CVS commit: src/share/mk

Tue, 14 Jun 2016 06:27:08 -0700 

Module Name:    src
Committed By:   christos
Date:           Tue Jun 14 13:26:45 UTC 2016

Modified Files:
        src/share/mk: bsd.README bsd.own.mk bsd.sys.mk

Log Message:
Add and document MKRELRO and set x86 to partial by default.


To generate a diff of this commit:
cvs rdiff -u -r1.353 -r1.354 src/share/mk/bsd.README
cvs rdiff -u -r1.935 -r1.936 src/share/mk/bsd.own.mk
cvs rdiff -u -r1.258 -r1.259 src/share/mk/bsd.sys.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/share/mk/bsd.README
diff -u src/share/mk/bsd.README:1.353 src/share/mk/bsd.README:1.354
--- src/share/mk/bsd.README:1.353	Sun Mar 13 13:56:56 2016
+++ src/share/mk/bsd.README	Tue Jun 14 09:26:45 2016
@@ -1,4 +1,4 @@
-#	$NetBSD: bsd.README,v 1.353 2016/03/13 17:56:56 christos Exp $
+#	$NetBSD: bsd.README,v 1.354 2016/06/14 13:26:45 christos Exp $
 #	@(#)bsd.README	8.2 (Berkeley) 4/2/94
 
 This is the README file for the make "include" files for the NetBSD
@@ -369,6 +369,10 @@ MKPOSTFIX	If "no", don't build or instal
 MKPROFILE	If "no", don't build or install the profiling (*_p.a) libraries.
 		Default: yes
 
+MKRELRO		If "partial", set the non-PLT GOT to read-only. If "full"
+		also force immediate symbol binding.
+		Default: no
+	
 MKREPRO         If "yes", create reproducable builds. This enables
 		different switches to make two builds from the same source tree
 		result in the same build results.

Index: src/share/mk/bsd.own.mk
diff -u src/share/mk/bsd.own.mk:1.935 src/share/mk/bsd.own.mk:1.936
--- src/share/mk/bsd.own.mk:1.935	Fri Jun 10 04:59:26 2016
+++ src/share/mk/bsd.own.mk	Tue Jun 14 09:26:45 2016
@@ -1,4 +1,4 @@
-#	$NetBSD: bsd.own.mk,v 1.935 2016/06/10 08:59:26 mrg Exp $
+#	$NetBSD: bsd.own.mk,v 1.936 2016/06/14 13:26:45 christos Exp $
 
 # This needs to be before bsd.init.mk
 .if defined(BSD_MK_COMPAT_FILE)
@@ -1065,6 +1065,16 @@ MKPIE?=		no
 .endif
 
 #
+# RELRO is enabled on i386 and amd64 by default
+#
+.if ${MACHINE_ARCH} == "i386" || \
+    ${MACHINE_ARCH} == "x86_64"
+MKRELRO?=	partial
+.else
+MKRELRO?=	no
+.endif
+
+#
 # MK* options which default to "yes".
 #
 _MKVARS.yes= \

Index: src/share/mk/bsd.sys.mk
diff -u src/share/mk/bsd.sys.mk:1.258 src/share/mk/bsd.sys.mk:1.259
--- src/share/mk/bsd.sys.mk:1.258	Tue Apr 12 14:50:45 2016
+++ src/share/mk/bsd.sys.mk	Tue Jun 14 09:26:45 2016
@@ -1,4 +1,4 @@
-#	$NetBSD: bsd.sys.mk,v 1.258 2016/04/12 18:50:45 christos Exp $
+#	$NetBSD: bsd.sys.mk,v 1.259 2016/06/14 13:26:45 christos Exp $
 #
 # Build definitions used for NetBSD source tree builds.
 
@@ -56,6 +56,14 @@ CFLAGS+=	${${ACTIVE_CC} == "gcc" :? -Wno
 # Set assembler warnings to be fatal
 CFLAGS+=	-Wa,--fatal-warnings
 .endif
+
+.if ${MKRELRO:Uno} != "no"
+LDFLAGS+=	-Wl,-z,relro
+.endif
+.if ${MKRELRO:Uno} == "full"
+LDFLAGS+=	-Wl,-z,now
+.endif
+
 # Set linker warnings to be fatal
 # XXX no proper way to avoid "FOO is a patented algorithm" warnings
 # XXX on linking static libs

Reply via email to