Submitted By: Robert Connolly (robert at linuxfromscratch dot org)
Date: 2010-11-07
Initial Package Version: 4.5.1
Upstream Status: Not submitted - Hack
Origin: Robert Connolly
Description: This patch adds "-fPIE -Wl,-pie -Wl,-z,relro -Wl,-z,now
-Wl,-z,combreloc -Wl,--warn-shared-textrel -Wl,--fatal-warnings" to GCC's
default options. This is mainly usefull for PaX and Exeshield kernels. The
"--fatal-warnings" option will also have the affect of causing a linker error
if mktemp(3) or tmpnam(3) are used by a program or library.

Disable with "-fno-PIE" "-nopie" "-norelro" "-nonow" "-nocombreloc"
"-no-warn-shared-textrel" "-no-fatal-warnings".


diff -Naur gcc-4.6.2.orig/gcc/Makefile.in gcc-4.6.2/gcc/Makefile.in
--- gcc-4.6.2.orig/gcc/Makefile.in	2011-08-19 21:51:09.000000000 -1000
+++ gcc-4.6.2/gcc/Makefile.in	2011-11-04 13:41:33.273540790 -1000
@@ -649,7 +649,7 @@
 		 $(LIBGCC2_DEBUG_CFLAGS) $(GTHREAD_FLAGS) \
 		 -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED \
 		 -fno-stack-protector \
-		 $(INHIBIT_LIBC_CFLAGS)
+		 $(INHIBIT_LIBC_CFLAGS) -fno-PIE
 
 # Additional options to use when compiling libgcc2.a.
 # Some targets override this to -isystem include
@@ -663,7 +663,7 @@
   -finhibit-size-directive -fno-inline -fno-exceptions \
   -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
   -fno-stack-protector \
-  $(INHIBIT_LIBC_CFLAGS)
+  $(INHIBIT_LIBC_CFLAGS) -fno-PIE
 
 # Additional sources to handle exceptions; overridden by targets as needed.
 LIB2ADDEH = $(srcdir)/unwind-dw2.c $(srcdir)/unwind-dw2-fde.c \
diff -Naur gcc-4.6.2.orig/gcc/config/gnu-user.h gcc-4.6.2/gcc/config/gnu-user.h
--- gcc-4.6.2.orig/gcc/config/gnu-user.h	2011-01-12 04:29:14.000000000 -1000
+++ gcc-4.6.2/gcc/config/gnu-user.h	2011-11-04 13:42:17.456946797 -1000
@@ -43,8 +43,9 @@
    
 #if defined HAVE_LD_PIE
 #define GNU_USER_TARGET_STARTFILE_SPEC \
-  "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \
-   crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}"
+  "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;static|nopie:crt1.o%s;: \
+   Scrt1.o%s}} crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s; \
+   nopie|pg|p|profile:crtbegin.o%s;:crtbeginS.o%s}"
 #else
 #define GNU_USER_TARGET_STARTFILE_SPEC \
   "%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}} \
diff -Naur gcc-4.6.2.orig/gcc/config/i386/linux.h gcc-4.6.2/gcc/config/i386/linux.h
--- gcc-4.6.2.orig/gcc/config/i386/linux.h	2011-09-07 23:12:35.000000000 -1000
+++ gcc-4.6.2/gcc/config/i386/linux.h	2011-11-04 13:40:35.280798963 -1000
@@ -118,7 +118,8 @@
    %{mpc32:crtprec32.o%s} \
    %{mpc64:crtprec64.o%s} \
    %{mpc80:crtprec80.o%s} \
-   %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s"
+   %{shared|pie:crtendS.o%s;static|nopie|pg|p|profile:crtend.o%s;:crtendS.o%s} \
+   crtn.o%s"
 
 /* A C statement (sans semicolon) to output to the stdio stream
    FILE the assembler definition of uninitialized global DECL named
diff -Naur gcc-4.6.2.orig/gcc/config/i386/linux64.h gcc-4.6.2/gcc/config/i386/linux64.h
--- gcc-4.6.2.orig/gcc/config/i386/linux64.h	2011-09-07 23:12:35.000000000 -1000
+++ gcc-4.6.2/gcc/config/i386/linux64.h	2011-11-04 13:40:35.280798963 -1000
@@ -94,7 +94,8 @@
    %{mpc32:crtprec32.o%s} \
    %{mpc64:crtprec64.o%s} \
    %{mpc80:crtprec80.o%s} \
-   %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s"
+   %{shared|pie:crtendS.o%s;static|nopie|pg|p|profile:crtend.o%s;:crtendS.o%s} \
+   crtn.o%s"
 
 #if TARGET_64BIT_DEFAULT
 #define MULTILIB_DEFAULTS { "m64" }
diff -Naur gcc-4.6.2.orig/gcc/gcc.c gcc-4.6.2/gcc/gcc.c
--- gcc-4.6.2.orig/gcc/gcc.c	2011-02-22 16:04:43.000000000 -1000
+++ gcc-4.6.2/gcc/gcc.c	2011-11-04 13:40:35.286867613 -1000
@@ -609,7 +609,13 @@
 
 #ifndef LINK_PIE_SPEC
 #ifdef HAVE_LD_PIE
-#define LINK_PIE_SPEC "%{pie:-pie} "
+#define LINK_PIE_SPEC "%{pie:-pie}\
+  %{shared|Bshareable: %{!no-warn-shared-textrel:--warn-shared-textrel}}\
+  %{static|Bstatic|shared|Bshareable|i|r|pie|nopie:;:-pie %{!no-warn-shared-textrel:--warn-shared-textrel}}\
+  %{!static:%{!Bstatic: %{norelro:-z norelro;:-z relro}\
+  %{nocombreloc:-z nocombreloc;:-z combreloc}\
+  %{nonow:-z lazy;:-z now} }}\
+  %{!no-fatal-warnings:--fatal-warnings} "
 #else
 #define LINK_PIE_SPEC "%{pie:} "
 #endif
@@ -771,6 +777,8 @@
  %{-version:--version}\
  %{-help=*:--help=%*}\
  %{!fsyntax-only:%{S:%W{o*}%{!o*:-o %b.s}}}\
+ %{fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE|static|shared|nostdlib|nostartfiles|D__KERNEL__:;:-fPIE}\
+ %{static:%{pie:%e-static and -pie are incompatible}}\
  %{fsyntax-only:-o %j} %{-param*}\
  %{fmudflap|fmudflapth:-fno-builtin -fno-merge-constants}\
  %{coverage:-fprofile-arcs -ftest-coverage}";