From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 74471158086 for ; Tue, 7 Dec 2021 20:06:52 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 153E8E041F; Tue, 7 Dec 2021 20:06:51 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 1D42BE041F for ; Tue, 7 Dec 2021 20:06:48 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E3399342FA7 for ; Tue, 7 Dec 2021 20:06:46 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 5612F1F4 for ; Tue, 7 Dec 2021 20:06:45 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1638907580.10c0905feadc59bdd449f189df75c9093a27e038.sam@gentoo> Subject: [gentoo-commits] proj/gcc-patches:master commit in: 11.3.0/gentoo/ X-VCS-Repository: proj/gcc-patches X-VCS-Files: 11.3.0/gentoo/26_all_enable-cet.patch 11.3.0/gentoo/README.history X-VCS-Directories: 11.3.0/gentoo/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: 10c0905feadc59bdd449f189df75c9093a27e038 X-VCS-Branch: master Date: Tue, 7 Dec 2021 20:06:45 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 71e94cb3-8d23-4545-972e-2b4e58a702cb X-Archives-Hash: 70df09e66f9a96f5ac234c1a98f45c85 commit: 10c0905feadc59bdd449f189df75c9093a27e038 Author: Sam James gentoo org> AuthorDate: Tue Dec 7 19:22:40 2021 +0000 Commit: Sam James gentoo org> CommitDate: Tue Dec 7 20:06:20 2021 +0000 URL: https://gitweb.gentoo.org/proj/gcc-patches.git/commit/?id=10c0905f 11.3.0: update CET patch to disable on 32-bit / missing CMOV Bug: https://bugs.gentoo.org/828081 Bug: https://bugs.gentoo.org/827880 Bug: https://bugs.gentoo.org/827905 Bug: https://bugs.gentoo.org/777117 Signed-off-by: Sam James gentoo.org> 11.3.0/gentoo/26_all_enable-cet.patch | 19 ++++++++++--------- 11.3.0/gentoo/README.history | 2 +- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/11.3.0/gentoo/26_all_enable-cet.patch b/11.3.0/gentoo/26_all_enable-cet.patch index 77678a9..a054e62 100644 --- a/11.3.0/gentoo/26_all_enable-cet.patch +++ b/11.3.0/gentoo/26_all_enable-cet.patch @@ -1,6 +1,6 @@ -From c1f37f6e3a4fcdefb6b3dfc3d84fc42920a70c00 Mon Sep 17 00:00:00 2001 +From 18c6426f4e0a4fb7ecd1c2dc16d77e85118f9495 Mon Sep 17 00:00:00 2001 From: Sam James -Date: Sat, 27 Nov 2021 19:16:02 +0000 +Date: Tue, 7 Dec 2021 19:16:15 +0000 Subject: [PATCH] Enable CET (-fcf-protection=full) by default Needs: @@ -18,7 +18,7 @@ Needs: 5 files changed, 23 insertions(+), 2 deletions(-) diff --git a/gcc/common.opt b/gcc/common.opt -index a88778b4e..4993a7ec3 100644 +index a88778b..4993a7e 100644 --- a/gcc/common.opt +++ b/gcc/common.opt @@ -1783,7 +1783,7 @@ fcf-protection @@ -31,14 +31,14 @@ index a88778b4e..4993a7ec3 100644 instructions have valid targets. diff --git a/gcc/config/i386/i386-options.c b/gcc/config/i386/i386-options.c -index 18d2c0b9f..4fb76f2a1 100644 +index 19632b5..3f45d50 100644 --- a/gcc/config/i386/i386-options.c +++ b/gcc/config/i386/i386-options.c -@@ -3037,6 +3037,11 @@ ix86_option_override_internal (bool main_args_p, +@@ -3049,6 +3049,11 @@ ix86_option_override_internal (bool main_args_p, = build_target_option_node (opts, opts_set); } -+ if (flag_cf_protection == CF_UNSET) ++ if ((flag_cf_protection == CF_UNSET) && TARGET_64BIT && TARGET_CMOV) + { + flag_cf_protection = DEFAULT_FLAG_CF; + } @@ -47,7 +47,7 @@ index 18d2c0b9f..4fb76f2a1 100644 { if ((opts->x_flag_cf_protection & CF_BRANCH) == CF_BRANCH diff --git a/gcc/defaults.h b/gcc/defaults.h -index 0f6cd78c5..5694412b7 100644 +index 0f6cd78..5694412 100644 --- a/gcc/defaults.h +++ b/gcc/defaults.h @@ -1463,6 +1463,19 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see @@ -71,7 +71,7 @@ index 0f6cd78c5..5694412b7 100644 vtable entries. Setting this nonzero tells the compiler to use function descriptors instead. The value of this macro says how diff --git a/gcc/flag-types.h b/gcc/flag-types.h -index a038c8fb7..61be0b128 100644 +index a038c8f..61be0b1 100644 --- a/gcc/flag-types.h +++ b/gcc/flag-types.h @@ -389,6 +389,7 @@ enum gfc_convert @@ -83,7 +83,7 @@ index a038c8fb7..61be0b128 100644 CF_BRANCH = 1 << 0, CF_RETURN = 1 << 1, diff --git a/gcc/toplev.c b/gcc/toplev.c -index ea0a2a1b0..d110c84ee 100644 +index ea0a2a1..bac60eb 100644 --- a/gcc/toplev.c +++ b/gcc/toplev.c @@ -1297,7 +1297,9 @@ process_options (void) @@ -99,3 +99,4 @@ index ea0a2a1b0..d110c84ee 100644 if (flag_cf_protection == CF_FULL) -- 2.34.1 + diff --git a/11.3.0/gentoo/README.history b/11.3.0/gentoo/README.history index 2fe9c27..24c19ac 100644 --- a/11.3.0/gentoo/README.history +++ b/11.3.0/gentoo/README.history @@ -1,4 +1,4 @@ -0 27 November 2021 +1 7 December 2021 + 01_all_default-fortify-source.patch + 02_all_default-warn-format-security.patch + 03_all_default-warn-trampolines.patch