diff options
| author |   Magnus Granberg <zorry@gentoo.org> | 2012-07-08 23:35:30 +0200 |
|---|---|---|
| committer | Magnus Granberg <zorry@gentoo.org> | 2012-07-08 23:35:30 +0200 |
| commit | f75c7f873e548b69686fcff48519d8edb8ddeb32 (patch) | |
| tree | 9e498a19f04028d0131911d16aadda69a9f86c79 /gcc-4.7.0 | |
| parent | Fix a typo in the ssp_uclibc_check patch tag 0.5.2 (diff) | |
| download | hardened-gccpatchset-f75c7f873e548b69686fcff48519d8edb8ddeb32.tar.gz hardened-gccpatchset-f75c7f873e548b69686fcff48519d8edb8ddeb32.tar.bz2 hardened-gccpatchset-f75c7f873e548b69686fcff48519d8edb8ddeb32.zip | |
Updete of the upstrem patches
Diffstat (limited to 'gcc-4.7.0')
| -rw-r--r-- | gcc-4.7.0/piepatch/05_all_gcc47_gcc.c.patch | 18 | ||||
| -rw-r--r-- | gcc-4.7.0/piepatch/06_all_gcc46_esp.h.patch | 153 | ||||
| -rw-r--r-- | gcc-4.7.0/piepatch/10_all_gcc46_default-ssp.patch | 130 |
3 files changed, 2 insertions, 299 deletions
diff --git a/gcc-4.7.0/piepatch/05_all_gcc47_gcc.c.patch b/gcc-4.7.0/piepatch/05_all_gcc47_gcc.c.patch index ca03258..7f5a5d4 100644 --- a/gcc-4.7.0/piepatch/05_all_gcc47_gcc.c.patch +++ b/gcc-4.7.0/piepatch/05_all_gcc47_gcc.c.patch @@ -1,9 +1,8 @@ -2012-01-15 Magnus Granberg <zorry@gentoo.org> +2012-06-22 Magnus Granberg <zorry@gentoo.org> * gcc/gcc.c include esp.h static const char *cc1_spec We set that in esp.h if ENABLE_ESP. #ifdef EXTRA_SPECS: Add ESP_EXTRA_SPECS - main(): Add do_self_spec esp_command_options_spec() --- gcc/gcc.c 2010-01-21 10:29:30.000000000 -0500 +++ gcc/gcc.c 2010-01-29 23:29:16.000000000 -0500 @@ -11,7 +10,7 @@ #include "opts.h" #include "params.h" #include "vec.h" -+#include "esp.h" /* for --enable-esp support */ ++#include "config/esp.h" /* for --enable-esp support */ #include "filenames.h" /* By default there is no special suffix for target executables. */ @@ -69,16 +68,3 @@ for (i = ARRAY_SIZE (static_specs) - 1; i >= 0; i--) { -@@ -7096,6 +7123,12 @@ - gcc_exec_prefix = concat (gcc_exec_prefix, spec_machine, dir_separator_str, - spec_version, dir_separator_str, NULL); - -+#ifdef ENABLE_ESP -+ /* Process ESP_COMMAND_OPTIONS_SPEC, adding any new options to the end -+ of the command line. */ -+ do_self_spec (esp_command_options_spec); -+#endif -+ - /* Now we have the specs. - Set the `valid' bits for switches that match anything in any spec. */ - diff --git a/gcc-4.7.0/piepatch/06_all_gcc46_esp.h.patch b/gcc-4.7.0/piepatch/06_all_gcc46_esp.h.patch deleted file mode 100644 index e11c910..0000000 --- a/gcc-4.7.0/piepatch/06_all_gcc46_esp.h.patch +++ /dev/null @@ -1,153 +0,0 @@ -2012-04-03 Magnus Granberg <zorry@gentoo.org> - - * gcc/esp.h New file to support --enable-esp - Version 20120403.2 - ---- gcc/esp.h 2010-04-09 16:14:00.000000000 +0200 -+++ gcc/esp.h 2010-04-29 21:30:47.000000000 +0200 -@@ -0,0 +1,145 @@ -+/* License terms see GNU GENERAL PUBLIC LICENSE Version 3. -+ * Version 20120403.2 -+ * Magnus Granberg (Zorry) <zorry@gentoo.org> */ -+#ifndef GCC_ESP_H -+#define GCC_ESP_H -+ -+/* This file will add -fstack-protector-all, -fPIE, -pie and -z now -+ as default if the defines and the spec allow it. -+ Added a hack for gcc-specs-* in toolchain-funcs.eclass and _filter-hardened in flag-o-matic.eclass -+ to support older hardened GCC patches and we don't need to change the code on gcc-specs-* and _filter-hardened. -+ This will add some unsupported upstream commands options as -nopie and -nonow. -+ -D__KERNEL__ is added so we don't have -fPIE, -pie and -fstack-protector-all when building kernels. -+ ESP_CC1_SPEC is added to CC1_SPEC. -+ ESP_CC1_STRICT_OVERFLOW_SPEC is added so we don't disable the strict-overflow check. -+ ESP_LINK_PIE_CHECK_SPEC check for -pie, -p, -pg, -profile and -static. -+ ENABLE_CRTBEGINP add support for crtbeginP.o, build -static with -fPIE or -fpie. -+*/ -+#ifdef ENABLE_ESP -+ -+ /* Hack to support gcc-specs-* in toolchain-funcs.eclass and _filter-hardened in flag-o-matic.eclass */ -+ #define ESP_CC1_SPEC " %(esp_cc1_ssp) %(esp_cc1_pie) %(esp_cc1_strict_overflow)" -+ #if defined ( EFAULT_SSP ) || defined ( EFAULT_PIE_SSP ) -+ #define ESP_CC1_SSP_SPEC "%{!fno-stack-protector: %{!fno-stack-protector-all: }}" -+ #else -+ #define ESP_CC1_SSP_SPEC "" -+ #endif -+ #if defined ( EFAULT_PIE ) || defined ( EFAULT_PIE_SSP ) -+ #define ESP_CC1_PIE_SPEC "%{!nopie: }" -+ #else -+ #define ESP_CC1_PIE_SPEC "" -+ #endif -+ #define ESP_CC1_STRICT_OVERFLOW_SPEC "%{!fstrict-overflow:%{!fno-strict-overflow: -fno-strict-overflow}}" -+ -+ /* ESP_LINK_SPEC is added to LINK_PIE_SPEC if esp is enable -+ -z now will be added if we don't have -vanilla spec. We do a -pie incompatible check -+ Don't remove the specs in the end */ -+ #define ESP_LINK_SPEC "%(esp_link_now) %(esp_link_pie_check) " -+ #define ESP_LINK_NOW_SPEC "%{!nonow:-z now}" -+ -+ /* We use ESP_COMMAND_OPTIONS_SPEC to add pie command-line options. */ -+ #define ESP_COMMAND_OPTIONS_SPEC "%{!D__KERNEL__:%{!nopie:%(esp_options_pie) %(esp_link_pie)}}" -+ -+ /* ESP_OPTIONS_SPEC is added to the compiler spec in gcc/gcc.c */ -+ #define ESP_OPTIONS_SPEC "%(esp_options_ssp)" -+ -+ /* ESP_CPP_OPTIONS_SPEC is added to the cpp_options spec in gcc/gcc.c -+ For precompiling headers. */ -+ #define ESP_CPP_OPTIONS_SPEC "%(esp_options_ssp)" -+ -+ /* This will add -fstack-protector-all if we don't have -nostdlib -nodefaultlibs -fno-stack-protector -fstack-protector -+ -fstack-protector-all and we have EFAULT_SSP or EFAULT_PIE_SSP defined. */ -+ #if ( defined ( EFAULT_SSP ) || defined ( EFAULT_PIE_SSP ) ) && defined ( ENABLE_ESP_SSP ) -+ #define ESP_OPTIONS_SSP_SPEC \ -+ "%{!D__KERNEL__:%{!nostdlib:%{!nodefaultlibs: %{!fno-stack-protector: \ -+ %{!fstack-protector:%{!fstack-protector-all:-fstack-protector-all}}}}}}" -+ #else -+ #define ESP_OPTIONS_SSP_SPEC "" -+ #endif -+ -+ /* If EFAULT_PIE or EFAULT_PIE_SSP is defined we will add -fPIE -pie */ -+ #if defined ( EFAULT_PIE ) || defined ( EFAULT_PIE_SSP ) -+ -+ /* This will add -fPIE if we don't have -pie -fpic -fPIC -fpie -fPIE -fno-pic -fno-PIC -fno-pie -fno-PIE -shared -static -+ -nostdlib -nostartfiles. */ -+ /* With ENABLE_CRTBEGINP we don't need to check for -static */ -+ #ifdef ENABLE_CRTBEGINP -+ #define ESP_OPTIONS_PIE_SPEC \ -+ "%{!pie: %{!fpic:%{!fPIC:%{!fpie:%{!fPIE: %{!fno-pic:%{!fno-PIC:%{!fno-pie:%{!fno-PIE: \ -+ %{!shared: %{!nostdlib: %{!nostartfiles:-fPIE}} } }}}} }}}} }" -+ #else -+ #define ESP_OPTIONS_PIE_SPEC \ -+ "%{!pie: %{!fpic:%{!fPIC:%{!fpie:%{!fPIE: %{!fno-pic:%{!fno-PIC:%{!fno-pie:%{!fno-PIE: \ -+ %{!shared: %{!static: %{!nostdlib: %{!nostartfiles:-fPIE}} } }}}} }}}} }}" -+ #endif -+ -+ /* This will add -pie if we don't have -pie -A -fno-pic -fno-PIC -fno-pie -fno-PIE -shared -static -r -nostdlib -+ -nostartfiles */ -+ /* With ENABLE_CRTBEGINP we don't need to check for -static -+ and we add -pie only to get the start and endfiles. -pie will not go to the linker. */ -+ #ifdef ENABLE_CRTBEGINP -+ #define ESP_LINK_PIE_SPEC \ -+ "%{!pie:%{!A:%{!fno-pie:%{!fno-PIE:%{!fno-pic:%{!fno-PIC:%{!shared:%{!r: \ -+ %{!nostdlib:%{!nostartfiles:-pie}}}}}}}}}}" -+ #else -+ #define ESP_LINK_PIE_SPEC \ -+ "%{!pie:%{!A:%{!fno-pie:%{!fno-PIE:%{!fno-pic:%{!fno-PIC:%{!shared:%{!static:%{!r: \ -+ %{!nostdlib:%{!nostartfiles:-pie}}}}}}}}}}}" -+ #endif -+ -+ /* This will check if -pie is set when (-static) -pg -p -profile. If set it will make gcc print out -+ "-pie and (static)|pg|p|profile are incompatible when linking" */ -+ /* With ENABLE_CRTBEGINP we don't need to check for -static */ -+ #ifdef ENABLE_CRTBEGINP -+ #define ESP_LINK_PIE_CHECK_SPEC \ -+ "%{pie:%{pg|p|profile:%e-pie and -pg|p|profile are incompatible when linking}}" -+ #else -+ #define ESP_LINK_PIE_CHECK_SPEC \ -+ "%{pie:%{static|pg|p|profile:%e-pie and -static|pg|p|profile are incompatible when linking}}" -+ #endif -+ -+ /* We don't pass -pie to the linker when -static. */ -+ #ifdef ENABLE_CRTBEGINP -+ #define LINK_PIE_SPEC "%{!static:%{pie:-pie}} %(esp_link)" -+ #else -+ #define LINK_PIE_SPEC "%{pie:-pie} %(esp_link)" -+ #endif -+ -+ #else -+ #define ESP_OPTIONS_PIE_SPEC "" -+ #define ESP_LINK_PIE_CHECK_SPEC "" -+ #define ESP_LINK_PIE_SPEC "" -+ #define LINK_PIE_SPEC "%{pie:-pie} %(esp_link)" -+ #endif -+ -+ /* We add extra spec name's to the EXTRA_SPECS list */ -+ #define ESP_EXTRA_SPECS \ -+ { "esp_cc1", ESP_CC1_SPEC }, \ -+ { "esp_cc1_pie", ESP_CC1_PIE_SPEC }, \ -+ { "esp_cc1_ssp", ESP_CC1_SSP_SPEC }, \ -+ { "esp_cc1_strict_overflow", ESP_CC1_STRICT_OVERFLOW_SPEC }, \ -+ { "esp_link", ESP_LINK_SPEC }, \ -+ { "esp_link_now", ESP_LINK_NOW_SPEC }, \ -+ { "esp_link_pie", ESP_LINK_PIE_SPEC }, \ -+ { "esp_link_pie_check", ESP_LINK_PIE_CHECK_SPEC }, \ -+ { "esp_command_options", ESP_COMMAND_OPTIONS_SPEC }, \ -+ { "esp_cpp_options", ESP_CPP_OPTIONS_SPEC }, \ -+ { "esp_options", ESP_OPTIONS_SPEC }, \ -+ { "esp_options_pie", ESP_OPTIONS_PIE_SPEC }, \ -+ { "esp_options_ssp", ESP_OPTIONS_SSP_SPEC } -+ -+ static const char *esp_command_options_spec = ESP_COMMAND_OPTIONS_SPEC; -+ static const char *cc1_spec = CC1_SPEC ESP_CC1_SPEC; -+ -+#else /* If not ESP_ENABLE defined do this. */ -+ -+ #define ESP_OPTIONS_SPEC "" -+ #define ESP_CPP_OPTIONS_SPEC "" -+ -+ /* We add extra spec name's to the EXTRA_SPECS list */ -+ #define ESP_EXTRA_SPECS \ -+ { "esp_options", ESP_OPTIONS_SPEC }, \ -+ { "esp_cpp_options", ESP_CPP_OPTIONS_SPEC } -+ -+#endif -+#endif /* End GCC_ESP_H */ diff --git a/gcc-4.7.0/piepatch/10_all_gcc46_default-ssp.patch b/gcc-4.7.0/piepatch/10_all_gcc46_default-ssp.patch deleted file mode 100644 index ea4be77..0000000 --- a/gcc-4.7.0/piepatch/10_all_gcc46_default-ssp.patch +++ /dev/null @@ -1,130 +0,0 @@ -2011-03-05 Matthias Klose <doko@ubuntu.com>, Kees Cook <kees@outflux.net>, - Magnus Granberg <zorry@gentoo.org> - - * gcc/objc/lang-specs.h compiler spec Add %(esp_options) - * gcc/objcp/lang-specs.h compiler spec Add %(esp_options) - * gcc/gcc.c *cpp_options Add %(esp_cpp_options) - * gcc/gcc.c default_compilers[] Add %(esp_options) - * gcc/cp/lang-specs.h compiler spec Add %(esp_options) - ---- a/gcc/gcc.c.orig 2009-12-21 -+++ b/gcc/gcc.c 2009-12-21 -@@ -740,7 +749,7 @@ - static const char *cpp_options = - "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\ - %{f*} %{g*:%{!g0:%{g*} %{!fno-working-directory:-fworking-directory}}} %{O*}\ -- %{undef} %{save-temps*:-fpch-preprocess}"; -+ %{undef} %{save-temps*:-fpch-preprocess} %(esp_cpp_options)"; - - /* This contains cpp options which are not passed when the preprocessor - output will be used by another program. */ -@@ -914,9 +923,9 @@ - %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \ - %(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\ - cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \ -- %(cc1_options)}\ -+ %(cc1_options) %(esp_options)}\ - %{!save-temps*:%{!traditional-cpp:%{!no-integrated-cpp:\ -- cc1 %(cpp_unique_options) %(cc1_options)}}}\ -+ cc1 %(cpp_unique_options) %(cc1_options) %(esp_options)}}}\ - %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 1}, - {"-", - "%{!E:%e-E or -x required when input is from standard input}\ -@@ -953,7 +953,7 @@ - %W{o*:--output-pch=%*}}%V}}}}}}", 0, 0, 0}, - {".i", "@cpp-output", 0, 0, 0}, - {"@cpp-output", -- "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, -+ "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %(esp_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, - {".s", "@assembler", 0, 0, 0}, - {"@assembler", - "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0}, ---- a/gcc/cp/lang-specs.h 2011-03-06 17:27:57.000000000 +0100 -+++ b/gcc/cp/lang-specs.h 2011-03-26 13:30:40.312423000 +0100 -@@ -47,7 +47,7 @@ - %(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\ - cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\ - %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ -- %(cc1_options) %2\ -+ %(cc1_options) %(esp_options) %2\ - %{!fsyntax-only:%{!fdump-ada-spec*:-o %g.s %{!o*:--output-pch=%i.gch}\ - %W{o*:--output-pch=%*}}%V}}}}", - CPLUSPLUS_CPP_SPEC, 0, 0}, -@@ -58,7 +58,7 @@ - %(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\ - cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\ - %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ -- %(cc1_options) %2\ -+ %(cc1_options) %(esp_options) %2\ - %{!fsyntax-only:%(invoke_as)}}}}", - CPLUSPLUS_CPP_SPEC, 0, 0}, - {".ii", "@c++-cpp-output", 0, 0, 0}, - ---- a/gcc/objcp/lang-specs.h 2011-03-06 17:27:57.000000000 +0100 -+++ a/gcc/objcp/lang-specs.h 2011-03-26 14:19:12.596423000 +0100 -@@ -36,7 +36,7 @@ - %(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\ - cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\ - %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ -- %(cc1_options) %2\ -+ %(cc1_options) %(esp_options) %2\ - -o %g.s %{!o*:--output-pch=%i.gch} %W{o*:--output-pch=%*}%V}}}", - CPLUSPLUS_CPP_SPEC, 0, 0}, - {"@objective-c++", -@@ -46,16 +46,16 @@ - %(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\ - cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\ - %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ -- %(cc1_options) %2\ -+ %(cc1_options) %(esp_options) %2\ - %{!fsyntax-only:%(invoke_as)}}}}", - CPLUSPLUS_CPP_SPEC, 0, 0}, - {".mii", "@objective-c++-cpp-output", 0, 0, 0}, - {"@objective-c++-cpp-output", - "%{!M:%{!MM:%{!E:\ -- cc1objplus -fpreprocessed %i %(cc1_options) %2\ -+ cc1objplus -fpreprocessed %i %(cc1_options) %(esp_options) %2\ - %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, - {"@objc++-cpp-output", - "%nobjc++-cpp-output is deprecated; please use objective-c++-cpp-output instead\n\ - %{!M:%{!MM:%{!E:\ -- cc1objplus -fpreprocessed %i %(cc1_options) %2\ -+ cc1objplus -fpreprocessed %i %(cc1_options) %(esp_options) %2\ - %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, ---- a/gcc/objc/lang-specs.h 2011-03-06 17:27:57.000000000 +0100 -+++ b/gcc/objc/lang-specs.h 2011-03-26 14:56:27.668423000 +0100 -@@ -30,9 +30,9 @@ - %{traditional|traditional-cpp:\ - %eGNU Objective C no longer supports traditional compilation}\ - %{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\ -- cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}\ -+ cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}}\ - %{!save-temps*:%{!no-integrated-cpp:\ -- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}}\ -+ cc1obj %(cpp_unique_options) %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}}}\ - %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, - {"@objective-c-header", - "%{E|M|MM:cc1obj -E %{traditional|traditional-cpp:-traditional-cpp}\ -@@ -41,18 +41,18 @@ - %{traditional|traditional-cpp:\ - %eGNU Objective C no longer supports traditional compilation}\ - %{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\ -- cc1obj -fpreprocessed %b.mi %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ -+ cc1obj -fpreprocessed %b.mi %(cc1_options)%(esp_options) %{print-objc-runtime-info} %{gen-decls}\ - -o %g.s %{!o*:--output-pch=%i.gch}\ - %W{o*:--output-pch=%*}%V}\ - %{!save-temps*:%{!no-integrated-cpp:\ -- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ -+ cc1obj %(cpp_unique_options) %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}\ - -o %g.s %{!o*:--output-pch=%i.gch}\ - %W{o*:--output-pch=%*}%V}}}}}", 0, 0, 0}, - {".mi", "@objective-c-cpp-output", 0, 0, 0}, - {"@objective-c-cpp-output", -- "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ -+ "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}\ - %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, - {"@objc-cpp-output", - "%nobjc-cpp-output is deprecated; please use objective-c-cpp-output instead\n\ -- %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ -+ %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(esp_options) %{print-objc-runtime-info} %{gen-decls}\ - %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, |