* [gentoo-commits] gentoo commit in src/patchsets/gcc/4.6.4/pie: 10_all_gcc45_configure.patch 11_all_gcc45_config.in.patch 12_all_gcc46_Makefile.in.patch 13_all_gcc46_ssp_uclibc_check.patch 20_all_gcc46_gcc.c.patch 21_all_gcc44_decl-tls-model.patch 22_all_gcc46-default-ssp.patch 30_all_gcc46_esp.h.patch 33_all_gcc46_config_rs6000_linux64.h.patch 35_all_gcc46_config_crtbeginp.patch 60_all_gcc44_invoke.texi.patch README README.Changelog README.Gentoo.patches README.history
@ 2013-04-16 5:22 Ryan Hill (dirtyepic)
0 siblings, 0 replies; only message in thread
From: Ryan Hill (dirtyepic) @ 2013-04-16 5:22 UTC (permalink / raw
To: gentoo-commits
dirtyepic 13/04/16 05:22:57
Added: 10_all_gcc45_configure.patch
11_all_gcc45_config.in.patch
12_all_gcc46_Makefile.in.patch
13_all_gcc46_ssp_uclibc_check.patch
20_all_gcc46_gcc.c.patch
21_all_gcc44_decl-tls-model.patch
22_all_gcc46-default-ssp.patch
30_all_gcc46_esp.h.patch
33_all_gcc46_config_rs6000_linux64.h.patch
35_all_gcc46_config_crtbeginp.patch
60_all_gcc44_invoke.texi.patch README
README.Changelog README.Gentoo.patches
README.history
Log:
Initial 4.6.4 patchset based off latest 4.6.3 patchset. Update patches touching .texi files to patch the .info files instead as we no longer regenerate them.
Revision Changes Path
1.1 src/patchsets/gcc/4.6.4/pie/10_all_gcc45_configure.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/10_all_gcc45_configure.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/10_all_gcc45_configure.patch?rev=1.1&content-type=text/plain
Index: 10_all_gcc45_configure.patch
===================================================================
2012-02-14 Magnus Granberg <zorry@gentoo.org>, Anthony G. Basile <basile@opensource.dyc.edu>
* configure Add --enable-esp. Add-fno-stack-protector
to stage1_cflags.
* gcc/configure Add --enable-esp. Check -z now and -z relro.
Define ENABLE_ESP.
Check if we support crtbeginP and define ENABLE_CRTBEGINP.
* libmudflap/configure Add AC_SUBST enable_esp.
--- configure 2010-01-31 13:12:21.000000000 -0500
+++ configure 2010-02-07 14:29:51.000000000 -0500
@@ -707,6 +707,7 @@
CFLAGS
CC
target_subdir
+enable_esp
host_subdir
build_subdir
build_libsubdir
@@ -934,6 +934,11 @@
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--enable-gold use gold instead of ld
--enable-libada build libada directory
+ --enable-esp
+ Enable Stack protector, Position independent executable as
+ default if we have suppot for it when compiling
+ and link with -z relro and -z now as default.
+ Linux targets supported i*86, x86_64, powerpc, powerpc64, ia64 and arm.
--enable-libssp build libssp directory
--disable-ppl-version-check disable check for PPL version
--disable-cloog-version-check disable check for CLooG version
@@ -2145,6 +2150,25 @@
noconfigdirs="$noconfigdirs gnattools"
fi
+# Check whether --enable-esp was given and target have the support.
+# Check whether --enable-esp or --disable-esp was given.
+if test "${enable_esp+set}" = set; then
+ enableval="$enable_esp"
+
+ case $target in
+ i?86*-*-linux* | x86_64*-*-linux* | powerpc-*-linux* | powerpc64-*-linux* | arm*-*-linux* | ia64-*-linux*)
+ enable_esp=yes
+ ;;
+ *)
+ { { echo "$as_me:$LINENO: error: *** --enable-esp is not supported on this $target target." >&5
+echo "$as_me: error: *** --enable-esp is not supported on this $target target." >&2;}
+ { (exit 1); exit 1; }; }
+ ;;
+ esac
+
+fi;
+
+
# Check whether --enable-libssp was given.
if test "${enable_libssp+set}" = set; then :
enableval=$enable_libssp; ENABLE_LIBSSP=$enableval
@@ -14266,6 +14290,9 @@
*) stage1_cflags="-g -J" ;;
esac ;;
esac
+if test x$enable_esp = xyes; then
+ stage1_cflags="$stage1_cflags -fno-stack-protector"
+fi
# This is aimed to mimic bootstrap with a non-GCC compiler to catch problems.
if test "$GCC" = yes -a "$ENABLE_BUILD_WITH_CXX" != yes; then
--- gcc/configure 2010-01-31 10:01:53.000000000 -0500
+++ gcc/configure 2010-02-07 14:29:56.000000000 -0500
@@ -678,6 +678,8 @@
HOST_LIBS
GGC
libgcc_visibility
+enable_esp
+enable_crtbeginP
gcc_cv_readelf
gcc_cv_objdump
ORIGINAL_NM_FOR_TARGET
@@ -24480,6 +24481,50 @@
;;
esac
+echo "$as_me:$LINENO: checking linker -z now support" >&5
+echo $ECHO_N "checking linker -z now support... $ECHO_C" >&6
+if test "${gcc_cv_ld_now+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ gcc_cv_ld_now=no
+if test $in_tree_ld = yes ; then
+ if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
+ && test $in_tree_ld_is_elf = yes; then
+ gcc_cv_ld_now=yes
+ fi
+elif test x$gcc_cv_ld != x; then
+ # Check if linker supports -z now options
+ if $gcc_cv_ld --help 2>/dev/null | grep now > /dev/null; then
+ gcc_cv_ld_now=yes
+ fi
+fi
+
+fi
+echo "$as_me:$LINENO: result: $gcc_cv_ld_now" >&5
+echo "${ECHO_T}$gcc_cv_ld_now" >&6
+
+echo "$as_me:$LINENO: checking linker -z relro support" >&5
+echo $ECHO_N "checking linker -z relro support... $ECHO_C" >&6
+if test "${gcc_cv_ld_relro+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ gcc_cv_ld_relro=no
+if test $in_tree_ld = yes ; then
+ if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
+ && test $in_tree_ld_is_elf = yes; then
+ gcc_cv_ld_relro=yes
+ fi
+elif test x$gcc_cv_ld != x; then
+ # Check if linker supports -z relro and -z norelro options
+ if $gcc_cv_ld --help 2>/dev/null | grep relro > /dev/null; then
+ gcc_cv_ld_relro=yes
+ fi
+fi
+
+fi
+echo "$as_me:$LINENO: result: $gcc_cv_ld_relro" >&5
+echo "${ECHO_T}$gcc_cv_ld_relro" >&6
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking linker --build-id support" >&5
$as_echo_n "checking linker --build-id support... " >&6; }
if test "${gcc_cv_ld_buildid+set}" = set; then :
@@ -24411,6 +23745,74 @@
fi
+if test x$enable_esp = xyes ; then
+case $target in
+ ia64*-*-linux*)
+ if test x$gcc_cv_ld_now = xyes; then
+ enable_esp_ld=yes
+ else
+ enable_esp_ld=no
+ fi
+ ;;
+ *-*-linux*)
+ if test x$gcc_cv_ld_relro = xyes && test x$gcc_cv_ld_now = xyes; then
+ enable_esp_ld=yes
+ else
+ enable_esp_ld=no
+ fi
+ ;;
+ *)
+ enable_esp_ld=no
+ ;;
+ esac
+else
+ enable_espf_ld=no
+fi
+if test x$enable_esp_ld = xyes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define ENABLE_ESP 1
+_ACEOF
+
+fi
+
+if test x$enable_esp = xyes && test x$enable_esp_ld = xno; then
+ { { echo "$as_me:$LINENO: error: *** --enable-esp is not supported. You don't have -z,relro or -z,now support in the linker." >&5
+echo "$as_me: error: *** --enable-esp is not supported. You don't have -z,relro or -z,now support in the linker." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+echo "$as_me:$LINENO: checking for crtbeginP.o support" >&5
+echo $ECHO_N "checking for crtbeginP.o support... $ECHO_C" >&6
+if test "${enable_crtbeginP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+if test x$enable_esp = xyes ; then
+ case "$target" in
+ ia64*-*-linux*)
+ enable_crtbeginP=no ;;
+ *-*-linux*)
+ if test x$gcc_cv_ld_pie = xyes && test x$lt_cv_prog_compiler_static_works = xyes; then
+ enable_crtbeginP=yes
+ fi
+ ;;
+ *) enable_crtbeginP=no ;;
+ esac
+fi
+
+fi
+echo "$as_me:$LINENO: result: $enable_crtbeginP" >&5
+echo "${ECHO_T}$enable_crtbeginP" >&6
+
+if test x$enable_crtbeginP = xyes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define ENABLE_CRTBEGINP 1
+_ACEOF
+
+fi
+
# Check if TFmode long double should be used by default or not.
# Some glibc targets used DFmode long double, but with glibc 2.4
# and later they can use TFmode.
--- libmudflap/configure 2009-12-05 12:18:53.000000000 -0500
+++ libmudflap/configure 2010-02-07 14:29:51.000000000 -0500
@@ -652,6 +652,7 @@
MAINTAINER_MODE_FALSE
MAINTAINER_MODE_TRUE
am__untar
+enable_esp
am__tar
AMTAR
am__leading_dot
1.1 src/patchsets/gcc/4.6.4/pie/11_all_gcc45_config.in.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/11_all_gcc45_config.in.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/11_all_gcc45_config.in.patch?rev=1.1&content-type=text/plain
Index: 11_all_gcc45_config.in.patch
===================================================================
2011-12-05 Magnus Granberg <zorry@gentoo.org>
* gcc/config.in Add ENABLE_CRTBEGINP and ENABLE_ESP
--- gcc/config.in 2009-04-21 11:08:08.000000000 +0200
+++ gcc/config.in 2009-05-12 00:10:08.000000000 +0200
@@ -46,6 +46,12 @@
#endif
+/* Define to 1 to enable crtbeginP.o. */
+#ifndef USED_FOR_TARGET
+#undef ENABLE_CRTBEGINP
+#endif
+
+
/* Define to 1 to specify that we are using the BID decimal floating point
format instead of DPD */
#ifndef USED_FOR_TARGET
@@ -65,6 +65,12 @@
#endif
+/* Define to 1 to enable esp. */
+#ifndef USED_FOR_TARGET
+#undef ENABLE_ESP
+#endif
+
+
/* Define to 1 to enable fixed-point arithmetic extension to C. */
#ifndef USED_FOR_TARGET
#undef ENABLE_FIXED_POINT
1.1 src/patchsets/gcc/4.6.4/pie/12_all_gcc46_Makefile.in.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/12_all_gcc46_Makefile.in.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/12_all_gcc46_Makefile.in.patch?rev=1.1&content-type=text/plain
Index: 12_all_gcc46_Makefile.in.patch
===================================================================
2011-12-07 Magnus Granberg <zorry@gentoo.org> Anthony G. Basile <basile@opensource.dyc.edu>
* Makefile.in We add -fno-stack-protector to BOOT_CFLAGS, LIBCFLAGS and
LIBCXXFLAGS if enable_esp yes.
* gcc/Makefile.in Add -fno-PIE. to CRTSTUFF_CFLAGS, ALL_CFLAGS and
ALL_CXXFLAGS if enable_esp yes
Add crtbeginP.o to EXTRA_PARTS if enable_crtbeginP yes
We add new file crtbeginP.o if enable_crtbeginP yes
* libgcc/Makefile.in Add crtbeginP.o to EXTRA_PARTS if enable_crtbeginP yes
We add new file crtbeginP.o if enable_crtbeginP yes
--- Makefile.in 2010-01-22 08:35:38.000000000 -0500
+++ Makefile.in 2010-02-07 15:10:59.000000000 -0500
@@ -350,9 +350,17 @@
BUILD_PREFIX = @BUILD_PREFIX@
BUILD_PREFIX_1 = @BUILD_PREFIX_1@
+# Some stuff don't compile with SSP
+enable_esp = @enable_esp@
+ifeq ($(enable_esp),yes)
+ESP_NOSSP_CFLAGS = -fno-stack-protector
+else
+ESP_NOSSP_CFLAGS=
+endif
+
# Flags to pass to stage2 and later makes. They are defined
# here so that they can be overridden by Makefile fragments.
-BOOT_CFLAGS= -g -O2
+BOOT_CFLAGS= -g -O2 $(ESP_NOSSP_CFLAGS)
BOOT_LDFLAGS=
BOOT_ADAFLAGS=-gnatpg -gnata
@@ -403,9 +403,9 @@
CFLAGS = @CFLAGS@
LDFLAGS = @LDFLAGS@
-LIBCFLAGS = $(CFLAGS)
+LIBCFLAGS = $(CFLAGS) $(ESP_NOSSP_CFLAGS)
CXXFLAGS = @CXXFLAGS@
-LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates
+LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates $(ESP_NOSSP_CFLAGS)
GOCFLAGS = $(CFLAGS)
TFLAGS =
--- gcc/Makefile.in 2010-01-22 17:22:51.000000000 -0500
+++ gcc/Makefile.in 2010-02-07 15:15:13.000000000 -0500
@@ -642,6 +642,14 @@
INHIBIT_LIBC_CFLAGS = -Dinhibit_libc
endif
+# We don't want to compile the compiler with -fPIE.
+enable_esp = @enable_esp@
+ifeq ($(enable_esp),yes)
+ESP_NOPIE_CFLAGS = -fno-PIE
+else
+ESP_NOPIE_CFLAGS=
+endif
+
# Options to use when compiling libgcc2.a.
#
LIBGCC2_DEBUG_CFLAGS = -g
@@ -662,7 +670,7 @@
CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
-finhibit-size-directive -fno-inline -fno-exceptions \
-fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
- -fno-stack-protector \
+ -fno-stack-protector $(ESP_NOPIE_CFLAGS) \
$(INHIBIT_LIBC_CFLAGS)
# Additional sources to handle exceptions; overridden by targets as needed.
@@ -678,6 +689,12 @@
# The rules for compiling them should be in the t-* file for the machine.
EXTRA_PARTS = @extra_parts@
+# We add crtbeginP.o to the EXTRA_PARTS list if enable_crtbeginP = yes
+enable_crtbeginP = @enable_crtbeginP@
+ifeq ($(enable_crtbeginP),yes)
+EXTRA_PARTS += crtbeginP.o
+endif
+
# List of extra object files that should be compiled and linked with
# compiler proper (cc1, cc1obj, cc1plus).
EXTRA_OBJS = @extra_objs@
@@ -1002,12 +1010,12 @@
# This is the variable actually used when we compile. If you change this,
# you probably want to update BUILD_CFLAGS in configure.ac
-ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \
+ALL_CFLAGS = $(ESP_NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \
$(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@
# The C++ version.
-ALL_CXXFLAGS = $(T_CFLAGS) $(CXXFLAGS) $(INTERNAL_CFLAGS) \
- $(COVERAGE_FLAGS) $(WARN_CXXFLAGS) @DEFS@
+ALL_CXXFLAGS = $(ESP_NOPIE_CFLAGS) $(T_CFLAGS) $(CXXFLAGS) \
+ $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CXXFLAGS) @DEFS@
# Likewise. Put INCLUDES at the beginning: this way, if some autoconf macro
# puts -I options in CPPFLAGS, our include files in the srcdir will always
@@ -1856,9 +1873,10 @@
echo LIBGCC_SYNC = '$(LIBGCC_SYNC)' >> tmp-libgcc.mvars
echo LIBGCC_SYNC_CFLAGS = '$(LIBGCC_SYNC_CFLAGS)' >> tmp-libgcc.mvars
echo CRTSTUFF_CFLAGS = '$(CRTSTUFF_CFLAGS)' >> tmp-libgcc.mvars
- echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS)' >> tmp-libgcc.mvars
+ echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS) $(ESP_NOPIE_CFLAGS)' >> tmp-libgcc.mvars
echo CRTSTUFF_T_CFLAGS_S = '$(CRTSTUFF_T_CFLAGS_S)' >> tmp-libgcc.mvars
echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
+ echo enable_crtbeginP = '$(enable_crtbeginP)' >> tmp-libgcc.mvars
mv tmp-libgcc.mvars libgcc.mvars
@@ -1918,9 +1938,19 @@
$(T)crtbeginT.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \
+ $(ESP_NOPIE_CFLAGS) \
-c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O \
-o $(T)crtbeginT$(objext)
+# This is a version of crtbegin for -static -fPIE links if esp is enable.
+ifeq ($(enable_crtbeginP),yes)
+$(T)crtbeginP.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
+ gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
+ $(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS_S) \
+ -c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O -DCRTSTUFFS_O \
+ -o $(T)crtbeginP$(objext)
+endif
+
# Compile the start modules crt0.o and mcrt0.o that are linked with
# every program
$(T)crt0.o: s-crt0 ; @true
--- libgcc/Makefile.in 2009-07-30 18:33:49.000000000 -0400
+++ libgcc/Makefile.in 2010-02-07 15:10:59.000000000 -0500
@@ -291,6 +291,12 @@
gen-hide-list = echo > \$@
endif
+# We add crtbeginP.o to the EXTRA_PARTS list if enable_crtbeginP = yes
+enable_libgcc_crtbeginP = $(enable_crtbeginP)
+ifeq ($(enable_libgcc_crtbeginP),yes)
+EXTRA_PARTS += crtbeginP.o
+endif
+
ifneq ($(EXTRA_PARTS),)
extra-parts = libgcc-extra-parts
INSTALL_PARTS = $(EXTRA_PARTS)
@@ -842,6 +848,13 @@
crtbeginT.o: $(gcc_srcdir)/crtstuff.c
$(crt_compile) $(CRTSTUFF_T_CFLAGS) \
-c $(gcc_srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O
+
+# This is a version of crtbegin for -static -fPIE links.
+ifeq ($(enable_libgcc_crtbeginP),yes)
+crtbeginP.o: $(gcc_srcdir)/crtstuff.c
+ $(crt_compile) $(CRTSTUFF_T_CFLAGS_S) \
+ -c $(gcc_srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O -DCRTSTUFFS_O
+endif
endif
# Build extra startfiles in the libgcc directory.
1.1 src/patchsets/gcc/4.6.4/pie/13_all_gcc46_ssp_uclibc_check.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/13_all_gcc46_ssp_uclibc_check.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/13_all_gcc46_ssp_uclibc_check.patch?rev=1.1&content-type=text/plain
Index: 13_all_gcc46_ssp_uclibc_check.patch
===================================================================
2012-04-03 Magnus Granberg <zorry@gentoo.org>
* gcc/config.in Add define for ENABLE_ESP_SSP
* gcc/configure Check SSP for uClibc
--- a/gcc/config.in 2012-04-03 17:44:35.173548352 +0200
+++ b/gcc/config.in 2012-04-03 15:25:23.272299470 +0200
@@ -89,6 +89,12 @@
#endif
+/* Define to 1 to enable esp ssp. */
+#ifndef USED_FOR_TARGET
+#undef ENABLE_ESP_SSP
+#endif
+
+
/* Define to 1 to enable fixed-point arithmetic extension to C. */
#ifndef USED_FOR_TARGET
#undef ENABLE_FIXED_POINT
--- a/gcc/configure 2012-04-03 17:44:32.793548281 +0200
+++ b/gcc/configure 2012-04-03 17:40:00.000000000 +0200
@@ -25915,6 +25915,45 @@ _ACEOF
fi
+
+# Check if we have SSP support. if uClibc we need 0.9.32 or newer and TLS.
+echo "$as_me:$LINENO: checking for SSP support" >&5
+echo $ECHO_N "checking for SSP support... $ECHO_C" >&6
+if test "${enable_esp_SSP+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test x$enable_esp = xyes && test x$gcc_cv_libc_provides_ssp = xyes \
+ && test x$set_have_as_tls = xyes; then
+ if $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC__[ ]+1' \
+ $target_header_dir/features.h > /dev/null; then
+ if test -f $target_header_dir/bits/uClibc_config.h && \
+ $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_SUBLEVEL__[ ]+([3-9][2-9]|[4-9][0-9])' \
+ $target_header_dir/bits/uClibc_config.h > /dev/null && \
+ $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_HAS_TLS__[ ]+1' \
+ $target_header_dir/bits/uClibc_config.h > /dev/null; then
+ enable_esp_SSP=yes
+ else
+ enable_esp_SSP=no
+ fi
+ else
+ enable_esp_SSP=yes
+ fi
+ else
+ enable_esp_SSP=no
+ fi
+fi
+echo "$as_me:$LINENO: result: $enable_esp_SSP" >&5
+echo "${ECHO_T}$enable_esp_SSP" >&6
+
+if test x$enable_esp_SSP = xyes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define ENABLE_ESP_SSP 1
+_ACEOF
+
+fi
+
+
# Check if TFmode long double should be used by default or not.
# Some glibc targets used DFmode long double, but with glibc 2.4
# and later they can use TFmode.
1.1 src/patchsets/gcc/4.6.4/pie/20_all_gcc46_gcc.c.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/20_all_gcc46_gcc.c.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/20_all_gcc46_gcc.c.patch?rev=1.1&content-type=text/plain
Index: 20_all_gcc46_gcc.c.patch
===================================================================
2011-01-01 Magnus Granberg <zorry@gentoo.org>
* gcc/gcc.c include esp.h
static const char *cc1_spec We set that in esp.h if ENABLE_ESP.
#ifdef EXTRA_SPECS: Add ESP_EXTRA_SPECS
main(): Add do_self_spec esp_command_options_spec()
--- gcc/gcc.c 2010-01-21 10:29:30.000000000 -0500
+++ gcc/gcc.c 2010-01-29 23:29:16.000000000 -0500
@@ -44,6 +44,7 @@
#include "flags.h"
#include "opts.h"
#include "vec.h"
+#include "esp.h" /* for --enable-esp support */
/* By default there is no special suffix for target executables. */
/* FIXME: when autoconf is fixed, remove the host check - dj */
@@ -822,7 +823,9 @@
static const char *asm_debug;
static const char *cpp_spec = CPP_SPEC;
+#ifndef ENABLE_ESP
static const char *cc1_spec = CC1_SPEC;
+#endif
static const char *cc1plus_spec = CC1PLUS_SPEC;
static const char *link_gcc_c_sequence_spec = LINK_GCC_C_SEQUENCE_SPEC;
static const char *link_ssp_spec = LINK_SSP_SPEC;
@@ -1699,18 +1705,23 @@
INIT_STATIC_SPEC ("sysroot_hdrs_suffix_spec", &sysroot_hdrs_suffix_spec),
};
-#ifdef EXTRA_SPECS /* additional specs needed */
+/* EXTRA_SPECS needs to be defined */
+#ifndef EXTRA_SPECS
+#define EXTRA_SPECS
+#endif
+
+/* EXTRA_SPECS and ESP_EXTRA_SPECS add additional specs */
/* Structure to keep track of just the first two args of a spec_list.
- That is all that the EXTRA_SPECS macro gives us. */
+ That is all that the EXTRA_SPECS and ESP_EXTRA_SPECS macro gives us. */
struct spec_list_1
{
const char *const name;
const char *const ptr;
};
-static const struct spec_list_1 extra_specs_1[] = { EXTRA_SPECS };
+/* ESP_EXTRA_SPECS before EXTRA_SPECS */
+static const struct spec_list_1 extra_specs_1[] = { ESP_EXTRA_SPECS, EXTRA_SPECS };
static struct spec_list *extra_specs = (struct spec_list *) 0;
-#endif
/* List of dynamically allocates specs that have been defined so far. */
@@ -1798,7 +1809,6 @@
if (verbose_flag)
notice ("Using built-in specs.\n");
-#ifdef EXTRA_SPECS
extra_specs = XCNEWVEC (struct spec_list, ARRAY_SIZE (extra_specs_1));
for (i = ARRAY_SIZE (extra_specs_1) - 1; i >= 0; i--)
@@ -1811,7 +1821,6 @@
sl->ptr_spec = &sl->ptr;
next = sl;
}
-#endif
for (i = ARRAY_SIZE (static_specs) - 1; i >= 0; i--)
{
@@ -7096,6 +7123,12 @@
gcc_exec_prefix = concat (gcc_exec_prefix, spec_machine, dir_separator_str,
spec_version, dir_separator_str, NULL);
+#ifdef ENABLE_ESP
+ /* Process ESP_COMMAND_OPTIONS_SPEC, adding any new options to the end
+ of the command line. */
+ do_self_spec (esp_command_options_spec);
+#endif
+
/* Now we have the specs.
Set the `valid' bits for switches that match anything in any spec. */
1.1 src/patchsets/gcc/4.6.4/pie/21_all_gcc44_decl-tls-model.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/21_all_gcc44_decl-tls-model.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/21_all_gcc44_decl-tls-model.patch?rev=1.1&content-type=text/plain
Index: 21_all_gcc44_decl-tls-model.patch
===================================================================
2009-06-13 Magnus Granberg <zorry@ume.nu>
b.g.o #232601
* gcc/varasm.c (decl_tls_model): Check flag_pic instead of flag_shlib.
--- gcc/varasm.c 2009-03-17 21:18:21.000000000 +0100
+++ gcc/varasm.c 2009-04-29 03:10:09.000000000 +0200
@@ -5607,7 +5607,11 @@
bool is_local;
is_local = targetm.binds_local_p (decl);
- if (!flag_shlib)
+ #ifdef ENABLE_ESP
+ if (!flag_pic)
+ #else
+ if (!flag_shlib)
+ #endif
{
if (is_local)
kind = TLS_MODEL_LOCAL_EXEC;
1.1 src/patchsets/gcc/4.6.4/pie/22_all_gcc46-default-ssp.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/22_all_gcc46-default-ssp.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/22_all_gcc46-default-ssp.patch?rev=1.1&content-type=text/plain
Index: 22_all_gcc46-default-ssp.patch
===================================================================
2011-03-05 Matthias Klose <doko@ubuntu.com>, Kees Cook <kees@outflux.net>,
Magnus Granberg <zorry@gentoo.org>
* gcc/objc/lang-specs.h compiler spec Add %(esp_options)
* gcc/objcp/lang-specs.h compiler spec Add %(esp_options)
* gcc/gcc.c *cpp_options Add %(esp_cpp_options)
* gcc/gcc.c default_compilers[] Add %(esp_options)
* gcc/cp/lang-specs.h compiler spec Add %(esp_options)
--- a/gcc/gcc.c.orig 2009-12-21
+++ b/gcc/gcc.c 2009-12-21
@@ -740,7 +749,7 @@
static const char *cpp_options =
"%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\
%{f*} %{g*:%{!g0:%{g*} %{!fno-working-directory:-fworking-directory}}} %{O*}\
- %{undef} %{save-temps*:-fpch-preprocess}";
+ %{undef} %{save-temps*:-fpch-preprocess} %(esp_cpp_options)";
/* This contains cpp options which are not passed when the preprocessor
output will be used by another program. */
@@ -914,9 +923,9 @@
%{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \
%(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\
cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \
- %(cc1_options)}\
+ %(cc1_options) %(esp_options)}\
%{!save-temps*:%{!traditional-cpp:%{!no-integrated-cpp:\
- cc1 %(cpp_unique_options) %(cc1_options)}}}\
+ cc1 %(cpp_unique_options) %(cc1_options) %(esp_options)}}}\
%{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 1},
{"-",
"%{!E:%e-E or -x required when input is from standard input}\
@@ -953,7 +953,7 @@
%W{o*:--output-pch=%*}}%V}}}}}}", 0, 0, 0},
{".i", "@cpp-output", 0, 0, 0},
{"@cpp-output",
- "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+ "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %(esp_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
{".s", "@assembler", 0, 0, 0},
{"@assembler",
"%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0},
--- a/gcc/cp/lang-specs.h 2011-03-06 17:27:57.000000000 +0100
+++ b/gcc/cp/lang-specs.h 2011-03-26 13:30:40.312423000 +0100
@@ -47,7 +47,7 @@
%(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\
cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\
%{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
- %(cc1_options) %2\
+ %(cc1_options) %(esp_options) %2\
%{!fsyntax-only:%{!fdump-ada-spec*:-o %g.s %{!o*:--output-pch=%i.gch}\
%W{o*:--output-pch=%*}}%V}}}}",
CPLUSPLUS_CPP_SPEC, 0, 0},
@@ -58,7 +58,7 @@
%(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\
cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\
%{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
- %(cc1_options) %2\
+ %(cc1_options) %(esp_options) %2\
%{!fsyntax-only:%(invoke_as)}}}}",
CPLUSPLUS_CPP_SPEC, 0, 0},
{".ii", "@c++-cpp-output", 0, 0, 0},
--- a/gcc/objcp/lang-specs.h 2011-03-06 17:27:57.000000000 +0100
+++ a/gcc/objcp/lang-specs.h 2011-03-26 14:19:12.596423000 +0100
@@ -36,7 +36,7 @@
%(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
%{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
- %(cc1_options) %2\
+ %(cc1_options) %(esp_options) %2\
-o %g.s %{!o*:--output-pch=%i.gch} %W{o*:--output-pch=%*}%V}}}",
CPLUSPLUS_CPP_SPEC, 0, 0},
{"@objective-c++",
@@ -46,16 +46,16 @@
%(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
%{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
- %(cc1_options) %2\
+ %(cc1_options) %(esp_options) %2\
%{!fsyntax-only:%(invoke_as)}}}}",
CPLUSPLUS_CPP_SPEC, 0, 0},
{".mii", "@objective-c++-cpp-output", 0, 0, 0},
{"@objective-c++-cpp-output",
"%{!M:%{!MM:%{!E:\
- cc1objplus -fpreprocessed %i %(cc1_options) %2\
+ cc1objplus -fpreprocessed %i %(cc1_options) %(esp_options) %2\
%{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
{"@objc++-cpp-output",
"%nobjc++-cpp-output is deprecated; please use objective-c++-cpp-output instead\n\
%{!M:%{!MM:%{!E:\
- cc1objplus -fpreprocessed %i %(cc1_options) %2\
+ cc1objplus -fpreprocessed %i %(cc1_options) %(esp_options) %2\
%{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
--- a/gcc/objc/lang-specs.h 2011-03-06 17:27:57.000000000 +0100
+++ b/gcc/objc/lang-specs.h 2011-03-26 14:56:27.668423000 +0100
@@ -30,9 +30,9 @@
%{traditional|traditional-cpp:\
%eGNU Objective C no longer supports traditional compilation}\
%{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
- cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}\
+ cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}}\
%{!save-temps*:%{!no-integrated-cpp:\
- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}}\
+ cc1obj %(cpp_unique_options) %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}}}\
%{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
{"@objective-c-header",
"%{E|M|MM:cc1obj -E %{traditional|traditional-cpp:-traditional-cpp}\
@@ -41,18 +41,18 @@
%{traditional|traditional-cpp:\
%eGNU Objective C no longer supports traditional compilation}\
%{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
- cc1obj -fpreprocessed %b.mi %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
+ cc1obj -fpreprocessed %b.mi %(cc1_options)%(esp_options) %{print-objc-runtime-info} %{gen-decls}\
-o %g.s %{!o*:--output-pch=%i.gch}\
%W{o*:--output-pch=%*}%V}\
%{!save-temps*:%{!no-integrated-cpp:\
- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
+ cc1obj %(cpp_unique_options) %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}\
-o %g.s %{!o*:--output-pch=%i.gch}\
%W{o*:--output-pch=%*}%V}}}}}", 0, 0, 0},
{".mi", "@objective-c-cpp-output", 0, 0, 0},
{"@objective-c-cpp-output",
- "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
+ "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}\
%{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
{"@objc-cpp-output",
"%nobjc-cpp-output is deprecated; please use objective-c-cpp-output instead\n\
- %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
+ %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}\
%{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
1.1 src/patchsets/gcc/4.6.4/pie/30_all_gcc46_esp.h.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/30_all_gcc46_esp.h.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/30_all_gcc46_esp.h.patch?rev=1.1&content-type=text/plain
Index: 30_all_gcc46_esp.h.patch
===================================================================
2012-04-03 Magnus Granberg <zorry@gentoo.org>
* gcc/esp.h New file to support --enable-esp
Version 20120403.2
--- gcc/esp.h 2010-04-09 16:14:00.000000000 +0200
+++ gcc/esp.h 2010-04-29 21:30:47.000000000 +0200
@@ -0,0 +1,145 @@
+/* License terms see GNU GENERAL PUBLIC LICENSE Version 3.
+ * Version 20120403.2
+ * Magnus Granberg (Zorry) <zorry@gentoo.org> */
+#ifndef GCC_ESP_H
+#define GCC_ESP_H
+
+/* This file will add -fstack-protector-all, -fPIE, -pie and -z now
+ as default if the defines and the spec allow it.
+ Added a hack for gcc-specs-* in toolchain-funcs.eclass and _filter-hardened in flag-o-matic.eclass
+ to support older hardened GCC patches and we don't need to change the code on gcc-specs-* and _filter-hardened.
+ This will add some unsupported upstream commands options as -nopie and -nonow.
+ -D__KERNEL__ is added so we don't have -fPIE, -pie and -fstack-protector-all when building kernels.
+ ESP_CC1_SPEC is added to CC1_SPEC.
+ ESP_CC1_STRICT_OVERFLOW_SPEC is added so we don't disable the strict-overflow check.
+ ESP_LINK_PIE_CHECK_SPEC check for -pie, -p, -pg, -profile and -static.
+ ENABLE_CRTBEGINP add support for crtbeginP.o, build -static with -fPIE or -fpie.
+*/
+#ifdef ENABLE_ESP
+
+ /* Hack to support gcc-specs-* in toolchain-funcs.eclass and _filter-hardened in flag-o-matic.eclass */
+ #define ESP_CC1_SPEC " %(esp_cc1_ssp) %(esp_cc1_pie) %(esp_cc1_strict_overflow)"
+ #if defined ( EFAULT_SSP ) || defined ( EFAULT_PIE_SSP )
+ #define ESP_CC1_SSP_SPEC "%{!fno-stack-protector: %{!fno-stack-protector-all: }}"
+ #else
+ #define ESP_CC1_SSP_SPEC ""
+ #endif
+ #if defined ( EFAULT_PIE ) || defined ( EFAULT_PIE_SSP )
+ #define ESP_CC1_PIE_SPEC "%{!nopie: }"
+ #else
+ #define ESP_CC1_PIE_SPEC ""
+ #endif
+ #define ESP_CC1_STRICT_OVERFLOW_SPEC "%{!fstrict-overflow:%{!fno-strict-overflow: -fno-strict-overflow}}"
+
+ /* ESP_LINK_SPEC is added to LINK_PIE_SPEC if esp is enable
+ -z now will be added if we don't have -vanilla spec. We do a -pie incompatible check
+ Don't remove the specs in the end */
+ #define ESP_LINK_SPEC "%(esp_link_now) %(esp_link_pie_check) "
+ #define ESP_LINK_NOW_SPEC "%{!nonow:-z now}"
+
+ /* We use ESP_COMMAND_OPTIONS_SPEC to add pie command-line options. */
+ #define ESP_COMMAND_OPTIONS_SPEC "%{!D__KERNEL__:%{!nopie:%(esp_options_pie) %(esp_link_pie)}}"
+
+ /* ESP_OPTIONS_SPEC is added to the compiler spec in gcc/gcc.c */
+ #define ESP_OPTIONS_SPEC "%(esp_options_ssp)"
+
+ /* ESP_CPP_OPTIONS_SPEC is added to the cpp_options spec in gcc/gcc.c
+ For precompiling headers. */
+ #define ESP_CPP_OPTIONS_SPEC "%(esp_options_ssp)"
+
+ /* This will add -fstack-protector-all if we don't have -nostdlib -nodefaultlibs -fno-stack-protector -fstack-protector
+ -fstack-protector-all and we have EFAULT_SSP or EFAULT_PIE_SSP defined. */
+ #if ( defined ( EFAULT_SSP ) || defined ( EFAULT_PIE_SSP ) ) && defined ( ENABLE_ESP_SSP )
+ #define ESP_OPTIONS_SSP_SPEC \
+ "%{!D__KERNEL__:%{!nostdlib:%{!nodefaultlibs: %{!fno-stack-protector: \
+ %{!fstack-protector:%{!fstack-protector-all:-fstack-protector-all}}}}}}"
+ #else
+ #define ESP_OPTIONS_SSP_SPEC ""
+ #endif
+
+ /* If EFAULT_PIE or EFAULT_PIE_SSP is defined we will add -fPIE -pie */
+ #if defined ( EFAULT_PIE ) || defined ( EFAULT_PIE_SSP )
+
+ /* This will add -fPIE if we don't have -pie -fpic -fPIC -fpie -fPIE -fno-pic -fno-PIC -fno-pie -fno-PIE -shared -static
+ -nostdlib -nostartfiles. */
+ /* With ENABLE_CRTBEGINP we don't need to check for -static */
+ #ifdef ENABLE_CRTBEGINP
+ #define ESP_OPTIONS_PIE_SPEC \
+ "%{!pie: %{!fpic:%{!fPIC:%{!fpie:%{!fPIE: %{!fno-pic:%{!fno-PIC:%{!fno-pie:%{!fno-PIE: \
+ %{!shared: %{!nostdlib: %{!nostartfiles:-fPIE}} } }}}} }}}} }"
+ #else
+ #define ESP_OPTIONS_PIE_SPEC \
+ "%{!pie: %{!fpic:%{!fPIC:%{!fpie:%{!fPIE: %{!fno-pic:%{!fno-PIC:%{!fno-pie:%{!fno-PIE: \
+ %{!shared: %{!static: %{!nostdlib: %{!nostartfiles:-fPIE}} } }}}} }}}} }}"
+ #endif
+
+ /* This will add -pie if we don't have -pie -A -fno-pic -fno-PIC -fno-pie -fno-PIE -shared -static -r -nostdlib
+ -nostartfiles */
+ /* With ENABLE_CRTBEGINP we don't need to check for -static
+ and we add -pie only to get the start and endfiles. -pie will not go to the linker. */
+ #ifdef ENABLE_CRTBEGINP
+ #define ESP_LINK_PIE_SPEC \
+ "%{!pie:%{!A:%{!fno-pie:%{!fno-PIE:%{!fno-pic:%{!fno-PIC:%{!shared:%{!r: \
+ %{!nostdlib:%{!nostartfiles:-pie}}}}}}}}}}"
+ #else
+ #define ESP_LINK_PIE_SPEC \
+ "%{!pie:%{!A:%{!fno-pie:%{!fno-PIE:%{!fno-pic:%{!fno-PIC:%{!shared:%{!static:%{!r: \
+ %{!nostdlib:%{!nostartfiles:-pie}}}}}}}}}}}"
+ #endif
+
+ /* This will check if -pie is set when (-static) -pg -p -profile. If set it will make gcc print out
+ "-pie and (static)|pg|p|profile are incompatible when linking" */
+ /* With ENABLE_CRTBEGINP we don't need to check for -static */
+ #ifdef ENABLE_CRTBEGINP
+ #define ESP_LINK_PIE_CHECK_SPEC \
+ "%{pie:%{pg|p|profile:%e-pie and -pg|p|profile are incompatible when linking}}"
+ #else
+ #define ESP_LINK_PIE_CHECK_SPEC \
+ "%{pie:%{static|pg|p|profile:%e-pie and -static|pg|p|profile are incompatible when linking}}"
+ #endif
+
+ /* We don't pass -pie to the linker when -static. */
+ #ifdef ENABLE_CRTBEGINP
+ #define LINK_PIE_SPEC "%{!static:%{pie:-pie}} %(esp_link)"
+ #else
+ #define LINK_PIE_SPEC "%{pie:-pie} %(esp_link)"
+ #endif
+
+ #else
+ #define ESP_OPTIONS_PIE_SPEC ""
+ #define ESP_LINK_PIE_CHECK_SPEC ""
+ #define ESP_LINK_PIE_SPEC ""
+ #define LINK_PIE_SPEC "%{pie:-pie} %(esp_link)"
+ #endif
+
+ /* We add extra spec name's to the EXTRA_SPECS list */
+ #define ESP_EXTRA_SPECS \
+ { "esp_cc1", ESP_CC1_SPEC }, \
+ { "esp_cc1_pie", ESP_CC1_PIE_SPEC }, \
+ { "esp_cc1_ssp", ESP_CC1_SSP_SPEC }, \
+ { "esp_cc1_strict_overflow", ESP_CC1_STRICT_OVERFLOW_SPEC }, \
+ { "esp_link", ESP_LINK_SPEC }, \
+ { "esp_link_now", ESP_LINK_NOW_SPEC }, \
+ { "esp_link_pie", ESP_LINK_PIE_SPEC }, \
+ { "esp_link_pie_check", ESP_LINK_PIE_CHECK_SPEC }, \
+ { "esp_command_options", ESP_COMMAND_OPTIONS_SPEC }, \
+ { "esp_cpp_options", ESP_CPP_OPTIONS_SPEC }, \
+ { "esp_options", ESP_OPTIONS_SPEC }, \
+ { "esp_options_pie", ESP_OPTIONS_PIE_SPEC }, \
+ { "esp_options_ssp", ESP_OPTIONS_SSP_SPEC }
+
+ static const char *esp_command_options_spec = ESP_COMMAND_OPTIONS_SPEC;
+ static const char *cc1_spec = CC1_SPEC ESP_CC1_SPEC;
+
+#else /* If not ESP_ENABLE defined do this. */
+
+ #define ESP_OPTIONS_SPEC ""
+ #define ESP_CPP_OPTIONS_SPEC ""
+
+ /* We add extra spec name's to the EXTRA_SPECS list */
+ #define ESP_EXTRA_SPECS \
+ { "esp_options", ESP_OPTIONS_SPEC }, \
+ { "esp_cpp_options", ESP_CPP_OPTIONS_SPEC }
+
+#endif
+#endif /* End GCC_ESP_H */
1.1 src/patchsets/gcc/4.6.4/pie/33_all_gcc46_config_rs6000_linux64.h.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/33_all_gcc46_config_rs6000_linux64.h.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/33_all_gcc46_config_rs6000_linux64.h.patch?rev=1.1&content-type=text/plain
Index: 33_all_gcc46_config_rs6000_linux64.h.patch
===================================================================
2011-03-05 Peter S. Mazinger <ps.m@gmx.net>, Magnus Granberg <zorry@gentoo.org>
* gcc/config/rs6000/linux64.h ASM_SPEC32 Change %{fpic:-K PIC} %{fPIC:-K PIC}
to %{fpic|fPIC|fpie|fPIE:-K PIC}
--- gcc/config/rs6000/linux64.h.psm 2009-04-10 01:23:07.000000000 +0200
+++ gcc/config/rs6000/linux64.h 2009-09-23 12:34:26.000000000 +0200
@@ -162,7 +162,7 @@
#endif
#define ASM_SPEC32 "-a32 \
-%{mrelocatable} %{mrelocatable-lib} %{fpic:-K PIC} %{fPIC:-K PIC} \
+%{mrelocatable} %{mrelocatable-lib} %{fpic|fPIC|fpie|fPIE:-K PIC} \
%{memb} %{!memb: %{msdata=eabi: -memb}} \
%{!mlittle: %{!mlittle-endian: %{!mbig: %{!mbig-endian: \
%{mcall-freebsd: -mbig} \
1.1 src/patchsets/gcc/4.6.4/pie/35_all_gcc46_config_crtbeginp.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/35_all_gcc46_config_crtbeginp.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/35_all_gcc46_config_crtbeginp.patch?rev=1.1&content-type=text/plain
Index: 35_all_gcc46_config_crtbeginp.patch
===================================================================
2011-03-05 Magnus Granberg <zorry@gentoo.org>
* gcc/config/gnu-user.h If ENABLE_CRTBEGINP, -static and -pie use crtbegineP.o.
* gcc/config/rs6000/sysv4.h If ENABLE_CRTBEGINP, -static and -pie use crtbegineP.o.
--- gcc/config/gnu-user.h 2009-04-10 01:23:07.000000000 +0200
+++ gcc/config/gnu-user.h 2009-09-08 04:08:06.000000000 +0200
@@ -39,7 +39,11 @@
provides part of the support for getting C++ file-scope static
object constructed before entering `main'. */
-#if defined HAVE_LD_PIE
+#if defined (HAVE_LD_PIE) && defined (ENABLE_CRTBEGINP)
+#define GNU_USER_TARGET_STARTFILE_SPEC \
+ "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} crti.o%s \
+ %{static:%{pie:crtbeginP.o%s;:crtbeginT.o%s}} %{!static:%{shared|pie:crtbeginS.o%s;:crtbegin.o%s}}"
+#elif defined (HAVE_LD_PIE) && ! defined (ENABLE_CRTBEGINP)
#define GNU_USER_TARGET_STARTFILE_SPEC \
"%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \
crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}"
--- gcc/config/rs6000/sysv4.h 2009-04-10 01:23:07.000000000 +0200
+++ gcc/config/rs6000/sysv4.h 2009-09-08 04:41:50.000000000 +0200
@@ -883,7 +883,12 @@
%{!mnewlib: %{pthread:-lpthread} %{shared:-lc} \
%{!shared: %{profile:-lc_p} %{!profile:-lc}}}"
-#ifdef HAVE_LD_PIE
+#if defined (HAVE_LD_PIE) && defined (ENABLE_CRTBEGINP)
+#define STARTFILE_LINUX_SPEC "\
+%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \
+%{mnewlib:ecrti.o%s;:crti.o%s} \
+%{static:%{pie:crtbeginP.o%s;:crtbeginT.o%s}} %{!static:%{shared|pie:crtbeginS.o%s;:crtbegin.o%s}}"
+#elif defined (HAVE_LD_PIE) && ! defined (ENABLE_CRTBEGINP)
#define STARTFILE_LINUX_SPEC "\
%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \
%{mnewlib:ecrti.o%s;:crti.o%s} \
1.1 src/patchsets/gcc/4.6.4/pie/60_all_gcc44_invoke.texi.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/60_all_gcc44_invoke.texi.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/60_all_gcc44_invoke.texi.patch?rev=1.1&content-type=text/plain
Index: 60_all_gcc44_invoke.texi.patch
===================================================================
2009-09-11 Magnus Granberg <zorry@gentoo.org>
* gcc/doc/invoke.texi Add NOTES about -fstack-protector-all, -pie and
-fPIE/-fpie when --enable-esp is enable, this options is on by default.
--- gcc/doc/invoke.texi 2009-04-01 09:18:47.000000000 +0200
+++ gcc/doc/invoke.texi 2009-06-18 14:08:38.000000000 +0200
@@ -7134,6 +7134,11 @@
@opindex fstack-protector-all
Like @option{-fstack-protector} except that all functions are protected.
+NOTE: When --enable-esp this option is enabled by default
+for C, C++, ObjC, ObjC++, if neither @option{-fno-stack-protector}
+or @option{-nostdlib} or @option{-nodefaultlibs} or
+@option{-fstack-protector} are found.
+
@item -fsection-anchors
@opindex fsection-anchors
Try to reduce the number of symbolic address calculations by using
@@ -7960,6 +7965,12 @@
that were used to generate code (@option{-fpie}, @option{-fPIE},
or model suboptions) when you specify this option.
+NOTE: When --enable-esp this option is enabled by default
+for C, C++, ObjC, ObjC++, if neither @option{-fno-pie} or @option{-fno-PIE}
+or @option{-fno-pic} or @option{-fno-PIC} or @option{-nostdlib} or
+@option{-nostartfiles} or @option{-shared} or @option{-pg} or @option{-p}
+are found.
+
@item -rdynamic
@opindex rdynamic
Pass the flag @option{-export-dynamic} to the ELF linker, on targets
@@ -15889,6 +15910,11 @@
@code{__pie__} and @code{__PIE__}. The macros have the value 1
for @option{-fpie} and 2 for @option{-fPIE}.
+NOTE: When --enable-esp this option is enabled by default
+for C, C++, ObjC, ObjC++, if neither @option{-fno-pie} or @option{-fno-PIE}
+or @option{-fno-pic} or @option{-fno-PIC} or @option{-nostdlib} or
+@option{-nostartfiles} or @option{-shared} are found.
+
@item -fno-jump-tables
@opindex fno-jump-tables
Do not use jump tables for switch statements even where it would be
1.1 src/patchsets/gcc/4.6.4/pie/README
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README?rev=1.1&content-type=text/plain
Index: README
===================================================================
This work started with bugs #94325 #100689 #106222 #149292 #149649 and the overlay on http://overlays.gentoo.org/dev/kevquinn.
By Kevin K. Quinn, Peter S. Mazinger, Natanael Copa, Alexander Gabert, Solar, PaX Team, SpanKY and mentor.
The work stalled. Some threads on the Gentoo forum started to do their own fixes to get it working.
Xake started the thread where most of the new work is done: "How long until hardened and toolchain will produce a hardened gcc4?"
http://forums.gentoo.org/viewtopic-t-668885.html. I joined the thread and started to code.
We started with the pieworld code from kevquinn's overlay. The PIE and minispecs part hit the tree later on.
With GCC 4.4.0 I was willing to do some code cleanup, use built-in specs and add it as --enable-esp in the
configure command line.
Thank you all:
Kevin K. Quinn, Peter S. Mazinger, Natanael Copa, Alexander Gabert, Solar, PaX Team, SpanKY, Xake, Dwokfur,
KernelOfTruth, SteveL, nixnut, Hopeless, forsaken1, XioXous, obrut<-, mv, qjim, Tommy[D], Genewb, radegand,
unk, neuron, alexxy, hellboi64, likewhoa, g0rg0n, costel78, polsas, 7v5w7go9ub0o, uberpinguin, Naib, cilly,
bonsaikitten, kerframil, agaffney, Gordon Malm, blueness, Matthias Klose, Kees Cook, mentor, Anarchy,
devurandom and everyone else for helping to test, suggestions, fixes and anything else we have missed.
/2009-00-09 Magnus Grenberg (Zorry) <zorry@ume.nu>
1.1 src/patchsets/gcc/4.6.4/pie/README.Changelog
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README.Changelog?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README.Changelog?rev=1.1&content-type=text/plain
Index: README.Changelog
===================================================================
0.5.2 Magnus Granberg <zorry@gentoo.org>
* gcc/configure Fix a type in the ENABLE_ESP_SSP check
0.5.1 Magnus Granberg <zorry@gentoo.org>
* gcc/config.in Add define for ENABLE_ESP_SSP
* gcc/configure Check SSP for uClibc
* gcc/esp.h ENABLE_ESP_SSP
0.5.0 Magnus Granberg <zorry@gentoo.org>
#393321
* gcc/Makefile.in Rename crtbeginTS.o to crtbeginP.o
* gcc/config/gnu-user.h Rename crtbeginTS.o to crtbeginP.o
* gcc/config/rs6000/sysv4.h Rename crtbeginTS.o to crtbeginP.o
* gcc/esp.h Rename crtbeginTS.o to crtbeginP.o
* gcc/configure Rename crtbeginTS.o to crtbeginP.o
* gcc/config.in Rename crtbeginTS.o to crtbeginP.o
* libgcc/Makefile.in Rename crtbeginTS.o to crtbeginP.o
0.4.9 Magnus Granberg <zorry@gentoo.org>
#380823
* gcc/Makefile.in added ESP_NOPIE_CFLAGS to ALL_CXXFLAGS
0.4.8 Magnus Granberg <zorry@gentoo.org>
* gcc/objc/lang-specs.h Bumped for gcc 4.6.0 release
* gcc/objcp/lang-specs.h Bumped for gcc 4.6.0 release
* gcc/cp/lang-specs.h Bumped for gcc 4.6.0 release
0.4.7 Magnus Granberg <zorry@gentoo.org>
* gcc/gcc.c Add %(esp_options) and %(esp_cpp_options)
* gcc/esp.h Use the esp.h patch from gcc-4.4 patchset
* gcc/config/rs6000/linux64.h Bumed for >2011-02-26 snapshot
* gcc/objc/lang-specs.h Add %(esp_options)
* gcc/objcp/lang-specs.h Add %(esp_options)
* gcc/cp/lang-specs.h Add %(esp_options)
* gcc/config/gnu-user.h Add crtbeginTS.o support
0.4.6 Magnus Granberg <zorry@gentoo.org>
* Makefile.in Bumped for gcc 4.6
* gcc/Makefile.in Bumped for gcc 4.6
added ESP_NOPIE_CFLAGS to ALL_CFLAGS
remove any ESP_NOSSP_CFLAGS
remove any ESP_NOPIE_CFLAGS from crt* when not needed
* gcc/gcc.c Bumped for gcc 4.6
moved espf_options_ssp to espf_command_options_spec
* gcc/esp.h Added espf_options_ssp to espf_cc1_command_spec
* gcc/config/rs6000/linux64.h Bumped for gcc 4.6
* gcc/config/linux.h Bumped for gcc 4.6
0.4.5 Magnus Granberg <zorry@gentoo.org>
* gcc/config/rs6000/sysv4.h Fix a typo in the static spec rules
0.4.4 Magnus Granberg <zorry@gentoo.org>
* gcc/esp.h Renamed ESP_CC1_STRICT_SPEC to ESP_CC1_STRICT_OVERFLOW_SPEC
Renamed ESP_OPTIONS_PIE_CHECK_SPEC to ESP_LINK_PIE_CHECK_SPEC
0.4.3 Magnus Granberg <zorry@gentoo.org>
#299061 b.g.o
* gcc/gcc.c removed the pie incompatible specs rule call
* gcc/esp.h Move the -pie incompatible check to esp_link
remove the -shared incompatible check
0.4.2 Magnus granberg <zorry@gentoo.org>
* configure remove the changes from 0.4.1
* Makefile.in remove the changes from 0.4.1 remove -fstack-protector check.
* gcc/configure remove the changes from 0.4.1
* gcc/config.in remove the changes from 0.4.1 remove HAVE_GCC_SSP
* gcc/Makefile remove the changes from 0.4.1
* gcc/esp.h change HAVE_GCC_LD_PIE to (EFAULT_PIE || EFAULT_PIE_SSP)
change HAVE_GCC_SSP to (EFAULT_SSP || EFAULT_PIE_SSP)
* libmudflap/Makefiles.in remove the changes from 0.4.1
0.4.1 Magnus Granberg <zorry@gentoo.org>
*configure removed check for --enable-esp removed enable_esp
added check for --enable-esp=(no|all|nopie|nossp). added enable_esp_set
*Makefile.in renamed enable_esp to enable_esp_set
*gcc/configure removed check for --enable-esp removed enable_esp
added check for --enable-esp=(no|all|nopie|nossp). added enable_esp_set
added a -fPIE -pie check. change AC_COMPILE_IFELSE to AC_LINK_IFELSE in the
-fstack-protector check.
* gcc/config.in Added HAVE_GCC_LD_PIE
*gcc/Makefile.in renamed enable_esp to enable_esp_set
*gcc/esp.h Renamed HAVE_LD_PIE to HAVE_GCC_LD_PIE
Added HAVE_GCC_LD_PIE to #define ESP_CC1_PIE_SPEC. Move ESP_COMMAND_OPTIONS_SPEC
* libmudflap/Makefiles.in In enable_esp change ifeq to ifdef.
#293843 b.g.o
*gcc/esp.h Added -nonow to the -z now specs.
0.4.0 Anthony G. Basile <basile@opensource.dyc.edu>
rename espf to esp and change espf-patchset to piepatchset
0.3.9 Magnus Granberg <zorry@gentoo.org>
* gcc/configure Added check for TLS on the target in the SSP check.
#149292 b.g.o
* gcc/config/i386/linux.h Removed uclibc don't support TLS on stack-protector
* gcc/config/i386/linux64.h Removed uclibc don't support TLS on stack-protector
* gcc/config/rs6000/linux.h Removed uclibc don't support TLS on stack-protector
* gcc/config/i386/linux.h Removed uclibc don't support TLS on stack-protector
* gcc/config/sparc/linux.h Removed uclibc don't support TLS on stack-protector
* gcc/config/sparc/linux64.h Removed uclibc don't support TLS on stack-protector
0.3.8 Magnus Granberg <zorry@gentoo.org>
* gcc/configure Redone the -fstack-protector check.
* gcc/config.in Added HAVE_GCC_SSP
* gcc/gcc.c Removed code for espf_link_spec in X
* gcc/espf.h Added ifdef HAVE_GCC_SSP, change code for espf_link_spec and link_pie_spec
0.3.7_beta Anthony G. Basile <basile@opensource.dyc.edu>
* gcc/configure Check if -fstack-protector is supported by gcc on ARCH
Updated AC_SUBST enable_espf
* gcc/Makefile.in Remove the fix for $(out_object_file): ix86_split_to_parts() stack smashing attack b.g.o #149292.
* gcc/gcc.c Updaded the .c .cc compiler specs.
0.3.6 Magnus Granberg <zorry@ume.nu>
* configure Check --enable-espf change ppc* to powerpc*, powerpc64 and add ia64.
* gcc/configure Don't check for -z,relro on ia64. Disable crtbeginTS for ia64.
* gcc/espf.h ia64 don't support -fstack-protector*
0.3.5 Maguns Granberg <zorry@ume.nu>
* gcc/espf.h Change the specs for crtbegin.TS.o.
* gcc/gcc.c Rename espf_cc1_options to espf_options_pie_check.
* gcc/config/linux.h Fix typos ENABLE_CRTBEGINS to ENABLE_CRTBEGINTS
* gcc/config/rs6000/linux64.h ASM_SPEC32: %{fpic:-K PIC} %{fPIC:-K PIC} to
%{fpic|fPIC|fpie|fPIE:-K PIC}
0.3.4 Magnus Granberg <zorry@ume.nu>
* gcc/configure Add crtbeginTS.o support.
* gcc/Makefile.in Add crtbeginTS.o support.
* gcc/gcc.c Add espf_cc1_options.
* gcc/espf.h Added espf_cc1_options, crtbeginTS.o support,
espf_cc1_options and espf_cc1_strictoverflow.
* gcc/config.in Add crtbeginTS.o support.
* gcc/config/linux.h Add crtbeginTS.o support.
* gcc/config/rs6000/sysv4.h Add crtbeginTS.o support.
* gcc/doc/invoke.texi Add NOTES about -fstack-protector-all,
-pie and -fPIE.
* libgcc/Makefile.in Add crtbeginTS.o support.
0.3.3 Magnus Granberg <zorry@ume.nu>
* gcc/opts.c change #ifdef ENABLE_ESPF to #ifndef ENABLE_ESPF
0.3.2 Magnus Granberg <zorry@ume.nu>
* gcc/opts.c disable flag_delete_null_pointer_checks >= -O2
* gcc/espf.h add ESPF_CC1_SSP_SPEC and ESPF_CC1_PIE_SPEC to fix bugs on -vanilla spec
#149292 b.g.o
* gcc/config/i386/linux.h uclibc don't support TLS on stack-protector
* gcc/config/i386/linux64.h uclibc don't support TLS on stack-protector
* gcc/config/rs6000/linux.h uclibc don't support TLS on stack-protector
* gcc/config/i386/linux.h uclibc don't support TLS on stack-protector
* gcc/config/sparc/linux.h uclibc don't support TLS on stack-protector
* gcc/config/sparc/linux64.h uclibc don't support TLS on stack-protector
0.3.1 Magnus Granberg <zorry@ume.nu>
* gcc/cp/Make-lang.in cc1plus: pch test fail when cc1plus is compile with -fPIE.
* gcc/configure fix --enable-espf when USE"-hardened"
4.4.1-espf-0.3.0 Magnus Granberg <zorry@ume.nu>
* gcc/espf.h add ESPF_LINK_SPEC ESPF_LINK_NOW_SPEC
* gcc/gcc.c move do_self_spec (espf_command_options_spec)
do_spec_1() add espf_link_spec
0.3.0 Magnus Granberg <zorry@ume.nu>
* gcc/objc/lang-specs.h Add %(espf_options)
* gcc/objcp/lang-specs.h Add %(espf_options)
* gcc/cp/lang-specs.h Add %(espf_options)
* gcc/config.in removed ENABLE_LIBSSP
* Makefile.in We add -fno-stack-protector to
BOOT_CFLAGS, LIBCFLAGS and LIBCXXFLAGS
cc1: pch.exp test fail when cc1 is compile with -fPIE
* libmudflap/Makefiles.in Add -fno-stack-protector -U_FORTIFY_SOURCE
to AM_CFLAGS
* configure add --enable-espf
add -fno-stack-protector to stage1_cflags
add targes ppc* arm sparc*
* gcc/configure change code for check --enable-espf
* libmudflap/configure add enable_espf
* gcc/espf.h ESPF_CC1_OPTIONS_SPEC renamed to ESPF_OPTIONS_SPEC
add ESPF_CPP_OPTIONS_SPEC ESPF_COMMAND_OPTIONS_SPEC
ESPF_CC1_OPTIONS_SSP_SPEC renamed to ESPF_OPTIONS_SSP_SPEC
ESPF_COMPILER_COMMAND_PIE_SPEC renamed to ESPF_OPTIONS_PIE_SPEC
ESPF_LINK_COMMAND_PIE_SPEC renamed to ESPF_LINK_PIE_SPEC
add !p !pg to ESPF_LINK_PIE_SPEC
removed ESPF_LINK_SPEC ESPF_CC1_OPTIONS_PIE_INCOMPATIBLE_SPEC
* gcc/gcc.c cpp_options add %(espf_cpp_options)
compiler spec add %(espf_options)
change code for ESPF_EXTRA_SPECS
process_command(): Check for lazy, or now
do_spec_1(): Add -z now and -z relro
main() add do_self_spec (espf_command_options_spec)
removed do_self_spec (espf_cc1_command_spec) do_self_spec (espf_link_command_spec)
0.2.9 Magnus Granberg <zorry@ume.nu>
* gcc/espf.h add ESPF_COMPILER_COMMAND_PIE_SPEC
add ESPF_LINK_COMMAND_PIE_SPEC
change ESPF_COMPILER_COMMAND_SPEC ESPF_LINK_COMMAND_SPEC
0.2.8 Magnus Granberg <zorry@ume.nu>
* gcc/configure removed check crtbeginTS.o
* gcc/espf.h added notes
add ESPF_CC1_SPEC
removed ESPF_CPP_UNIQUE_OPTIONS espf_override_options()
* gcc/gcc.c cc1_spec Set it to CC1_SPEC if ! ENABLE_ESPF
* gcc/toplev.c removed ESPF_OVERRIDE_OPTIONS
0.2.7 Magnus Granberg <zorry@ume.nu>
* gcc/opts.c (decode_options): Remove flag_strict_overflow as opt2
* gcc/config.in removed HAVE_CRTBEGINTS
* gcc/Makefile removed crtbeginTS.o
* libgcc/Makefile.in removed crtbeginTS.o
* gcc/config/i386/i386.h removed espf_override_options ESPF_EXTRA_SPECS
* gcc/config/linux.h remoevd crtbeginTS.o
* gcc/espf.h ESPF_CC1_OPTIONS_PIE_SPEC renamed to ESPF_CC1_COMMAND_SPEC
* gcc/gcc.c add ESPF_EXTRA_SPECS
main() add do_self_spec (espf_cc1_command_spec)
0.2.6 Magnus Granberg <zorry@ume.nu>
* gcc/config/i386/i386.h add espf_override_options() to OVERRIDE_OPTIONS
* gcc/espf.h add espf_override_options()
* gcc/toplev.c add ESPF_OVERRIDE_OPTIONS
0.2.5 Magnus Granberg <zorry@ume.nu>
* gcc/config/i386/i386.h removed espf_cc1
* gcc/config/i386/linux.h removed espf_cc1 %(crtend_gen)
* gcc/config/i386/x86-64.h removed espf_cc1 %(crtend_gen)
* gcc/config/linux.h removed espf_cc1 %(crtfile_gen)
%(crtbegin_t_gen) %(crtend_gen)
add crtbeginTS.o
* gcc/config.in removed TARGET_LIBC_PROVIDES_PIE
add HAVE_CRTBEGINTS
* gcc/Makefile.in add ESPF_NOPIE_CFLAGS ESPF_NOSSP_CFLAGS to
CRTSTUFF_T_CFLAGS
add ESPF_NOSSP_CFLAGS to CRTSTUFF_T_CFLAGS_S
* espf.h ESPF_CC1_SPEC renamed to ESPF_CC1_OPTIONS_SPEC
add ESPF_LINK_SPEC
ESPF_CC1_SSP_SPEC renamed to ESPF_CC1_OPTIONS_SSP_SPEC
ESPF_CC1_PIE_SPEC renamed to ESPF_CC1_OPTIONS_PIE_SPEC
ESPF_CC1_OPTIONS_SPEC renamed to ESPF_CC1_OPTIONS_PIE_INCOMPATIBLE_SPEC
LINK_PIE_SPEC renamed to ESPF_LINK_COMMAND_SPEC
removed ESPF_CC1_STRICT_SPEC CRTFILE_GEN_SPEC CRTBEGIN_GEN_SPEC
CRTBEGIN_T_GEN_SPEC CRTEND_GEN_SPEC
* gcc/configure remove TARGET_LIBC_PROVIDES_PIE
define HAVE_CRTBEGINTS
* gcc/gcc.c LINK_COMMAND_SPEC add %(espf_link)
main() add do_self_spec (espf_link_command_spec)
0.2.4 Magnus Granberg <zorry@ume.nu>
libgcc/Makefile.in clean specs
0.2.3 Magnus Granberg <zorry@ume.nu>
*gcc/espf.h add ESPF_CC1_STRICT_SPEC
0.2.2 Magnus Granberg <zorry@ume.nu>
* gcc/config/i386/i386.h Add espf_cc1
Add ESPF_EXTRA_SPECS
* gcc/config/i386/linux.h Add espf_cc1
* gcc/config/i386/x86-64.h Add espf_cc1
* gcc/config/linux.h Add espf_cc1
* gcc/Makefile.in add crtbeginTS.o to EXTRA_PARTS list
* libgcc/Makefile.in add crtbeginTS.o to EXTRA_PARTS list
* gcc/configure add define ENABLE_LIBSSP
* gcc/gcc.c %(fortify_default) renamed to %(espf_cpp_unique_options)
%(pie_incompatible) renamed to %(espf_cc1_options)
removed ESPF_EXTRA_SPECS
* gcc/espf.h ESPF_DEFAULT_SPEC renamed to ESPF_CC1_SPEC
SSP_DEFAULT_SPEC renamed to ESPF_CC1_SSP_SPEC
FORTIFY_DEFAULT_SPEC renamed to ESPF_CPP_UNIQUE_OPTIONS
PIE_DEFAULT_SPEC renamed to ESPF_CC1_PIE_SPEC
PIE_INCOMPATIBLE_SPEC renamed to ESPF_CC1_OPTIONS_SPEC
add new CRTFILE_GEN_SPEC CRTBEGIN_T_GEN_SPEC CRTEND_GEN_SPEC if !
TARGET_LIBC_PROVIDES_PIE
4.4.0-espf-0.2.1 Magnus Granberg <zorry@ume.nu>
* gcc/gcc.c include: espf.h
cc1_spec = CC1_SPEC if not ENABLE_ESPF
cpp_unique_options add %(fortify_default)
cc1_options add %(pie_incompatible)
EXTRA_SPECS add ESPF_EXTRA_SPECS
* libgcc/Makefile.in add crtbeginTs.o
gcc/Makefile.in add ESPF_NOPIE_CFLAGS and ESPF_NOSSP_CFLAGS
LIBGCC2_CFLAGS add ESPF_NOSSP_CFLAGS
CRTSTUFF_CFLAGS add ESPF_NOPIE_CFLAGS and ESPF_NOSSP_CFLAGS
crtbegin* add crtbeginTS
$(out_object_file): ix86_split_to_parts() stack smashing attack b.g.o #149292
* libgcc/configure add enable_espf
* gcc/config/linux.h add %(crtfile_gen) %(crtbegin_t_gen) %(crtend_gen)
* gcc/config/i386/linux.h add %(crtend_gen)
* gcc/config/i386/linux64.h add %(crtend_gen)
* gcc/config.gcc extra_parts add crtbeginTS.o
* libgcc/config.host extra_parts add crtbeginTS.o
* gcc/configure check -z relro
check -z now
check FORTIFY_SOURCES level 2
check Scrt1.o
check --enable-espf
check crtbeginTS.o
* gcc/espf.h new file
* gcc/varasm.c (decl_tls_model): Check flag_pic instead of flag_shlib
* gcc/config.in add ENABLE_LIBSSP
add ENABLE_ESPF
add TARGET_LIBC_PROVIDES_FORTIFY2
add TARGET_LIBC_PROVIDES_PIE
* configure define ENABLE_LIBSSP
gcc-4.3.3-piepatches-v10.2.1
1.1 src/patchsets/gcc/4.6.4/pie/README.Gentoo.patches
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README.Gentoo.patches?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README.Gentoo.patches?rev=1.1&content-type=text/plain
Index: README.Gentoo.patches
===================================================================
================
=== W[hat]TF ===
================
Gentoo patchsets that have grown too large to keep on the rsync mirrors have
been moved to our git tree. From there, we bundle up all the whee little
patches into a tarball and distribute it via our public mirroring system.
If you want specific info about a patch (like wtf it does or whose great idea
it was to change the code), read the patch ! We try to fill out the top of
them with useful info such as what it does, why it's needed, bug reports,
original creators, etc... For simple patches, we reserve the right to assume
your IQ is greater than absolute 0 and figure out what it does w/out an
explanation. If, by some miracle of science, it falls below the absolute 0
mark, you should help mankind by finding some scientists and letting them
probe you with their ... erm ... probes.
=================
=== W[here]TF ===
=================
For those with git access
git://git.overlays.gentoo.org/proj/hardened-gccpatchset.git
For those w/out git access, this URL should help you:
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=summary
It should be pretty easy to find your way around, you're a big boy after all.
1.1 src/patchsets/gcc/4.6.4/pie/README.history
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README.history?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.6.4/pie/README.history?rev=1.1&content-type=text/plain
Index: README.history
===================================================================
0.5.2 17 Apr 2012
U 13_all_gcc46_ssp_uclibc_check.patch
0.5.1 03 Apr 2012
13_all_gcc46_ssp_uclibc_check.patch
+ 30_all_gcc46_esp.h.patch
- 30_all_gcc45_esp.h.patch
0.5.0 07 Dec 2011
+ 35_all_gcc46_config_crtbeginp.patch
- 35_all_gcc46_config_crtbegints.patch
U 10_all_gcc45_configure.patch
U 12_all_gcc46_Makefile.in.patch
+ 11_all_gcc45_config.in.patch
- 11_all_gcc44_config.in.patch
+ 30_all_gcc45_esp.h.patch
- 30_all_gcc44_esp.h.patch
0.4.9 09 Nov 2011
U 12_all_gcc46_Makefile.in.patch
0.4.8 26 Mar 2011
U 22_all_gcc46-default-ssp.patch
0.4.7 05 Mar 2011
U 20_all_gcc46_gcc.c.patch
+ 22_all_gcc46-default-ssp.patch
- 30_all_gcc46_esp.h.patch
+ 30_all_gcc44_esp.h.patch
U 33_all_gcc46_config_rs6000_linux64.h.patch
U 35_all_gcc46_config_crtbegints.patch
0.4.6 07 Jan 2011
+ 12_all_gcc46_Makefile.in.patch
- 12_all_gcc44_Makefile.in.patch
+ 20_all_gcc46_gcc.c.patch
- 20_all_gcc44_gcc.c.patch
+ 30_all_gcc46_esp.h.patch
- 30_all_gcc44_esp.h.patch
+ 33_all_gcc46_config_rs6000_linux64.h.patch
- 33_all_gcc45_config_rs6000_linux64.h.patch
+ 35_all_gcc46_config_crtbegints.patch
- 35_all_gcc44_config_crtbegints.patch
- 40_all_gcc44_obj_lang-specs.h.patch
- 40_all_gcc44_objp_lang-specs.h.patch
- 40_all_gcc44_cp_lang-specs.h.patch
0.4.5 18 Jun 2010
U 35_all_gcc44_config_crtbegints.patch
0.4.4 26 May 2010
U 30_all_gcc44_esp.h.patch
0.4.3 26 May 2010
U 20_all_gcc44_gcc.c.patch
U 30_all_gcc44_esp.h.patch
0.4.2 24 May 2010
U 10_all_gcc44_configure.patch
U 12_all_gcc44_Makefile.in.patch
U 11_all_gcc44_config.in.patch
U 30_all_gcc44_esp.h.patch
0.4.1 29 Apr 2010
U 10_all_gcc45_configure.patch
U 12_all_gcc45_Makefile.in.patch
U 11_all_gcc44_config.in.patch
U 30_all_gcc44_esp.h.patch
0.4.0 19 Apr 2010
U 10_all_gcc45_configure.patch
U 12_all_gcc45_Makefile.in.patch
U 11_all_gcc44_config.in.patch
U 20_all_gcc45_gcc.c.patch
- 30_all_gcc44_espf.h.patch
+ 30_all_gcc44_esp.h.patch
0.3.9 14 Apr 2010
U 10_all_gcc45_configure.patch
- 50_all_gcc44_no_ssp_tls_uclibc.patch
U 33_all_gcc45_config_rs6000_linux64.h.patch
0.3.8 10 Apr 2010
10_all_gcc44_configure.patch
11_all_gcc44_config.in.patch
20_all_gcc44_gcc.c.patch
30_all_gcc44_espf.h.patch
0.3.7 10 Feb 2010
20_all_gcc44_gcc.c.patch
30_all_gcc44_espf.h.patch
10_all_gcc44_configure.patch
0.3.6 23 Dec 2009
- 10_all_gcc44_configure.patch
+ 10_all_gcc44_configure.patch
- 30_all_gcc44_espf.h.patch
+ 30_all_gcc44_espf.h.patch
- README.Changelog
+ README.Changelog
- README.history
+ README.history
- README
+ README
0.3.5 24 Sep 2009
- 30_all_gcc44_espf.h.patch
+ 30_all_gcc44_espf.h.patch
- 35_all_gcc44_config_crtbegints.patch
+ 35_all_gcc44_config_crtbegints.patch
+ 33_all_gcc44_config_rs6000_linux64.h.patch
- README.Changelog
+ README.Changelog
- README.history
+ README.history
+ README.Gentoo.patches
0.3.4 11 Sep 2009
- 10_all_gcc44_configure.patch
+ 10_all_gcc44_configure.patch
- 11_all_gcc44_config.in.patch
+ 11_all_gcc44_config.in.patch
- 12_all_gcc44_Makefile.in.patch
+ 12_all_gcc44_Makefile.in.patch
- 20_all_gcc44_gcc.c.patch
+ 20_all_gcc44_gcc.c.patch
- 23_all_gcc44_opts.c.patch
- 30_all_gcc44_espf.h.patch
+ 30_all_gcc44_espf.h.patch
+ 35_all_gcc44_config_crtbegints.patch
+ 60_all_gcc44_invoke.texi.patch
- README.Changelog
+ README.Changelog
- README.history
+ README.history
- README
+ README
0.3.3 14 Aug 2009
- 23_all_gcc44_opts.c.patch
+ 23_all_gcc44_opts.c.patch
0.3.2 09 Aug 2009
+ 50_all_gcc44_no_ssp_tls_uclibc.patch
+ README.Changelog
+ README.history
- 23_all_gcc44_opts.c.patch
+ 23_all_gcc44_opts.c.patch
- 30_all_gcc44-espf.h.patch
+ 30_all_gcc44-espf.h.patch
0.3.1 23 Jul 2009
- 10_all_gcc44_configure.patch
+ 10_all_gcc44_configure.patch
0.3.0 23 Jul 2009
- 10_all_gcc44_configure.patch
+ 10_all_gcc44_configure.patch
- 11_all_gcc44_config.in.patch
+ 11_all_gcc44_config.in.patch
- 12_all_gcc44_Makefile.in.patch
+ 12_all_gcc44_Makefile.in.patch
- 20_all_gcc44_gcc.c.patch
+ 20_all_gcc44_gcc.c.patch
+ 40_all_gcc44_obj_lang-specs.h.patch
+ 40_all_gcc44_objp_lang-specs.h.patch
+ 40_all_gcc44_cp_lang-specs.h.patch
- 50_all_gcc44_gentoo_v20090614.1.patch
- 30_all_gcc44-espf.h.patch
+ 30_all_gcc44-espf.h.patch
0.2.9 14 Jun 2009
- 12_all_gcc44_Makefile.in.patch
+ 12_all_gcc44_Makefile.in.patch
- 30_all_gcc44-espf.h.patch
+ 30_all_gcc44-espf.h.patch
- 50_all_gcc44_gentoo_v20090612.2.patch
+ 50_all_gcc44_gentoo_v20090614.1.patch
0.2.8 12 Jun 2009
- 10_all_gcc44_configure.patch
+ 10_all_gcc44_configure.patch
- 11_all_gcc44_config.in.patch
+ 11_all_gcc44_config.in.patch
- 12_all_gcc44_Makefile.in.patch
+ 12_all_gcc44_Makefile.in.patch
- 22_all_gcc44-toplev.c.patch
- 25_all_gcc44-espf.h.patch
+ 30_all_gcc44-espf.h.patch
+ 50_all_gcc44_gentoo_v20090612.2.patch
0.2.7 29 May 2009
- 11_all_gcc44_config.in.patch
+ 11_all_gcc44_config.in.patch
- 12_all_gcc44_Makefile.in.patch
+ 12_all_gcc44_Makefile.in.patch
- 20_all_gcc44_gcc.c.patch
+ 20_all_gcc44_gcc.c.patch
+ 23_all_gcc44_opts.c.patch
- 25_all_gcc44-espf.h.patch
+ 25_all_gcc44-espf.h.patch
- 30_all_gcc44-config-defaul-linux.patch
0.2.6 28 May 2009
+ 22_all_gcc44-toplev.c.patch
- 25_all_gcc44-espf.h.patch
+ 25_all_gcc44-espf.h.patch
- 30_all_gcc44-config-defaul-linux.patch
+ 30_all_gcc44-config-defaul-linux.patch
0.2.5 27 May 2009
- 10_all_gcc44_configure.patch
+ 10_all_gcc44_configure.patch
- 12_all_gcc44_Makefile.in.patch
+ 12_all_gcc44_Makefile.in.patch
- 20_all_gcc44_gcc.c.patch
+ 20_all_gcc44_gcc.c.patch
- 25_all_gcc44-espf.h.patch
+ 25_all_gcc44-espf.h.patch
- 30_all_gcc44-config-defaul-linux.patch
+ 30_all_gcc44-config-defaul-linux.patch
- 40_all_gcc44-gentoo.patch
0.2.4 08 May 2009
- 12_all_gcc44_Makefile.in.patch
+ 12_all_gcc44_Makefile.in.patch
0.2.3 08 May 2009
- 20_all_gcc44_gcc.c.patch
+ 20_all_gcc44_gcc.c.patch
- 40_all_gcc44-gentoo.patch
+ 40_all_gcc44-gentoo.patch
0.2.2 04 May 2009
+ 10_all_gcc44_configure.patch
+ 11_all_gcc44_config.in.patch
+ 12_all_gcc44_Makefile.in.patch
+ 20_all_gcc44_gcc.c.patch
+ 21_all_gcc44_decl-tls-model.patch
+ 25_all_gcc44-espf.h.patch
+ 30_all_gcc44-config-defaul-linux.patch
+ 40_all_gcc44-gentoo.patch
- 01_all_gcc44-configure.patch
- 10_all_gcc44-gcc_configure.patch
- 11_all_gcc44-gcc_config.in.patch
- 12_all_gcc44-gcc_config.gcc.patch
- 13_all_gcc44-gcc_Makefile.in.patch
- 15_all_gcc44-libgcc_config.host.patch
- 16_all_gcc44-libgcc_configure.patch
- 17_all_gcc44-libgcc_Makefile.in.patch
- 21_all_gcc44-gcc_espf.h.patch
- 22_all_gcc44-gcc_gcc.c.patch
- 23_all_gcc44-gcc_varasm.c.patch
- 30_all_gcc44-add-crt-start-endfiles-linux.patch
0.2.1 28 Apr 2009
+ 01_all_gcc44-configure.patch
+ 10_all_gcc44-gcc_configure.patch
+ 11_all_gcc44-gcc_config.in.patch
+ 12_all_gcc44-gcc_config.gcc.patch
+ 13_all_gcc44-gcc_Makefile.in.patch
+ 15_all_gcc44-libgcc_config.host.patch
+ 16_all_gcc44-libgcc_configure.patch
+ 17_all_gcc44-libgcc_Makefile.in.patch
+ 21_all_gcc44-gcc_espf.h.patch
+ 22_all_gcc44-gcc_gcc.c.patch
+ 23_all_gcc44-gcc_varasm.c.patch
+ 30_all_gcc44-add-crt-start-endfiles-linux.patch
- 00_all_gcc4.4-cvs-incompat.patch
- 05_all_gcc4.4-compile-no-ssp.patch
- 10_all_gcc4.4-hardened-minispecs-support.patch
- 11_all_gcc4.4-decl-tls-model.patch
- 12_all_gcc4.4-fortify-minispecs-support.patch
- 20-all_gcc4.4-default-crt-start-endfile.patch
- 30-all_gcc4.4-crtbeginTS-fno-PIE.patch
0.1.0 16 Apr 2009
+ 00_all_gcc4.4-cvs-incompat.patch
+ 05_all_gcc4.4-compile-no-ssp.patch
+ 10_all_gcc4.4-hardened-minispecs-support.patch
+ 11_all_gcc4.4-decl-tls-model.patch
+ 12_all_gcc4.4-fortify-minispecs-support.patch
+ 20-all_gcc4.4-default-crt-start-endfile.patch
+ 30-all_gcc4.4-crtbeginTS-fno-PIE.patch
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2013-04-16 5:23 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-16 5:22 [gentoo-commits] gentoo commit in src/patchsets/gcc/4.6.4/pie: 10_all_gcc45_configure.patch 11_all_gcc45_config.in.patch 12_all_gcc46_Makefile.in.patch 13_all_gcc46_ssp_uclibc_check.patch 20_all_gcc46_gcc.c.patch 21_all_gcc44_decl-tls-model.patch 22_all_gcc46-default-ssp.patch 30_all_gcc46_esp.h.patch 33_all_gcc46_config_rs6000_linux64.h.patch 35_all_gcc46_config_crtbeginp.patch 60_all_gcc44_invoke.texi.patch README README.Changelog README.Gentoo.patches README.history Ryan Hill (dirtyepic)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox