Re: [PATCH] Fix the GNU Stack markings on libgcc.a
torsdag 3 maj 2018 kl. 06:19:20 CEST skrev du: > On 05/02/2018 07:05 PM, Magnus Granberg wrote: > > torsdag 3 maj 2018 kl. 01:48:16 CEST skrev du: > >> On 05/02/2018 06:17 PM, Magnus Granberg wrote: > >>> torsdag 3 maj 2018 kl. 01:07:51 CEST skrev Daniel Santos: > >>>> Hello > >>>> > >>>> On 05/01/2018 06:32 AM, Magnus Granberg wrote: > >>>>> New patch > >>>>> libgcc/ChangeLog: > >>>>> > >>>>> 2018-05-01 Magnus Granberg <zo...@gentoo.org> > >>>>> > >>>>> * config/i386/resms64.h: Add .note.GNU-stack section > >>>>> * config/i386/resms64f.h: Likewise. > >>>>> * config/i386/resms64fx.h: Likewise. > >>>>> * config/i386/resms64x.h: Likewise. > >>>>> * config/i386/savms64.h: Likewise. > >>>>> * config/i386/savms64f.h: Likewise. > >>>>> > >>>>> --- > >>>> > >>>> Well this isn't correct either because you are outside of the inclusion > >>>> guard. Can you please move this up a line? > >>>> > >>>> Thanks, > >>>> Daniel > >>> > >>> /libgcc/ChangeLog: > >>> 2018-05-01 Magnus Granberg <zo...@gentoo.org> > >>> > >>> * config/i386/resms64.h: Add .note.GNU-stack section > >>> * config/i386/resms64f.h: Likewise. > >>> * config/i386/resms64fx.h: Likewise. > >>> * config/i386/resms64x.h: Likewise. > >>> * config/i386/savms64.h: Likewise. > >>> * config/i386/savms64f.h: Likewise. > >>> > >>> --- > >> > >> No, I meant to move the changes up a line so that, if for some reason > >> the header was included twice, that it wouldn't output the section > >> > >> twice. Example: > >> MS2SYSV_STUB_END(savms64_18) > >> > >> +#if·defined(__linux__)·&&·defined(__ELF__) > >> +.section·.note.GNU-stack,"",%progbits > >> +#endif > >> > >> #endif·/*·__x86_64__·*/ > > > > Don't work on multilib > > What do you mean? The functions do not exist on anything other than > x86_64. Emitting the .section when the function is not going to be > subsequently emitted will apply it the .section to whatever happens to > be next in the assembler output, so no, that's wrong. > For you have the executable stack in 32bit and 64bit libs Look at the bug. > >> But upon further reflection, I think it can be cleanly added to > >> i386-asm.h. Does that look sane Jakub? (I haven't tried it) > > > > Don't work on multilib > > > >> Also, for the sake of my education, I don't exactly understand what the > >> problem is as I haven't been keeping up with pax and hardening. I just > >> want to clarify that the stack shouldn't be executable. These are not > >> actual "functions" per-se (i.e., they do not adhere to any ABI), they > >> operate on the stack of the calling function. > >> > >> Thanks, > >> Daniel > > > > /Magnus
Re: [PATCH] Fix the GNU Stack markings on libgcc.a
torsdag 3 maj 2018 kl. 01:07:51 CEST skrev Daniel Santos: > Hello > > On 05/01/2018 06:32 AM, Magnus Granberg wrote: > > New patch > > libgcc/ChangeLog: > > > > 2018-05-01 Magnus Granberg <zo...@gentoo.org> > > > > * config/i386/resms64.h: Add .note.GNU-stack section > > * config/i386/resms64f.h: Likewise. > > * config/i386/resms64fx.h: Likewise. > > * config/i386/resms64x.h: Likewise. > > * config/i386/savms64.h: Likewise. > > * config/i386/savms64f.h: Likewise. > > > > --- > > Well this isn't correct either because you are outside of the inclusion > guard. Can you please move this up a line? > > Thanks, > Daniel /libgcc/ChangeLog: 2018-05-01 Magnus Granberg <zo...@gentoo.org> * config/i386/resms64.h: Add .note.GNU-stack section * config/i386/resms64f.h: Likewise. * config/i386/resms64fx.h: Likewise. * config/i386/resms64x.h: Likewise. * config/i386/savms64.h: Likewise. * config/i386/savms64f.h: Likewise. --- --- a/config/i386/resms64.h 2018-01-03 11:03:58.0 +0100 +++ b/config/i386/resms64.h 2018-05-01 12:59:48.942833419 +0200 @@ -57,3 +57,6 @@ MS2SYSV_STUB_END(resms64_17) MS2SYSV_STUB_END(resms64_18) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/config/i386/resms64f.h 2018-01-03 11:03:58.0 +0100 +++ b/config/i386/resms64f.h 2018-05-01 13:00:23.422832853 +0200 @@ -55,3 +55,6 @@ MS2SYSV_STUB_END(resms64f_16) MS2SYSV_STUB_END(resms64f_17) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/config/i386/resms64fx.h 2018-02-26 20:46:34.0 +0100 +++ b/config/i386/resms64fx.h 2018-05-01 13:06:49.682826518 +0200 @@ -62,3 +62,6 @@ MS2SYSV_STUB_END(resms64fx_16) MS2SYSV_STUB_END(resms64fx_17) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/config/i386/resms64x.h 2018-02-26 20:46:34.0 +0100 +++ b/config/i386/resms64x.h 2018-05-01 13:07:21.702825993 +0200 @@ -63,3 +63,6 @@ MS2SYSV_STUB_END(resms64x_17) MS2SYSV_STUB_END(resms64x_18) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/config/i386/savms64.h 2018-01-03 11:03:58.0 +0100 +++ b/config/i386/savms64.h 2018-05-01 13:07:48.952825546 +0200 @@ -57,3 +57,6 @@ MS2SYSV_STUB_END(savms64_17) MS2SYSV_STUB_END(savms64_18) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/config/i386/savms64f.h 2018-01-03 11:03:58.0 +0100 +++ b/config/i386/savms64f.h 2018-05-01 13:08:30.082824871 +0200 @@ -55,3 +55,6 @@ MS2SYSV_STUB_END(savms64f_16) MS2SYSV_STUB_END(savms64f_17) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif
Re: [PATCH] Fix the GNU Stack markings on libgcc.a
tisdag 1 maj 2018 kl. 12:33:33 CEST skrev Jakub Jelinek: > On Tue, May 01, 2018 at 12:24:44PM +0200, Magnus Granberg wrote: > > Hi > > > > The *_resms64*.S files in libgcc don't have section to remove the > > executable stack marking. Can this be added to Gcc 8.0 Rc? > > > > gcc/ChangeLog: > > > > 2018-05-01 Magnus Granberg <zo...@gentoo.org> > > > > * config/i386/cet.h: Add section to remove executable stack marking. > > This is incorrect, the cet.h header is an installed header that has nothing > to do with whether executable stack is needed or not. > > The right spot is either the libgcc/config/i386/i386-asm.h header, or > the libgcc/config/i386/*ms64*.h headers. > > And I don't see anything release critical on this, these files are only in > libgcc.a and only linked in if somebody uses the ms ABI stuff. I think it > can be fixed in 9.0/8.2+ only. > > > --- a/gcc/config/i386/cet.h 2018-04-20 15:30:13.0 +0200 > > +++ b/gcc/config/i386/cet.h 2018-05-01 11:45:53.762906162 +0200 > > @@ -87,6 +87,9 @@ > > > > 4: > > .popsection > > > > # endif /* __CET__ */ > > > > +# ifdef __linux__ > > +.section .note.GNU-stack,"",%progbits > > +# endif > > > > # endif /* __ELF__ */ > > #endif /* __ASSEMBLER__ */ > > Jakub New patch libgcc/ChangeLog: 2018-05-01 Magnus Granberg <zo...@gentoo.org> * config/i386/resms64.h: Add .note.GNU-stack section * config/i386/resms64f.h: Likewise. * config/i386/resms64fx.h: Likewise. * config/i386/resms64x.h: Likewise. * config/i386/savms64.h: Likewise. * config/i386/savms64f.h: Likewise. --- --- a/libgcc/config/i386/resms64.h 2018-01-03 11:03:58.0 +0100 +++ b/libgcc/config/i386/resms64.h 2018-05-01 12:59:48.942833419 +0200 @@ -57,3 +57,6 @@ MS2SYSV_STUB_END(resms64_17) MS2SYSV_STUB_END(resms64_18) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/libgcc/config/i386/resms64f.h 2018-01-03 11:03:58.0 +0100 +++ b/libgcc/config/i386/resms64f.h 2018-05-01 13:00:23.422832853 +0200 @@ -55,3 +55,6 @@ MS2SYSV_STUB_END(resms64f_16) MS2SYSV_STUB_END(resms64f_17) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/libgcc/config/i386/resms64fx.h 2018-02-26 20:46:34.0 +0100 +++ b/libgcc/config/i386/resms64fx.h 2018-05-01 13:06:49.682826518 +0200 @@ -62,3 +62,6 @@ MS2SYSV_STUB_END(resms64fx_16) MS2SYSV_STUB_END(resms64fx_17) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/libgcc/config/i386/resms64x.h 2018-02-26 20:46:34.0 +0100 +++ b/libgcc/config/i386/resms64x.h 2018-05-01 13:07:21.702825993 +0200 @@ -63,3 +63,6 @@ MS2SYSV_STUB_END(resms64x_17) MS2SYSV_STUB_END(resms64x_18) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/libgcc/config/i386/savms64.h 2018-01-03 11:03:58.0 +0100 +++ b/libgcc/config/i386/savms64.h 2018-05-01 13:07:48.952825546 +0200 @@ -57,3 +57,6 @@ MS2SYSV_STUB_END(savms64_17) MS2SYSV_STUB_END(savms64_18) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif --- a/libgcc/config/i386/savms64f.h 2018-01-03 11:03:58.0 +0100 +++ b/libgcc/config/i386/savms64f.h 2018-05-01 13:08:30.082824871 +0200 @@ -55,3 +55,6 @@ MS2SYSV_STUB_END(savms64f_16) MS2SYSV_STUB_END(savms64f_17) #endif /* __x86_64__ */ +#if defined(__linux__) && defined(__ELF__) +.section .note.GNU-stack,"",%progbits +#endif
[PATCH] Fix the GNU Stack markings on libgcc.a
Hi The *_resms64*.S files in libgcc don't have section to remove the executable stack marking. Can this be added to Gcc 8.0 Rc? gcc/ChangeLog: 2018-05-01 Magnus Granberg <zo...@gentoo.org> * config/i386/cet.h: Add section to remove executable stack marking. --- --- a/gcc/config/i386/cet.h 2018-04-20 15:30:13.0 +0200 +++ b/gcc/config/i386/cet.h 2018-05-01 11:45:53.762906162 +0200 @@ -87,6 +87,9 @@ 4: .popsection # endif /* __CET__ */ +# ifdef __linux__ +.section .note.GNU-stack,"",%progbits +# endif # endif /* __ELF__ */ #endif /* __ASSEMBLER__ */
Re: [PATCH] check -nopie in configure
onsdag 24 augusti 2016 kl. 18:21:07 CEST skrev Szabolcs Nagy: > On 20/07/16 14:58, Szabolcs Nagy wrote: > > since gcc can be built with --enable-default-pie, there > > is a -no-pie flag to turn off PIE. > > > > gcc cannot be built as PIE (pr 71934), so the gcc build > > system has to detect the -no-pie flag to disable PIE. > > > > historically default pie toolchains used the -nopie flag > > (e.g. gentoo hardened), those toolchains cannot build > > gcc anymore, so detect -nopie too. > > > > gcc/ > > 2016-07-20 Szabolcs Nagy> > > > * configure.ac: Detect -nopie flag just like -no-pie. > > * configure: Regenerate. > > ping On Gentoo Hardened we are moving to use -no-pie to disable the linking part for both gcc and ld/gold support it. -nopie was not supported by upstream. To disable PIE when compile -fno-PIE should be just. The compile and link part is disable when building gcc, look in the Makefile. /Magnus G.
Re: [PING] Re: [PATCH] New configure option to default enable Smart Stack Protection
måndag 20 juli 2015 16.32.01 skrev Magnus Granberg: Patch updated and tested on x86_64-unknown-linux-gnu (Gentoo) Changlogs /gcc 2015-07-05 Magnus Granberg zo...@gentoo.org * common.opt (fstack-protector): Initialize to -1. (fstack-protector-all): Likewise. (fstack-protector-strong): Likewise. (fstack-protector-explicit): Likewise. * configure.ac: Add --enable-default-ssp. * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. * opts.c (finish_options): Update opts-x_flag_stack_protect if it is -1. * doc/install.texi: Document --enable-default-ssp. * config.in: Regenerated. * configure: Likewise. /testsuite 2015-07-13 Magnus Granberg zo...@gentoo.org * lib/target-supports.exp (check_effective_target_fstack_protector_enabled): New test. * gcc.target/i386/ssp-default.c: New test. --- Ping Can this be commited to trunk? Pinging ones more time on this patch. /Magnus G.
Re: [PING] Re: [PATCH] New configure option to default enable Smart Stack Protection
måndag 13 juli 2015 15.20.40 skrev Magnus Granberg: söndag 05 juli 2015 23.59.32 skrev Magnus Granberg: Changlogs /gcc 2015-07-05 Magnus Granberg zo...@gentoo.org * common.opt (fstack-protector): Initialize to -1. (fstack-protector-all): Likewise. (fstack-protector-strong): Likewise. (fstack-protector-explicit): Likewise. * configure.ac: Add --enable-default-ssp. * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. * opts.c (finish_options): Update opts-x_flag_stack_protect if it is -1. * doc/install.texi: Document --enable-default-ssp. * config.in: Regenerated. * configure: Likewise. /testsuite 2015-07-05 Magnus Granberg zo...@gentoo.org * lib/target-supports.exp (check_effective_target_fstack_protector_enabled): New test. * gcc.target/i386/ssp-default.c: New test. Patch updated and tested on x86_64-unknown-linux-gnu (Gentoo) Changlogs /gcc 2015-07-05 Magnus Granberg zo...@gentoo.org * common.opt (fstack-protector): Initialize to -1. (fstack-protector-all): Likewise. (fstack-protector-strong): Likewise. (fstack-protector-explicit): Likewise. * configure.ac: Add --enable-default-ssp. * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. * opts.c (finish_options): Update opts-x_flag_stack_protect if it is -1. * doc/install.texi: Document --enable-default-ssp. * config.in: Regenerated. * configure: Likewise. /testsuite 2015-07-13 Magnus Granberg zo...@gentoo.org * lib/target-supports.exp (check_effective_target_fstack_protector_enabled): New test. * gcc.target/i386/ssp-default.c: New test. --- Ping Can this be commited to trunk?
[PING] Re: [PATCH] New configure option to default enable Smart Stack Protection
söndag 05 juli 2015 23.59.32 skrev Magnus Granberg: Changlogs /gcc 2015-07-05 Magnus Granberg zo...@gentoo.org * common.opt (fstack-protector): Initialize to -1. (fstack-protector-all): Likewise. (fstack-protector-strong): Likewise. (fstack-protector-explicit): Likewise. * configure.ac: Add --enable-default-ssp. * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. * opts.c (finish_options): Update opts-x_flag_stack_protect if it is -1. * doc/install.texi: Document --enable-default-ssp. * config.in: Regenerated. * configure: Likewise. /testsuite 2015-07-05 Magnus Granberg zo...@gentoo.org * lib/target-supports.exp (check_effective_target_fstack_protector_enabled): New test. * gcc.target/i386/ssp-default.c: New test. Patch updated and tested on x86_64-unknown-linux-gnu (Gentoo) Changlogs /gcc 2015-07-05 Magnus Granberg zo...@gentoo.org * common.opt (fstack-protector): Initialize to -1. (fstack-protector-all): Likewise. (fstack-protector-strong): Likewise. (fstack-protector-explicit): Likewise. * configure.ac: Add --enable-default-ssp. * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. * opts.c (finish_options): Update opts-x_flag_stack_protect if it is -1. * doc/install.texi: Document --enable-default-ssp. * config.in: Regenerated. * configure: Likewise. /testsuite 2015-07-13 Magnus Granberg zo...@gentoo.org * lib/target-supports.exp (check_effective_target_fstack_protector_enabled): New test. * gcc.target/i386/ssp-default.c: New test. -- a/gcc/configure.ac 2014-12-05 00:53:24.0 +0100 +++ b/gcc/configure.ac 2015-06-08 23:27:11.744348211 +0200 @@ -5221,6 +5119,25 @@ if test x$gcc_cv_libc_provides_ssp = xye [Define if your target C library provides stack protector support]) fi +# Check whether --enable-default-ssp was given. +AC_ARG_ENABLE(default-ssp, +[AS_HELP_STRING([--enable-default-ssp], + [enable Smart Stack Protection as default])],[ +if test x$gcc_cv_libc_provides_ssp = xyes; then + case $target in +ia64*-*-*) enable_default_ssp=no ;; +*) enable_default_ssp=$enableval ;; + esac +else + enable_default_ssp=no +fi], +enable_default_ssp=no) +if test x$enable_default_ssp == xyes ; then + AC_DEFINE(ENABLE_DEFAULT_SSP, 1, + [Define if your target supports default stack protector and it is enabled.]) +fi +AC_SUBST([enable_default_ssp]) + # Test for sys/sdt.h on the target. GCC_TARGET_TEMPLATE([HAVE_SYS_SDT_H]) AC_MSG_CHECKING(sys/sdt.h in the target C library) --- a/gcc/defaults.h 2014-11-01 09:13:09.0 +0100 +++ b/gcc/defaults.h 2015-06-08 22:43:18.764269749 +0200 @@ -1263,6 +1263,18 @@ see the files COPYING3 and COPYING.RUNTI #define STACK_SIZE_MODE word_mode #endif +/* Default value for flag_stack_protect when flag_stack_protect is initialized to -1: + --enable-default-ssp: Default flag_stack_protect to -fstack-protector-strong. + --disable-default-ssp: Default flag_stack_protect to 0. + */ +#ifdef ENABLE_DEFAULT_SSP +# ifndef DEFAULT_FLAG_SSP +# define DEFAULT_FLAG_SSP 3 +# endif +#else +# define DEFAULT_FLAG_SSP 0 +#endif + /* Provide default values for the macros controlling stack checking. */ /* The default is neither full builtin stack checking... */ --- a/gcc/common.opt 2014-10-28 11:33:04.0 +0100 +++ b/gcc/common.opt 2015-06-08 22:41:30.114266512 +0200 @@ -2054,15 +2054,15 @@ Common RejectNegative Joined Var(common_ -fstack-limit-symbol=name Trap if the stack goes past symbol name fstack-protector -Common Report Var(flag_stack_protect, 1) +Common Report Var(flag_stack_protect, 1) Init(-1) Use propolice as a stack protection method fstack-protector-all -Common Report RejectNegative Var(flag_stack_protect, 2) +Common Report RejectNegative Var(flag_stack_protect, 2) Init(-1) Use a stack protection method for every function fstack-protector-strong -Common Report RejectNegative Var(flag_stack_protect, 3) +Common Report RejectNegative Var(flag_stack_protect, 3) Init(-1) Use a smart stack protection method for certain functions fstack-protector-explicit -Common Report RejectNegative Var(flag_stack_protect, 4) +Common Report RejectNegative Var(flag_stack_protect, 4) Init(-1) Use stack protection method only for functions with the stack_protect attribute fstack-usage --- a/gcc/opts.c 2015-06-10 02:37:39.0 +0200 +++ b/gcc/opts.c 2015-07-03 23:47:50.868752099 +0200 @@ -757,6 +757,11 @@ finish_options (struct gcc_options *opts opts-x_flag_opts_finished = true; } + /* We initialize opts-x_flag_stack_protect to -1 so that targets + can set a default value. */ + if (opts-x_flag_stack_protect == -1) +opts-x_flag_stack_protect = DEFAULT_FLAG_SSP; + if (opts-x_optimize == 0) { /* Inlining does not work if not optimizing
Re: [PATCH] New configure option to default enable Smart Stack Protection
fredag 03 juli 2015 01.01.51 skrev Magnus Granberg: Hi Working on a patch that enable Smart Stack Protection as default. I still miss docs and testcase for the patch. I need you ides and help. /Magnus G. --- New patch with doc and testcase added. /Magnus G. Changlogs /gcc 2015-07-05 Magnus Granberg zo...@gentoo.org * common.opt (fstack-protector): Initialize to -1. (fstack-protector-all): Likewise. (fstack-protector-strong): Likewise. (fstack-protector-explicit): Likewise. * configure.ac: Add --enable-default-ssp. * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. * opts.c (finish_options): Update opts-x_flag_stack_protect if it is -1. * doc/install.texi: Document --enable-default-ssp. * config.in: Regenerated. * configure: Likewise. /testsuite 2015-07-05 Magnus Granberg zo...@gentoo.org * lib/target-supports.exp (check_effective_target_fstack_protector_enabled): New test. * gcc.target/i386/ssp-default.c: New test. --- a/gcc/configure.ac 2014-12-05 00:53:24.0 +0100 +++ b/gcc/configure.ac 2015-06-08 23:27:11.744348211 +0200 @@ -5221,6 +5119,25 @@ if test x$gcc_cv_libc_provides_ssp = xye [Define if your target C library provides stack protector support]) fi +# Check whether --enable-default-ssp was given. +AC_ARG_ENABLE(default-ssp, +[AS_HELP_STRING([--enable-default-ssp], + [enable Smart Stack Protection as default])],[ +if test x$gcc_cv_libc_provides_ssp = xyes; then + case $target in +ia64*-*-*) enable_default_ssp=no ;; +*) enable_default_ssp=$enableval ;; + esac +else + enable_default_ssp=no +fi], +enable_default_ssp=no) +if test x$enable_default_ssp == xyes ; then + AC_DEFINE(ENABLE_DEFAULT_SSP, 1, + [Define if your target supports default stack protector and it is enabled.]) +fi +AC_SUBST([enable_default_ssp]) + # Test for sys/sdt.h on the target. GCC_TARGET_TEMPLATE([HAVE_SYS_SDT_H]) AC_MSG_CHECKING(sys/sdt.h in the target C library) --- a/gcc/defaults.h 2014-11-01 09:13:09.0 +0100 +++ b/gcc/defaults.h 2015-06-08 22:43:18.764269749 +0200 @@ -1263,6 +1263,18 @@ see the files COPYING3 and COPYING.RUNTI #define STACK_SIZE_MODE word_mode #endif +/* Default value for flag_stack_protect when flag_stack_protect is initialized to -1: + --enable-default-ssp: Default flag_stack_protect to -fstack-protector-strong. + --disable-default-ssp: Default flag_stack_protect to 0. + */ +#ifdef ENABLE_DEFAULT_SSP +# ifndef DEFAULT_FLAG_SSP +# define DEFAULT_FLAG_SSP 3 +# endif +#else +# define DEFAULT_FLAG_SSP 0 +#endif + /* Provide default values for the macros controlling stack checking. */ /* The default is neither full builtin stack checking... */ --- a/gcc/common.opt 2014-10-28 11:33:04.0 +0100 +++ b/gcc/common.opt 2015-06-08 22:41:30.114266512 +0200 @@ -2054,15 +2054,15 @@ Common RejectNegative Joined Var(common_ -fstack-limit-symbol=name Trap if the stack goes past symbol name fstack-protector -Common Report Var(flag_stack_protect, 1) +Common Report Var(flag_stack_protect, 1) Init(-1) Use propolice as a stack protection method fstack-protector-all -Common Report RejectNegative Var(flag_stack_protect, 2) +Common Report RejectNegative Var(flag_stack_protect, 2) Init(-1) Use a stack protection method for every function fstack-protector-strong -Common Report RejectNegative Var(flag_stack_protect, 3) +Common Report RejectNegative Var(flag_stack_protect, 3) Init(-1) Use a smart stack protection method for certain functions fstack-protector-explicit -Common Report RejectNegative Var(flag_stack_protect, 4) +Common Report RejectNegative Var(flag_stack_protect, 4) Init(-1) Use stack protection method only for functions with the stack_protect attribute fstack-usage --- a/gcc/opts.c 2015-06-10 02:37:39.0 +0200 +++ b/gcc/opts.c 2015-07-03 23:47:50.868752099 +0200 @@ -757,6 +757,11 @@ finish_options (struct gcc_options *opts opts-x_flag_opts_finished = true; } + /* We initialize opts-x_flag_stack_protect to -1 so that targets + can set a default value. */ + if (opts-x_flag_stack_protect == -1) +opts-x_flag_stack_protect = DEFAULT_FLAG_SSP; + if (opts-x_optimize == 0) { /* Inlining does not work if not optimizing, --- a/gcc/doc/install.texi 2015-06-03 18:38:10.0 +0200 +++ bgcc/doc/install.texi 2015-07-03 22:18:41.498592691 +0200 @@ -1642,6 +1642,9 @@ Using the GNU Compiler Collection (GCC)} See ``RS/6000 and PowerPC Options'' in the main manual @end ifhtml +@item --enable-default-ssp +Turn on @option{-fstack-protector-strong} by default. + @item --enable-cld This option enables @option{-mcld} by default for 32-bit x86 targets. @ifnothtml --- a/gcc/testsuite/lib/target-supports.exp 2015-05-21 15:30:24.0 +0200 +++ b/gcc/testsuite/lib/target-supports.exp 2015-07-03 21:55:53.748551933 +0200 @@ -1124,6 +1124,16 @@ proc
[PATCH] New configure option to default enable Smart Stack Protection
Hi Working on a patch that enable Smart Stack Protection as default. I still miss docs and testcase for the patch. I need you ides and help. /Magnus G. --- --- a/gcc/configure.ac 2014-12-05 00:53:24.0 +0100 +++ b/gcc/configure.ac 2015-06-08 23:27:11.744348211 +0200 @@ -5221,6 +5119,25 @@ if test x$gcc_cv_libc_provides_ssp = xye [Define if your target C library provides stack protector support]) fi +# Check whether --enable-default-ssp was given. +AC_ARG_ENABLE(default-ssp, +[AS_HELP_STRING([--enable-default-ssp], + [enable Smart Stack Protection as default])], +if test x$gcc_cv_libc_provides_ssp = xyes; then + case $target in +ia64*-*-*) enable_default_ssp=no ;; +*) enable_default_ssp=$enableval ;; + esac +else + enable_default_ssp=no +fi, +enable_default_ssp=no) +if test x$enable_default_ssp == xyes ; then + AC_DEFINE(ENABLE_DEFAULT_SSP, 1, + [Define if your target supports default STACK-PROTECTOR and it is enabled.]) +fi +AC_SUBST([enable_default_ssp]) + # Test for sys/sdt.h on the target. GCC_TARGET_TEMPLATE([HAVE_SYS_SDT_H]) AC_MSG_CHECKING(sys/sdt.h in the target C library) --- a/gcc/defaults.h 2014-11-01 09:13:09.0 +0100 +++ b/gcc/defaults.h 2015-06-08 22:43:18.764269749 +0200 @@ -1263,6 +1263,18 @@ see the files COPYING3 and COPYING.RUNTI #define STACK_SIZE_MODE word_mode #endif +/* Default value for flag_stack_protect when flag_stack_protect is initialized to -1: + --enable-default-ssp: Default flag_stack_protect to -fstack-protector-strong. + --disable-default-ssp: Default flag_stack_protect to 0. + */ +#ifdef ENABLE_DEFAULT_SSP +# ifndef DEFAULT_FLAG_SSP +# define DEFAULT_FLAG_SSP 3 +# endif +#else +# define DEFAULT_FLAG_SSP 0 +#endif + /* Provide default values for the macros controlling stack checking. */ /* The default is neither full builtin stack checking... */ --- a/gcc/common.opt 2014-10-28 11:33:04.0 +0100 +++ b/gcc/common.opt 2015-06-08 22:41:30.114266512 +0200 @@ -2054,15 +2054,15 @@ Common RejectNegative Joined Var(common_ -fstack-limit-symbol=name Trap if the stack goes past symbol name fstack-protector -Common Report Var(flag_stack_protect, 1) +Common Report Var(flag_stack_protect, 1) Init(-1) Use propolice as a stack protection method fstack-protector-all -Common Report RejectNegative Var(flag_stack_protect, 2) +Common Report RejectNegative Var(flag_stack_protect, 2) Init(-1) Use a stack protection method for every function fstack-protector-strong -Common Report RejectNegative Var(flag_stack_protect, 3) +Common Report RejectNegative Var(flag_stack_protect, 3) Init(-1) Use a smart stack protection method for certain functions fstack-protector-explicit -Common Report RejectNegative Var(flag_stack_protect, 4) +Common Report RejectNegative Var(flag_stack_protect, 4) Init(-1) Use stack protection method only for functions with the stack_protect attribute fstack-usage --- a/gcc/opts.c 2014-10-28 11:33:04.0 +0100 +++ b/gcc/opts.c 2015-06-27 01:06:48.670870534 +0200 @@ -739,6 +740,1 @@ finish_options (struct gcc_options *opts opts-x_flag_opts_finished = true; } + /* We initialize opts-x_flag_stack_protect to -1 so that targets + can set a default value. */ + if (opts-x_flag_stack_protect == -1) +opts-x_flag_stack_protect = DEFAULT_FLAG_SSP; + if (opts-x_optimize == 0) { /* Inlining does not work if not optimizing,
Re: PING^3: [PATCH]: New configure options that make the compiler use -fPIE and -pie as default option
fredag 08 maj 2015 10.35.44 skrev H.J. Lu: On Thu, May 7, 2015 at 2:17 PM, Joseph Myers jos...@codesourcery.com wrote: On Fri, 6 Mar 2015, H.J. Lu wrote: +# We don't want to compile the compiler with -fPIE, it make PCH fail. +COMPILER += @NO_PIE_CFLAGS@ + +# Link with -no-pie since we compile the compiler with -fno-PIE. +LINKER += @NO_PIE_FLAG@ As I understand it, what we don't want is the compiler to be a PIE. That is, it must be linked -no-pie (and given that the compiler is not a PIE, compiling -fPIE would be pointless, although it wouldn't actually break things to have PIE objects in the compiler as long as it's linked for a fixed address). +#if defined ENABLE_DEFAULT_PIE +#define GNU_USER_TARGET_STARTFILE_SPEC \ + %{!shared: %{pg|p|profile:gcrt1.o%s;: \ +%{ PIE_SPEC :Scrt1.o%s} %{ NO_PIE_SPEC :crt1.o%s}}} \ + crti.o%s %{static:crtbeginT.o%s;: %{shared:crtbeginS.o%s} \ + %{ PIE_SPEC :crtbeginS.o%s} \ + %{ NO_PIE_SPEC :crtbegin.o%s}} \ + FVTABLE_VERIFY_SPEC +#else +#define GNU_USER_TARGET_STARTFILE_SPEC \ + %{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \ + crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s} \ + FVTABLE_VERIFY_SPEC +#endif With appropriate definitions of PIE_SPEC and NO_PIE_SPEC, shouldn't a single definition of GNU_USER_TARGET_STARTFILE_SPEC be able to work for both ENABLE_DEFAULT_PIE and !ENABLE_DEFAULT_PIE? Yes. https://gcc.gnu.org/ml/gcc-patches/2015-03/msg00393.html noted a possible issue with MIPS. Actually, rather more config/*.h and config/*/*.h headers contain specs testing for (-fpie, -fPIE, -fno-pie, -fno-PIE, -pie) options, which would be affected by these changes. I'd say this patch should include an initial attempt at adjusting those config headers, which should be an essentially mechanical change not requiring understanding anything target-specific. For link-time specs, that may mean using PIE_SPEC and NO_PIE_SPEC. For compile-time specs, similar new macros would be added. Given such adjustments included in the patch and the relevant target maintainers CC:ed, I might then be inclined to approve the patch on the basis of allowing a week for target maintainers to test the changes for their targets before commit, as I don't see any major problems with it beyond the need to update the target-specific specs. Here is the updated patch. I will post patches for cris, mips, powerpc and sparc separately. The target maintainers should be able to adjust backend ASM_SPEC with FPIE_OR_FPIC_SPEC and NO_FPIE_AND_FPIC_SPEC. OK for trunk? Thanks. PIng Any progress on this? /Magnus G.
Add --enable-default-pie option to configure GCC to generate PIE by default.
Hi Can this work be commited to Gcc 6? https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=33cd3712cae4721121bc37aefd09fc5ed7cd146a The work was posted to the patch liste even before Gcc 5 stage1 ended. And diffrent versions of it have been posted to the list of nummer of times. /Magnus G.
Re: PING^3: [PATCH]: New configure options that make the compiler use -fPIE and -pie as default option
fredag 06 mars 2015 09.31.26 skrev H.J. Lu: PING. I am enclosing the patch here for review. Have you tested it on mips? gcc pass -mno-shared if HAVE_AS_NO_SHARED is defened in config/mips/gnu-user.h. -mshared don't get enable. /Magnus G.
Re: Stage3 closing soon, call for patch pings
torsdag 15 januari 2015 13.26.43 skrev H.J. Lu: On Thu, Jan 15, 2015 at 1:04 PM, Jeff Law l...@redhat.com wrote: Stage3 is closing rapidly. I've drained my queue of patches I was tracking for gcc-5.However, note that I don't track everything. If it's a patch for a backend, language other than C or seemingly has another maintainer that's engaged in review, then I haven't been tracking the patch. So this is my final call for patch pings. I've got some bandwidth and may be able to look at a few patches that have otherwise stalled. This one was updated yesterday: https://gcc.gnu.org/ml/gcc-patches/2015-01/msg00956.html I guess it won't hurt to list it here. --- H.J. Jeff can that be commited? Thank you H.J. for the work with it. /Magnus
Re: [testsuite] PATCH: Add check_effective_target_pie
måndag 12 januari 2015 12.11.17 skrev H.J. Lu: On Mon, Jan 12, 2015 at 12:03 PM, Jeff Law l...@redhat.com wrote: On 01/12/15 12:59, H.J. Lu wrote: I don't know if -pg will work PIE on any targets. For Linux/x86 the choices of crt1.o are %{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} -shared, -pg and -pie are mutually exclusive. Those crt1 files are only crt1 files provided by glibc. You can't even try -pg -pie on Linux without changing glibc. You're totally missing the point. What I care about is *why*. With -pg it use gcrt1.o object file and that file is not compile with -fPIC. When you build a shared lib on x86_64 all the objects files need to be buiit with -fPIC else you get a error like that one abow and it is the same problems when you build bin with -fPIE and linke with -pie. Glibc do not provide one that is compile with -fPIC Showing me spec file fragments is totally unhelpful. What is the technical reason why pg and pie are mutually exclusive? What kind of technical reason are you looking for? glibc doesn't provide the right crt1 file for GCC to support this combination. You can't define GNU_USER_TARGET_STARTFILE_SPEC to support -pg and -pie. If you are asking why glibc doesn't provide one, my guess is no one has requested one before.
Re: [PING][PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
söndag 11 januari 2015 03.37.14 skrev H.J. Lu: On Sun, Jan 11, 2015 at 1:05 AM, Daniel Micay danielmi...@gmail.com wrote: On 11/01/15 03:52 AM, Daniel Micay wrote: This branch works well for me. It doesn't automatically turn off the linker flag when -fno-PIE or -fno-PIC are passed like most of the wrapper scripts / downstream patches do, but that might not be a problem in practice. -fno-PIE and -fno-PIC aren't linking options. We don't turn on PIE with # gcc -fPIE You need to use # gcc -pie -fPIE To turn off PIE, you should use # gcc -no-pie -fno-PIE Er, Thunderbird did a terrible job handling my manual reply (wasn't subscribed to the list). Sorry about that. For clarity, this is about H.J. Lu's branch at: https://gcc.gnu.org/git/?p=gcc.git;a=shortlog;h=refs/heads/hjl/pie It works fine for me but 6 test fails in the testsuite. Do we realy want to pass -fPIE -fPIC when someone do -fno-PIC or -fno-pic? FAIL: gcc.dg/tree-ssa/ssa-store-ccp-3.c scan-tree-dump-times optimized conststaticvariable 1 FAIL: gcc.target/i386/nop-mcount.c (test for excess errors) FAIL: gcc.target/i386/pr54445-2.c scan-assembler mov(b|zbl)[ \t] (%fs:)?tls_array@tpoff-1\\(% FAIL: g++.dg/other/anon5.C -std=gnu++98 (test for excess errors) FAIL: g++.dg/other/anon5.C -std=gnu++11 (test for excess errors) FAIL: g++.dg/other/anon5.C -std=gnu++14 (test for excess errors) /Magnus
Re: [PING][PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
söndag 11 januari 2015 14.29.56 skrev Magnus Granberg: söndag 11 januari 2015 03.37.14 skrev H.J. Lu: On Sun, Jan 11, 2015 at 1:05 AM, Daniel Micay danielmi...@gmail.com wrote: On 11/01/15 03:52 AM, Daniel Micay wrote: This branch works well for me. It doesn't automatically turn off the linker flag when -fno-PIE or -fno-PIC are passed like most of the wrapper scripts / downstream patches do, but that might not be a problem in practice. -fno-PIE and -fno-PIC aren't linking options. We don't turn on PIE with # gcc -fPIE You need to use # gcc -pie -fPIE To turn off PIE, you should use # gcc -no-pie -fno-PIE Er, Thunderbird did a terrible job handling my manual reply (wasn't subscribed to the list). Sorry about that. For clarity, this is about H.J. Lu's branch at: https://gcc.gnu.org/git/?p=gcc.git;a=shortlog;h=refs/heads/hjl/pie It works fine for me but 6 test fails in the testsuite. Do we realy want to pass -fPIE -fPIC when someone do -fno-PIC or -fno-pic? On the crtstuff do we and --fPIE or should the Makefile handel it? I did let the Makefile handel it. FAIL: gcc.dg/tree-ssa/ssa-store-ccp-3.c scan-tree-dump-times optimized conststaticvariable 1 FAIL: gcc.target/i386/nop-mcount.c (test for excess errors) FAIL: gcc.target/i386/pr54445-2.c scan-assembler mov(b|zbl)[ \t] (%fs:)?tls_array@tpoff-1\\(% FAIL: g++.dg/other/anon5.C -std=gnu++98 (test for excess errors) FAIL: g++.dg/other/anon5.C -std=gnu++11 (test for excess errors) FAIL: g++.dg/other/anon5.C -std=gnu++14 (test for excess errors) /Magnus
Re: [PING][PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
söndag 11 januari 2015 09.47.09 skrev H.J. Lu: On Sun, Jan 11, 2015 at 9:40 AM, H.J. Lu hjl.to...@gmail.com wrote: On Sun, Jan 11, 2015 at 6:04 AM, Magnus Granberg zo...@gentoo.org wrote: söndag 11 januari 2015 14.29.56 skrev Magnus Granberg: söndag 11 januari 2015 03.37.14 skrev H.J. Lu: On Sun, Jan 11, 2015 at 1:05 AM, Daniel Micay danielmi...@gmail.com wrote: On 11/01/15 03:52 AM, Daniel Micay wrote: This branch works well for me. It doesn't automatically turn off the linker flag when -fno-PIE or -fno-PIC are passed like most of the wrapper scripts / downstream patches do, but that might not be a problem in practice. -fno-PIE and -fno-PIC aren't linking options. We don't turn on PIE with # gcc -fPIE You need to use # gcc -pie -fPIE To turn off PIE, you should use # gcc -no-pie -fno-PIE Er, Thunderbird did a terrible job handling my manual reply (wasn't subscribed to the list). Sorry about that. For clarity, this is about H.J. Lu's branch at: https://gcc.gnu.org/git/?p=gcc.git;a=shortlog;h=refs/heads/hjl/pie It works fine for me but 6 test fails in the testsuite. Do we realy want to pass -fPIE -fPIC when someone do -fno-PIC or -fno-pic? On the crtstuff do we and --fPIE or should the Makefile handel it? I did let the Makefile handel it. I will fix them shortly. It is fixed now. You are missing the fix in gcc/Makefile.in echo enable_default_pie = '@enable_default_pie@' tmp-libgcc.mvars /Magnus
Re: [PING][PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
fredag 09 januari 2015 13.00.14 skrev Daniel Micay: On 09/01/15 12:49 PM, Joseph Myers wrote: On Fri, 9 Jan 2015, Daniel Micay wrote: --with-specs=%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| shared|static|nostdlib|nodefaultlibs|nostartfiles:;:-fPIE -pie} at configure time (using CONFIGURE_SPECS). DRIVER_SELF_SPECS is checkt before CONFIGURE_SPECS. On mips it will have added -mno-shared before it check CONFIGURE_SPECS. I want to support more targets later on. Can move the spec to elfos.h. I have no idea if the above is really the proper spec to use - why do you include static, nostdlib, nodefaultlibs and nostartfiles for example? Similar, if I say PIE isn't supported for static executables by binutils, etc. so it does need to exclude that. The checks for nostdlib, nodefaultlibs Well - that would indicate excluding -pie if one of the link-time options conflicting with it is used, -fPIE if one of the compile-time options conflicting with it is used. That way, gcc -static file.c would still have the same effect as gcc -c file.c; gcc -static file.o (building a PIE object, linking it into a non-PIE static executable), which makes logical sense to me (although there may be no great benefit either way). Sure, I agree. It should have separate lists of exceptions for both of these. I can separete it to compile and linke sections and remove the nostdlib, nodefaultlibs and nostartfiles. But how do we not pass -pie to the linker when we don't pass static or shared and don't link it with -pie? For only the gold linker support -no-pie. /Magnus G.
[PING][PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
fredag 14 november 2014 23.31.48 skrev Magnus Granberg: måndag 10 november 2014 21.26.39 skrev Magnus Granberg: Rainer Thanks Rainer for the nits and comments. Have updated the patches and Changelogs. But i still use PIE_DRIVER_SELF_SPECS, do you have a ide where move it so i don't need to duplicate that stuff or how to do it? Magnus G 2014-11-10 Magnus Granberg zo...@gentoo.org /gcc * config/gnu-user.h (PIE_DRIVER_SELF_SPECS) and (GNU_DRIVER_SELF_SPECS): Define. * config/i386/gnu-user-common.h (DRIVER_SELF_SPECS): Define * configure.ac: Add new option. * configure, config.in: Rebuild. * Makefile.in (ALL_CFLAGS) and (ALL_CXXFLAGS): Disable PIE. * doc/install.texi: New configure option. * doc/invoke.texi: Add note to PIE. * doc/sourcebuild.texi: New effective target. gcc/testsuite * gcc/default-pie.c: New test * gcc.dg/tree-ssa/ssa-store-ccp-3.c: Skip if default_pie * g++.dg/other/anon5.C: Skip if default_pie * lib/target-supports.exp (check_effective_target_default_pie): New proc. /libgcc * Makefile.in (CRTSTUFF_CFLAGS): Disable PIE. Can this be included for GCC 5 ? /Magnus G. One more ping on this. The patches where sent before stage 1 closed but i did't get any feed back from it Have updete the patchses for gcc 5.0 20141228 snapshot. Bootstrapped and tested on x86_64-unknown-linux-gnu (Gentoo) /Magnus 2014-12-30 Magnus Granberg zo...@gentoo.org /gcc * config/gnu-user.h (PIE_DRIVER_SELF_SPECS): Define. * config/i386/gnu-user-common.h (DRIVER_SELF_SPECS): Define and add PIE_DRIVER_SELF_SPECS. * configure.ac: Add new option. * configure, config.in: Rebuild. * Makefile.in (ALL_CFLAGS) and (ALL_CXXFLAGS): Disable PIE. * doc/install.texi: New configure option. * doc/invoke.texi: Add note to PIE. * doc/sourcebuild.texi: New effective target. gcc/testsuite * gcc/default-pie.c: New test * gcc.dg/tree-ssa/ssa-store-ccp-3.c: Skip if default_pie * g++.dg/other/anon5.C: Skip if default_pie * lib/target-supports.exp (check_effective_target_default_pie): New proc. /libgcc * Makefile.in (CRTSTUFF_CFLAGS): Disable PIE. --- a/gcc/doc/install.texi 2013-10-01 19:29:40.0 +0200 +++ b/gcc/doc/install.texi 2013-11-17 16:13:20.474144921 +0100 @@ -1583,6 +1583,10 @@ do a @samp{make -C gcc gnatlib_and_tools Specify that the run-time libraries for stack smashing protection should not be built. +@item --enable-default-pie +Turn on @option{-fPIE} and @option{-pie} by default if supported. +Currently supported targets are i?86-*-linux* and x86-64-*-linux*. + @item --disable-libquadmath Specify that the GCC quad-precision math library should not be built. On some systems, the library is required to be linkable when building --- a/gcc/doc/invoke.texi 2013-10-03 19:13:50.0 +0200 +++ b/gcc/doc/invoke.texi 2013-11-17 21:30:02.784220111 +0100 @@ -10898,6 +10898,13 @@ For predictable results, you must also s used for compilation (@option{-fpie}, @option{-fPIE}, or model suboptions) when you specify this linker option. +@emph{Note}: With the @option{--enable-default-pie} configure option, this +options is enabled by default for C, C++, ObjC, ObjC++, if none of +@option{-fno-PIE}, @option{-fno-pie}, @option{-fPIC}, @option{-fpic}, +@option{-fno-PIC}, @option{-fno-pic}, @option{-nostdlib}, +@option{-nostartfiles}, @option{-shared}, @option{-nodefaultlibs}, +nor @option{-static} are found. + @item -rdynamic @opindex rdynamic Pass the flag @option{-export-dynamic} to the ELF linker, on targets @@ -23071,6 +23071,13 @@ used during linking. @code{__pie__} and @code{__PIE__}. The macros have the value 1 for @option{-fpie} and 2 for @option{-fPIE}. +@emph{Note}: With the @option{--enable-default-pie} configure option, this +options is enabled by default for C, C++, ObjC, ObjC++, if none of +@option{-fno-PIE}, @option{-fno-pie}, @option{-fPIC}, @option{-fpic}, +@option{-fno-PIC}, @option{-fno-pic}, @option{-nostdlib}, +@option{-nostartfiles}, @option{-shared}, @option{-nodefaultlibs}, +nor @option{-static} are found. + @item -fno-jump-tables @opindex fno-jump-tables Do not use jump tables for switch statements even where it would be --- a/gcc/doc/sourcebuild.texi 2014-08-20 17:56:45.0 +0200 +++ b/gcc/doc/sourcebuild.texi 2014-11-09 23:43:06.254817553 +0100 @@ -1890,6 +1890,9 @@ Target supports @option{-mpe-aligned-com @item pie Target supports @option{-pie}, @option{-fpie} and @option{-fPIE}. +@item default_pie +Target enable @option{-pie}, and @option{-fPIE} as default. + @item section_anchors Target supports section anchors. --- a/gcc/config/gnu-user.h 2013-08-20 10:31:40.0 +0200 +++ b/gcc/config/gnu-user.h 2013-10-23 22:01:42.337238981 +0200 @@ -131,3 +131,13 @@ see the files COPYING3 and COPYING.RUNTI
Re: [PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
måndag 10 november 2014 21.26.39 skrev Magnus Granberg: Rainer Thanks Rainer for the nits and comments. Have updated the patches and Changelogs. But i still use PIE_DRIVER_SELF_SPECS, do you have a ide where move it so i don't need to duplicate that stuff or how to do it? Magnus G 2014-11-10 Magnus Granberg zo...@gentoo.org /gcc * config/gnu-user.h (PIE_DRIVER_SELF_SPECS) and (GNU_DRIVER_SELF_SPECS): Define. * config/i386/gnu-user-common.h (DRIVER_SELF_SPECS): Define * configure.ac: Add new option. * configure, config.in: Rebuild. * Makefile.in (ALL_CFLAGS) and (ALL_CXXFLAGS): Disable PIE. * doc/install.texi: New configure option. * doc/invoke.texi: Add note to PIE. * doc/sourcebuild.texi: New effective target. gcc/testsuite * gcc/default-pie.c: New test * gcc.dg/tree-ssa/ssa-store-ccp-3.c: Skip if default_pie * g++.dg/other/anon5.C: Skip if default_pie * lib/target-supports.exp (check_effective_target_default_pie): New proc. /libgcc * Makefile.in (CRTSTUFF_CFLAGS): Disable PIE. Can this be included for GCC 5 ? /Magnus G.
Re: [PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
fredag 01 augusti 2014 10.52.27 skrev Rainer Orth: Hi Magnus, a couple of comments, mostly nits. 2014-07-31 Magnus Granberg zo...@gentoo.org /gcc * config/gnu-user.h: Define PIE_DRIVER_SELF_SPECS for PIE as default and GNU_DRIVER_SELF_SPECS. * config/i386/gnu-user-common.h: Define DRIVER_SELF_SPECS * configure.ac: Add new option that enable PIE as default. * configure, config.in: Rebuild. * Makefile.in: Disable PIE when building the compiler. * doc/install.texi: Add the new configure option default PIE. * doc/invoke.texi: Add note for the new configure option default PIE. Many of those entries are mis-formatted. See other examples and the GNU Coding Standards for details. E.g. the first would be * config/gnu-user.h (PIE_DRIVER_SELF_SPECS): Define. In general, you need to mention which macro, variable, manual section you change. Emacs' add-change-log-entry does the basics for you. Besides, you only state what changed, not why. Apart from that, I don't think defining PIE_DRIVER_SELF_SPECS in gnu-user.h is a good idea. This way, every other target supporting the option would have to duplicate that stuff. * testsuite/gcc/default-pie.c: New test for new configure option --enale-default-pie gcc/testsuite has its own ChangeLog file. Typo for --enale-... * testsuite/gcc.dg/other/anon5.C: Add skip test as it fail to link on effective_target default_pie. should be * g++.dg/other/anon5.C: Skip if default_pie. No explanations in ChangeLog entries; they belong into the code. Besides, you had the first dir component wrong. Again, Emacs does this for you. * testsuite/lib/target-supports.exp (check_profiling_available): We can't use profiling on effective target default_pie. (check_effective_target_pie): Add check_effective_target_default_pie. Wrong: should be * lib/target-supports.exp (check_effective_target_default_pie): New proc. The new default_pic effective-target keyword needs to be documented in doc/sourcebuild.texi. --- a/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:07:16.741479728 +0100 +++ b/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:05:07.801479218 +0100 @@ -0,0 +1,12 @@ +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */ +/* { dg-require-effective-target default_pie } */ Why restrict to Linux, GNU? default_pie should be enough once other targets add this. --- a/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c 2012-03-14 17:33:37.0 +0100 +++ b/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c 2014-07-29 00:55:17.421086416 +0200 @@ -2,6 +2,9 @@ /* Skipped on MIPS GNU/Linux target because __PIC__ can be defined for executables as well as shared libraries. */ /* { dg-skip-if { *-*-darwin* hppa*64*-*-* mips*-*-linux* *-*-mingw* } { * } { } } */ +/* Skipped on default_pie targets because __PIC__ is + defined for executables. */ +/* { dg-skip-if { default_pie } { * } { } } */ Emit those default args, they're unnecessary. Also in g++.dg/other/anon5.C. --- a/gcc/testsuite/g++.dg/other/anon5.C 2012-11-10 15:34:42.0 +0100 +++ b/gcc/testsuite/g++.dg/other/anon5.C 2013-11-09 14:49:52.281390127 +0100 @@ -1,5 +1,6 @@ // PR c++/34094 // { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* } } } } +// { dg-skip-if { default_pie } { * } { } } The first arg to dg-skip-if should explain why you're skipping the test. --- a/gcc/testsuite/lib/target-supports.exp 2013-10-01 11:18:30.0 +0200 +++ b/gcc/testsuite/lib/target-supports.exp 2013-10-25 22:01:46.743388469 +0200 @@ -474,6 +474,11 @@ proc check_profiling_available { test_wh } } +# Profiling don't work with default -fPIE -pie. Grammar: doesn't work. +# Return 1 if -pie, -fPIE are default enable, 0 otherwise. + +proc check_effective_target_default_pie { } { Hard to understand, perhaps # Return 1 if -pie -fPIE are enabled by default, 0 otherwise. --- a/gcc/doc/invoke.texi 2013-10-03 19:13:50.0 +0200 +++ b/gcc/doc/invoke.texi 2013-11-17 21:30:02.784220111 +0100 @@ -10535,6 +10535,12 @@ For predictable results, you must also s used for compilation (@option{-fpie}, @option{-fPIE}, or model suboptions) when you specify this linker option. +NOTE: With configure --enable-default-pie this option is enabled by default With the @option{--enable-default-pie} configure option, ... +for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie}, +@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic}, +@option{-nostdlib}, @option{-nostartfiles}, @option{-shared}, +@option{-nodefaultlibs}, nor @option{static} are found. @option{-static}. Rainer Thanks Rainer for the nits and comments. Have updated the patches and Changelogs. But i still use
[PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
Hi This patchset will add a new configure options --enable-default-pie. With the new option enable will make it pass -fPIE and -pie from the gcc and g++ frontend. Have only add the support for two targets but should work on more targes. In configure.ac we add the new option. We can't compile the compiler or the crt stuff with -fPIE it will brake the PCH and the crtbegin and crtend files. The disabling is done in the Makefiles. The needed spec is added to DRIVER_SELF_SPECS. We disable all the profiling test for the linking will fail. Tested on x86_64 linux (Gentoo). More and more Linux/gnu distributions compile binary with PIE with this you could allmost compile all binary with PIE as we do on Gentoo Hardened. This patches have bin posted before on the list. https://gcc.gnu.org/ml/gcc-patches/2013-11/msg01515.html /Magnus Granberg Changlog 2014-07-31 Magnus Granberg zo...@gentoo.org /gcc * config/gnu-user.h: Define PIE_DRIVER_SELF_SPECS for PIE as default and GNU_DRIVER_SELF_SPECS. * config/i386/gnu-user-common.h: Define DRIVER_SELF_SPECS * configure.ac: Add new option that enable PIE as default. * configure, config.in: Rebuild. * Makefile.in: Disable PIE when building the compiler. * doc/install.texi: Add the new configure option default PIE. * doc/invoke.texi: Add note for the new configure option default PIE. * testsuite/gcc/default-pie.c: New test for new configure option --enale-default-pie * testsuite/gcc.dg/other/anon5.C: Add skip test as it fail to link on effective_target default_pie. * testsuite/lib/target-supports.exp (check_profiling_available): We can't use profiling on effective target default_pie. (check_effective_target_pie): Add check_effective_target_default_pie. /libgcc * Makefile.in: Disable PIE when building the crtbegin/end files. --- a/gcc/config/gnu-user.h 2013-08-20 10:31:40.0 +0200 +++ b/gcc/config/gnu-user.h 2013-10-23 22:01:42.337238981 +0200 @@ -126,3 +126,17 @@ see the files COPYING3 and COPYING.RUNTI LD_STATIC_OPTION --whole-archive -ltsan --no-whole-archive \ LD_DYNAMIC_OPTION }}%{!static-libtsan:-ltsan} #endif + +/* We use this to make the compiler use -fPIE as default and link + with -pie. */ +#ifdef ENABLE_DEFAULT_PIE +#define PIE_DRIVER_SELF_SPECS \ +%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \ + shared|static|nostdlib|nodefaultlibs|nostartfiles:;:-fPIE -pie} +#else +#define PIE_DRIVER_SELF_SPECS +#endif + +#ifndef GNU_DRIVER_SELF_SPECS +#define GNU_DRIVER_SELF_SPECS PIE_DRIVER_SELF_SPECS +#endif --- a/gcc/config/i386/gnu-user-common.h 2013-01-10 21:38:27.0 +0100 +++ b/gcc/config/i386/gnu-user-common.h 2013-10-23 17:37:45.432767049 +0200 @@ -70,3 +70,8 @@ along with GCC; see the file COPYING3. /* Static stack checking is supported by means of probes. */ #define STACK_CHECK_STATIC_BUILTIN 1 + +/* Use GNU_DRIVER_SELF_SPECS. */ +#ifndef DRIVER_SELF_SPECS +#define DRIVER_SELF_SPECS GNU_DRIVER_SELF_SPECS +#endif --- a/gcc/configure.ac 2014-04-28 16:01:40.0 +0200 +++ b/gcc/configure.ac 2014-05-08 02:42:30.900883247 +0200 @@ -5671,6 +5671,36 @@ if test x${LINKER_HASH_STYLE} != x; th [The linker hash style]) fi +# Check whether --enable-default-pie was given and target have the support. +AC_ARG_ENABLE(default-pie, +[AS_HELP_STRING([--enable-default-pie], + [enable Position Independent Executable as default])], +enable_default_pie=$enableval, +enable_default_pie=no) +if test x$enable_default_pie = xyes; then + AC_MSG_CHECKING(if $target supports default PIE) + enable_default_pie=no + case $target in +i?86*-*-linux* | x86_64*-*-linux*) + saved_LDFLAGS=$LDFLAGS + saved_CFLAGS=$CFLAGS + CFLAGS=$CFLAGS -fPIE + LDFLAGS=$LDFLAGS -fPIE -pie + AC_TRY_LINK(,,[enable_default_pie=yes],) + LDFLAGS=$saved_LDFLAGS + CFLAGS=$saved_CFLAGS + ;; +*) + ;; +esac + AC_MSG_RESULT($enable_default_pie) +fi +if test x$enable_default_pie == xyes ; then + AC_DEFINE(ENABLE_DEFAULT_PIE, 1, + [Define if your target supports default PIE and it is enabled.]) +fi +AC_SUBST([enable_default_pie]) + # Configure the subdirectories # AC_CONFIG_SUBDIRS($subdirs) --- a/gcc/Makefile.in 2013-10-02 21:52:27.0 +0200 +++ b/gcc/Makefile.in 2013-10-24 17:46:22.055357122 +0200 @@ -968,14 +968,23 @@ CONTEXT_H = context.h # cross compiler which does not use the native headers and libraries. INTERNAL_CFLAGS = -DIN_GCC $(PICFLAG) @CROSS@ +# We don't want to compile the compiler with -fPIE, it make PCH fail. +enable_default_pie = @enable_default_pie@ +ifeq ($(enable_default_pie),yes) +NOPIE_CFLAGS = -fno-PIE +else +NOPIE_CFLAGS= +endif + # This is the variable actually used when we compile. If you change this, # you probably want to update BUILD_CFLAGS in configure.ac -ALL_CFLAGS
Re: [PATCH][1-3] New configure option to enable Position independent executable as default.
söndag 17 november 2013 22.37.08 skrev Magnus Granberg: lördag 16 november 2013 20.37.58 skrev Ryan Hill: On Wed, 13 Nov 2013 23:28:45 +0100 Magnus Granberg zo...@gentoo.org wrote: Hi This patchset will add a new configure options --enable-default-pie. With the new option enable will make it pass -fPIE and -pie from the gcc and g++ frontend. Have only add the support for two targets but should work on more targes. In configure.ac we add the new option. We can't compile the compiler or the crt stuff with -fPIE it will brake the PCH and the crtbegin and crtend files. The disabling is done in the Makefiles. The needed spec is added to DRIVER_SELF_SPECS. We disable all the profiling test for the linking will fail.Tested on x86_64 linux (Gentoo). /Magnus Granberg Hey Magnus. Some nits: .. +for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie}, +@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic}, +@option{-nostdlib}, @option{-nostartfiles}, @option{-shared}, +@option{-nodefaultlibs}, nor @option{static} are found. Looks like nodefaultlibs is missing from PIE_DRIVER_SELF_SPECS or this needs to be updated. Thanks! Thankyou for the nits. Have updated the patches with the fixes. The same changlog should work in my first post about this new option. Mike Stump wrote Ick. Would be nice to figure out on what systems one can do this and just do it without the configure option. Is there some reason that we need an option for it? It would work well on most *-*-linux* targets but i don't have all the hardware for testing and I agre with Ian that it should not be default enable. /Magnus Granberg Can some one review the patches and commit if it look sane? /Magnus Granberg
Re: [PATCH][1-3] New configure option to enable Position independent executable as default.
lördag 16 november 2013 20.37.58 skrev Ryan Hill: On Wed, 13 Nov 2013 23:28:45 +0100 Magnus Granberg zo...@gentoo.org wrote: Hi This patchset will add a new configure options --enable-default-pie. With the new option enable will make it pass -fPIE and -pie from the gcc and g++ frontend. Have only add the support for two targets but should work on more targes. In configure.ac we add the new option. We can't compile the compiler or the crt stuff with -fPIE it will brake the PCH and the crtbegin and crtend files. The disabling is done in the Makefiles. The needed spec is added to DRIVER_SELF_SPECS. We disable all the profiling test for the linking will fail.Tested on x86_64 linux (Gentoo). /Magnus Granberg Hey Magnus. Some nits: .. +for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie}, +@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic}, +@option{-nostdlib}, @option{-nostartfiles}, @option{-shared}, +@option{-nodefaultlibs}, nor @option{static} are found. Looks like nodefaultlibs is missing from PIE_DRIVER_SELF_SPECS or this needs to be updated. Thanks! Thankyou for the nits. Have updated the patches with the fixes. The same changlog should work in my first post about this new option. Mike Stump wrote Ick. Would be nice to figure out on what systems one can do this and just do it without the configure option. Is there some reason that we need an option for it? It would work well on most *-*-linux* targets but i don't have all the hardware for testing and I agre with Ian that it should not be default enable. /Magnus Granberg --- a/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:07:16.741479728 +0100 +++ b/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:05:07.801479218 +0100 @@ -0,0 +1,12 @@ +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */ +/* { dg-require-effective-target default_pie } */ +/* { dg-options -O2 } */ +int foo (void); + +int +main (void) +{ + return foo (); +} + +/* { dg-final { scan-assembler foo@PLT } } */ --- a/gcc/testsuite/g++.dg/other/anon5.C 2012-11-10 15:34:42.0 +0100 +++ b/gcc/testsuite/g++.dg/other/anon5.C 2013-11-09 14:49:52.281390127 +0100 @@ -1,5 +1,6 @@ // PR c++/34094 // { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* } } } } +// { dg-skip-if { default_pie } { * } { } } // { dg-options -g } // Ignore additional message on powerpc-ibm-aix // { dg-prune-output obtain more information } */ --- a/gcc/testsuite/lib/target-supports.exp 2013-10-01 11:18:30.0 +0200 +++ b/gcc/testsuite/lib/target-supports.exp 2013-10-25 22:01:46.743388469 +0200 @@ -474,6 +474,11 @@ proc check_profiling_available { test_wh } } +# Profiling don't work with default -fPIE -pie. +if { [check_effective_target_default_pie] } { + return 0 +} + # Support for -p on solaris2 relies on mcrt1.o which comes with the # vendor compiler. We cannot reliably predict the directory where the # vendor compiler (and thus mcrt1.o) is installed so we can't @@ -839,6 +844,14 @@ proc check_effective_target_pie { } { return 0 } +# Return 1 if -pie, -fPIE are default enable, 0 otherwise. + +proc check_effective_target_default_pie { } { +global ENABLE_DEFAULT_PIE +return [info exists ENABLE_DEFAULT_PIE] +return 0 +} + # Return true if the target supports -mpaired-single (as used on MIPS). proc check_effective_target_mpaired_single { } { --- a/gcc/config/gnu-user.h 2013-08-20 10:31:40.0 +0200 +++ b/gcc/config/gnu-user.h 2013-10-23 22:01:42.337238981 +0200 @@ -134,3 +134,17 @@ see the files COPYING3 and COPYING.RUNTI /* Additional libraries needed by -static-libtsan. */ #undef STATIC_LIBTSAN_LIBS #define STATIC_LIBTSAN_LIBS -ldl -lpthread + +/* We use this to make the compiler use -fPIE as default and link + with -pie. */ +#ifdef ENABLE_DEFAULT_PIE +#define PIE_DRIVER_SELF_SPECS \ +%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \ + shared|static|nostdlib|nodefaultlibs|nostartfiles:;:-fPIE -pie} +#else +#define PIE_DRIVER_SELF_SPECS +#endif + +#ifndef GNU_DRIVER_SELF_SPECS +#define GNU_DRIVER_SELF_SPECS PIE_DRIVER_SELF_SPECS +#endif --- a/gcc/config/i386/gnu-user-common.h 2013-01-10 21:38:27.0 +0100 +++ b/gcc/config/i386/gnu-user-common.h 2013-10-23 17:37:45.432767049 +0200 @@ -70,3 +70,8 @@ along with GCC; see the file COPYING3. /* Static stack checking is supported by means of probes. */ #define STACK_CHECK_STATIC_BUILTIN 1 + +/* Use GNU_DRIVER_SELF_SPECS. */ +#ifndef DRIVER_SELF_SPECS +#define DRIVER_SELF_SPECS GNU_DRIVER_SELF_SPECS +#endif --- a/gcc/configure.ac 2013-09-25 18:10:35.0 +0200 +++ b/gcc/configure.ac 2013-10-22 21:26:56.287602139 +0200 @@ -5434,6 +5434,30 @@ if test x${LINKER_HASH_STYLE} != x; th [The linker hash style]) fi +# Check whether --enable-default-pie was given and target have the support. +AC_ARG_ENABLE
[PATCH][1-3] New configure option to enable Position independent executable as default.
Hi This patchset will add a new configure options --enable-default-pie. With the new option enable will make it pass -fPIE and -pie from the gcc and g++ frontend. Have only add the support for two targets but should work on more targes. In configure.ac we add the new option. We can't compile the compiler or the crt stuff with -fPIE it will brake the PCH and the crtbegin and crtend files. The disabling is done in the Makefiles. The needed spec is added to DRIVER_SELF_SPECS. We disable all the profiling test for the linking will fail.Tested on x86_64 linux (Gentoo). /Magnus Granberg Changlog 2013-11-10 Magnus Granberg zo...@gentoo.org /gcc * config/gnu-user.h: Define PIE_DRIVER_SELF_SPECS for PIE as default and GNU_DRIVER_SELF_SPECS. * config/i386/gnu-user-common.h: Define DRIVER_SELF_SPECS * configure.ac: Add new option that enable PIE as default. * configure, config.in: Rebuild. * Makefile.in: Disable PIE when building the compiler. * doc/install.texi: Add the new configure option default PIE. * doc/invoke.texi: Add note for the new configure option default PIE. * testsuite/gcc/default-pie.c: New test for new configure option --enale-default-pie * testsuite/gcc.dg/other/anon5.C: Add skip test as it fail to link on effective_target default_pie. * testsuite/lib/target-supports.exp (check_profiling_available): We can't use profiling on effective target default_pie. (check_effective_target_pie): Add check_effective_target_default_pie. /libgcc * Makefile.in: Disable PIE when building the crtbegin/end files. --- a/gcc/config/gnu-user.h 2013-08-20 10:31:40.0 +0200 +++ b/gcc/config/gnu-user.h 2013-10-23 22:01:42.337238981 +0200 @@ -134,3 +134,17 @@ see the files COPYING3 and COPYING.RUNTI /* Additional libraries needed by -static-libtsan. */ #undef STATIC_LIBTSAN_LIBS #define STATIC_LIBTSAN_LIBS -ldl -lpthread + +/* We use this to make the compiler use -fPIE as default and link + with -pie. */ +#ifdef ENABLE_DEFAULT_PIE +#define PIE_DRIVER_SELF_SPECS \ +%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \ + shared|static|nostdlib|nostartfiles:;:-fPIE -pie} +#else +#define PIE_DRIVER_SELF_SPECS +#endif + +#ifndef GNU_DRIVER_SELF_SPECS +#define GNU_DRIVER_SELF_SPECS PIE_DRIVER_SELF_SPECS +#endif --- a/gcc/config/i386/gnu-user-common.h 2013-01-10 21:38:27.0 +0100 +++ b/gcc/config/i386/gnu-user-common.h 2013-10-23 17:37:45.432767049 +0200 @@ -70,3 +70,8 @@ along with GCC; see the file COPYING3. /* Static stack checking is supported by means of probes. */ #define STACK_CHECK_STATIC_BUILTIN 1 + +/* Use GNU_DRIVER_SELF_SPECS. */ +#ifndef DRIVER_SELF_SPECS +#define DRIVER_SELF_SPECS GNU_DRIVER_SELF_SPECS +#endif --- a/gcc/configure.ac 2013-09-25 18:10:35.0 +0200 +++ b/gcc/configure.ac 2013-10-22 21:26:56.287602139 +0200 @@ -5434,6 +5434,31 @@ if test x${LINKER_HASH_STYLE} != x; th [The linker hash style]) fi +# Check whether --enable-default-pie was given and target have the support. +AC_ARG_ENABLE(default-pie, +[AS_HELP_STRING([--enable-default-pie], [Enable Position independent executable as default. + If we have suppot for it when compiling and linking. + Linux targets supported i?86 and x86_64.])], +enable_default_pie=$enableval, +enable_default_pie=no) +if test x$enable_default_pie = xyes; then + AC_MSG_CHECKING(if $target support to default with -fPIE and link with -pie as default) + enable_default_pie=no + case $target in +i?86*-*-linux* | x86_64*-*-linux*) + enable_default_pie=yes + ;; +*) + ;; +esac + AC_MSG_RESULT($enable_default_pie) +fi +if test x$enable_default_pie == xyes ; then + AC_DEFINE(ENABLE_DEFAULT_PIE, 1, + [Define if your target support default-pie and you have enable it.]) +fi +AC_SUBST([enable_default_pie]) + # Configure the subdirectories # AC_CONFIG_SUBDIRS($subdirs) --- a/gcc/Makefile.in 2013-10-02 21:52:27.0 +0200 +++ b/gcc/Makefile.in 2013-10-24 17:46:22.055357122 +0200 @@ -957,14 +957,23 @@ CONTEXT_H = context.h # cross compiler which does not use the native headers and libraries. INTERNAL_CFLAGS = -DIN_GCC @CROSS@ +# We don't want to compile the compiler with -fPIE, it make PCH fail. +enable_default_pie = @enable_default_pie@ +ifeq ($(enable_default_pie),yes) +NOPIE_CFLAGS = -fno-PIE +else +NOPIE_CFLAGS= +endif + # This is the variable actually used when we compile. If you change this, # you probably want to update BUILD_CFLAGS in configure.ac -ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \ +ALL_CFLAGS = $(NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \ $(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@ # The C++ version. -ALL_CXXFLAGS = $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) $(INTERNAL_CFLAGS) \ - $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS
PATCH: PR plugins/56754 some missing plugin headers during installation in gcc 4.8
This patch readd TARGET_H that was removed with revision 188166 IPA_PROP_H is in use by PLUGIN_HEADERS and did depend on GIMPLE_H that did have TARGET_H before it was removed and it was not added to IPA_PROP_H or PLUGIN_HEADERS. See the bug for more info. /Magnus gcc: 2013-03-30 Magnus Granberg zo...@gentoo.org PR plugins/56754 * Makefile.in (PLUGIN_HEADERS): Add TARGET_H --- a/gcc/Makefile.in 2013-02-08 10:07:49.0 +0100 +++ b/gcc/Makefile.in 2013-03-28 03:43:53.343390945 +0100 @@ -4597,7 +4597,7 @@ PLUGIN_HEADERS = $(TREE_H) $(CONFIG_H) $ $(C_PRAGMA_H) $(CPPLIB_H) $(FUNCTION_H) \ cppdefault.h flags.h $(MD5_H) params.def params.h prefix.h tree-inline.h \ $(GIMPLE_PRETTY_PRINT_H) realmpfr.h \ - $(IPA_PROP_H) $(RTL_H) $(TM_P_H) $(CFGLOOP_H) $(EMIT_RTL_H) version.h + $(IPA_PROP_H) $(TARGET_H) $(RTL_H) $(TM_P_H) $(CFGLOOP_H) $(EMIT_RTL_H) version.h # generate the 'build fragment' b-header-vars s-header-vars: Makefile
Re: GCC 4.8.0 Status Report (2012-10-29), Stage 1 to end soon
måndag 29 oktober 2012 18.56.42 skrev Jakub Jelinek: Status == I'd like to close the stage 1 phase of GCC 4.8 development on Monday, November 5th. If you have still patches for new features you'd like to see in GCC 4.8, please post them for review soon. Patches posted before the freeze, but reviewed shortly after the freeze, may still go in, further changes should be just bugfixes and documentation fixes. I want to get the new configure --enable-espf options included. The patches have been posted some time ago. Gentoo Hardened Project Magnus Granberg
Re: [PATCH 1-2/12 ] New configure option --enable-espf=(all|ssp|pie|no)
tisdag 18 september 2012 16.12.15 skrev Magnus Granberg: tisdag 11 september 2012 01.33.42 skrev Magnus Granberg: fredag 07 september 2012 18.52.11 skrev du: On Fri, 7 Sep 2012, Magnus Granberg wrote: * Makefile.in Add -fno-stack-protector when needed for espf. Toplevel Makefile.in is a generated file. You need to patch Makefile.def or Makefile.tpl and regenerate Makefile.in. I'm surprised this passes bootstrap, since I wouldn't expect bootstrap to avoid -Wformat-security warnings, and all the previous patch submissions I recall to avoid such warnings have been incorrect (you can't just change error (msg) to error (%s, msg) when the reason the code is written how it is is that no-argument formats such as % and % may appear in msg and need interpreting). Have updated Makefile and configure patch and it bootstrap with --enable-werror did't have that enable last time. Have new changelog to. Thank you for the help. .. Do any one else have any comments or hints for the patches? Have fix the cross-compile probs that Andrew Pinski pointed out with this updated configure.ac patch. Gentoo Hardened Project Magnus Granberg--- a/configure.ac 2012-02-02 11:20:32.0 +0100 +++ b/configure.ac 2012-07-01 00:44:27.845218414 +0200 @@ -424,6 +424,36 @@ AC_ARG_ENABLE(libssp, ENABLE_LIBSSP=$enableval, ENABLE_LIBSSP=yes) +# Check whether --enable-espf was given and target have the support. +AC_ARG_ENABLE([espf], +[AS_HELP_STRING([--enable-espf[=ARG]], + [Enable Stack protector, Position independent executable and +Fortify_source as default. If we have suppot for it when compiling. +Linux targets supported i?86 and x86_64. +@:@ARG={all,pie,ssp,no}@:@ ])], +set_enable_espf=$enableval, +set_enable_espf=no) +case ${set_enable_espf} in + all|pie|ssp) +case $target in + i?86*-*-linux* | x86_64*-*-linux*) +enable_espf=yes +;; + *) +enable_espf=no + AC_MSG_WARN([*** --enable-espf is not supported on this $target target.]) +;; +esac +;; + no) +enable_espf=no +;; + *) +AC_MSG_ERROR([invalid --enable-espf argument]) +;; +esac +AC_SUBST([enable_espf]) + # Save it here so that, even in case of --enable-libgcj, if the Java # front-end isn't enabled, we still get libgcj disabled. libgcj_saved=$libgcj @@ -3213,6 +3242,11 @@ if test $GCC = yes -a $ENABLE_BUILD_W CFLAGS=$saved_CFLAGS fi +# Disable -fstack-protector on stage1 +if test x$enable_espf = xyes; then + stage1_cflags=$stage1_cflags -fno-stack-protector +fi + AC_SUBST(stage1_cflags) # Enable --enable-checking in stage1 of the compiler. --- a/gcc/configure.ac 2012-02-22 12:27:45.0 +0100 +++ b/gcc/configure.ac 2012-07-01 00:43:14.054216215 +0200 @@ -342,7 +342,8 @@ GCC_STDINT_TYPES # So, we only use -pedantic if we can disable those warnings. ACX_PROG_CC_WARNING_OPTS( - m4_quote(m4_do([-W -Wall -Wno-narrowing -Wwrite-strings -Wcast-qual])), [loose_warn]) + m4_quote(m4_do([-W -Wall -Wno-narrowing -Wwrite-strings -Wcast-qual \ + -Wno-format-security])), [loose_warn]) ACX_PROG_CC_WARNING_OPTS( m4_quote(m4_do([-Wstrict-prototypes -Wmissing-prototypes])), [c_loose_warn]) @@ -5193,6 +5194,167 @@ if test x${LINKER_HASH_STYLE} != x; th [The linker hash style]) fi +# -- +# Espf checks +# -- + +# Check whether --enable-espf was given and target have the support. +AC_ARG_ENABLE([espf], +[AS_HELP_STRING([--enable-espf[=ARG]], + [Enable Stack protector, Position independent executable and +Fortify_sources as default. If we have suppot for it when compiling. +Linux targets supported x86_64. @:@ARG={all,pie,ssp,no}@:@ ])], +set_enable_espf=$enableval, +set_enable_espf=no) +case ${set_enable_espf} in + all|pie|ssp) +AC_MSG_CHECKING(if $target support espf) +case $target in + i?86*-*-linux* | x86_64-*-linux*) +enable_espf=yes +AC_DEFINE(ENABLE_ESPF, 1, + [Define if your target support espf and you have enable it.]) +;; + *) +enable_espf=no +AC_MSG_WARN([*** --enable-espf is not supported on this $target target.]) +;; +esac +AC_MSG_RESULT($enable_espf) +;; + no) +enable_espf=no +;; + *) +AC_MSG_ERROR([invalid --enable-espf argument]) +;; +esac +AC_SUBST([enable_espf]) +if test $enable_espf = yes ; then + +# Check for FORTIFY_SOURCES support in target C library. + AC_CACHE_CHECK(for _FORTIFY_SOURCES support in target C library, +gcc_cv_libc_provides_fortify, +[gcc_cv_libc_provides_fortify=no +case $target in + *-*-linux*) +[# glibc 2.8 and later provides _FORTIFY_SOURCES. +# uClibc 0.9.32 and later provides
Re: [PATCH 1-2/12 ] New configure option --enable-espf=(all|ssp|pie|no)
tisdag 11 september 2012 01.33.42 skrev Magnus Granberg: fredag 07 september 2012 18.52.11 skrev du: On Fri, 7 Sep 2012, Magnus Granberg wrote: * Makefile.in Add -fno-stack-protector when needed for espf. Toplevel Makefile.in is a generated file. You need to patch Makefile.def or Makefile.tpl and regenerate Makefile.in. I'm surprised this passes bootstrap, since I wouldn't expect bootstrap to avoid -Wformat-security warnings, and all the previous patch submissions I recall to avoid such warnings have been incorrect (you can't just change error (msg) to error (%s, msg) when the reason the code is written how it is is that no-argument formats such as % and % may appear in msg and need interpreting). Have updated Makefile and configure patch and it bootstrap with --enable-werror did't have that enable last time. Have new changelog to. Thank you for the help. .. Do any one else have any comments or hints for the patches? Gentoo Hardened Project Magnus Granberg
Re: [PATCH 1-2/12 ] New configure option --enable-espf=(all|ssp|pie|no)
fredag 07 september 2012 18.52.11 skrev du: On Fri, 7 Sep 2012, Magnus Granberg wrote: * Makefile.in Add -fno-stack-protector when needed for espf. Toplevel Makefile.in is a generated file. You need to patch Makefile.def or Makefile.tpl and regenerate Makefile.in. I'm surprised this passes bootstrap, since I wouldn't expect bootstrap to avoid -Wformat-security warnings, and all the previous patch submissions I recall to avoid such warnings have been incorrect (you can't just change error (msg) to error (%s, msg) when the reason the code is written how it is is that no-argument formats such as % and % may appear in msg and need interpreting). Have updated Makefile and configure patch and it bootstrap with --enable-werror did't have that enable last time. Have new changelog to. Thank you for the help. Gentoo Hardened Project Magnus Granberg 2012-09-10 Magnus Granberg zo...@gentoo.org * configure.ac Add new configure options espf. * Makefile.tpl Add -fno-stack-protector when needed for espf. * configure Regenerated * Makefile.in Likewise. gcc/ * configure.ac Add new configure options espf. Add -Wno-format-security to warn flags. * configure Regenerated * config.in Regenerated * Makefile.in Add -fno-PIE when needed for espf. * config/gnu-user.h Define ESPF_GCC_PIE_SPEC, ESPF_GCC_SSP_SPEC, ESPF_CPP_UNIQUE_OPTIONS_SPEC, ESPF_DRIVER_SELF_SPECS and ESPF_EXTRA_SPECS. * config/i386/gnu-user64.h Define DRIVER_SELF_SPECS. * config/i386/gnu-user.hAdd ESPF_EXTRA_SPECS to SUBTARGET_EXTRA_SPECS when needed. Define DRIVER_SELF_SPECS. * config/i386/i386.hAdd ESPF_EXTRA_SPECS to SUBTARGET_EXTRA_SPECS when needed. * gcc.c Add espf_cpp_unique_options to cpp_unique_options when needed. * c-family/c-common.c Enable warn_format when espf is enable. * c-family/c-format.c Enable warn_format_security when needed by espf. libgcc/ * libgcc/Makefile.inAdd -fno-PIE when needed for espf. libcpp/ * configure.ac Add -Wno-format-security to warn flags. * configure Regenerated * config.in Regenerated 2012-09-10 Magnus Granberg zo...@gentoo.org Kees Cook k...@ubuntu.com gcc/doc/ * invoke.texi Add notes to -Wformat, -Wformat-security, -O2, -fstack-protector, -fPIE and -pie for espf. * install.texi Add new configure options 2012-08-26 Magnus Granberg zo...@gentoo.org Kees Cook k...@ubuntu.com gcc/testsuite * gcc.dg/charset/builtin2.c Add -Wno-format when effective_target is espf. * gcc.dg/format/format.exp Likewise. * gcc.dg/pr30473.c Likewise. * gcc.dg/pr38902.c Likewise. * gcc.dg/ipa/ipa-sra-1.cLikewise. * gcc.dg/torture/tls/tls-test.c Likewise. * g++.dg/abi/pragma-pack1.C Likewise. * g++.dg/cpp0x/constexpr-tuple.CLikewise. * lib/target-supports.exp Add check_effective_target_espf. * gcc.c-torture/execute/memset-1.x New file * gcc.c-torture/execute/vprintf-chk-1.x Likewise. * gcc.c-torture/execute/vfprintf-chk-1.xLikewise. * gcc.dg/stack-usage-1.cAdd -fno-stack-protector when effective_target is espf. * gcc.dg/superblock.c Likewise. * gcc.dg/20021014-1.c Add -fno-PIE when effective_target is espf. * gcc.dg/nest.c Likewise. * gcc.dg/nested-func-4.cLikewise. * gcc.dg/pr32450.c Likewise. * gcc.dg/pr43643.c Likewise. * g++.dg/other/anon5.C Likewise. * g++.old-deja/g++.law
Re: [PATCH 3-4/12 ] New configure option --enable-espf=(all|ssp|pie|no)
fredag 07 september 2012 18.43.59 skrev du: On Fri, 7 Sep 2012, Magnus Granberg wrote: --- a/gcc/config/linux.h2011-07-07 17:38:34.0 +0200 +++ b/gcc/config/linux.h2012-07-09 14:24:08.599281404 +0200 I see nothing related specifically to Linux rather than other targets that may use GNU userspace, so I think all this belongs in gnu-user.h. --- a/gcc/config/i386/linux.h 2011-06-03 20:30:39.0 +0200 Likewise. +#if def ENABLE_ESPF Stray space inside #ifdef. Have updated the patch and move from linux*.h to gnu-user*.h. Thank you for the hints. Gentoo Hardened Project Magnus Granberg --- a/gcc/config/gnu-user.h 2011-04-28 18:49:49.0 +0200 +++ b/gcc/config/gnu-user.h 2012-09-08 18:22:41.020729353 +0200 @@ -98,3 +98,31 @@ see the files COPYING3 and COPYING.RUNTI #define TARGET_C99_FUNCTIONS 1 #define TARGET_HAS_SINCOS 1 + +#ifdef ENABLE_ESPF +#ifdef ENABLE_ESPF_PIE +#define ESPF_GCC_PIE_SPEC \ +%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \ +shared|static|nostdlib|nostartfiles:;:-fPIE -pie} +#else +#define ESPF_GCC_PIE_SPEC +#endif +#ifdef ENABLE_ESPF_SSP +#define ESPF_GCC_SSP_SPEC \ +%{nostdlib|nodefaultlibs|fno-stack-protector| \ +fstack-protector|fstack-protector-all:;:-fstack-protector} +#else +#define ESPF_GCC_SSP_SPEC +#endif +#ifdef ENABLE_ESPF_FORTIFY +#define ESPF_CPP_UNIQUE_OPTIONS_SPEC \ +%{D_FORTIFY_SOURCE|D_FORTIFY_SOURCE=*|U_FORTIFY_SOURCE:;:-D_FORTIFY_SOURCE=2} +#else +#define ESPF_CPP_UNIQUE_OPTIONS_SPEC +#endif +#define ESPF_DRIVER_SELF_SPECS \ +ESPF_GCC_PIE_SPEC, \ +ESPF_GCC_SSP_SPEC +#define ESPF_EXTRA_SPECS \ +{ espf_cpp_unique_options, ESPF_CPP_UNIQUE_OPTIONS_SPEC } +#endif --- a/gcc/config/i386/gnu-user.h 2011-05-05 14:32:50.0 +0200 +++ b/gcc/config/i386/gnu-user.h 2012-07-09 14:28:38.726289455 +0200 @@ -93,9 +93,16 @@ along with GCC; see the file COPYING3. --32 %{!mno-sse2avx:%{mavx:-msse2avx}} %{msse2avx:%{!mavx:-msse2avx}} #undef SUBTARGET_EXTRA_SPECS +#ifdef ENABLE_ESPF #define SUBTARGET_EXTRA_SPECS \ { link_emulation, GNU_USER_LINK_EMULATION },\ - { dynamic_linker, GNU_USER_DYNAMIC_LINKER } + { dynamic_linker, GNU_USER_DYNAMIC_LINKER }, \ + ESPF_EXTRA_SPECS +#else +#define SUBTARGET_EXTRA_SPECS \ + { link_emulation, GNU_USER_LINK_EMULATION },\ + { dynamic_linker, GNU_USER_DYNAMIC_LINKER } +#endif #undef LINK_SPEC #define LINK_SPEC -m %(link_emulation) %{shared:-shared} \ @@ -202,3 +159,7 @@ along with GCC; see the file COPYING3. #define TARGET_CAN_SPLIT_STACK #define TARGET_THREAD_SPLIT_STACK_OFFSET 0x30 #endif + +#ifdef ENABLE_ESPF +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS +#endif --- gcc-4.8-20120302/gcc/config/i386/gnu-user64.h 2012-06-30 00:21:30.0 +0200 +++ gcc-4.8-20120302-work/gcc/config/i386/gnu-user64.h 2012-09-08 18:14:03.683713936 +0200 @@ -94,3 +94,7 @@ see the files COPYING3 and COPYING.RUNTI #undef WCHAR_TYPE #define WCHAR_TYPE (TARGET_LP64 ? int : long int) + +#ifdef ENABLE_ESPF +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS +#endif --- a/gcc/config/i386/i386.h 2011-11-24 23:11:12.0 +0100 +++ b/gcc/config/i386/i386.h 2012-07-09 14:21:24.575276517 +0200 @@ -617,13 +617,16 @@ enum target_cpu_default Do not define this macro if it does not need to do anything. */ #ifndef SUBTARGET_EXTRA_SPECS +#ifdef ENABLE_ESPF +#define SUBTARGET_EXTRA_SPECS ESPF_EXTRA_SPECS +#else #define SUBTARGET_EXTRA_SPECS #endif +#endif #define EXTRA_SPECS \ { cc1_cpu, CC1_CPU_SPEC }, \ SUBTARGET_EXTRA_SPECS - /* Set the value of FLT_EVAL_METHOD in float.h. When using only the FPU, assume that the fpcw is set to extended precision; when using
Re: [PATCH 8/12 ] New configure option --enable-espf=(all|ssp|pie|no)
fredag 07 september 2012 18.41.29 skrev Joseph S. Myers: On Fri, 7 Sep 2012, Magnus Granberg wrote: +NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}is @emph{Note:} (existing style). @option{--enable-espf}. +this option enabled by default for C, C++, ObjC, ObjC++. +To disable, use @option{-Wformat=0}. -Wno-format rather than -Wformat=0. The same comments apply several times in the patch. +@option{-shared}, @option{-nodefaultlibs}, nor @option{static} are found. @option{-static} (missing '-'). Likewise elsewhere in the patch. Have updated the patch. Thank you for the hints. Gentoo Hardened Project Magnus Granberg--- a/gcc/doc/invoke.texi 2012-03-01 10:57:59.0 +0100 +++ b/gcc/doc/invoke.texi 2012-07-30 00:57:03.766847851 +0200 @@ -3216,6 +3216,11 @@ aspects of format checking, the options @option{-Wformat-nonliteral}, @option{-Wformat-security}, and @option{-Wformat=2} are available, but are not included in @option{-Wall}. +@emph{Note:} (existing style). +With @option{--enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}}this option is +enabled by default for C, C++, ObjC, ObjC++. To disable, use +@option{-Wno-format}. + @item -Wformat-y2k @opindex Wformat-y2k @opindex Wno-format-y2k @@ -3269,6 +3273,13 @@ currently a subset of what @option{-Wfor in future warnings may be added to @option{-Wformat-security} that are not included in @option{-Wformat-nonliteral}.) +@emph{Note:} (existing style). +With @option{--enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}}this option is +enabled by default for C, C++, ObjC, ObjC++. To disable, use +@option{-Wno-format-security}, or disable all format warnings +with @option{-Wno-format}. To make format security warnings fatal, +specify @option{-Werror=format-security}. + @item -Wformat=2 @opindex Wformat=2 @opindex Wno-format=2 @@ -6229,6 +6239,14 @@ also turns on the following optimization Please note the warning under @option{-fgcse} about invoking @option{-O2} on programs that use computed gotos. +@emph{Note:} (existing style). +With @option{--enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}}, +@option{-D_FORTIFY_SOURCE=2} is set by default, and is activated +when @option{-O} is set to 2 or higher. This enables additional +compile-time and run-time checks for several libc functions. +To disable, specify either @option{-U_FORTIFY_SOURCE} or +@option{-D_FORTIFY_SOURCE=0}. + @item -O3 @opindex O3 Optimize yet more. @option{-O3} turns on all optimizations specified @@ -8475,6 +8492,13 @@ functions with buffers larger than 8 byt when a function is entered and then checked when the function exits. If a guard check fails, an error message is printed and the program exits. +@emph{Note:} (existing style). +With @option{--enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}} this option +is enabled by default for C, C++, ObjC, ObjC++, if none of +@option{-fno-stack-protector}, @option{-nostdlib}, +@option{-fno-stack-protector-all}, @option{nodefaultlibs}, +nor @option{-ffreestanding} are found. + @item -fstack-protector-all @opindex fstack-protector-all Like @option{-fstack-protector} except that all functions are protected. @@ -9457,6 +9480,13 @@ For predictable results, you must also s that were used to generate code (@option{-fpie}, @option{-fPIE}, or model suboptions) when you specify this option. +@emph{Note:} (existing style). +With @option{--enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}} this option is +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles}, +@option{-shared}, @option{-nodefaultlibs}, nor @option{-static} are found. + @item -rdynamic @opindex rdynamic Pass the flag @option{-export-dynamic} to the ELF linker, on targets @@ -19125,6 +19154,13 @@ used during linking. @code{__pie__} and @code{__PIE__}. The macros have the value 1 for @option{-fpie} and 2 for @option{-fPIE}. +@emph{Note:} (existing style). +With @option{--enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}} this option is +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles}, +@option{-shared}, @option{-nodefaultlibs}, nor @option{-static} are found. + @item -fno-jump-tables @opindex fno-jump-tables Do not use jump tables for switch statements even where it would be --- a/gcc/doc/install.texi 2012-03-02 10:37:30.0 +0100 +++ b/gcc/doc/install.texi 2012-07-23 18:05:14.160784593 +0200 @@ -1392,6 +1392,18 @@ do a @samp{make -C gcc gnatlib_and_tools Specify that the run-time libraries for stack smashing protection should not be built. +@item --enable-espf=@var{list} +Will turn on some compiler and preprosessor options as default. +@option{-D_FORTIFY_SOURCE=2}, @option{-Wformat} and +@option{-Wformat-security
[PATCH 7/12 ] New configure option --enable-espf=(all|ssp|pie|no)
Patch: Wformat.patch Enable -Wformat and -Wformat_security Gentoo Hardened Project Magnus Granberg --- a/gcc/c-family/c-common.c 2012-02-13 21:12:54.0 +0100 +++ b/gcc/c-family/c-common.c 2012-07-28 00:04:05.351725091 +0200 @@ -202,7 +202,11 @@ int warn_unknown_pragmas; /* Tri state v /* Warn about format/argument anomalies in calls to formatted I/O functions (*printf, *scanf, strftime, strfmon, etc.). */ +#ifdef ENABLE_ESPF +int warn_format = 1; +#else int warn_format; +#endif /* C/ObjC language option variables. */ --- a/gcc/c-family/c-format.c 2011-06-07 23:52:46.0 +0200 +++ b/gcc/c-family/c-format.c 2012-07-28 00:43:00.612794680 +0200 @@ -52,6 +52,11 @@ set_Wformat (int setting) /* Make sure not to disable -Wnonnull if -Wformat=0 is specified. */ if (setting) warn_nonnull = setting; + +#ifdef ENABLE_ESPF + if (setting == 1) +warn_format_security = 1; +#endif }
[PATCH 12/12 ] New configure option --enable-espf=(all|ssp|pie|no)
Patch testsuite-espf-pr39537.patch Is a update of the patch posten on the 39537 bug We fix some of the format strings and casts. Gentoo Hardened Project Magnus Granberg --- a/gcc/testsuite/g++.dg/ext/align1.C 2002-02-06 17:18:33.0 +0100 +++ b/gcc/testsuite/g++.dg/ext/align1.C 2012-08-11 02:14:51.533875779 +0200 @@ -16,6 +16,5 @@ float f1 __attribute__ ((aligned)); int main (void) { - printf (%d %d\n, __alignof (a1), __alignof (f1)); return (__alignof (a1) __alignof (f1)); } --- a/gcc/testsuite/g++.old-deja/g++.law/operators28.C +++ b/gcc/testsuite/g++.old-deja/g++.law/operators28.C @@ -14,7 +14,8 @@ { void *p; - printf(%d %d %d\n, sz, count, type); + // ISO C++ does not support format size modifier z, so use a cast + printf(%u %d %d\n, (unsigned int)sz, count, type); p = new char[sz * count]; ((new_test *)p)-type = type; --- a/gcc/testsuite/gcc.dg/torture/matrix-2.c +++ b/gcc/testsuite/gcc.dg/torture/matrix-2.c @@ -42,7 +42,7 @@ } for (i = 0; i ARCHnodes; i++) for (j = 0; j 3; j++) - printf (%x\n,vel[i][j]); + printf (%p\n,vel[i][j]); /*if (i!=1 || j!=1)*/ /*if (i==1 j==1) continue; @@ -83,14 +83,14 @@ for (j = 0; j 3; j++) { vel[i][j] = (int *) malloc (ARCHnodes1 * sizeof (int)); - printf (%x %d %d\n,vel[i][j], ARCHnodes1, sizeof (int)); + printf (%p %d %d\n,vel[i][j], ARCHnodes1, (int)sizeof (int)); } } for (i = 0; i ARCHnodes; i++) { for (j = 0; j 3; j++) { - printf (%x\n,vel[i][j]); + printf (%p\n,vel[i][j]); } } @@ -99,7 +99,7 @@ { for (j = 0; j 3; j++) { - printf (%x\n,vel[i][j]); + printf (%p\n,vel[i][j]); /*for (k = 0; k ARCHnodes1; k++) { vel[i][j][k] = d; --- a/gcc/testsuite/gcc.dg/packed-vla.c +++ b/gcc/testsuite/gcc.dg/packed-vla.c @@ -17,8 +17,8 @@ int b[4]; } __attribute__ ((__packed__)) foo; - printf(foo %d\n, sizeof(foo)); - printf(bar %d\n, sizeof(bar)); + printf(foo %d\n, (int)sizeof(foo)); + printf(bar %d\n, (int)sizeof(bar)); if (sizeof (foo) != sizeof (bar)) abort (); --- a/gcc/testsuite/g++.dg/opt/alias2.C +++ b/gcc/testsuite/g++.dg/opt/alias2.C @@ -30,14 +30,14 @@ _Deque_base::~_Deque_base() { - printf (bb %x %x\n, this, *_M_start._M_node); + printf (bb %p %x\n, this, *_M_start._M_node); } void _Deque_base::_M_initialize_map() { yy = 0x123; - printf (aa %x %x\n, this, yy); + printf (aa %p %x\n, this, yy); _M_start._M_node = yy; _M_start._M_cur = yy; --- a/gcc/testsuite/g++.old-deja/g++.abi/vbase1.C +++ b/gcc/testsuite/g++.old-deja/g++.abi/vbase1.C @@ -33,7 +33,7 @@ void Offset () const { printf (VBase\n); -printf ( VBase::member %d\n, this-VBase::member - (int *)this); +printf ( VBase::member %d\n, (int)(this-VBase::member - (int *)this)); } }; @@ -55,8 +55,8 @@ void Offset () const { printf (VDerived\n); -printf ( VBase::member %d\n, this-VBase::member - (int *)this); -printf ( VDerived::member %d\n, this-VDerived::member - (int *)this); +printf ( VBase::member %d\n, (int)(this-VBase::member - (int *)this)); +printf ( VDerived::member %d\n, (int)(this-VDerived::member - (int *)this)); } }; struct B : virtual VBase @@ -65,8 +65,8 @@ void Offset () const { printf (B\n); -printf ( VBase::member %d\n, this-VBase::member - (int *)this); -printf ( B::member %d\n, this-B::member - (int *)this); +printf ( VBase::member %d\n, (int)(this-VBase::member - (int *)this)); +printf ( B::member %d\n, (int)(this-B::member - (int *)this)); } }; struct MostDerived : B, virtual VDerived @@ -75,10 +75,10 @@ void Offset () const { printf (MostDerived\n); -printf ( VBase::member %d\n, this-VBase::member - (int *)this); -printf ( B::member %d\n, this-B::member - (int *)this); -printf ( VDerived::member %d\n, this-VDerived::member - (int *)this); -printf ( MostDerived::member %d\n, this-MostDerived::member - (int *)this); +printf ( VBase::member %d\n, (int)(this-VBase::member - (int *)this)); +printf ( B::member %d\n, (int)(this-B::member - (int *)this)); +printf ( VDerived::member %d\n, (int)(this-VDerived::member - (int *)this)); +printf ( MostDerived::member %d\n, (int)(this-MostDerived::member - (int *)this)); } }; @@ -95,10 +95,10 @@ if (ctorVDerived != dum.VDerived::member) return 24; -printf ( VBase::member %d\n, dum.VBase::member - this_); -printf ( B::member %d\n, dum.B::member - this_); -printf ( VDerived::member %d\n, dum.VDerived::member - this_); -printf ( MostDerived::member %d\n, dum.MostDerived::member - this_); +printf ( VBase::member %d\n, (int)(dum.VBase::member - this_)); +printf ( B::member %d\n, (int)(dum.B::member - this_)); +printf ( VDerived::member %d\n, (int)(dum.VDerived::member - this_
[PATCH 8/12 ] New configure option --enable-espf=(all|ssp|pie|no)
Patch: gcc_doc.patch Add notes to the command line options and info about the new configure option. Gentoo Hardened Project Magnus Granberg --- a/gcc/doc/invoke.texi 2012-03-01 10:57:59.0 +0100 +++ b/gcc/doc/invoke.texi 2012-07-30 00:57:03.766847851 +0200 @@ -3216,6 +3216,10 @@ aspects of format checking, the options @option{-Wformat-nonliteral}, @option{-Wformat-security}, and @option{-Wformat=2} are available, but are not included in @option{-Wall}. +NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}is +this option enabled by default for C, C++, ObjC, ObjC++. +To disable, use @option{-Wformat=0}. + @item -Wformat-y2k @opindex Wformat-y2k @opindex Wno-format-y2k @@ -3269,6 +3273,12 @@ currently a subset of what @option{-Wfor in future warnings may be added to @option{-Wformat-security} that are not included in @option{-Wformat-nonliteral}.) +NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]} is +this option enabled by default for C, C++, ObjC, ObjC++. To disable, +use @option{-Wno-format-security}, or disable all format warnings +with @option{-Wformat=0}. To make format security warnings fatal, +specify @option{-Werror=format-security}. + @item -Wformat=2 @opindex Wformat=2 @opindex Wno-format=2 @@ -6229,6 +6239,13 @@ also turns on the following optimization Please note the warning under @option{-fgcse} about invoking @option{-O2} on programs that use computed gotos. +NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{|}pie@r{]}, +@option{-D_FORTIFY_SOURCE=2} is set by default, and is activated +when @option{-O} is set to 2 or higher. This enables additional +compile-time and run-time checks for several libc functions. +To disable, specify either @option{-U_FORTIFY_SOURCE} or +@option{-D_FORTIFY_SOURCE=0}. + @item -O3 @opindex O3 Optimize yet more. @option{-O3} turns on all optimizations specified @@ -8475,6 +8492,12 @@ functions with buffers larger than 8 byt when a function is entered and then checked when the function exits. If a guard check fails, an error message is printed and the program exits. +NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option +is enabled by default for C, C++, ObjC, ObjC++, if none of +@option{-fno-stack-protector}, @option{-nostdlib}, +@option{-fno-stack-protector-all}, @option{nodefaultlibs}, +nor @option{-ffreestanding} are found. + @item -fstack-protector-all @opindex fstack-protector-all Like @option{-fstack-protector} except that all functions are protected. @@ -9457,6 +9480,12 @@ For predictable results, you must also s that were used to generate code (@option{-fpie}, @option{-fPIE}, or model suboptions) when you specify this option. +NOTE: With configure --enable-espf=@r{[}all@r{|}pie@r{]} this option is +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles}, +@option{-shared}, @option{-nodefaultlibs}, nor @option{static} are found. + @item -rdynamic @opindex rdynamic Pass the flag @option{-export-dynamic} to the ELF linker, on targets @@ -19125,6 +19154,12 @@ used during linking. @code{__pie__} and @code{__PIE__}. The macros have the value 1 for @option{-fpie} and 2 for @option{-fPIE}. +NOTE: With configure --enable-espf=@r{[}all@r{|}pie@r{]} this option is +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles}, +@option{-shared}, @option{-nodefaultlibs}, nor @option{static} are found. + @item -fno-jump-tables @opindex fno-jump-tables Do not use jump tables for switch statements even where it would be --- a/gcc/doc/install.texi 2012-03-02 10:37:30.0 +0100 +++ b/gcc/doc/install.texi 2012-07-23 18:05:14.160784593 +0200 @@ -1392,6 +1392,18 @@ do a @samp{make -C gcc gnatlib_and_tools Specify that the run-time libraries for stack smashing protection should not be built. +@item --enable-espf=@var{list} +Will turn on some compiler and preprosessor options as default. +@option{-D_FORTIFY_SOURCE=2}, @option{-Wformat} and +@option{-Wformat-security} will be turn on as default and depend on +if you use @samp{all} it will turn on @option{-fstack-protection}and +@option{-fPIE} and @option{-pie} by default. if the support is there. If you +use @samp{ssp} it will turn on @option{-fstack-protection} by default if the +support is there. If you use @samp{pie} it will turn on @option{-fPIE} and +@option{-pie} by default if the support is there. If you use @samp{no} it will +not turn on any options. We only support i?86*-*-linux* and +x86_64*-*-linux* as target for now. + @item --disable-libquadmath Specify that the GCC quad-precision math library should not be built. On some systems, the library is required to be linkable when building
[PATCH 9-11/12 ] New configure option --enable-espf=(all|ssp|pie|no)
Patch: testsuite-espf-format.patch Add -Wno-format if check_effective_target_espf to some testfiles. Patch: testsuite-espf-fortify.patch Add check_effective_target_espf. New files for some of the testfiles so we can disable FORTIFY_SOURCE. Patch: testsuite-espf-piessp.patch Add -fno-PIE or -fno-stack-proctor if check_effective_target_espf. Gentoo Hardened Project Magnus Granberg--- a/gcc/testsuite/gcc.dg/charset/builtin2.c +++ b/gcc/testsuite/gcc.dg/charset/builtin2.c @@ -4,6 +4,7 @@ /* { dg-do compile } */ /* { dg-require-iconv IBM1047 } */ /* { dg-options -O2 -fexec-charset=IBM1047 } */ +/* { dg-additional-options -Wno-format { target espf } } */ /* { dg-final { scan-assembler-not printf } } */ /* { dg-final { scan-assembler-not fprintf } } */ /* { dg-final { scan-assembler-not sprintf } } */ --- a/gcc/testsuite/gcc.dg/format/format.exp +++ b/gcc/testsuite/gcc.dg/format/format.exp @@ -24,9 +24,16 @@ if [is_remote host] { load_lib gcc-dg.exp load_lib torture-options.exp +load_lib target-supports.exp torture-init -set-torture-options [list { } { -DWIDE } ] + +# Disable -Wformat if we use espf. +if [check_effective_target_espf] { + set-torture-options [list { -Wno-format } { -DWIDE -Wno-format } ] +} else { + set-torture-options [list { } { -DWIDE } ] +} dg-init gcc-dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.\[cS\]]] --- a/gcc/testsuite/gcc.dg/pr30473.c +++ b/gcc/testsuite/gcc.dg/pr30473.c @@ -2,6 +2,7 @@ /* Make sure this doesn't ICE. */ /* { dg-do compile } */ /* { dg-options -O2 } */ +/* { dg-additional-options Wno-format { target espf } } */ extern int sprintf (char *, const char *, ...); --- a/gcc/testsuite/gcc.dg/pr38902.c +++ b/gcc/testsuite/gcc.dg/pr38902.c @@ -2,6 +2,7 @@ /* { dg-do run } */ /* { dg-options -O2 -fstack-protector } */ /* { dg-require-effective-target fstack_protector } */ +/* { dg-additional-options Wno-format { target espf } } */ #ifdef DEBUG #include stdio.h --- a/gcc/testsuite/gcc.dg/ipa/ipa-sra-1.c 2010-09-10 01:38:23.0 +0200 +++b/gcc/testsuite/gcc.dg/ipa/ipa-sra-1.c 2012-07-31 14:37:53.238554197 +0200 @@ -1,5 +1,6 @@ /* { dg-do run } */ /* { dg-options -O2 -fipa-sra -fdump-tree-eipa_sra-details } */ +/* { dg-additional-options -Wno-format { target espf } } */ struct bovid { --- a/gcc/testsuite/gcc.dg/torture/tls/tls-test.c 2011-06-22 19:27:07.0 +0200 +++ b/gcc/testsuite/gcc.dg/torture/tls/tls-test.c 2012-08-21 23:51:33.205398132 +0200 @@ -2,6 +2,7 @@ /* { dg-require-effective-target tls } */ /* { dg-require-effective-target pthread } */ /* { dg-options -pthread } */ +/* { dg-additional-options -Wno-format { target espf } } */ #include pthread.h extern int printf (char *,...); --- a/gcc/testsuite/g++.dg/abi/pragma-pack1.C 2011-06-07 23:54:07.0 +0200 +++ b/gcc/testsuite/g++.dg/abi/pragma-pack1.C 2012-08-16 17:49:19.472877085 +0200 @@ -1,4 +1,5 @@ // PR c++/7046 +// { dg-additional-options -Wno-format { target espf } } extern C int printf (const char *, ...); --- a/gcc/testsuite/g++.dg/cpp0x/constexpr-tuple.C 2012-08-16 17:41:19.486862781 +0200 +++ b/gcc/testsuite/g++.dg/cpp0x/constexpr-tuple.C 2012-08-16 17:38:38.0 +0200 @@ -1,5 +1,6 @@ // PR c++/53202 // { dg-do run { target c++11 } } +// { dg-additional-options -Wno-format { target espf } } #include tuple --- a/gcc/testsuite/lib/target-supports.exp 2012-02-22 12:00:21.0 +0100 +++ b/gcc/testsuite/lib/target-supports.exp 2012-07-27 19:19:30.849216278 +0200 @@ -4419,6 +4419,14 @@ proc check_effective_target_lto { } { return [info exists ENABLE_LTO] } +# Return 1 if the compiler has been configure with espf +# (configure --enable-espf=(all|ssp|pie)) support. + +proc check_effective_target_espf { } { +global ENABLE_ESPF +return [info exists ENABLE_ESPF] +} + # Return 1 if this target supports the -fsplit-stack option, 0 # otherwise. --- a/gcc/testsuite/gcc.c-torture/execute/memset-1.x 2012-08-18 14:43:31.963694252 +0200 +++ b/gcc/testsuite/gcc.c-torture/execute/memset-1.x 2012-07-27 21:47:01.0 +0200 @@ -0,0 +1,6 @@ +load_lib target-supports.exp + +if { [check_effective_target_espf] } { +set additional_flags -U_FORTIFY_SOURCE +} +return 0 --- a/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x 2012-07-30 02:31:20.573793905 +0200 +++ b/gcc/testsuite/gcc.c-torture/execute/vprintf-chk-1.x 2012-07-27 21:47:01.574480025 +0200 @@ -0,0 +1,6 @@ +load_lib target-supports.exp + +if [check_effective_target_espf] { +set additional_flags -U_FORTIFY_SOURCE +} +return 0 --- a/gcc/testsuite/gcc.c-torture/execute/vfprintf-chk-1.x 2012-07-30 02:31:07.366794031 +0200 +++ b/gcc/testsuite/gcc.c-torture/execute/vfprintf-chk-1.x 2012-07-27 21:47:01.0 +0200 @@ -0,0 +1,6 @@ +load_lib target-supports.exp + +if [check_effective_target_espf] { +set additional_flags -U_FORTIFY_SOURCE +} +return 0 --- a/gcc/testsuite/gcc.dg/20021014-1.c 2009-10-02 01:08:07.0 +0200 +++ b/gcc
[PATCH 5-6/12 ] New configure option --enable-espf=(all|ssp|pie|no)
Patch: config.in.patch Add ENABLE_ESPF* Patch: gcc.c.patch Add espf_cpp_unique_options to *cpp_unique_options Gentoo Hardened Project Magnus Granberg --- a/gcc/config.in 2011-04-24 00:36:52.0 +0200 +++ b/gcc/config.in 2011-06-24 14:17:05.166236726 +0200 @@ -77,6 +77,29 @@ #endif +/* Define to 1 to enable espf. */ +#ifndef USED_FOR_TARGET +#undef ENABLE_ESPF +#endif + + +/* Define to 1 to enable espf with FORTIFY_SOURCES. */ +#ifndef USED_FOR_TARGET +#undef ENABLE_ESPF_FORTIFY +#endif + + +/* Define to 1 to enable espf with -fPIE -pie. */ +#ifndef USED_FOR_TARGET +#undef ENABLE_ESPF_PIE +#endif + + +/* Define to 1 to enable espf with -fstack-protector. */ +#ifndef USED_FOR_TARGET +#undef ENABLE_ESPF_SSP +#endif + /* Define to 1 to enable fixed-point arithmetic extension to C. */ #ifndef USED_FOR_TARGET #undef ENABLE_FIXED_POINT --- a/gcc/gcc.c 2012-02-28 18:31:38.0 +0100 +++ b/gcc/gcc.c 2012-08-01 03:10:01.060123826 +0200 @@ -756,8 +756,12 @@ static const char *cpp_unique_options = %{!iplugindir*:%{fplugin*:%:find-plugindir()}}\ %{H} %C %{D*U*A*} %{i*} %Z %i\ %{fmudflap:-D_MUDFLAP -include mf-runtime.h}\ - %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h}\ - %{E|M|MM:%W{o*}}; + %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h} + /* Needed by configure --enable-espf */ + #ifdef ENABLE_ESPF_FORTIFY +%(espf_cpp_unique_options) +#endif +%{E|M|MM:%W{o*}}; /* This contains cpp options which are common with cc1_options and are passed only when preprocessing only to avoid duplication. We pass the cc1 spec
[PATCH 3-4/12 ] New configure option --enable-espf=(all|ssp|pie|no)
Patch: config_all.patch This patch define ESPF_GCC_PIE_SPEC, ESPF_GCC_SSP_SPEC, ESPF_CPP_UNIQUE_OPTIONS_SPEC and ESPF_EXTRA_SPECS can be used on most linux targets. Patch_i386.patch Define DRIVER_SELF_SPECS and add ESPF_EXTRA_SPECS to SUBTARGET_EXTRA_SPECS Gentoo Hardened Project Magnus Granberg --- a/gcc/config/linux.h 2011-07-07 17:38:34.0 +0200 +++ b/gcc/config/linux.h 2012-07-09 14:24:08.599281404 +0200 @@ -104,3 +104,32 @@ see the files COPYING3 and COPYING.RUNTI /* Whether we have Bionic libc runtime */ #undef TARGET_HAS_BIONIC #define TARGET_HAS_BIONIC (OPTION_BIONIC) + +/* Needed by configure --enable-espf */ +#ifdef ENABLE_ESPF +#ifdef ENABLE_ESPF_PIE +#define ESPF_GCC_PIE_SPEC \ + %{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \ + shared|static|nostdlib|nostartfiles:;:-fPIE -pie} +#else +#define ESPF_GCC_PIE_SPEC +#endif +#ifdef ENABLE_ESPF_SSP +#define ESPF_GCC_SSP_SPEC \ + %{nostdlib|nodefaultlibs|fno-stack-protector|freestanding| \ + fstack-protector|fstack-protector-all:;:-fstack-protector} +#else +#define ESPF_GCC_SSP_SPEC +#endif +#ifdef ENABLE_ESPF_FORTIFY +#define ESPF_CPP_UNIQUE_OPTIONS_SPEC \ + %{D_FORTIFY_SOURCE|D_FORTIFY_SOURCE=*|U_FORTIFY_SOURCE:;:-D_FORTIFY_SOURCE=2} +#else +#define ESPF_CPP_UNIQUE_OPTIONS_SPEC +#endif +#define ESPF_DRIVER_SELF_SPECS \ + ESPF_GCC_PIE_SPEC, \ + ESPF_GCC_SSP_SPEC +#define ESPF_EXTRA_SPECS \ + { espf_cpp_unique_options, ESPF_CPP_UNIQUE_OPTIONS_SPEC } +#endif --- a/gcc/config/i386/linux.h 2011-06-03 20:30:39.0 +0200 +++ b/gcc/config/i386/linux.h 2012-07-05 21:00:38.304691613 +0200 @@ -22,3 +22,8 @@ along with GCC; see the file COPYING3. #define GNU_USER_LINK_EMULATION elf_i386 #define GLIBC_DYNAMIC_LINKER /lib/ld-linux.so.2 + +/* Needed by configure --enable-espf */ +#ifdef ENABLE_ESPF +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS +#endif --- a/gcc/config/i386/linux64.h 2011-07-07 17:38:34.0 +0200 +++ b/gcc/config/i386/linux64.h 2012-07-05 20:59:39.342689855 +0200 @@ -31,3 +31,8 @@ see the files COPYING3 and COPYING.RUNTI #define GLIBC_DYNAMIC_LINKER32 /lib/ld-linux.so.2 #define GLIBC_DYNAMIC_LINKER64 /lib64/ld-linux-x86-64.so.2 #define GLIBC_DYNAMIC_LINKERX32 /libx32/ld-linux-x32.so.2 + +/* Needed by configure --enable-espf */ +#ifdef ENABLE_ESPF +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS +#endif --- a/gcc/config/i386/gnu-user.h 2011-05-05 14:32:50.0 +0200 +++ b/gcc/config/i386/gnu-user.h 2012-07-09 14:28:38.726289455 +0200 @@ -93,9 +93,16 @@ along with GCC; see the file COPYING3. --32 %{!mno-sse2avx:%{mavx:-msse2avx}} %{msse2avx:%{!mavx:-msse2avx}} #undef SUBTARGET_EXTRA_SPECS +#if def ENABLE_ESPF #define SUBTARGET_EXTRA_SPECS \ { link_emulation, GNU_USER_LINK_EMULATION },\ - { dynamic_linker, GNU_USER_DYNAMIC_LINKER } + { dynamic_linker, GNU_USER_DYNAMIC_LINKER }, \ + ESPF_EXTRA_SPECS +#else +#define SUBTARGET_EXTRA_SPECS \ + { link_emulation, GNU_USER_LINK_EMULATION },\ + { dynamic_linker, GNU_USER_DYNAMIC_LINKER } +#endif #undef LINK_SPEC #define LINK_SPEC -m %(link_emulation) %{shared:-shared} \ --- a/gcc/config/i386/i386.h 2011-11-24 23:11:12.0 +0100 +++ b/gcc/config/i386/i386.h 2012-07-09 14:21:24.575276517 +0200 @@ -617,13 +617,16 @@ enum target_cpu_default Do not define this macro if it does not need to do anything. */ #ifndef SUBTARGET_EXTRA_SPECS +#ifdef ENABLE_ESPF +#define SUBTARGET_EXTRA_SPECS ESPF_EXTRA_SPECS +#else #define SUBTARGET_EXTRA_SPECS #endif +#endif #define EXTRA_SPECS \ { cc1_cpu, CC1_CPU_SPEC }, \ SUBTARGET_EXTRA_SPECS - /* Set the value of FLT_EVAL_METHOD in float.h. When using only the FPU, assume that the fpcw is set to extended precision; when using
[PATCH 1-2/12 ] New configure option --enable-espf=(all|ssp|pie|no)
Hi This new configure option will add some preprocessor, compiler or link command options as default. The default options will be -D_FORTIFY_SOURCE, -Wformat, - Wformat-security, -fPIE -pie and -fstack-protector. Depending on what is passed to --enable-espf=, ssp, pie, no, or all of them, will be turned on or off. Enable Stack protector, Position independent executable and Fortify_source is abbreviated as espf. Gentoo (Hardened) uses all the options by default and Ubuntu use some of them as defaut. It have been testing on 86_64-unknown- linux-gnu and 20120902 snapshot. I will add more target when tested. Patch: configure.ac.patch Add the new confiure options and add some new checks. Patch: Makefile.in.patch Will add -fno-stack-protector, -fno-PIE to needed flags and pass enable-espf to the testsuite. Gentoo Hardened project Magnus Granberg Changelog 2012-08-24 Magnus Granberg zo...@gentoo.org * configure.ac Add new configure options espf. * Makefile.in Add -fno-stack-protector when needed for espf. gcc/ * configure.ac Add new configure options espf. * Makefile.in Add -fno-PIE when needed for espf. * config.in Add ENABLE_ESPF, ENABLE_ESPF_FORTIFY, ENABLE_ESPF_PIE and ENABLE_ESPF_SSP. * config/linux.hDefine ESPF_GCC_PIE_SPEC, ESPF_GCC_SSP_SPEC, ESPF_CPP_UNIQUE_OPTIONS_SPEC, ESPF_DRIVER_SELF_SPECS and ESPF_EXTRA_SPECS. * config/i386/linux.h Define DRIVER_SELF_SPECS. * config/i386/linux64.h Likewise. * config/i386/gnu-user.hAdd ESPF_EXTRA_SPECS to SUBTARGET_EXTRA_SPECS when needed. * config/i386/i386.hLikewise. * gcc.c Add espf_cpp_unique_options to cpp_unique_options when needed. * c-family/c-common.c Enable warn_format when espf is enable. * c-family/c-format.c Enable warn_format_security when needed by espf. libgcc/ * libgcc/Makefile.inAdd -fno-PIE when needed for espf. 2012-08-26 Magnus Granberg zo...@gentoo.org Kees Cook k...@ubuntu.com gcc/doc/ * invoke.texi Add notes to -Wformat, -Wformat-security, -O2, -fstack-protector, -fPIE and -pie for espf. * install.texi Add new configure options 2012-08-26 Magnus Granberg zo...@gentoo.org Kees Cook k...@ubuntu.com gcc/testsuite * gcc.dg/charset/builtin2.c Add -Wno-format when effective_target is espf. * gcc.dg/format/format.exp Likewise. * gcc.dg/pr30473.c Likewise. * gcc.dg/pr38902.c Likewise. * gcc.dg/ipa/ipa-sra-1.cLikewise. * gcc.dg/torture/tls/tls-test.c Likewise. * g++.dg/abi/pragma-pack1.C Likewise. * g++.dg/cpp0x/constexpr-tuple.CLikewise. * lib/target-supports.exp Add check_effective_target_espf. * gcc.c-torture/execute/memset-1.x New file * gcc.c-torture/execute/vprintf-chk-1.x Likewise. * gcc.c-torture/execute/vfprintf-chk-1.xLikewise. * gcc.dg/stack-usage-1.cAdd -fno-stack-protector when effective_target is espf. * gcc.dg/superblock.c Likewise. * gcc.dg/20021014-1.c Add -fno-PIE when effective_target is espf. * gcc.dg/nest.c Likewise. * gcc.dg/nested-func-4.cLikewise. * gcc.dg/pr32450.c Likewise. * gcc.dg/pr43643.c Likewise. * g++.dg/other/anon5.C Likewise. * g++.old-deja/g++.law/profile1.C Likewise. * gcc.dg/tree-ssa/ssa-store-ccp-3.c Skip the test. 2012-08-27 Magnus Granberg zo...@gentoo.org Kees Cook k...@ubuntu.com gcc/testsuite/ PR 39537 * g++.dg/ext/align1.C Remove printf * g++.old-deja/g++.law/operators28.CFix format-string/type. * gcc.dg/torture/matrix-2.c Likewise. * gcc.dg/packed-vla.c
Re: [PATCH] PR48524 spec language does not cover switches with separated form
tisdag 20 december 2011 22.56.45 skrev du: On Tue, 20 Dec 2011, Magnus Granberg wrote: This patch make -D and -U work in the spec language, bug pr48524. Tested on x86_64-unknown-linux-gnu snapshot 4.7-20111217 Thanks for your contributions. As you've contributed before, this patch brings things to about the point where a copyright assignment will be needed. Please see http://gcc.gnu.org/wiki/CopyrightAssignment for the information to send to the FSF to get the assignment form. The copyright assignment is done. (718297) Wait for gcc 4.8? /Magnus
[PATCH] PR48524 spec language does not cover switches with separated form
Hi This patch make -D and -U work in the spec language, bug pr48524. Tested on x86_64-unknown-linux-gnu snapshot 4.7-20111217 Magnus. 2011-12-18 Magnus Granberg zo...@gentoo.org pr48524 * gcc/gcc.c (switch_matches) Support switches with separated form, -D and -U. * gcc/testsuite/gcc.dg/pr48524.cNew testcase. * gcc/testsuite/gcc.dg/pr48524.spec New spec file for the testcase. --- a/gcc/gcc.c 2011-11-03 15:46:26.0 +0100 +++ b/gcc/gcc.c 2011-12-17 21:05:02.353999101 +0100 @@ -5445,6 +5445,21 @@ check_live_switch (i, plen)) return true; +/* Check if a switch with separated form matching the atom. + We check -D and -U switches. */ +else if (switches[i].args != 0) + { + if ((*switches[i].part1 == 'D' || *switches[i].part1 == 'U') + *switches[i].part1 == atom[0]) + { + if (!strncmp (switches[i].args[0], atom[1], len -1) + (starred || (switches[i].part1[1]== '\0' + switches[i].args[0][len -1] == '\0')) + check_live_switch (i, (starred ? 1 : -1))) + return true; + } + } + return false; } --- a/gcc/testsuite/gcc.dg/pr48524.c 2011-12-18 16:34:59.592259140 +0100 +++ b/gcc/testsuite/gcc.dg/pr48524.c 2011-12-18 02:11:22.0 +0100 @@ -0,0 +1,6 @@ +/* { dg-do preprocess } */ +/* { dg-options -specs=${srcdir}/gcc.dg/pr48524.spec -D_TEST_D } */ +# ifdef _FOO +# error works /* { dg-error works } */ +# endif + --- a/gcc/testsuite/gcc.dg/pr48524.spec 2011-12-18 16:35:21.120259782 +0100 +++ b/gcc/testsuite/gcc.dg/pr48524.spec 2011-12-18 00:44:32.0 +0100 @@ -0,0 +1,5 @@ +*cpp_options: +%(cpp_unique_options) %1 %{m*} %{std*ansitrigraphs} %{W*pedantic*} %{w}\ + %{f*} %{g*:%{!g0:%{g*} %{!fno-working-directory:-fworking-directory}}} %{O*}\ + %{undef} %{save-temps*:-fpch-preprocess} %{D_TEST_D:-D_FOO} +