2010-05-24	Magnus Granberg		<zorry@gentoo.org>

		* Makefile.in	We add -fno-stack-protector to BOOT_CFLAGS, LIBCFLAGS and LIBCXXFLAGS if enable_esp yes.
		* gcc/Makefile.in	Add -fno-PIE and -fno-stack-protector.
	    Libgcc2 doesn't compile with -fstack-protector.
	    Crtstuff doesn't compile with -fPIE and -fstack-protector.
		$(out_object_file): ix86_split_to_parts() stack smashing attack b.g.o #149292.
		Add crtbeginTS.o to EXTRA_PARTS if enable_crtbeginTS yes
		We add new file crtbeginTS.o if enable_crtbeginTS yes
		* libgcc/Makefile.in	Add crtbeginTS.o to EXTRA_PARTS if enable_crtbeginTS yes
		We add new file crtbeginTS.o if enable_crtbeginTS yes
 
2010-04-23	Magnus Granberg		<zorry@gentoo.org>,	Kees Cook	<kees@outflux.net>

		LP #344502
		* libmudflap/Makefiles.in	Add -fno-stack-protector -U_FORTIFY_SOURCE
		to AM_CFLAGS if enable_esp yes.

--- Makefile.in	2009-04-14 10:57:33.000000000 +0200
+++ Makefile.in	2009-07-21 05:29:54.000000000 +0200
@@ -305,9 +305,17 @@
 BUILD_PREFIX = @BUILD_PREFIX@
 BUILD_PREFIX_1 = @BUILD_PREFIX_1@
 
+# Some stuff don't compile with SSP
+enable_esp = @enable_esp@
+ifeq ($(enable_esp),yes)
+ESP_NOSSP_CFLAGS = -fno-stack-protector
+else
+ESP_NOSSP_CFLAGS=
+endif
+
 # Flags to pass to stage2 and later makes.  They are defined
 # here so that they can be overridden by Makefile fragments.
-BOOT_CFLAGS= -g -O2
+BOOT_CFLAGS= -g -O2 $(ESP_NOSSP_CFLAGS)
 BOOT_LDFLAGS=
 BOOT_ADAFLAGS=-gnatpg -gnata
 
@@ -350,9 +358,9 @@
 
 CFLAGS = @CFLAGS@
 LDFLAGS = @LDFLAGS@
-LIBCFLAGS = $(CFLAGS)
+LIBCFLAGS = $(CFLAGS) $(ESP_NOSSP_CFLAGS)
 CXXFLAGS = @CXXFLAGS@
-LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates
+LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates $(ESP_NOSSP_CFLAGS)
 
 # Only build the C compiler for stage1, because that is the only one that
 # we can guarantee will build with the native compiler, and also it is the
--- gcc/Makefile.in	2009-04-29 01:16:56.000000000 +0200
+++ gcc/Makefile.in	2009-07-05 02:11:04.000000000 +0200
@@ -580,13 +580,24 @@
 INHIBIT_LIBC_CFLAGS = -Dinhibit_libc
 endif
 
+# We don't want __stack_chk_fail in crt* and libgcc2.a.
+# We don't want to compile crtbegin, crtend and crtbeginT with -fPIE.
+enable_esp = @enable_esp@
+ifeq ($(enable_esp),yes)
+ESP_NOPIE_CFLAGS = -fno-PIE
+ESP_NOSSP_CFLAGS = -fno-stack-protector
+else
+ESP_NOPIE_CFLAGS=
+ESP_NOSSP_CFLAGS=
+endif
+
 # Options to use when compiling libgcc2.a.
 #
 LIBGCC2_DEBUG_CFLAGS = -g
 LIBGCC2_CFLAGS = -O2 $(LIBGCC2_INCLUDES) $(GCC_CFLAGS) $(TARGET_LIBGCC2_CFLAGS) \
 		 $(LIBGCC2_DEBUG_CFLAGS) $(GTHREAD_FLAGS) \
 		 -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED \
-		 $(INHIBIT_LIBC_CFLAGS)
+		 $(INHIBIT_LIBC_CFLAGS) $(ESP_NOSSP_CFLAGS)
 
 # Additional options to use when compiling libgcc2.a.
 # Some targets override this to -isystem include
@@ -599,7 +610,7 @@
 CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
   -finhibit-size-directive -fno-inline-functions -fno-exceptions \
   -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
-  $(INHIBIT_LIBC_CFLAGS)
+  $(INHIBIT_LIBC_CFLAGS) $(ESP_NOSSP_CFLAGS)
 
 # Additional sources to handle exceptions; overridden by targets as needed.
 LIB2ADDEH = $(srcdir)/unwind-dw2.c $(srcdir)/unwind-dw2-fde.c \
@@ -629,6 +640,12 @@
 # The rules for compiling them should be in the t-* file for the machine.
 EXTRA_PARTS = @extra_parts@
 
+# We add crtbeginTS.o to the EXTRA_PARTS list if enable_crtbeginTS = yes
+enable_crtbeginTS = @enable_crtbeginTS@
+ifeq ($(enable_crtbeginTS),yes)
+EXTRA_PARTS += crtbeginTS.o
+endif
+
 # List of extra object files that should be compiled and linked with
 # compiler proper (cc1, cc1obj, cc1plus).
 EXTRA_OBJS = @extra_objs@
@@ -1719,8 +1736,9 @@
 	echo LIBGCC_SYNC = '$(LIBGCC_SYNC)' >> tmp-libgcc.mvars
 	echo LIBGCC_SYNC_CFLAGS = '$(LIBGCC_SYNC_CFLAGS)' >> tmp-libgcc.mvars
 	echo CRTSTUFF_CFLAGS = '$(CRTSTUFF_CFLAGS)' >> tmp-libgcc.mvars
-	echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS)' >> tmp-libgcc.mvars
+	echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS) $(ESP_NOPIE_CFLAGS)' >> tmp-libgcc.mvars
 	echo CRTSTUFF_T_CFLAGS_S = '$(CRTSTUFF_T_CFLAGS_S)' >> tmp-libgcc.mvars
+	echo enable_crtbeginTS = '$(enable_crtbeginTS)' >> tmp-libgcc.mvars
 
 	mv tmp-libgcc.mvars libgcc.mvars
 
@@ -1754,12 +1771,14 @@
 $(T)crtbegin.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
   gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
 	$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \
+	$(ESP_NOPIE_CFLAGS) \
 	  -c $(srcdir)/crtstuff.c -DCRT_BEGIN \
 	  -o $(T)crtbegin$(objext)
 
 $(T)crtend.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
   gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
 	$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \
+	$(ESP_NOPIE_CFLAGS) \
 	  -c $(srcdir)/crtstuff.c -DCRT_END \
 	  -o $(T)crtend$(objext)
 
@@ -1780,9 +1800,19 @@
 $(T)crtbeginT.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
   gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
 	$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \
+	$(ESP_NOPIE_CFLAGS) \
 	  -c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O \
 	  -o $(T)crtbeginT$(objext)
 
+# This is a version of crtbegin for -static -fPIE links if espf is enable.
+ifeq ($(enable_crtbeginTS),yes)
+$(T)crtbeginTS.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
+  gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
+	$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS_S) \
+	  -c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O -DCRTSTUFFS_O \
+	  -o $(T)crtbeginTS$(objext)
+endif
+
 # Compile the start modules crt0.o and mcrt0.o that are linked with
 # every program
 $(T)crt0.o: s-crt0 ; @true
@@ -3057,7 +3083,7 @@
    output.h $(INSN_ATTR_H) $(SYSTEM_H) $(TOPLEV_H) $(TARGET_H) libfuncs.h \
    $(TARGET_DEF_H) $(FUNCTION_H) $(SCHED_INT_H) $(TM_P_H) $(EXPR_H) \
    langhooks.h $(GGC_H) $(OPTABS_H) $(REAL_H) tm-constrs.h $(GIMPLE_H)
-	$(CC) -c $(ALL_CFLAGS) $(ALL_CPPFLAGS) \
+	$(CC) -c $(ALL_CFLAGS) $(ALL_CPPFLAGS) $(ESP_NOSSP_CFLAGS)\
 		$(out_file) $(OUTPUT_OPTION)
 
 # Build auxiliary files that support ecoff format.
--- libgcc/Makefile.in	2009-04-10 01:23:07.000000000 +0200
+++ libgcc/Makefile.in	2009-09-08 03:42:47.000000000 +0200
@@ -280,6 +280,12 @@
 gen-hide-list = echo > \$@
 endif
 
+# We add crtbeginTS.o to the EXTRA_PARTS list if enable_crtbeginTS = yes
+enable_libgcc_crtbeginTS = $(enable_crtbeginTS)
+ifeq ($(enable_libgcc_crtbeginTS),yes)
+EXTRA_PARTS += crtbeginTS.o
+endif
+
 ifneq ($(EXTRA_PARTS),)
   extra-parts = libgcc-extra-parts
   INSTALL_PARTS = $(EXTRA_PARTS)
@@ -831,6 +837,13 @@
 crtbeginT.o: $(gcc_srcdir)/crtstuff.c
 	$(crt_compile) $(CRTSTUFF_T_CFLAGS) \
 	  -c $(gcc_srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O
+
+# This is a version of crtbegin for -static -fPIE links.
+ifeq ($(enable_libgcc_crtbeginTS),yes)
+crtbeginTS.o: $(gcc_srcdir)/crtstuff.c
+	$(crt_compile) $(CRTSTUFF_T_CFLAGS_S) \
+	  -c $(gcc_srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O -DCRTSTUFFS_O
+endif
 endif
 
 # Build extra startfiles in the libgcc directory.
--- libmudflap/Makefile.in	2009-04-29 01:16:56.000000000 +0200
+++ libmudflap/Makefile.in	2009-07-21 05:41:56.000000000 +0200
@@ -253,9 +253,17 @@
 MAINT_CHARSET = latin1
 SUBDIRS = testsuite
 
+# Some stuff don't compile with SSP and FORTIFY_SOURCE
+enable_esp = @enable_esp@
+ifeq ($(enable_esp),yes)
+	NO_ESP_CFLAGS = -fno-stack-protector -U_FORTIFY_SOURCE
+else
+	NO_ESP_CFLAGS =
+endif
+
 # May be used by various substitution variables.
 gcc_version := $(shell cat $(top_srcdir)/../gcc/BASE-VER)
-AM_CFLAGS = -Wall $(SECTION_FLAGS)
+AM_CFLAGS = -Wall $(SECTION_FLAGS) $(NO_ESP_CFLAGS)
 @LIBMUDFLAPTH_FALSE@libmudflapth = 
 @LIBMUDFLAPTH_TRUE@libmudflapth = libmudflapth.la
 toolexeclib_LTLIBRARIES = libmudflap.la $(libmudflapth)