d = %p\n", x, (void *)this);
+   }
+   virtual ~foo () {
+-    printf("this %d = %x\n", x, (void *)this);
++    printf("this %d = %p\n", x, (void *)this);
+     --count;
+   }
+ };
+@@ -31,7 +31,7 @@
+       {
+ 	for (int j = 0; j < 3; j++)
+ 	  {
+-	    printf("&a[%d][%d] = %x\n", i, j, (void *)&array[i][j]);
++	    printf("&a[%d][%d] = %p\n", i, j, (void *)&array[i][j]);
+ 	  }
+       }
+       // The count should be nine, if not, fail the test.
+--- a/gcc/testsuite/g++.old-deja/g++.mike/pmf2.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/pmf2.C
+@@ -42,7 +42,7 @@
+ bar jar;
+ 
+ int main() {
+-  printf("ptr to B_table=%x, ptr to A_table=%x\n",&b,(A_table*)&b);
++  printf("ptr to B_table=%p, ptr to A_table=%p\n",(void*)&b,(void*)(A_table*)&b);
+   B_table::B_ti_fn z = &B_table::func1;
+   int j = 1;
+   jar.call_fn_fn1(j,(void *)&z);
+--- a/gcc/testsuite/g++.old-deja/g++.mike/temp.C
++++ b/gcc/testsuite/g++.old-deja/g++.mike/temp.C
+@@ -7,11 +7,11 @@
+ public:
+   T() {
+     i = 1;
+-    printf("T() at %x\n", this);
++    printf("T() at %p\n", (void*)this);
+   }
+   T(const T& o) {
+     i = o.i;
+-    printf("T(const T&) at %x <-- %x\n", this, &o);
++    printf("T(const T&) at %p <-- %p\n", (void*)this, (void*)&o);
+   }
+   T operator +(const T& o) {
+     T r;
+@@ -21,7 +21,7 @@
+   operator int () {
+     return i;
+   }
+-  ~T() { printf("~T() at %x\n", this); }
++  ~T() { printf("~T() at %p\n", (void*)this); }
+ } s, b;
+ 
+ int foo() { return getenv("TEST") == 0; }
+--- a/gcc/testsuite/g++.old-deja/g++.other/temporary1.C
++++ b/gcc/testsuite/g++.old-deja/g++.other/temporary1.C
+@@ -5,16 +5,16 @@
+ class Foo 
+ {
+ public:
+-   Foo() { printf("Foo() 0x%08lx\n", (__SIZE_TYPE__)this); ++c; }
+-   Foo(Foo const &) { printf("Foo(Foo const &) 0x%08lx\n", (__SIZE_TYPE__)this); }
+-   ~Foo() { printf("~Foo() 0x%08lx\n", (__SIZE_TYPE__)this); ++d; }
++   Foo() { printf("Foo() %p\n", (void*)this); ++c; }
++   Foo(Foo const &) { printf("Foo(Foo const &) %p\n", (void*)this); }
++   ~Foo() { printf("~Foo() %p\n", (void*)this); ++d; }
+ };
+ 
+ // Bar creates constructs a temporary Foo() as a default
+ class Bar 
+ {
+ public:
+-   Bar(Foo const & = Foo()) { printf("Bar(Foo const &) 0x%08lx\n", (__SIZE_TYPE__)this); }
++   Bar(Foo const & = Foo()) { printf("Bar(Foo const &) %p\n", (void*)this); }
+ };
+ 
+ void fakeRef(Bar *)
+--- a/gcc/testsuite/g++.old-deja/g++.other/virtual8.C
++++ b/gcc/testsuite/g++.old-deja/g++.other/virtual8.C
+@@ -4,7 +4,7 @@
+ struct A
+ {
+   virtual void f () {
+-    printf ("%x\n", this);
++    printf ("%p\n", (void*)this);
+   }
+ };
+ 
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp23.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp23.C
+@@ -13,7 +13,7 @@
+ 
+   template <class U>
+   void f(U u)
+-  { printf ("In S::f(U)\nsizeof(U) == %d\n", sizeof(u)); }
++  { printf ("In S::f(U)\nsizeof(U) == %d\n", (int)sizeof(u)); }
+ 
+   int c[16];
+ };
+--- agcc/testsuite/g++.old-deja/g++.pt/memtemp24.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp24.C
+@@ -13,7 +13,7 @@
+ 
+   template <class U>
+   void f(U u)
+-  { printf ("In S::f(U)\nsizeof(U) == %d\n", sizeof(u)); }
++  { printf ("In S::f(U)\nsizeof(U) == %d\n", (int)sizeof(u)); }
+ 
+   int c[16];
+ };
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp25.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp25.C
+@@ -6,7 +6,7 @@
+ struct S
+ {
+   template <class U>
+-  void f(U u) { printf ("%d\n", sizeof (U)); }
++  void f(U u) { printf ("%d\n", (int)sizeof (U)); }
+ 
+   int i[4];
+ };
+--- a/gcc/testsuite/g++.old-deja/g++.pt/memtemp26.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/memtemp26.C
+@@ -16,7 +16,7 @@
+ template <class U>
+ void S<X>::f(U u)
+ {
+-  printf ("%d\n", sizeof (U));
++  printf ("%d\n", (int)sizeof (U));
+ }
+ 
+ 
+--- a/gcc/testsuite/g++.old-deja/g++.pt/t39.C
++++ b/gcc/testsuite/g++.old-deja/g++.pt/t39.C
+@@ -10,9 +10,9 @@
+ 
+ template <class T>
+ void frob<T>::print () {
+-  printf ("this = %08x\n", this);
+-  printf (" ptr = %08x\n", ptr);
+-  printf (" values = %x %x %x ...\n", ptr[0], ptr[1], ptr[2]);
++  printf ("this = %p\n", (void*)this);
++  printf (" ptr = %p\n", (void*)ptr);
++  printf (" values = %x %x %x ...\n", (int)ptr[0], (int)ptr[1], (int)ptr[2]);
+ }
+ 
+   static int x[10];
+--- a/gcc/testsuite/g++.old-deja/g++.robertl/eb17.C
++++ b/gcc/testsuite/g++.old-deja/g++.robertl/eb17.C
+@@ -44,15 +44,15 @@
+     A * a = new B;
+     B * b = dynamic_cast<B *>(a);
+ 
+-    printf("%p\n",b);                // (*2*)
++    printf("%p\n",(void*)b);                // (*2*)
+     b->print();
+ 
+     a = b;
+-    printf("%p\n",a);
++    printf("%p\n",(void*)a);
+     a->print();
+ 
+     a = a->clone();
+-    printf("%p\n",a);
++    printf("%p\n",(void*)a);
+     a->print();                      // (*1*)
+ 
+     return 0;

diff --git a/upstream/testsuite.patch b/upstream/testsuite.patch
index 50d06e5..82456cc 100644
--- a/upstream/testsuite.patch
+++ b/upstream/testsuite.patch
@@ -15,6 +15,15 @@
  # Return 1 if this target supports the -fsplit-stack option, 0
  # otherwise.
  
+--- a/gcc/testsuite/gcc.c-torture/execute/memset-1.x	2012-08-18 14:43:31.963694252 +0200
++++ b/gcc/testsuite/gcc.c-torture/execute/memset-1.x	2012-07-27 21:47:01.000000000 +0200
+@@ -0,0 +1,6 @@
++load_lib target-supports.exp
++
++if { [check_effective_target_espf] } {
++        set additional_flags "-U_FORTIFY_SOURCE"
++}
++return 0
 --- a/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x	2012-07-30 02:31:20.573793905 +0200
 +++ b/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x	2012-07-27 21:47:01.574480025 +0200
 @@ -0,0 +1,6 @@

diff --git a/upstream/testsuite_no_espf.patch b/upstream/testsuite_no_espf.patch
new file mode 100644
index 0000000..8991a69
--- /dev/null
+++ b/upstream/testsuite_no_espf.patch
@@ -0,0 +1,98 @@
+--- a/gcc/testsuite/gcc.dg/20021014-1.c	2009-10-02 01:08:07.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/20021014-1.c	2012-08-14 23:50:16.724373103 +0200
+@@ -1,6 +1,7 @@
+ /* { dg-do run } */
+ /* { dg-require-profiling "-p" } */
+ /* { dg-options "-O2 -p" } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ /* { dg-options "-O2 -p -static" { target hppa*-*-hpux* } } */
+ /* { dg-error "profiler" "No profiler support" { target xstormy16-*-* } 0 } */
+ /* { dg-message "" "consider using `-pg' instead of `-p' with gprof(1)" { target *-*-freebsd* } 0 } */
+--- a/gcc/testsuite/gcc.dg/nest.c	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/nest.c	2012-08-14 23:51:44.797375728 +0200
+@@ -3,6 +3,7 @@
+ /* { dg-require-profiling "-pg" } */
+ /* { dg-options "-O2 -pg" } */
+ /* { dg-options "-O2 -pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ /* { dg-error "profiler" "No profiler support" { target xstormy16-*-* } 0 } */
+ 
+ extern void abort (void);
+--- a/gcc/testsuite/gcc.dg/nested-func-4.c	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/nested-func-4.c	2012-08-14 23:52:23.337376877 +0200
+@@ -1,6 +1,7 @@
+ /* { dg-do run } */
+ /* { dg-options "-pg" } */
+ /* { dg-options "-pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ /* { dg-require-profiling "-pg" } */
+ 
+ extern void abort(void);
+--- a/gcc/testsuite/gcc.dg/pr32450.c	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/pr32450.c	2012-08-14 23:53:38.125379106 +0200
+@@ -5,6 +5,7 @@
+ /* { dg-options "-O2 -pg" } */
+ /* { dg-options "-O2 -pg -mtune=core2" { target { i?86-*-* x86_64-*-* } } } */
+ /* { dg-options "-O2 -pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ 
+ extern void abort (void);
+ 
+--- a/gcc/testsuite/gcc.dg/pr43643.c	2010-04-14 18:47:15.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/pr43643.c	2012-08-14 23:54:20.084380356 +0200
+@@ -4,6 +4,7 @@
+ /* { dg-require-profiling "-pg" } */
+ /* { dg-options "-O2 -pg" } */
+ /* { dg-options "-O2 -pg -static" { target hppa*-*-hpux* } } */
++/* { dg-additional-options "-fno-PIE" { target espf } } */
+ 
+ extern char *strdup (const char *);
+ 
+--- a/gcc.dg/tree-ssa/ssa-store-ccp-3.c	2011-08-07 09:45:57.000000000 +0200
++++ b/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c	2012-08-14 23:59:24.489389427 +0200
+@@ -3,6 +3,7 @@
+    defined for executables as well as shared libraries.  */
+ /* { dg-skip-if "" { *-*-darwin* hppa*64*-*-* mips*-*-linux* mips*-*-irix* *-*-mingw* } { "*" } { "" } } */
+ /* { dg-options "-O2 -fno-common -fdump-tree-optimized" } */
++/* { dg-skip-if "" { espf } { "*" } { "" } } */ */
+ 
+ const int conststaticvariable;
+ 
+--- a/gcc/testsuite/gcc.dg/stack-usage-1.c	2012-02-23 19:10:53.000000000 +0100
++++ b/gcc/testsuite/gcc.dg/stack-usage-1.c	2012-08-14 23:55:37.558382664 +0200
+@@ -1,5 +1,6 @@
+ /* { dg-do compile } */
+ /* { dg-options "-fstack-usage" } */
++/* { dg-additional-options "-fno-stack-protector" { target espf } } */
+ 
+ /* This is aimed at testing basic support for -fstack-usage in the back-ends.
+    See the SPARC back-end for example (grep flag_stack_usage_info in sparc.c).
+--- a/gcc/testsuite/gcc.dg/superblock.c	2012-08-15 00:28:32.995441532 +0200
++++ b/gcc/testsuite/gcc.dg/superblock.c	2012-08-14 23:56:30.159384232 +0200
+@@ -1,5 +1,6 @@
+ /* { dg-do compile } */
+ /* { dg-options "-O2 -fno-asynchronous-unwind-tables -fsched2-use-superblocks -fdump-rtl-sched2 -fdump-rtl-bbro" } */
++/* { dg-additional-options "-fno-stack-protector" { target espf } } */
+ 
+ typedef int aligned __attribute__ ((aligned (64)));
+ extern void abort (void);
+--- a/gcc/testsuite/g++.dg/other/anon5.C	2012-08-16 17:33:08.842848160 +0200
++++ b/gcc/testsuite/g++.dg/other/anon5.C	2012-08-16 17:33:35.913848967 +0200
+@@ -1,6 +1,7 @@
+ // PR c++/34094
+ // { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* alpha*-dec-osf* mips-sgi-irix* } } } }
+ // { dg-options "-g" }
++// { dg-additional-options "-fno-PIE" { target espf } }
+ 
+ namespace {
+   struct c
+--- a/gcc/testsuite/g++.old-deja/g++.law/profile1.C	2007-08-30 07:23:02.000000000 +0200
++++ b/gcc/testsuite/g++.old-deja/g++.law/profile1.C	2012-08-21 20:48:15.463070406 +0200
+@@ -2,6 +2,7 @@
+ // { dg-require-profiling "-pg" }
+ // { dg-options "-pg" }
+ // { dg-options "-pg -static" { target hppa*-*-hpux* } }
++// { dg-additional-options "-fno-PIE" { target espf } }
+ // GROUPS passed profiling
+ #include <stdio.h>
+ main()

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     3fc064b6fbfb3317a1002ba0846f178ee6a6f144
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Aug  8 16:05:03 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Aug  8 16:05:03 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=3fc064b6

updated upstream patches with small fixes in gcc.c

---
 upstream/gcc.c.patch |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/upstream/gcc.c.patch b/upstream/gcc.c.patch
index 605cbb8..06e75fb 100644
--- a/upstream/gcc.c.patch
+++ b/upstream/gcc.c.patch
@@ -9,7 +9,7 @@
 + %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h} "
 + /* Needed by configure --enable-espf */
 + #ifdef ENABLE_ESPF_FORTIFY
-+"%(espf_cpp_unique_options)"
++"%(espf_cpp_unique_options) "
 +#endif
 +"%{E|M|MM:%W{o*}}";
  

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     0e28c5d8e6e028437340bd03b2d450dbe06bf03a
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Aug  1 18:35:36 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Aug  1 18:35:36 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=0e28c5d8

updated upstream patches with small fixes

---
 upstream/config_all.patch   |    3 ++-
 upstream/config_i386.patch  |    6 ++++--
 upstream/configure.ac.patch |   10 ++++++----
 upstream/gcc.c.patch        |   12 ++++++------
 upstream/gcc_doc.patch      |   14 +++++++-------
 5 files changed, 25 insertions(+), 20 deletions(-)

diff --git a/upstream/config_all.patch b/upstream/config_all.patch
index aa16b1b..3fe4824 100644
--- a/upstream/config_all.patch
+++ b/upstream/config_all.patch
@@ -1,10 +1,11 @@
 --- a/gcc/config/linux.h	2011-07-07 17:38:34.000000000 +0200
 +++ b/gcc/config/linux.h	2012-07-09 14:24:08.599281404 +0200
-@@ -104,3 +104,31 @@ see the files COPYING3 and COPYING.RUNTI
+@@ -104,3 +104,32 @@ see the files COPYING3 and COPYING.RUNTI
  /* Whether we have Bionic libc runtime */
  #undef TARGET_HAS_BIONIC
  #define TARGET_HAS_BIONIC (OPTION_BIONIC)
 +
++/* Needed by configure --enable-espf */
 +#ifdef ENABLE_ESPF
 +#ifdef ENABLE_ESPF_PIE
 +#define ESPF_GCC_PIE_SPEC \

diff --git a/upstream/config_i386.patch b/upstream/config_i386.patch
index 58ceebe..f8c10cb 100644
--- a/upstream/config_i386.patch
+++ b/upstream/config_i386.patch
@@ -1,20 +1,22 @@
 --- a/gcc/config/i386/linux.h	2011-06-03 20:30:39.000000000 +0200
 +++ b/gcc/config/i386/linux.h	2012-07-05 21:00:38.304691613 +0200
-@@ -22,3 +22,7 @@ along with GCC; see the file COPYING3.
+@@ -22,3 +22,8 @@ along with GCC; see the file COPYING3.
  
  #define GNU_USER_LINK_EMULATION "elf_i386"
  #define GLIBC_DYNAMIC_LINKER "/lib/ld-linux.so.2"
 +
++/* Needed by configure --enable-espf */
 +#ifdef ENABLE_ESPF
 +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS
 +#endif
 --- a/gcc/config/i386/linux64.h	2011-07-07 17:38:34.000000000 +0200
 +++ b/gcc/config/i386/linux64.h	2012-07-05 20:59:39.342689855 +0200
-@@ -31,3 +31,7 @@ see the files COPYING3 and COPYING.RUNTI
+@@ -31,3 +31,8 @@ see the files COPYING3 and COPYING.RUNTI
  #define GLIBC_DYNAMIC_LINKER32 "/lib/ld-linux.so.2"
  #define GLIBC_DYNAMIC_LINKER64 "/lib64/ld-linux-x86-64.so.2"
  #define GLIBC_DYNAMIC_LINKERX32 "/libx32/ld-linux-x32.so.2"
 +
++/* Needed by configure --enable-espf */
 +#ifdef ENABLE_ESPF
 +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS
 +#endif

diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch
index 49a7e21..8fc9730 100644
--- a/upstream/configure.ac.patch
+++ b/upstream/configure.ac.patch
@@ -1,6 +1,6 @@
 --- a/configure.ac	2012-02-02 11:20:32.000000000 +0100
 +++ b/configure.ac	2012-07-01 00:44:27.845218414 +0200
-@@ -424,6 +424,35 @@ AC_ARG_ENABLE(libssp,
+@@ -424,6 +424,36 @@ AC_ARG_ENABLE(libssp,
  ENABLE_LIBSSP=$enableval,
  ENABLE_LIBSSP=yes)
  
@@ -9,7 +9,8 @@
 +[AS_HELP_STRING([--enable-espf[=ARG]],
 +		[Enable Stack protector, Position independent executable and
 +		 Fortify_source as default. If we have suppot for it when compiling.
-+		 Linux targets supported x86_64. @<:@ARG={all,pie,ssp,no}@:>@ ])],
++		 Linux targets supported x86, x32 and x86_64.
++		 @<:@ARG={all,pie,ssp,no}@:>@ ])],
 +set_enable_espf=$enableval,
 +set_enable_espf=no)
 +case "${set_enable_espf}" in
@@ -50,7 +51,7 @@
  # Enable --enable-checking in stage1 of the compiler.
 --- a/gcc/configure.ac	2012-02-22 12:27:45.000000000 +0100
 +++ b/gcc/configure.ac	2012-07-01 00:43:14.054216215 +0200
-@@ -5193,6 +5193,155 @@ if test x"${LINKER_HASH_STYLE}" != x; th
+@@ -5193,6 +5193,156 @@ if test x"${LINKER_HASH_STYLE}" != x; th
                                           [The linker hash style])
  fi
  
@@ -63,7 +64,8 @@
 +[AS_HELP_STRING([--enable-espf[=ARG]],
 +		[Enable Stack protector, Position independent executable and
 +		 Fortify_source as default. If we have suppot for it when compiling.
-+		 Linux targets supported x86_64. @<:@ARG={all,pie,ssp,no}@:>@ ])],
++		 Linux targets supported x86, x32 and x86_64.
++		 @<:@ARG={all,pie,ssp,no}@:>@ ])],
 +set_enable_espf=$enableval,
 +set_enable_espf=no)
 +case "${set_enable_espf}" in

diff --git a/upstream/gcc.c.patch b/upstream/gcc.c.patch
index 556f0a5..605cbb8 100644
--- a/upstream/gcc.c.patch
+++ b/upstream/gcc.c.patch
@@ -1,17 +1,17 @@
 --- a/gcc/gcc.c	2012-02-28 18:31:38.000000000 +0100
-+++ b/gcc/gcc.c	2012-07-06 17:03:20.505842011 +0200
-@@ -756,9 +756,11 @@ static const char *cpp_unique_options =
++++ b/gcc/gcc.c	2012-08-01 03:10:01.060123826 +0200
+@@ -756,8 +756,12 @@ static const char *cpp_unique_options =
   %{!iplugindir*:%{fplugin*:%:find-plugindir()}}\
   %{H} %C %{D*&U*&A*} %{i*} %Z %i\
   %{fmudflap:-D_MUDFLAP -include mf-runtime.h}\
 - %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h}\
 - %{E|M|MM:%W{o*}}";
--
 + %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h} "
-+#ifdef ENABLE_ESPF_FORTIFY
-+"%(espf_cpp_unique_options) "
++ /* Needed by configure --enable-espf */
++ #ifdef ENABLE_ESPF_FORTIFY
++"%(espf_cpp_unique_options)"
 +#endif
 +"%{E|M|MM:%W{o*}}";
+ 
  /* This contains cpp options which are common with cc1_options and are passed
     only when preprocessing only to avoid duplication.  We pass the cc1 spec
-    options to the preprocessor so that it the cc1 spec may manipulate

diff --git a/upstream/gcc_doc.patch b/upstream/gcc_doc.patch
index ba76d17..fc39347 100644
--- a/upstream/gcc_doc.patch
+++ b/upstream/gcc_doc.patch
@@ -55,7 +55,7 @@
  that were used to generate code (@option{-fpie}, @option{-fPIE},
  or model suboptions) when you specify this option.
  
-+NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option is
++NOTE: With configure --enable-espf=@r{[}all@r{|}pie@r{]} this option is
 +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE},
 +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC},
 +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles},
@@ -68,7 +68,7 @@
  @code{__pie__} and @code{__PIE__}.  The macros have the value 1
  for @option{-fpie} and 2 for @option{-fPIE}.
  
-+NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option is
++NOTE: With configure --enable-espf=@r{[}all@r{|}pie@r{]} this option is
 +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE},
 +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC},
 +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles},
@@ -88,11 +88,11 @@
 +@option{-D_FORTIFY_SOURCE=2}, @option{-Wformat} and 
 +@option{-Wformat-security} will be turn on as default and depend on
 +if you use @samp{all} it will turn on @option{-fstack-protection}and
-+@option{-fPIE} by default. if the support is there. If you use
-+@samp{ssp} it will turn on @option{-fstack-protection} by default if the
-+support is there. If you use @samp{pie} it will turn on @option{-fPIE}
-+by default if the support is there. We only support x86-64-*-linux* as target
-+for now.
++@option{-fPIE} and @option{-pie} by default. if the support is there. If you
++use @samp{ssp} it will turn on @option{-fstack-protection} by default if the
++support is there. If you use @samp{pie} it will turn on @option{-fPIE} and
++@option{-pie} by default if the support is there. We only support
++i?86*-*-linux*, x86_32*-*-linux* and x86_64*-*-linux* as target for now.
 +
  @item --disable-libquadmath
  Specify that the GCC quad-precision math library should not be built.

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     750927c7e75c0a24fe7c625afc4a240d29aebc3c
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Mon Jul 30 21:04:46 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Mon Jul 30 21:04:46 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=750927c7

updated upstream patches with doc and some testsuite fixes

---
 upstream/Makefile.in.patch |   10 ++++
 upstream/Wformat.patch     |   45 ++++++--------------
 upstream/config_all.patch  |    6 +-
 upstream/gcc_doc.patch     |   99 ++++++++++++++++++++++++++++++++++++++++++++
 upstream/testsuite.patch   |   35 +++++++++++++++
 5 files changed, 161 insertions(+), 34 deletions(-)

diff --git a/upstream/Makefile.in.patch b/upstream/Makefile.in.patch
index cc7d0f0..9b3c173 100644
--- a/upstream/Makefile.in.patch
+++ b/upstream/Makefile.in.patch
@@ -68,6 +68,16 @@
  
  	mv tmp-libgcc.mvars libgcc.mvars
  
+@@ -4893,6 +4903,9 @@ site.exp: ./config.status Makefile
+ 	@if test "@enable_lto@" = "yes" ; then \
+ 	  echo "set ENABLE_LTO 1" >> ./site.tmp; \
+ 	fi
++	@if test "@enable_espf@" = "yes" ; then \
++	  echo "set ENABLE_ESPF 1" >> ./site.tmp; \
++	fi
+ # If newlib has been configured, we need to pass -B to gcc so it can find
+ # newlib's crt0.o if it exists.  This will cause a "path prefix not used"
+ # message if it doesn't, but the testsuite is supposed to ignore the message -
 --- a/libgcc/Makefile.in	2011-11-22 04:01:02.000000000 +0100
 +++ b/libgcc/Makefile.in	2012-06-29 00:15:04.534016511 +0200
 @@ -275,11 +275,16 @@ override CFLAGS := $(filter-out -fprofil

diff --git a/upstream/Wformat.patch b/upstream/Wformat.patch
index be0b07a..99bfcf5 100644
--- a/upstream/Wformat.patch
+++ b/upstream/Wformat.patch
@@ -1,6 +1,6 @@
 --- a/gcc/c-family/c-common.c	2012-02-13 21:12:54.000000000 +0100
-+++ b/gcc/c-family/c-common.c	2012-07-09 23:17:18.375234684 +0200
-@@ -202,7 +202,19 @@ int warn_unknown_pragmas; /* Tri state v
++++ b/gcc/c-family/c-common.c	2012-07-28 00:04:05.351725091 +0200
+@@ -202,7 +202,11 @@ int warn_unknown_pragmas; /* Tri state v
  /* Warn about format/argument anomalies in calls to formatted I/O functions
     (*printf, *scanf, strftime, strfmon, etc.).  */
  
@@ -9,37 +9,20 @@
 +#else
  int warn_format;
 +#endif
-+
-+/* Warn about possible security problems with format functions.  */
-+
-+#ifdef ENABLE_ESPF
-+int warn_format_security = 1;
-+#else
-+int warn_format_security;
-+#endif
  
  /* C/ObjC language option variables.  */
  
---- a/gcc/c-family/c-common.h	2011-12-20 21:44:13.000000000 +0100
-+++ b/gcc/c-family/c-common.h	2012-07-09 23:16:33.355233344 +0200
-@@ -594,6 +594,9 @@ extern int warn_unknown_pragmas; /* Tri
- 
- extern int warn_format;
- 
-+/* Warn about possible security problems with format functions.  */
+--- a/gcc/c-family/c-format.c	2011-06-07 23:52:46.000000000 +0200
++++ b/gcc/c-family/c-format.c	2012-07-28 00:43:00.612794680 +0200
+@@ -52,6 +52,11 @@ set_Wformat (int setting)
+   /* Make sure not to disable -Wnonnull if -Wformat=0 is specified.  */
+   if (setting)
+     warn_nonnull = setting;
 +
-+extern int warn_format_security;
- 
- /* C/ObjC language option variables.  */
- 
---- a/gcc/c-family/c.opt	2012-02-06 11:31:18.000000000 +0100
-+++ b/gcc/c-family/c.opt	2012-07-09 22:07:11.449109322 +0200
-@@ -392,7 +392,7 @@ C ObjC C++ ObjC++ Var(warn_format_contai
- Warn about format strings that contain NUL bytes
- 
- Wformat-security
--C ObjC C++ ObjC++ Var(warn_format_security) Warning
-+C ObjC C++ ObjC++ Warning
- Warn about possible security problems with format functions
++#ifdef ENABLE_ESPF
++  if (setting == 1)
++    warn_format_security = 1;
++#endif
+ }
  
- Wformat-y2k
+ \f

diff --git a/upstream/config_all.patch b/upstream/config_all.patch
index f7c8e9b..aa16b1b 100644
--- a/upstream/config_all.patch
+++ b/upstream/config_all.patch
@@ -1,9 +1,9 @@
 --- a/gcc/config/linux.h	2011-07-07 17:38:34.000000000 +0200
 +++ b/gcc/config/linux.h	2012-07-09 14:24:08.599281404 +0200
 @@ -104,3 +104,31 @@ see the files COPYING3 and COPYING.RUNTI
- /* Whether we have sincos that follows the GNU extension.  */
- #undef TARGET_HAS_SINCOS
- #define TARGET_HAS_SINCOS (OPTION_GLIBC || OPTION_BIONIC)
+ /* Whether we have Bionic libc runtime */
+ #undef TARGET_HAS_BIONIC
+ #define TARGET_HAS_BIONIC (OPTION_BIONIC)
 +
 +#ifdef ENABLE_ESPF
 +#ifdef ENABLE_ESPF_PIE

diff --git a/upstream/gcc_doc.patch b/upstream/gcc_doc.patch
new file mode 100644
index 0000000..ba76d17
--- /dev/null
+++ b/upstream/gcc_doc.patch
@@ -0,0 +1,99 @@
+--- a/gcc/doc/invoke.texi	2012-03-01 10:57:59.000000000 +0100
++++ b/gcc/doc/invoke.texi	2012-07-30 00:57:03.766847851 +0200
+@@ -3216,6 +3216,10 @@ aspects of format checking, the options
+ @option{-Wformat-nonliteral}, @option{-Wformat-security}, and
+ @option{-Wformat=2} are available, but are not included in @option{-Wall}.
+ 
++NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}is 
++this option enabled by default for C, C++, ObjC, ObjC++.
++To disable, use @option{-Wformat=0}.
++
+ @item -Wformat-y2k
+ @opindex Wformat-y2k
+ @opindex Wno-format-y2k
+@@ -3269,6 +3273,12 @@ currently a subset of what @option{-Wfor
+ in future warnings may be added to @option{-Wformat-security} that are not
+ included in @option{-Wformat-nonliteral}.)
+ 
++NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]} is
++this option enabled by default for C, C++, ObjC, ObjC++.  To disable,
++use @option{-Wno-format-security}, or disable all format warnings
++with @option{-Wformat=0}.  To make format security warnings fatal,
++specify @option{-Werror=format-security}.
++
+ @item -Wformat=2
+ @opindex Wformat=2
+ @opindex Wno-format=2
+@@ -6229,6 +6239,13 @@ also turns on the following optimization
+ Please note the warning under @option{-fgcse} about
+ invoking @option{-O2} on programs that use computed gotos.
+ 
++NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]},
++@option{-D_FORTIFY_SOURCE=2} is set by default, and is activated 
++when @option{-O} is set to 2 or higher. This enables additional 
++compile-time and run-time checks for several libc functions.
++To disable, specify either @option{-U_FORTIFY_SOURCE} or
++@option{-D_FORTIFY_SOURCE=0}.
++
+ @item -O3
+ @opindex O3
+ Optimize yet more.  @option{-O3} turns on all optimizations specified
+@@ -8475,6 +8492,12 @@ functions with buffers larger than 8 byt
+ when a function is entered and then checked when the function exits.
+ If a guard check fails, an error message is printed and the program exits.
+ 
++NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option
++is enabled by default for C, C++, ObjC, ObjC++, if none of 
++@option{-fno-stack-protector}, @option{-nostdlib}, 
++@option{-fno-stack-protector-all}, @option{nodefaultlibs}, 
++nor @option{-ffreestanding} are found.
++
+ @item -fstack-protector-all
+ @opindex fstack-protector-all
+ Like @option{-fstack-protector} except that all functions are protected.
+@@ -9457,6 +9480,12 @@ For predictable results, you must also s
+ that were used to generate code (@option{-fpie}, @option{-fPIE},
+ or model suboptions) when you specify this option.
+ 
++NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option is
++enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE},
++@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC},
++@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles},
++@option{-shared}, @option{-nodefaultlibs}, nor @option{static} are found.
++
+ @item -rdynamic
+ @opindex rdynamic
+ Pass the flag @option{-export-dynamic} to the ELF linker, on targets
+@@ -19125,6 +19154,12 @@ used during linking.
+ @code{__pie__} and @code{__PIE__}.  The macros have the value 1
+ for @option{-fpie} and 2 for @option{-fPIE}.
+ 
++NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option is
++enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE},
++@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC},
++@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles},
++@option{-shared}, @option{-nodefaultlibs}, nor @option{static} are found.
++
+ @item -fno-jump-tables
+ @opindex fno-jump-tables
+ Do not use jump tables for switch statements even where it would be
+--- a/gcc/doc/install.texi	2012-03-02 10:37:30.000000000 +0100
++++ b/gcc/doc/install.texi	2012-07-23 18:05:14.160784593 +0200
+@@ -1392,6 +1392,17 @@ do a @samp{make -C gcc gnatlib_and_tools
+ Specify that the run-time libraries for stack smashing protection
+ should not be built.
+ 
++@item --enable-espf=@var{list}
++Will turn on some compiler and preprosessor options as default.
++@option{-D_FORTIFY_SOURCE=2}, @option{-Wformat} and 
++@option{-Wformat-security} will be turn on as default and depend on
++if you use @samp{all} it will turn on @option{-fstack-protection}and
++@option{-fPIE} by default. if the support is there. If you use
++@samp{ssp} it will turn on @option{-fstack-protection} by default if the
++support is there. If you use @samp{pie} it will turn on @option{-fPIE}
++by default if the support is there. We only support x86-64-*-linux* as target
++for now.
++
+ @item --disable-libquadmath
+ Specify that the GCC quad-precision math library should not be built.
+ On some systems, the library is required to be linkable when building

diff --git a/upstream/testsuite.patch b/upstream/testsuite.patch
new file mode 100644
index 0000000..50d06e5
--- /dev/null
+++ b/upstream/testsuite.patch
@@ -0,0 +1,35 @@
+--- a/gcc/testsuite/lib/target-supports.exp	2012-02-22 12:00:21.000000000 +0100
++++ b/gcc/testsuite/lib/target-supports.exp	2012-07-27 19:19:30.849216278 +0200
+@@ -4419,6 +4419,14 @@ proc check_effective_target_lto { } {
+     return [info exists ENABLE_LTO]
+ }
+ 
++# Return 1 if the compiler has been configure with espf
++# (configure --enable-espf=(all|ssp|pie)) support.
++
++proc check_effective_target_espf { } {
++    global ENABLE_ESPF
++    return [info exists ENABLE_ESPF]
++}
++
+ # Return 1 if this target supports the -fsplit-stack option, 0
+ # otherwise.
+ 
+--- a/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x	2012-07-30 02:31:20.573793905 +0200
++++ b/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x	2012-07-27 21:47:01.574480025 +0200
+@@ -0,0 +1,6 @@
++load_lib target-supports.exp
++
++if [check_effective_target_espf] {
++        set additional_flags "-U_FORTIFY_SOURCE"
++}
++return 0
+--- a/gcc/testsuite/gcc.c-torture/execute/vfprintf-chk-1.x	2012-07-30 02:31:07.366794031 +0200
++++ b/gcc/testsuite/gcc.c-torture/execute/vfprintf-chk-1.x	2012-07-27 21:47:01.000000000 +0200
+@@ -0,0 +1,6 @@
++load_lib target-supports.exp
++
++if [check_effective_target_espf] {
++        set additional_flags "-U_FORTIFY_SOURCE"
++}
++return 0

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     ae04161720b0a88f4e4e5612056efc879575e005
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Jul 25 15:09:14 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Jul 25 15:09:14 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=ae041617

Update the upstream patches

---
 upstream/Wformat.patch     |   45 ++++++++++++++++++++++++++++++++++++++++++++
 upstream/config_all.patch  |   10 +++++---
 upstream/config_i386.patch |   37 +++++++++++++++++++++++++++--------
 3 files changed, 79 insertions(+), 13 deletions(-)

diff --git a/upstream/Wformat.patch b/upstream/Wformat.patch
new file mode 100644
index 0000000..be0b07a
--- /dev/null
+++ b/upstream/Wformat.patch
@@ -0,0 +1,45 @@
+--- a/gcc/c-family/c-common.c	2012-02-13 21:12:54.000000000 +0100
++++ b/gcc/c-family/c-common.c	2012-07-09 23:17:18.375234684 +0200
+@@ -202,7 +202,19 @@ int warn_unknown_pragmas; /* Tri state v
+ /* Warn about format/argument anomalies in calls to formatted I/O functions
+    (*printf, *scanf, strftime, strfmon, etc.).  */
+ 
++#ifdef ENABLE_ESPF
++int warn_format = 1;
++#else
+ int warn_format;
++#endif
++
++/* Warn about possible security problems with format functions.  */
++
++#ifdef ENABLE_ESPF
++int warn_format_security = 1;
++#else
++int warn_format_security;
++#endif
+ 
+ /* C/ObjC language option variables.  */
+ 
+--- a/gcc/c-family/c-common.h	2011-12-20 21:44:13.000000000 +0100
++++ b/gcc/c-family/c-common.h	2012-07-09 23:16:33.355233344 +0200
+@@ -594,6 +594,9 @@ extern int warn_unknown_pragmas; /* Tri
+ 
+ extern int warn_format;
+ 
++/* Warn about possible security problems with format functions.  */
++
++extern int warn_format_security;
+ 
+ /* C/ObjC language option variables.  */
+ 
+--- a/gcc/c-family/c.opt	2012-02-06 11:31:18.000000000 +0100
++++ b/gcc/c-family/c.opt	2012-07-09 22:07:11.449109322 +0200
+@@ -392,7 +392,7 @@ C ObjC C++ ObjC++ Var(warn_format_contai
+ Warn about format strings that contain NUL bytes
+ 
+ Wformat-security
+-C ObjC C++ ObjC++ Var(warn_format_security) Warning
++C ObjC C++ ObjC++ Warning
+ Warn about possible security problems with format functions
+ 
+ Wformat-y2k

diff --git a/upstream/config_all.patch b/upstream/config_all.patch
index f3af62d..f7c8e9b 100644
--- a/upstream/config_all.patch
+++ b/upstream/config_all.patch
@@ -1,6 +1,6 @@
 --- a/gcc/config/linux.h	2011-07-07 17:38:34.000000000 +0200
-+++ b/gcc/config/linux.h	2012-07-06 17:09:54.414853750 +0200
-@@ -104,3 +104,29 @@ see the files COPYING3 and COPYING.RUNTI
++++ b/gcc/config/linux.h	2012-07-09 14:24:08.599281404 +0200
+@@ -104,3 +104,31 @@ see the files COPYING3 and COPYING.RUNTI
  /* Whether we have sincos that follows the GNU extension.  */
  #undef TARGET_HAS_SINCOS
  #define TARGET_HAS_SINCOS (OPTION_GLIBC || OPTION_BIONIC)
@@ -15,18 +15,20 @@
 +#endif
 +#ifdef ENABLE_ESPF_SSP
 +#define ESPF_GCC_SSP_SPEC \
-+  "%{nostdlib|nodefaultlibs|fno-stack-protector| \
++  "%{nostdlib|nodefaultlibs|fno-stack-protector|freestanding| \
 +  fstack-protector|fstack-protector-all:;:-fstack-protector}"
 +#else
 +#define ESPF_GCC_SSP_SPEC ""
 +#endif
 +#ifdef ENABLE_ESPF_FORTIFY
 +#define ESPF_CPP_UNIQUE_OPTIONS_SPEC \
-+  "%{D_FORTIFY_SOURCE|D_FORTIFY_SOURCE=*|U_FORTIFY_SOURCE:;:-D _FORTIFY_SOURCE=2}"
++  "%{D_FORTIFY_SOURCE|D_FORTIFY_SOURCE=*|U_FORTIFY_SOURCE:;:-D_FORTIFY_SOURCE=2}"
 +#else
 +#define ESPF_CPP_UNIQUE_OPTIONS_SPEC ""
 +#endif
 +#define ESPF_DRIVER_SELF_SPECS \
 +  ESPF_GCC_PIE_SPEC, \
 +  ESPF_GCC_SSP_SPEC
++#define ESPF_EXTRA_SPECS \
++  { "espf_cpp_unique_options", ESPF_CPP_UNIQUE_OPTIONS_SPEC }
 +#endif

diff --git a/upstream/config_i386.patch b/upstream/config_i386.patch
index c6632c9..58ceebe 100644
--- a/upstream/config_i386.patch
+++ b/upstream/config_i386.patch
@@ -18,22 +18,41 @@
 +#ifdef ENABLE_ESPF
 +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS
 +#endif
+--- a/gcc/config/i386/gnu-user.h	2011-05-05 14:32:50.000000000 +0200
++++ b/gcc/config/i386/gnu-user.h	2012-07-09 14:28:38.726289455 +0200
+@@ -93,9 +93,16 @@ along with GCC; see the file COPYING3.
+   "--32 %{!mno-sse2avx:%{mavx:-msse2avx}} %{msse2avx:%{!mavx:-msse2avx}}"
+ 
+ #undef  SUBTARGET_EXTRA_SPECS
++#if def ENABLE_ESPF
+ #define SUBTARGET_EXTRA_SPECS \
+   { "link_emulation", GNU_USER_LINK_EMULATION },\
+-  { "dynamic_linker", GNU_USER_DYNAMIC_LINKER }
++  { "dynamic_linker", GNU_USER_DYNAMIC_LINKER }, \
++  ESPF_EXTRA_SPECS
++#else
++#define SUBTARGET_EXTRA_SPECS \
++  { "link_emulation", GNU_USER_LINK_EMULATION },\
++  { "dynamic_linker", GNU_USER_DYNAMIC_LINKER }
++#endif
+ 
+ #undef	LINK_SPEC
+ #define LINK_SPEC "-m %(link_emulation) %{shared:-shared} \
 --- a/gcc/config/i386/i386.h	2011-11-24 23:11:12.000000000 +0100
-+++ b/gcc/config/i386/i386.h	2012-07-06 17:30:46.694891067 +0200
-@@ -620,10 +620,17 @@ enum target_cpu_default
- #define SUBTARGET_EXTRA_SPECS
- #endif
++++ b/gcc/config/i386/i386.h	2012-07-09 14:21:24.575276517 +0200
+@@ -617,13 +617,16 @@ enum target_cpu_default
+    Do not define this macro if it does not need to do anything.  */
  
+ #ifndef SUBTARGET_EXTRA_SPECS
 +#ifdef ENABLE_ESPF
-+#define ESPF_EXTRA_SPECS \
-+  { "espf_cpp_unique_options", ESPF_CPP_UNIQUE_OPTIONS_SPEC }
++#define SUBTARGET_EXTRA_SPECS ESPF_EXTRA_SPECS
 +#else
-+#define ESPF_EXTRA_SPECS { "", "" }
+ #define SUBTARGET_EXTRA_SPECS
+ #endif
 +#endif
-+
+ 
  #define EXTRA_SPECS							\
    { "cc1_cpu",  CC1_CPU_SPEC },						\
-+  ESPF_EXTRA_SPECS, \
    SUBTARGET_EXTRA_SPECS
 -\f
  

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     a44df2af465660e2c3cd05328d4b855b50dc8e8e
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Sun Apr  8 13:00:05 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Sun Apr  8 13:00:05 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=a44df2af

Updated config.in patch for upstream

---
 upstream/config.in.patch |   21 ++++-----------------
 1 files changed, 4 insertions(+), 17 deletions(-)

diff --git a/upstream/config.in.patch b/upstream/config.in.patch
index 89f5ec4..7bd846e 100644
--- a/upstream/config.in.patch
+++ b/upstream/config.in.patch
@@ -1,12 +1,11 @@
-2010-06-24	Magnus Granberg		<zorry@gentoo.org>
+2012-04-08	Magnus Granberg		<zorry@gentoo.org>
 
-		* gcc/config.in	Add ENABLE_ESPF, ENABLE_ESPF_FORTIFY
-		ENABLE_ESPF_NOW, ENABLE_ESPF_PIE, ENABLE_ESPF_RELRO
-		and ENABLE_ESPF_SSP
+		* gcc/config.in	Add ENABLE_ESPF, ENABLE_ESPF_FORTIFY,
+		ENABLE_ESPF_PIE and ENABLE_ESPF_SSP
 
 --- a/gcc/config.in	2011-04-24 00:36:52.000000000 +0200
 +++ b/gcc/config.in	2011-06-24 14:17:05.166236726 +0200
-@@ -77,6 +77,41 @@
+@@ -77,6 +77,29 @@
  #endif
  
  
@@ -22,24 +21,12 @@
 +#endif
 +
 +
-+/* Define to 1 to enable espf with -z now when linking. */
-+#ifndef USED_FOR_TARGET
-+#undef ENABLE_ESPF_NOW
-+#endif
-+
-+
 +/* Define to 1 to enable espf with -fPIE -pie. */
 +#ifndef USED_FOR_TARGET
 +#undef ENABLE_ESPF_PIE
 +#endif
 +
 +
-+/* Define to 1 to enable espf with -z relro when linking. */
-+#ifndef USED_FOR_TARGET
-+#undef ENABLE_ESPF_RELRO
-+#endif
-+
-+
 +/* Define to 1 to enable espf with -fstack-protector. */
 +#ifndef USED_FOR_TARGET
 +#undef ENABLE_ESPF_SSP

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     9f286ca40bcefa89d281475687529dfc081856cf
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Sun Apr  8 12:36:28 2012 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Sun Apr  8 12:36:28 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=9f286ca4

Updated configure.ac patch for upstream

---
 upstream/configure.ac.patch |  233 +++++++++++++++++++++----------------------
 1 files changed, 115 insertions(+), 118 deletions(-)

diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch
index b08edcc..86bab05 100644
--- a/upstream/configure.ac.patch
+++ b/upstream/configure.ac.patch
@@ -1,25 +1,18 @@
-2011-06-24	Magnus Granberg		<zorry@gentoo.org>
-
-		* configure		Add --enable-espf.  Add -fno-stack-protector
-		to stage1_cflags.
-		* gcc/configure.ac 		Add --enable-espf and checks for it.
-
---- a/configure.ac	2011-04-18 23:27:00.000000000 +0200
-+++ b/configure.ac	2011-04-27 12:47:11.351473240 +0200
-@@ -419,6 +419,25 @@
+--- a/configure.ac	2011-11-29 22:36:43.000000000 +0100
++++ b/configure.ac	2011-12-07 23:29:26.125712475 +0100
+@@ -419,6 +419,24 @@ if test "${ENABLE_LIBADA}" != "yes" ; th
    noconfigdirs="$noconfigdirs gnattools"
  fi
  
 +# Check whether --enable-espf was given and target have the support.
 +AC_ARG_ENABLE([espf],
 +[AS_HELP_STRING([--enable-espf],
-+		[Enable Stack protector, Position independent executable and
-+		 Fortify_sources as default if we have suppot for it when compiling
-+		 and link with -z relro and -z now as default.
-+		 Linux targets supported x86_64.])],
++		[Enable Stack protector, Position independent executable as 
++		 default if we have suppot for it when compiling.
++		 Linux targets supported i*86, x86_64 and x86_x32.])],
 +[
 +  case $target in
-+    i?86*-*-linux* | x86_64*-*-linux* | x86_x32*-*-linux | powerpc-*-linux* | powerpc64-*-linux* | arm*-*-linux* | ia64-*-linux*)
++    i?86*-*-linux* | x86_??*-*-linux*)
 +      enable_espf=yes
 +      ;;
 +    *)
@@ -32,23 +25,25 @@
  AC_ARG_ENABLE(libssp,
  [AS_HELP_STRING([--enable-libssp], [build libssp directory])],
  ENABLE_LIBSSP=$enableval,
-@@ -3152,6 +3171,10 @@
-     esac ;;
- esac
+@@ -3211,6 +3230,11 @@ if test "$GCC" = yes -a "$ENABLE_BUILD_W
+   CFLAGS="$saved_CFLAGS"
+ fi
  
 +# Disable -fstack-protector on stage1
 +if test x$enable_espf = xyes; then
 +  stage1_cflags="$stage1_cflags -fno-stack-protector"
 +fi
- # This is aimed to mimic bootstrap with a non-GCC compiler to catch problems.
- if test "$GCC" = yes -a "$ENABLE_BUILD_WITH_CXX" != yes; then
-   saved_CFLAGS="$CFLAGS"
---- a/gcc/configure.ac	2011-04-13 19:12:53.000000000 +0200
-+++ b/gcc/configure.ac	2011-06-24 03:17:07.448179335 +0200
-@@ -4515,6 +4515,145 @@
- AC_SUBST(MAINT)dnl
++
+ AC_SUBST(stage1_cflags)
+ 
+ # Enable --enable-checking in stage1 of the compiler.
+--- a/gcc/configure.ac	2011-11-18 11:52:32.000000000 +0100
++++ b/gcc/configure.ac	2012-04-04 16:18:00.269968226 +0200
+@@ -5130,6 +5146,148 @@ if test x"${LINKER_HASH_STYLE}" != x; th
+                                          [The linker hash style])
+ fi
  
- # --------------
++# --------------
 +# Espf checks
 +# --------------
 +
@@ -56,16 +51,15 @@
 +AC_ARG_ENABLE([espf],
 +[AS_HELP_STRING([--enable-espf],
 +		[Enable Stack protector, Position independent executable and
-+		 Fortify_sources as default if we have suppot for it when compiling
-+		 and link with -z relro and -z now as default.
-+		 Linux targets supported x86_64])],
++		 Fortify_sources as default if we have suppot for it when compiling.
++		 Linux targets supported i*86, x86_64, and x86_x32.])],
 +	set_enable_espf=$enableval,
 +	set_enable_espf=no)
 +if test $set_enable_espf = yes ; then
 +  AC_MSG_CHECKING(if $target support espf)
 +if test $set_enable_espf = yes ; then
 +  case "$target" in
-+    ?86-*-linux* | x86_64-*-linux*)
++    i?86*-*-linux* | x86_??*-*-linux*)
 +      enable_espf=yes
 +      AC_DEFINE(ENABLE_ESPF, 1,
 +        [Define if your target support espf and you have enable it.])
@@ -82,112 +76,115 @@
 +AC_SUBST([enable_espf])
 +if test $enable_espf = yes ; then
 +
-+  AC_CACHE_CHECK(linker -z relro support,
-+  gcc_cv_ld_relro,
-+  [gcc_cv_ld_relro=no
-+  if test $in_tree_ld = yes ; then
-+    if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
-+      && test $in_tree_ld_is_elf = yes; then
-+        gcc_cv_ld_relro=yes
-+    fi
-+  elif test x$gcc_cv_ld != x; then
-+    # Check if linker supports -z relro options
-+    if $gcc_cv_ld --help 2>/dev/null | grep now > /dev/null; then
-+      gcc_cv_ld_relro=yes
-+    fi
-+  fi
-+  ])
-+
-+  AC_CACHE_CHECK(linker -z now support,
-+  gcc_cv_ld_now,
-+  [gcc_cv_ld_now=no
-+  if test $in_tree_ld = yes ; then
-+    if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
-+      && test $in_tree_ld_is_elf = yes; then
-+        gcc_cv_ld_now=yes
-+    fi
-+  elif test x$gcc_cv_ld != x; then
-+    # Check if linker supports -z now options
-+    if $gcc_cv_ld --help 2>/dev/null | grep now > /dev/null; then
-+      gcc_cv_ld_now=yes
-+    fi
-+  fi
-+  ])
-+
 +# Check for FORTIFY_SOURCES support in target C library.
-+AC_CACHE_CHECK(for _FORTIFY_SOURCES support  in target C library,
-+      gcc_cv_libc_provides_fortify,
-+      [gcc_cv_libc_provides_fortify=no
++  AC_CACHE_CHECK(for _FORTIFY_SOURCES support  in target C library,
++    gcc_cv_libc_provides_fortify, 
++    [gcc_cv_libc_provides_fortify=no
 +    case "$target" in
-+       *-*-linux*)
-+      [# glibc 2.8 and later provides _FORTIFY_SOURCES.
-+      if test -f $target_header_dir/features.h; then
-+        if $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC__[ 	]+2' \
-+	     $target_header_dir/features.h > /dev/null \
-+	     && $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC_MINOR__[ 	]+([1-9][0-9]|[8-9])' \
++      *-*-linux*)
++        [# glibc 2.8 and later provides _FORTIFY_SOURCES.
++	 # uClibc 0.9.32 and later provides _FORTIFY_SOURCES.
++        if test -f $target_header_dir/features.h; then
++          if $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC__[ 	]+2' \
++	    $target_header_dir/features.h > /dev/null \
++	    && $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC_MINOR__[ 	]+([1-9][0-9]|[8-9])' \
++	    $target_header_dir/features.h > /dev/null; then
++	      gcc_cv_libc_provides_fortify=yes
++          elif $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC__[ 	]+1' \
 +	     $target_header_dir/features.h > /dev/null; then
-+	  gcc_cv_libc_provides_fortify=yes
-+        elif $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC__[ 	]' \
-+	     $target_header_dir/features.h > /dev/null ; then
-+             gcc_cv_libc_provides_fortify=no
-+	fi
-+      fi]
-+	;;
-+  *) gcc_cv_libc_provides_fortify=no ;;
++	    if test -f $target_header_dir/bits/uClibc_config.h && \
++	       $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC_SUBLEVEL__[ 	]+([3-9][2-9]|[4-9][0-9])' \
++	       $target_header_dir/bits/uClibc_config.h > /dev/null; then
++	      gcc_cv_libc_provides_fortify=yes
++	    else
++	      gcc_cv_libc_provides_fortify=no
++	    fi
++	  fi
++        fi]
++        ;;
++      *) gcc_cv_libc_provides_fortify=no ;;
 +    esac])
 +
-+  AC_MSG_CHECKING(if the compiler default to use -fPIE and link with -pie)
-+  if test $set_enable_espf = yes && test x"$gcc_cv_ld_pie" = xyes; then
-+    enable_espf_pie=yes
++  AC_MSG_CHECKING(if we can default to use -fPIE and link with -pie)
++  if test x$gcc_cv_ld_pie = xyes; then
++    saved_LDFLAGS="$LDFLAGS"
++    saved_CFLAGS="$CFLAGS"
++    CFLAGS="$CFLAGS -fPIE -Werror"
++    LDFLAGS="$LDFLAGS -fPIE -pie"
++    AC_TRY_LINK(,,
++      [AC_MSG_RESULT([yes]); enable_espf_pie=yes],
++      [AC_MSG_RESULT([no]); enable_espf_pie=no])
++    LDFLAGS="$saved_LDFLAGS"
++    CFLAGS="$saved_CFLAGS"
++  else
++    AC_MSG_RESULT([no])
++    enable_espf_pie=no
++  fi
++
++  if test $enable_espf_pie = yes ; then
 +    AC_DEFINE(ENABLE_ESPF_PIE, 1,
 +      [Define if your compiler will default to use -fPIE and link with -pie.])
++  fi
++
++  AC_MSG_CHECKING(if we can default to use -fstack-protector)
++  ssp_link_test=no
++  if test x$gcc_cv_libc_provides_ssp = xyes && test x$set_have_as_tls = yes; then
++    if $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC__[ 	]+1' \
++       $target_header_dir/features.h > /dev/null; then
++      if test -f $target_header_dir/bits/uClibc_config.h && \
++	 $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC_SUBLEVEL__[ 	]+([3-9][2-9]|[4-9][0-9])' \
++	 $target_header_dir/bits/uClibc_config.h > /dev/null && \
++	 $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC_HAS_TLS__[ 	]+1' \
++	 $target_header_dir/bits/uClibc_config.h > /dev/null; then
++	ssp_link_test=yes
++      fi
++    else
++      ssp_link_test=yes
++    fi
++  fi
++  if test x$ssp_link_test=xyes ; then
++    saved_CFLAGS="$CFLAGS"
++    CFLAGS="$CFLAGS -O2 -fstack-protector -Werror"
++    AC_TRY_LINK(,,
++      [AC_MSG_RESULT([yes]); enable_espf_ssp=yes],
++      [AC_MSG_RESULT([no]); enable_espf_ssp=no])
++    CFLAGS="$saved_CFLAGS"
 +  else
-+    enable_espf_pie=no
++    AC_MSG_RESULT([no])
++    enable_espf_ssp=no
 +  fi
-+  AC_MSG_RESULT($enable_espf_pie)
-+AC_MSG_CHECKING(if the compiler default to use -fstack-protector)
-+  if test $set_enable_espf = yes && test x$gcc_cv_libc_provides_ssp = xyes \
-+  && test $set_have_as_tls = yes ; then
-+    enable_espf_ssp=yes
++  if test $enable_espf_ssp = yes ; then
 +    AC_DEFINE(ENABLE_ESPF_SSP, 1,
 +      [Define if your compiler will default to use -fstack-protector.])
-+  else
-+    enable_espf_ssp=no
 +  fi
-+  AC_MSG_RESULT($enable_espf_ssp)
 +
-+AC_MSG_CHECKING(if the compiler default to use -D_FORTIFY_SOURCES=2)
-+  if test $set_enable_espf = yes && test x$gcc_cv_libc_provides_fortify = xyes; then
-+    enable_espf_fortify=yes
++  AC_MSG_CHECKING(if we can default to use -D_FORTIFY_SOURCES=2)
++  if test x$gcc_cv_libc_provides_fortify = xyes; then
++    saved_CFLAGS="$CFLAGS"
++    saved_CPPFLAGS="$CPPFLAGS"
++    CFLAGS="$CFLAGS -O2 -Werror"
++    CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCES=2"
++    AC_TRY_LINK([
++      #include <sys/types.h>
++      #include <sys/stat.h>
++      #include <fcntl.h>
++      ],[
++      open ("/tmp/foo", O_WRONLY | O_CREAT);
++      ],
++      [AC_MSG_RESULT([no]); enable_espf_fortify=no],
++      [AC_MSG_RESULT([yes]); enable_espf_fortify=yes])
++    CFLAGS="$saved_CFLAGS"
++    CPPFLAGS="$saved_CPPFLAGS"
++  else
++    [AC_MSG_RESULT([no]); enable_espf_fortify=no]
++  fi
++  if test x$enable_espf_fortify = xyes ; then
 +    AC_DEFINE(ENABLE_ESPF_FORTIFY, 1,
 +      [Define if your compiler will default to use -D_FORTIFY_SOURCES=2.])
-+  else
-+    enable_espf_fortify=no
 +  fi
-+  AC_MSG_RESULT($enable_espf_fortify)
 +
-+  AC_MSG_CHECKING(if the compiler will pass -z relro to the linker)
-+    if test $set_enable_espf = yes && test x$gcc_cv_ld_relro = xyes; then
-+      enable_espf_relro=yes
-+      AC_DEFINE(ENABLE_ESPF_RELRO, 1,
-+        [Define if your compiler will pass -z relro to the linker.])
-+    else
-+      enable_espf_relro=no
-+    fi
-+  AC_MSG_RESULT($enable_espf_relro)
-+
-+  AC_MSG_CHECKING(if the compiler will pass -z now to the linker)
-+    if test $set_enable_espf = yes && test x$gcc_cv_ld_now = xyes; then
-+      enable_espf_now=yes
-+      AC_DEFINE(ENABLE_ESPF_NOW, 1,
-+        [Define if your compiler will pass -z now to the linker.])
-+    else
-+      enable_espf_now=no
-+    fi
-+  AC_MSG_RESULT($enable_espf_now)
 +fi
 +
-+# --------------
- # Language hooks
- # --------------
+ # Configure the subdirectories
+ # AC_CONFIG_SUBDIRS($subdirs)
  

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     a0963e696b1ee2e4facb77b57da8489c90e8a94e
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Fri Jun 24 14:45:25 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Fri Jun 24 14:45:25 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=a0963e69

Added the gcc.c patch for upstream rev 1

---
 upstream/gcc.c.patch |   28 ++++++++++++++++++++++++++++
 1 files changed, 28 insertions(+), 0 deletions(-)

diff --git a/upstream/gcc.c.patch b/upstream/gcc.c.patch
new file mode 100644
index 0000000..b1d5e89
--- /dev/null
+++ b/upstream/gcc.c.patch
@@ -0,0 +1,28 @@
+2011-06-24	Magnus Granberg		<zorry@gentoo.org>
+
+		* gcc/gcc.c								include esp.h
+		main():									Add do_self_spec (espf_command_options_spec)
+
+--- gcc/gcc.c	2010-01-21 10:29:30.000000000 -0500
++++ gcc/gcc.c	2010-01-29 23:29:16.000000000 -0500
+@@ -44,6 +44,7 @@
+ #include "flags.h"
+ #include "opts.h"
+ #include "vec.h"
++#include "esp.h" /* for --enable-espf support */
+ 
+ /* By default there is no special suffix for target executables.  */
+ /* FIXME: when autoconf is fixed, remove the host check - dj */
+@@ -7096,6 +7123,12 @@
+     gcc_exec_prefix = concat (gcc_exec_prefix, spec_machine, dir_separator_str,
+ 			      spec_version, dir_separator_str, NULL);
+ 
++#ifdef ENABLE_ESPF
++  /* Process ESPF_COMMAND_OPTIONS_SPEC, adding any new options to the end
++     of the command line.  */
++  do_self_spec (espf_command_options_spec);
++#endif
++
+   /* Now we have the specs.
+      Set the `valid' bits for switches that match anything in any spec.  */
+ 

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     690020e7e374d903894cf3959948900a52642819
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Fri Jun 24 14:32:17 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Fri Jun 24 14:32:17 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=690020e7

Added the espf-ssp patch for upstream rev 1

---
 upstream/espf-ssp.patch |  130 +++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 130 insertions(+), 0 deletions(-)

diff --git a/upstream/espf-ssp.patch b/upstream/espf-ssp.patch
new file mode 100644
index 0000000..38af0a6
--- /dev/null
+++ b/upstream/espf-ssp.patch
@@ -0,0 +1,130 @@
+2011-06-24	Matthias Klose		<doko@ubuntu.com>, Kees Cook	<kees@outflux.net>,
+			Magnus Granberg	<zorry@gentoo.org>
+
+		* gcc/objc/lang-specs.h	compiler spec			Add %(espf_options)
+		* gcc/objcp/lang-specs.h	compiler spec			Add %(espf_options)
+		* gcc/gcc.c			*cpp_options			Add %(espf_cpp_options)
+		* gcc/gcc.c			default_compilers[]		Add %(espf_options)
+		* gcc/cp/lang-specs.h		compiler spec			Add %(esp_options)
+
+--- a/gcc/gcc.c.orig	2009-12-21
++++ b/gcc/gcc.c	2009-12-21
+@@ -740,7 +749,7 @@
+ static const char *cpp_options =
+ "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\
+  %{f*} %{g*:%{!g0:%{g*} %{!fno-working-directory:-fworking-directory}}} %{O*}\
+- %{undef} %{save-temps*:-fpch-preprocess}";
++ %{undef} %{save-temps*:-fpch-preprocess} %(espf_cpp_options)";
+ 
+ /* This contains cpp options which are not passed when the preprocessor
+    output will be used by another program.  */
+@@ -914,9 +923,9 @@
+       %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \
+ 	  %(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\
+ 	    cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \
+-	  %(cc1_options)}\
++	  %(cc1_options) %(espf_options)}\
+       %{!save-temps*:%{!traditional-cpp:%{!no-integrated-cpp:\
+-	  cc1 %(cpp_unique_options) %(cc1_options)}}}\
++	  cc1 %(cpp_unique_options) %(cc1_options) %(espf_options)}}}\
+       %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 1},
+   {"-",
+    "%{!E:%e-E or -x required when input is from standard input}\
+@@ -953,7 +953,7 @@
+                     %W{o*:--output-pch=%*}}%V}}}}}}", 0, 0, 0},
+   {".i", "@cpp-output", 0, 0, 0},
+   {"@cpp-output",
+-   "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
++   "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %(espf_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {".s", "@assembler", 0, 0, 0},
+   {"@assembler",
+    "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0},
+--- a/gcc/cp/lang-specs.h	2011-03-06 17:27:57.000000000 +0100
++++ b/gcc/cp/lang-specs.h	2011-03-26 13:30:40.312423000 +0100
+@@ -47,7 +47,7 @@
+ 		%(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\
+       cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\
+ 	      %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
+-	%(cc1_options) %2\
++	%(cc1_options) %(espf_options) %2\
+ 	%{!fsyntax-only:%{!fdump-ada-spec*:-o %g.s %{!o*:--output-pch=%i.gch}\
+         %W{o*:--output-pch=%*}}%V}}}}",
+      CPLUSPLUS_CPP_SPEC, 0, 0},
+@@ -58,7 +58,7 @@
+ 		%(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\
+       cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\
+ 	      %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
+-	%(cc1_options) %2\
++	%(cc1_options) %(espf_options) %2\
+        %{!fsyntax-only:%(invoke_as)}}}}",
+      CPLUSPLUS_CPP_SPEC, 0, 0},
+   {".ii", "@c++-cpp-output", 0, 0, 0},
+
+--- a/gcc/objcp/lang-specs.h	2011-03-06 17:27:57.000000000 +0100
++++ a/gcc/objcp/lang-specs.h	2011-03-26 14:19:12.596423000 +0100
+@@ -36,7 +36,7 @@
+ 		%(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
+       cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
+ 	      %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
+-	%(cc1_options) %2\
++	%(cc1_options) %(espf_options) %2\
+         -o %g.s %{!o*:--output-pch=%i.gch} %W{o*:--output-pch=%*}%V}}}",
+      CPLUSPLUS_CPP_SPEC, 0, 0},
+   {"@objective-c++",
+@@ -46,16 +46,16 @@
+ 		%(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
+       cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
+ 	      %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
+-	%(cc1_options) %2\
++	%(cc1_options) %(espf_options) %2\
+        %{!fsyntax-only:%(invoke_as)}}}}",
+      CPLUSPLUS_CPP_SPEC, 0, 0},
+   {".mii", "@objective-c++-cpp-output", 0, 0, 0},
+   {"@objective-c++-cpp-output",
+    "%{!M:%{!MM:%{!E:\
+-    cc1objplus -fpreprocessed %i %(cc1_options) %2\
++    cc1objplus -fpreprocessed %i %(cc1_options) %(espf_options) %2\
+     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {"@objc++-cpp-output",
+    "%nobjc++-cpp-output is deprecated; please use objective-c++-cpp-output instead\n\
+     %{!M:%{!MM:%{!E:\
+-    cc1objplus -fpreprocessed %i %(cc1_options) %2\
++    cc1objplus -fpreprocessed %i %(cc1_options) %(espf_options) %2\
+     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+--- a/gcc/objc/lang-specs.h	2011-03-06 17:27:57.000000000 +0100
++++ b/gcc/objc/lang-specs.h	2011-03-26 14:56:27.668423000 +0100
+@@ -30,9 +30,9 @@
+ 	%{traditional|traditional-cpp:\
+ %eGNU Objective C no longer supports traditional compilation}\
+ 	%{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
+-	    cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}\
++	    cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %(espf_options) %{print-objc-runtime-info} %{gen-decls}}\
+ 	%{!save-temps*:%{!no-integrated-cpp:\
+-	    cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}}\
++	    cc1obj %(cpp_unique_options) %(cc1_options) %(espf_options) %{print-objc-runtime-info} %{gen-decls}}}\
+         %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {"@objective-c-header",
+      "%{E|M|MM:cc1obj -E %{traditional|traditional-cpp:-traditional-cpp}\
+@@ -41,18 +41,18 @@
+ 	%{traditional|traditional-cpp:\
+ %eGNU Objective C no longer supports traditional compilation}\
+ 	%{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
+-	    cc1obj -fpreprocessed %b.mi %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
++	    cc1obj -fpreprocessed %b.mi %(cc1_options)%(espf_options)  %{print-objc-runtime-info} %{gen-decls}\
+                         -o %g.s %{!o*:--output-pch=%i.gch}\
+                         %W{o*:--output-pch=%*}%V}\
+ 	%{!save-temps*:%{!no-integrated-cpp:\
+-	    cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
++	    cc1obj %(cpp_unique_options) %(cc1_options) %(espf_options) %{print-objc-runtime-info} %{gen-decls}\
+                         -o %g.s %{!o*:--output-pch=%i.gch}\
+                         %W{o*:--output-pch=%*}%V}}}}}", 0, 0, 0},
+   {".mi", "@objective-c-cpp-output", 0, 0, 0},
+   {"@objective-c-cpp-output",
+-     "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
++     "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(espf_options) %{print-objc-runtime-info} %{gen-decls}\
+ 			     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {"@objc-cpp-output",
+       "%nobjc-cpp-output is deprecated; please use objective-c-cpp-output instead\n\
+-       %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
++       %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(espf_options) %{print-objc-runtime-info} %{gen-decls}\
+ 			     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     98f14f9a18754741fce88cbcae6b0572467fd876
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Fri Jun 24 14:14:29 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Fri Jun 24 14:14:29 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=98f14f9a

Added the config.in patch for upstream rev 1

---
 upstream/config.in.patch |   50 ++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 50 insertions(+), 0 deletions(-)

diff --git a/upstream/config.in.patch b/upstream/config.in.patch
new file mode 100644
index 0000000..89f5ec4
--- /dev/null
+++ b/upstream/config.in.patch
@@ -0,0 +1,50 @@
+2010-06-24	Magnus Granberg		<zorry@gentoo.org>
+
+		* gcc/config.in	Add ENABLE_ESPF, ENABLE_ESPF_FORTIFY
+		ENABLE_ESPF_NOW, ENABLE_ESPF_PIE, ENABLE_ESPF_RELRO
+		and ENABLE_ESPF_SSP
+
+--- a/gcc/config.in	2011-04-24 00:36:52.000000000 +0200
++++ b/gcc/config.in	2011-06-24 14:17:05.166236726 +0200
+@@ -77,6 +77,41 @@
+ #endif
+ 
+ 
++/* Define to 1 to enable espf. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_ESPF
++#endif
++
++
++/* Define to 1 to enable espf with FORTIFY_SOURCES. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_ESPF_FORTIFY
++#endif
++
++
++/* Define to 1 to enable espf with -z now when linking. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_ESPF_NOW
++#endif
++
++
++/* Define to 1 to enable espf with -fPIE -pie. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_ESPF_PIE
++#endif
++
++
++/* Define to 1 to enable espf with -z relro when linking. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_ESPF_RELRO
++#endif
++
++
++/* Define to 1 to enable espf with -fstack-protector. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_ESPF_SSP
++#endif
++
+ /* Define to 1 to enable fixed-point arithmetic extension to C. */
+ #ifndef USED_FOR_TARGET
+ #undef ENABLE_FIXED_POINT

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     62a8e6794d1c0cc755bf41b193ff8e20685a4f95
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Fri Jun 24 13:50:42 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Fri Jun 24 13:50:42 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=62a8e679

Added the Makefile.in patch for upstream rev 1

---
 upstream/Makefile.in.patch |   90 ++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 90 insertions(+), 0 deletions(-)

diff --git a/upstream/Makefile.in.patch b/upstream/Makefile.in.patch
new file mode 100644
index 0000000..df93c63
--- /dev/null
+++ b/upstream/Makefile.in.patch
@@ -0,0 +1,90 @@
+2011-06-04	Magnus Granberg		<zorry@gentoo.org>
+
+		* Makefile.in	We add -fno-stack-protector to BOOT_CFLAGS, LIBCFLAGS and LIBCXXFLAGS if enable_espf yes.
+		* gcc/Makefile.in	Add -fno-PIE. to CRTSTUFF_CFLAGS and ALL_CFLAGS if enable_espf yes
+
+--- Makefile.in	2010-01-22 08:35:38.000000000 -0500
++++ Makefile.in	2010-02-07 15:10:59.000000000 -0500
+@@ -350,9 +350,17 @@
+ BUILD_PREFIX = @BUILD_PREFIX@
+ BUILD_PREFIX_1 = @BUILD_PREFIX_1@
+ 
++# Some stuff don't work well with SSP
++enable_espf = @enable_espf@
++ifeq ($(enable_espf),yes)
++ESPF_NOSSP_CFLAGS = -fno-stack-protector
++else
++ESPF_NOSSP_CFLAGS=
++endif
++
+ # Flags to pass to stage2 and later makes.  They are defined
+ # here so that they can be overridden by Makefile fragments.
+-BOOT_CFLAGS= -g -O2
++BOOT_CFLAGS= -g -O2 $(ESPF_NOSSP_CFLAGS)
+ BOOT_LDFLAGS=
+ BOOT_ADAFLAGS=-gnatpg -gnata
+ 
+@@ -403,9 +403,9 @@
+ 
+ CFLAGS = @CFLAGS@
+ LDFLAGS = @LDFLAGS@
+-LIBCFLAGS = $(CFLAGS)
++LIBCFLAGS = $(CFLAGS) $(ESPF_NOSSP_CFLAGS)
+ CXXFLAGS = @CXXFLAGS@
+-LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates
++LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates $(ESPF_NOSSP_CFLAGS)
+ GOCFLAGS = $(CFLAGS)
+ 
+ TFLAGS =
+--- a/gcc/Makefile.in	2011-04-22 22:04:42.000000000 +0200
++++ b/gcc/Makefile.in	2011-06-24 15:03:02.440236923 +0200
+@@ -642,13 +642,21 @@
+ INHIBIT_LIBC_CFLAGS = -Dinhibit_libc
+ endif
+ 
++# We don't want to compile the gcc tree with -fPIE when we have espf enable.
++enable_espf = @enable_espf@
++ifeq ($(enable_espf),yes)
++ESPF_NOPIE_CFLAGS = -fno-PIE
++else
++ESPF_NOPIE_CFLAGS=
++endif
++
+ # Options to use when compiling libgcc2.a.
+ #
+ LIBGCC2_DEBUG_CFLAGS = -g
+ LIBGCC2_CFLAGS = -O2 $(LIBGCC2_INCLUDES) $(GCC_CFLAGS) $(TARGET_LIBGCC2_CFLAGS) \
+ 		 $(LIBGCC2_DEBUG_CFLAGS) $(GTHREAD_FLAGS) \
+ 		 -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED \
+-		 -fno-stack-protector \
++		 -fno-stack-protector $(ESPF_NOPIE_CFLAGS) \
+ 		 $(INHIBIT_LIBC_CFLAGS)
+ 
+ # Additional options to use when compiling libgcc2.a.
+@@ -662,7 +670,7 @@
+ CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
+   -finhibit-size-directive -fno-inline -fno-exceptions \
+   -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
+-  -fno-stack-protector \
++  -fno-stack-protector $(ESPF_NOPIE_CFLAGS) \
+   $(INHIBIT_LIBC_CFLAGS)
+ 
+ # Additional sources to handle exceptions; overridden by targets as needed.
+@@ -1002,7 +1010,7 @@
+ 
+ # This is the variable actually used when we compile. If you change this,
+ # you probably want to update BUILD_CFLAGS in configure.ac
+-ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \
++ALL_CFLAGS = $(ESPF_NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \
+   $(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@
+ 
+ # The C++ version.
+@@ -1928,7 +1936,7 @@
+ 	echo LIBGCC_SYNC = '$(LIBGCC_SYNC)' >> tmp-libgcc.mvars
+ 	echo LIBGCC_SYNC_CFLAGS = '$(LIBGCC_SYNC_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo CRTSTUFF_CFLAGS = '$(CRTSTUFF_CFLAGS)' >> tmp-libgcc.mvars
+-	echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS)' >> tmp-libgcc.mvars
++	echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS) $(ESPF_NOPIE_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo CRTSTUFF_T_CFLAGS_S = '$(CRTSTUFF_T_CFLAGS_S)' >> tmp-libgcc.mvars
+ 	echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
+ 
\ No newline at end of file

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     20165346ace9b21623b4ceda5c27fa6600ce783c
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Fri Jun 24 09:35:37 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Fri Jun 24 09:35:37 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=20165346

Updated the configure.ac patch for upstream rev 4

---
 upstream/configure.ac.patch |   27 +++++++++++----------------
 1 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch
index a0918cd..396cd0e 100644
--- a/upstream/configure.ac.patch
+++ b/upstream/configure.ac.patch
@@ -1,4 +1,4 @@
-2011-06-23	Magnus Granberg		<zorry@gentoo.org>
+2011-06-24	Magnus Granberg		<zorry@gentoo.org>
 
 		* configure		Add --enable-espf.  Add -fno-stack-protector
 		to stage1_cflags.
@@ -44,8 +44,8 @@
  if test "$GCC" = yes -a "$ENABLE_BUILD_WITH_CXX" != yes; then
    saved_CFLAGS="$CFLAGS"
 --- a/gcc/configure.ac	2011-04-13 19:12:53.000000000 +0200
-+++ b/gcc/configure.ac	2011-06-23 20:07:06.952639786 +0200
-@@ -4515,6 +4515,150 @@
++++ b/gcc/configure.ac	2011-06-24 03:17:07.448179335 +0200
+@@ -4515,6 +4515,145 @@
  AC_SUBST(MAINT)dnl
  
  # --------------
@@ -59,12 +59,8 @@
 +		 Fortify_sources as default if we have suppot for it when compiling
 +		 and link with -z relro and -z now as default.
 +		 Linux targets supported x86_64])],
-+ [case $espf in
-+    yes | no) ;;
-+    *) AC_MSG_ERROR(['$espf' is an invalid value for --enable-espf.
-+Valid choices are 'yes' and 'no'.]) ;;
-+  esac],
-+ [set_espf_enable="$espf"])
++	set_enable_espf=$enableval,
++	set_enable_espf=no)
 +if test $set_enable_espf = yes ; then
 +  AC_MSG_CHECKING(if $target support espf)
 +if test $set_enable_espf = yes ; then
@@ -124,15 +120,14 @@
 +      [gcc_cv_libc_provides_fortify=no
 +    case "$target" in
 +       *-*-linux*)
-+      [# glibc 2.4 and later provides __stack_chk_fail and
-+      # either __stack_chk_guard, or TLS access to stack guard canary.
++      [# glibc 2.8 and later provides _FORTIFY_SOURCES.
 +      if test -f $target_header_dir/features.h; then
 +        if $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC__[ 	]+2' \
 +	     $target_header_dir/features.h > /dev/null \
-+	     && $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC_MINOR__[ 	]+([1-9][0-9]|[4-9])' \
++	     && $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC_MINOR__[ 	]+([1-9][0-9]|[8-9])' \
 +	     $target_header_dir/features.h > /dev/null; then
 +	  gcc_cv_libc_provides_fortify=yes
-+        elif $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC__[ 	]+1' \
++        elif $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC__[ 	]' \
 +	     $target_header_dir/features.h > /dev/null ; then
 +             gcc_cv_libc_provides_fortify=no
 +	fi
@@ -153,11 +148,11 @@
 +AC_MSG_CHECKING(if the compiler default to use -fstack-protector)
 +  if test $set_enable_espf = yes && test x$gcc_cv_libc_provides_ssp = xyes \
 +  && test $set_have_as_tls = yes ; then
-+    enable_espf_pie=yes
++    enable_espf_ssp=yes
 +    AC_DEFINE(ENABLE_ESPF_SSP, 1,
 +      [Define if your compiler will default to use -fstack-protector.])
 +  else
-+    enable_espf_pie=no
++    enable_espf_ssp=no
 +  fi
 +  AC_MSG_RESULT($enable_espf_ssp)
 +
@@ -195,4 +190,4 @@
 +# --------------
  # Language hooks
  # --------------
- 
\ No newline at end of file
+ 

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     0e22467160c8c89a7fb7837f132cfb7b82f76e91
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 23 18:14:26 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Thu Jun 23 18:14:26 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=0e224671

Updated the configure.ac patch for upstream version 3

---
 upstream/configure.ac.patch |   31 +++++++++++++++++++++++++------
 1 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch
index 54cd876..a0918cd 100644
--- a/upstream/configure.ac.patch
+++ b/upstream/configure.ac.patch
@@ -1,4 +1,4 @@
-2011-06-22	Magnus Granberg		<zorry@gentoo.org>
+2011-06-23	Magnus Granberg		<zorry@gentoo.org>
 
 		* configure		Add --enable-espf.  Add -fno-stack-protector
 		to stage1_cflags.
@@ -44,8 +44,8 @@
  if test "$GCC" = yes -a "$ENABLE_BUILD_WITH_CXX" != yes; then
    saved_CFLAGS="$CFLAGS"
 --- a/gcc/configure.ac	2011-04-13 19:12:53.000000000 +0200
-+++ b/gcc/configure.ac	2011-06-21 02:51:23.602374686 +0200
-@@ -4515,6 +4515,131 @@
++++ b/gcc/configure.ac	2011-06-23 20:07:06.952639786 +0200
+@@ -4515,6 +4515,150 @@
  AC_SUBST(MAINT)dnl
  
  # --------------
@@ -118,9 +118,28 @@
 +  fi
 +  ])
 +
-+  # Check for -D_FORTIFY_SOURCES support in target C library
-+  AC_CHECK_FUNC(__fortify_fail,[gcc_cv_libc_provides_fortify=yes],
-+    [gcc_cv_libc_provides_fortify=no])
++# Check for FORTIFY_SOURCES support in target C library.
++AC_CACHE_CHECK(for _FORTIFY_SOURCES support  in target C library,
++      gcc_cv_libc_provides_fortify,
++      [gcc_cv_libc_provides_fortify=no
++    case "$target" in
++       *-*-linux*)
++      [# glibc 2.4 and later provides __stack_chk_fail and
++      # either __stack_chk_guard, or TLS access to stack guard canary.
++      if test -f $target_header_dir/features.h; then
++        if $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC__[ 	]+2' \
++	     $target_header_dir/features.h > /dev/null \
++	     && $EGREP '^[ 	]*#[ 	]*define[ 	]+__GLIBC_MINOR__[ 	]+([1-9][0-9]|[4-9])' \
++	     $target_header_dir/features.h > /dev/null; then
++	  gcc_cv_libc_provides_fortify=yes
++        elif $EGREP '^[ 	]*#[ 	]*define[ 	]+__UCLIBC__[ 	]+1' \
++	     $target_header_dir/features.h > /dev/null ; then
++             gcc_cv_libc_provides_fortify=no
++	fi
++      fi]
++	;;
++  *) gcc_cv_libc_provides_fortify=no ;;
++    esac])
 +
 +  AC_MSG_CHECKING(if the compiler default to use -fPIE and link with -pie)
 +  if test $set_enable_espf = yes && test x"$gcc_cv_ld_pie" = xyes; then

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     64e6e9c8d2e7ad024b0defdf9f1698e1b7ec09f5
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Jun 22 00:27:03 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Jun 22 00:27:03 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=64e6e9c8

Updated configure.ac patch for upstreem

---
 upstream/configure.ac.patch |  138 ++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 137 insertions(+), 1 deletions(-)

diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch
index cfee97f..54cd876 100644
--- a/upstream/configure.ac.patch
+++ b/upstream/configure.ac.patch
@@ -1,7 +1,9 @@
-2011-04-27	Magnus Granberg		<zorry@gentoo.org>
+2011-06-22	Magnus Granberg		<zorry@gentoo.org>
 
 		* configure		Add --enable-espf.  Add -fno-stack-protector
 		to stage1_cflags.
+		* gcc/configure.ac 		Add --enable-espf and checks for it.
+
 --- a/configure.ac	2011-04-18 23:27:00.000000000 +0200
 +++ b/configure.ac	2011-04-27 12:47:11.351473240 +0200
 @@ -419,6 +419,25 @@
@@ -41,3 +43,137 @@
  # This is aimed to mimic bootstrap with a non-GCC compiler to catch problems.
  if test "$GCC" = yes -a "$ENABLE_BUILD_WITH_CXX" != yes; then
    saved_CFLAGS="$CFLAGS"
+--- a/gcc/configure.ac	2011-04-13 19:12:53.000000000 +0200
++++ b/gcc/configure.ac	2011-06-21 02:51:23.602374686 +0200
+@@ -4515,6 +4515,131 @@
+ AC_SUBST(MAINT)dnl
+ 
+ # --------------
++# Espf checks
++# --------------
++
++# Check whether --enable-espf was given and target have the support.
++AC_ARG_ENABLE([espf],
++[AS_HELP_STRING([--enable-espf],
++		[Enable Stack protector, Position independent executable and
++		 Fortify_sources as default if we have suppot for it when compiling
++		 and link with -z relro and -z now as default.
++		 Linux targets supported x86_64])],
++ [case $espf in
++    yes | no) ;;
++    *) AC_MSG_ERROR(['$espf' is an invalid value for --enable-espf.
++Valid choices are 'yes' and 'no'.]) ;;
++  esac],
++ [set_espf_enable="$espf"])
++if test $set_enable_espf = yes ; then
++  AC_MSG_CHECKING(if $target support espf)
++if test $set_enable_espf = yes ; then
++  case "$target" in
++    ?86-*-linux* | x86_64-*-linux*)
++      enable_espf=yes
++      AC_DEFINE(ENABLE_ESPF, 1,
++        [Define if your target support espf and you have enable it.])
++      ;;
++    *)
++      enable_espf=no
++      ;;
++  esac
++else
++ enable_espf=no
++fi
++AC_MSG_RESULT($enable_espf)
++fi
++AC_SUBST([enable_espf])
++if test $enable_espf = yes ; then
++
++  AC_CACHE_CHECK(linker -z relro support,
++  gcc_cv_ld_relro,
++  [gcc_cv_ld_relro=no
++  if test $in_tree_ld = yes ; then
++    if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
++      && test $in_tree_ld_is_elf = yes; then
++        gcc_cv_ld_relro=yes
++    fi
++  elif test x$gcc_cv_ld != x; then
++    # Check if linker supports -z relro options
++    if $gcc_cv_ld --help 2>/dev/null | grep now > /dev/null; then
++      gcc_cv_ld_relro=yes
++    fi
++  fi
++  ])
++
++  AC_CACHE_CHECK(linker -z now support,
++  gcc_cv_ld_now,
++  [gcc_cv_ld_now=no
++  if test $in_tree_ld = yes ; then
++    if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
++      && test $in_tree_ld_is_elf = yes; then
++        gcc_cv_ld_now=yes
++    fi
++  elif test x$gcc_cv_ld != x; then
++    # Check if linker supports -z now options
++    if $gcc_cv_ld --help 2>/dev/null | grep now > /dev/null; then
++      gcc_cv_ld_now=yes
++    fi
++  fi
++  ])
++
++  # Check for -D_FORTIFY_SOURCES support in target C library
++  AC_CHECK_FUNC(__fortify_fail,[gcc_cv_libc_provides_fortify=yes],
++    [gcc_cv_libc_provides_fortify=no])
++
++  AC_MSG_CHECKING(if the compiler default to use -fPIE and link with -pie)
++  if test $set_enable_espf = yes && test x"$gcc_cv_ld_pie" = xyes; then
++    enable_espf_pie=yes
++    AC_DEFINE(ENABLE_ESPF_PIE, 1,
++      [Define if your compiler will default to use -fPIE and link with -pie.])
++  else
++    enable_espf_pie=no
++  fi
++  AC_MSG_RESULT($enable_espf_pie)
++AC_MSG_CHECKING(if the compiler default to use -fstack-protector)
++  if test $set_enable_espf = yes && test x$gcc_cv_libc_provides_ssp = xyes \
++  && test $set_have_as_tls = yes ; then
++    enable_espf_pie=yes
++    AC_DEFINE(ENABLE_ESPF_SSP, 1,
++      [Define if your compiler will default to use -fstack-protector.])
++  else
++    enable_espf_pie=no
++  fi
++  AC_MSG_RESULT($enable_espf_ssp)
++
++AC_MSG_CHECKING(if the compiler default to use -D_FORTIFY_SOURCES=2)
++  if test $set_enable_espf = yes && test x$gcc_cv_libc_provides_fortify = xyes; then
++    enable_espf_fortify=yes
++    AC_DEFINE(ENABLE_ESPF_FORTIFY, 1,
++      [Define if your compiler will default to use -D_FORTIFY_SOURCES=2.])
++  else
++    enable_espf_fortify=no
++  fi
++  AC_MSG_RESULT($enable_espf_fortify)
++
++  AC_MSG_CHECKING(if the compiler will pass -z relro to the linker)
++    if test $set_enable_espf = yes && test x$gcc_cv_ld_relro = xyes; then
++      enable_espf_relro=yes
++      AC_DEFINE(ENABLE_ESPF_RELRO, 1,
++        [Define if your compiler will pass -z relro to the linker.])
++    else
++      enable_espf_relro=no
++    fi
++  AC_MSG_RESULT($enable_espf_relro)
++
++  AC_MSG_CHECKING(if the compiler will pass -z now to the linker)
++    if test $set_enable_espf = yes && test x$gcc_cv_ld_now = xyes; then
++      enable_espf_now=yes
++      AC_DEFINE(ENABLE_ESPF_NOW, 1,
++        [Define if your compiler will pass -z now to the linker.])
++    else
++      enable_espf_now=no
++    fi
++  AC_MSG_RESULT($enable_espf_now)
++fi
++
++# --------------
+ # Language hooks
+ # --------------
+ 
\ No newline at end of file

[gentoo-commits] proj/hardened-gccpatchset:master commit in: upstream/

[Magnus Granberg]

commit:     de738d984c6dcabfd2ef044227333474a3115738
Author:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
AuthorDate: Wed Apr 27 11:12:41 2011 +0000
Commit:     Magnus Granberg <zorry <AT> gentoo <DOT> org>
CommitDate: Wed Apr 27 11:12:41 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=commit;h=de738d98

Added the configure.ac patch for upstream fist rev

---
 upstream/configure.ac.patch |   43 +++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 43 insertions(+), 0 deletions(-)

diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch
new file mode 100644
index 0000000..cfee97f
--- /dev/null
+++ b/upstream/configure.ac.patch
@@ -0,0 +1,43 @@
+2011-04-27	Magnus Granberg		<zorry@gentoo.org>
+
+		* configure		Add --enable-espf.  Add -fno-stack-protector
+		to stage1_cflags.
+--- a/configure.ac	2011-04-18 23:27:00.000000000 +0200
++++ b/configure.ac	2011-04-27 12:47:11.351473240 +0200
+@@ -419,6 +419,25 @@
+   noconfigdirs="$noconfigdirs gnattools"
+ fi
+ 
++# Check whether --enable-espf was given and target have the support.
++AC_ARG_ENABLE([espf],
++[AS_HELP_STRING([--enable-espf],
++		[Enable Stack protector, Position independent executable and
++		 Fortify_sources as default if we have suppot for it when compiling
++		 and link with -z relro and -z now as default.
++		 Linux targets supported x86_64.])],
++[
++  case $target in
++    x86_64*-*-linux*)
++      enable_espf=yes
++      ;;
++    *)
++      AC_MSG_WARN([*** --enable-espf is not supported on this $target target.])
++      ;;
++  esac
++])
++AC_SUBST([enable_espf])
++
+ AC_ARG_ENABLE(libssp,
+ [AS_HELP_STRING([--enable-libssp], [build libssp directory])],
+ ENABLE_LIBSSP=$enableval,
+@@ -3152,6 +3171,10 @@
+     esac ;;
+ esac
+ 
++# Disable -fstack-protector on stage1
++if test x$enable_espf = xyes; then
++  stage1_cflags="$stage1_cflags -fno-stack-protector"
++fi
+ # This is aimed to mimic bootstrap with a non-GCC compiler to catch problems.
+ if test "$GCC" = yes -a "$ENABLE_BUILD_WITH_CXX" != yes; then
+   saved_CFLAGS="$CFLAGS"