diff options
| author |   Magnus Granberg (Zorry) <zorry@gentoo.org> | 2010-05-04 00:59:49 +0200 |
|---|---|---|
| committer | Magnus Granberg (Zorry) <zorry@gentoo.org> | 2010-05-04 00:59:49 +0200 |
| commit | d09a5968d34e1989d85c62c49f513380bfe40c22 (patch) | |
| tree | a8ad670e0b5fea7cfc85b61385350b16615c67ed | |
| parent | Updated README todo (diff) | |
| download | hardened-gccpatchset-d09a5968d34e1989d85c62c49f513380bfe40c22.tar.gz hardened-gccpatchset-d09a5968d34e1989d85c62c49f513380bfe40c22.tar.bz2 hardened-gccpatchset-d09a5968d34e1989d85c62c49f513380bfe40c22.zip | |
Added the gcc-4.3.4 patches
23 files changed, 671 insertions, 0 deletions
diff --git a/gcc-4.3.4/piepatch/00_all_gcc-4.4-cvs-incompat.patch b/gcc-4.3.4/piepatch/00_all_gcc-4.4-cvs-incompat.patch new file mode 100644 index 0000000..e602ced --- /dev/null +++ b/gcc-4.3.4/piepatch/00_all_gcc-4.4-cvs-incompat.patch @@ -0,0 +1,16 @@ +2004-11-14 Peter S Mazinger <ps.m@gmx.net> + + * gcc/gcc.c: Add some test spec. + Fix for incompatible spec options. + +--- gcc/gcc.c.mps ++++ gcc/gcc.c +@@ -794,6 +794,8 @@ + /* NB: This is shared amongst all front-ends. */ + static const char *cc1_options = + "%{pg:%{fomit-frame-pointer:%e-pg and -fomit-frame-pointer are incompatible}}\ ++ %{shared:%{static|pie|fPIE|fpie|fno-PIC|fno-pic:%e-shared and -static|pie|fPIE|fpie|fno-PIC|fno-pic are incompatible}}\ ++ %{pie:%{static|pg|p|profile:%e-pie and -static|pg|p|profile are incompatible}}\ + %1 %{!Q:-quiet} -dumpbase %B %{d*} %{m*} %{a*}\ + %{c|S:%{o*:-auxbase-strip %*}%{!o*:-auxbase %b}}%{!c:%{!S:-auxbase %b}}\ + %{g*} %{O*} %{W*&pedantic*} %{w} %{std*&ansi}\ diff --git a/gcc-4.3.4/piepatch/05_all_gcc-4.3-compile-no-ssp.patch b/gcc-4.3.4/piepatch/05_all_gcc-4.3-compile-no-ssp.patch new file mode 100644 index 0000000..8491fa3 --- /dev/null +++ b/gcc-4.3.4/piepatch/05_all_gcc-4.3-compile-no-ssp.patch @@ -0,0 +1,37 @@ +2007-05-20 Natanael Copa <natanael.copa@gmail> + Magnus Granberg <zorry@ume.nu> + + * gcc/Makefile.in: Add no-ssp. + Make libgcc2 not comile with ssp. + Make crtstuff not compile wuth ssp. + stage1/cc1: stack smashing attack in function ix86_split_to_parts(). + +--- gcc/Makefile.in ++++ gcc/Makefile.in +@@ -563,7 +563,7 @@ + LIBGCC2_CFLAGS = -O2 $(LIBGCC2_INCLUDES) $(GCC_CFLAGS) $(TARGET_LIBGCC2_CFLAGS) \ + $(LIBGCC2_DEBUG_CFLAGS) $(GTHREAD_FLAGS) \ + -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED \ +- $(INHIBIT_LIBC_CFLAGS) ++ -fno-stack-protector $(INHIBIT_LIBC_CFLAGS) + + # Additional options to use when compiling libgcc2.a. + # Some targets override this to -isystem include +@@ -576,7 +576,7 @@ + CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \ + -finhibit-size-directive -fno-inline-functions -fno-exceptions \ + -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \ +- $(INHIBIT_LIBC_CFLAGS) ++ -fno-stack-protector $(INHIBIT_LIBC_CFLAGS) + + # Additional sources to handle exceptions; overridden by targets as needed. + LIB2ADDEH = $(srcdir)/unwind-dw2.c $(srcdir)/unwind-dw2-fde.c \ +@@ -2641,7 +2641,7 @@ + output.h $(INSN_ATTR_H) $(SYSTEM_H) toplev.h $(TARGET_H) libfuncs.h \ + $(TARGET_DEF_H) $(FUNCTION_H) $(SCHED_INT_H) $(TM_P_H) $(EXPR_H) \ + langhooks.h $(GGC_H) $(OPTABS_H) $(REAL_H) tm-constrs.h +- $(CC) -c $(ALL_CFLAGS) $(ALL_CPPFLAGS) \ ++ $(CC) -c $(ALL_CFLAGS) -fno-stack-protector $(ALL_CPPFLAGS) \ + $(out_file) $(OUTPUT_OPTION) + + # Build auxiliary files that support ecoff format. diff --git a/gcc-4.3.4/piepatch/06_all_gcc-4.4-decl-tls-model.patch b/gcc-4.3.4/piepatch/06_all_gcc-4.4-decl-tls-model.patch new file mode 100644 index 0000000..86f8618 --- /dev/null +++ b/gcc-4.3.4/piepatch/06_all_gcc-4.4-decl-tls-model.patch @@ -0,0 +1,17 @@ +2008-12-12 <zorry@ume.nu> + + * gcc/varasm.c (decl_tls_model): Check flag_pic instead of flag_shlib. + + flag_pie never get use to change the tls model. + +--- gcc/varasm.c.zorry ++++ gcc/varasm.c +@@ -4614,7 +4614,7 @@ + } + + is_local = targetm.binds_local_p (decl); +- if (!flag_shlib) ++ if (!flag_pic) + { + if (is_local) + kind = TLS_MODEL_LOCAL_EXEC; diff --git a/gcc-4.3.4/piepatch/10_all_gcc-4.4-gen-crt-start-endfile.patch b/gcc-4.3.4/piepatch/10_all_gcc-4.4-gen-crt-start-endfile.patch new file mode 100644 index 0000000..66d4adc --- /dev/null +++ b/gcc-4.3.4/piepatch/10_all_gcc-4.4-gen-crt-start-endfile.patch @@ -0,0 +1,220 @@ +2008-12-29 Magnus Granberg <zorry@ume.nu> + Petet S. Mazinger <ps.m@gmx.net> + + * gcc/config/alpha/elf.h: Move CRT, START and ENDFILE to gcc/gcc.c + * gcc/config/i386/linux64.h: Likewise. + * gcc/config/i386/linux.h: Likewise. + * gcc/config/ia64/linux.h: Likewise. + * gcc/config/linux.h: Likewise. + * gcc/config/rs6000/linux64.h: Likewise. + * gcc/config/rs6000/sysv4.h: Likewise. + * gcc/gcc.c Add CRT, START and ENDFILE + +--- gcc/config/alpha/elf.h.zorry ++++ gcc/config/alpha/elf.h +@@ -360,15 +360,7 @@ + before entering `main'. */ + + #undef STARTFILE_SPEC +-#ifdef HAVE_LD_PIE +-#define STARTFILE_SPEC \ +- "%{!shared: %{pg|p:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}}\ +- crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#else +-#define STARTFILE_SPEC \ +- "%{!shared: %{pg|p:gcrt1.o%s;:crt1.o%s}}\ +- crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#endif ++#define STARTFILE_SPEC "%(ld_pie_crtfile_gen) crti.o%s %(startfile_pie_t_gen)" + + /* Provide a ENDFILE_SPEC appropriate for ELF. Here we tack on the + magical crtend.o file which provides part of the support for +@@ -378,7 +370,7 @@ + #undef ENDFILE_SPEC + #define ENDFILE_SPEC \ + "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ +- %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" ++ %(endfile_pie_gen) crtn.o%s" + + /* We support #pragma. */ + #define HANDLE_SYSV_PRAGMA 1 +--- gcc/config/i386/linux64.h.zorry ++++ gcc/config/i386/linux64.h +@@ -81,7 +81,7 @@ + %{mpc32:crtprec32.o%s} \ + %{mpc64:crtprec64.o%s} \ + %{mpc80:crtprec80.o%s} \ +- %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" ++ %(endfile_pie_gen) crtn.o%s" + + #if TARGET_64BIT_DEFAULT + #define MULTILIB_DEFAULTS { "m64" } +--- gcc/config/i386/linux.h.zorry ++++ gcc/config/i386/linux.h +@@ -123,7 +123,7 @@ + %{mpc32:crtprec32.o%s} \ + %{mpc64:crtprec64.o%s} \ + %{mpc80:crtprec80.o%s} \ +- %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" ++ %(endfile_pie_gen) crtn.o%s" + + /* A C statement (sans semicolon) to output to the stdio stream + FILE the assembler definition of uninitialized global DECL named +--- gcc/config/ia64/linux.h.zorry ++++ gcc/config/ia64/linux.h +@@ -20,21 +20,13 @@ + + /* Need to override linux.h STARTFILE_SPEC, since it has crtbeginT.o in. */ + #undef STARTFILE_SPEC +-#ifdef HAVE_LD_PIE +-#define STARTFILE_SPEC \ +- "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}}\ +- crti.o%s %{shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#else +-#define STARTFILE_SPEC \ +- "%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}}\ +- crti.o%s %{shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#endif ++#define STARTFILE_SPEC "%(ld_pie_crtfile_gen) crti.o%s %(startfile_pie_gen)" + + /* Similar to standard Linux, but adding -ffast-math support. */ + #undef ENDFILE_SPEC + #define ENDFILE_SPEC \ + "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ +- %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" ++ %(endfile_pie_gen) crtn.o%s" + + /* Define this for shared library support because it isn't in the main + linux.h file. */ +--- gcc/config/linux.h.zorry ++++ gcc/config/linux.h +@@ -38,15 +38,7 @@ + object constructed before entering `main'. */ + + #undef STARTFILE_SPEC +-#if defined HAVE_LD_PIE +-#define STARTFILE_SPEC \ +- "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \ +- crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#else +-#define STARTFILE_SPEC \ +- "%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}} \ +- crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#endif ++#define STARTFILE_SPEC "%(ld_pie_crtfile_gen) crti.o%s %(startfile_pie_t_gen)" + + /* Provide a ENDFILE_SPEC appropriate for GNU/Linux. Here we tack on + the GNU/Linux magical crtend.o file (see crtstuff.c) which +@@ -55,8 +47,7 @@ + GNU/Linux "finalizer" file, `crtn.o'. */ + + #undef ENDFILE_SPEC +-#define ENDFILE_SPEC \ +- "%{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" ++#define ENDFILE_SPEC "%(endfile_pie_gen) crtn.o%s" + + /* This is for -profile to use -lc_p instead of -lc. */ + #ifndef CC1_SPEC +--- gcc/config/rs6000/linux64.h.zorry ++++ gcc/config/rs6000/linux64.h +@@ -151,7 +151,7 @@ + #endif + + #define ASM_SPEC32 "-a32 %{n} %{T} %{Ym,*} %{Yd,*} \ +-%{mrelocatable} %{mrelocatable-lib} %{fpic:-K PIC} %{fPIC:-K PIC} \ ++%{mrelocatable} %{mrelocatable-lib} %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_pie) \ + %{memb} %{!memb: %{msdata: -memb} %{msdata=eabi: -memb}} \ + %{!mlittle: %{!mlittle-endian: %{!mbig: %{!mbig-endian: \ + %{mcall-freebsd: -mbig} \ +--- gcc/config/rs6000/sysv4.h.zorry ++++ gcc/config/rs6000/sysv4.h +@@ -873,20 +873,13 @@ + %{!mnewlib: %{pthread:-lpthread} %{shared:-lc} \ + %{!shared: %{profile:-lc_p} %{!profile:-lc}}}" + +-#ifdef HAVE_LD_PIE + #define STARTFILE_LINUX_SPEC "\ +-%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \ ++%(ld_pie_crtfile_gen) \ + %{mnewlib:ecrti.o%s;:crti.o%s} \ +-%{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#else +-#define STARTFILE_LINUX_SPEC "\ +-%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}} \ +-%{mnewlib:ecrti.o%s;:crti.o%s} \ +-%{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +-#endif ++%(startfile_pie_t_gen)" + + #define ENDFILE_LINUX_SPEC "\ +-%{shared|pie:crtendS.o%s;:crtend.o%s} \ ++%(endfile_pie_gen) \ + %{mnewlib:ecrtn.o%s;:crtn.o%s}" + + #define LINK_START_LINUX_SPEC "" +--- gcc/gcc.c.zorry ++++ gcc/gcc.c +@@ -701,12 +701,34 @@ + #endif + #endif + +-#ifndef LINK_PIE_SPEC + #ifdef HAVE_LD_PIE + #define LINK_PIE_SPEC "%{pie:-pie} " ++#define LD_PIE_CRTFILE_GEN_SPEC "%(crtfile_pie_gen)" ++#define ASM_PIE_SPEC "%{pie:-K PIC}" + #else + #define LINK_PIE_SPEC "%{pie:} " ++#define LD_PIE_CRTFILE_GEN_SPEC "%(crtfile_gen)" ++#define ASM_PIE_SPEC "" + #endif ++ ++#ifndef CRTFILE_GEN_SPEC ++#define CRTFILE_GEN_SPEC "%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}}" ++#endif ++ ++#ifndef CRTFILE_PIE_GEN_SPEC ++#define CRTFILE_PIE_GEN_SPEC "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s} }" ++#endif ++ ++#ifndef STARTFILE_PIE_T_GEN_SPEC ++#define STARTFILE_PIE_T_GEN_SPEC "%{shared|pie:crtbeginS.o%s;static:crtbeginT.o%s;:crtbegin.o%s}" ++#endif ++ ++#ifndef STARTFILE_PIE_GEN_SPEC ++#define STARTFILE_PIE_GEN_SPEC "%{shared|pie:crtbeginS.o%s;:crtbegin.o%s}" ++#endif ++ ++#ifndef ENDFILE_PIE_GEN_SPEC ++#define ENDFILE_PIE_GEN_SPEC "%{shared|pie:crtendS.o%s;:crtend.o%s}" + #endif + + /* -u* was put back because both BSD and SysV seem to support it. */ +@@ -772,6 +794,13 @@ + static const char *sysroot_spec = SYSROOT_SPEC; + static const char *sysroot_suffix_spec = SYSROOT_SUFFIX_SPEC; + static const char *sysroot_hdrs_suffix_spec = SYSROOT_HEADERS_SUFFIX_SPEC; ++static const char *asm_pie_spec = ASM_PIE_SPEC; ++static const char *ld_pie_crtfile_gen_spec = LD_PIE_CRTFILE_GEN_SPEC; ++static const char *crtfile_gen_spec = CRTFILE_GEN_SPEC; ++static const char *crtfile_pie_gen_spec = CRTFILE_PIE_GEN_SPEC; ++static const char *startfile_pie_t_gen_spec = STARTFILE_PIE_T_GEN_SPEC; ++static const char *startfile_pie_gen_spec = STARTFILE_PIE_GEN_SPEC; ++static const char *endfile_pie_gen_spec = ENDFILE_PIE_GEN_SPEC; + + /* Standard options to cpp, cc1, and as, to reduce duplication in specs. + There should be no need to override these in target dependent files, +@@ -1605,6 +1634,13 @@ + INIT_STATIC_SPEC ("sysroot_spec", &sysroot_spec), + INIT_STATIC_SPEC ("sysroot_suffix_spec", &sysroot_suffix_spec), + INIT_STATIC_SPEC ("sysroot_hdrs_suffix_spec", &sysroot_hdrs_suffix_spec), ++ INIT_STATIC_SPEC ("asm_pie", &asm_pie_spec), ++ INIT_STATIC_SPEC ("ld_pie_crtfile_gen", &ld_pie_crtfile_gen_spec), ++ INIT_STATIC_SPEC ("crtfile_gen", &crtfile_gen_spec), ++ INIT_STATIC_SPEC ("crtfile_pie_gen", &crtfile_pie_gen_spec), ++ INIT_STATIC_SPEC ("startfile_pie_t_gen", &startfile_pie_t_gen_spec), ++ INIT_STATIC_SPEC ("startfile_pie_gen", &startfile_pie_gen_spec), ++ INIT_STATIC_SPEC ("endfile_pie_gen", &endfile_pie_gen_spec), + }; + + #ifdef EXTRA_SPECS /* additional specs needed */ diff --git a/gcc-4.3.4/piepatch/11_all_gcc-4.3-sparc-gen-crt-start-endfiles.patch b/gcc-4.3.4/piepatch/11_all_gcc-4.3-sparc-gen-crt-start-endfiles.patch new file mode 100644 index 0000000..c23245a --- /dev/null +++ b/gcc-4.3.4/piepatch/11_all_gcc-4.3-sparc-gen-crt-start-endfiles.patch @@ -0,0 +1,46 @@ +2008-11-26 Magnus Granberg <zorry@ume.nu> + Peter S. Mazinger <ps.m@gmx.net> + + * gcc/config/sparc/linux64.h: Move CRT, START and ENDFILE to gcc/gcc.c + * gcc/config/sparc/linux.h: Likewise. + +--- gcc/config/sparc/linux64.h ++++ gcc/config/sparc/linux64.h +@@ -83,7 +74,7 @@ + #undef ENDFILE_SPEC + + #define ENDFILE_SPEC \ +- "%{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s\ ++ "%(endfile_pie_gen) crtn.o%s\ + %{ffast-math|funsafe-math-optimizations:crtfastmath.o%s}" + + /* The GNU C++ standard library requires that these macros be defined. */ +@@ -281,7 +272,7 @@ + %{T} \ + %{Ym,*} \ + %{Wa,*:%*} \ +--s %{fpic|fPIC|fpie|fPIE:-K PIC} \ ++-s %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_pie) \ + %{mlittle-endian:-EL} \ + %(asm_cpu) %(asm_arch) %(asm_relax)" + +--- gcc/config/sparc/linux.h ++++ gcc/config/sparc/linux.h +@@ -64,7 +56,7 @@ + + #undef ENDFILE_SPEC + #define ENDFILE_SPEC \ +- "%{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s\ ++ "%(endfile_pie_gen) crtn.o%s\ + %{ffast-math|funsafe-math-optimizations:crtfastmath.o%s}" + + /* This is for -profile to use -lc_p instead of -lc. */ +@@ -146,7 +138,7 @@ + #undef ASM_SPEC + #define ASM_SPEC \ + "%{V} %{v:%{!V:-V}} %{!Qn:-Qy} %{n} %{T} %{Ym,*} %{Wa,*:%*} -s \ +- %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_cpu) %(asm_relax)" ++ %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_pie) %(asm_cpu) %(asm_relax)" + + /* Same as sparc.h */ + #undef DBX_REGISTER_NUMBER diff --git a/gcc-4.3.4/piepatch/20_all_gcc-4.4-gentoo-hardened-setup.patch b/gcc-4.3.4/piepatch/20_all_gcc-4.4-gentoo-hardened-setup.patch new file mode 100644 index 0000000..7c94a47 --- /dev/null +++ b/gcc-4.3.4/piepatch/20_all_gcc-4.4-gentoo-hardened-setup.patch @@ -0,0 +1,98 @@ +2008-12-17 Magnus Granberg <zorry@ume.nu> + Peter S. Mazinger <ps.m@gmx.net> + + * gcc/gcc.c: Add spec suff. + We add Gentoo Hardened minispec support. + +--- gcc/gcc.c.zorry ++++ gcc/gcc.c +@@ -705,10 +705,12 @@ + #define LINK_PIE_SPEC "%{pie:-pie} " + #define LD_PIE_CRTFILE_GEN_SPEC "%(crtfile_pie_gen)" + #define ASM_PIE_SPEC "%{pie:-K PIC}" ++#define CC1_PIE_SPEC "%{pie:-fPIE}" + #else + #define LINK_PIE_SPEC "%{pie:} " + #define LD_PIE_CRTFILE_GEN_SPEC "%(crtfile_gen)" + #define ASM_PIE_SPEC "" ++#define CC1_PIE_SPEC "" + #endif + + #ifndef CRTFILE_GEN_SPEC +@@ -731,6 +733,28 @@ + #define ENDFILE_PIE_GEN_SPEC "%{shared|pie:crtendS.o%s;:crtend.o%s}" + #endif + ++#ifndef CC1_GENTOO_HARDENED_SPEC ++#define CC1_GENTOO_HARDENED_SPEC "%{!D__KERNEL__: %(cc1_pie) %(cc1_ssp) } %(cc1_strict)" ++#endif ++#ifndef CC1_SSP_SPEC ++#define CC1_SSP_SPEC "" ++#endif ++#ifndef CC1_SSP_ALL_SPEC ++#define CC1_SSP_ALL_SPEC "" ++#endif ++#ifndef CC1_STRICT_SPEC ++#define CC1_STRICT_SPEC "" ++#endif ++#ifndef LINK_NOW_SPEC ++#define LINK_NOW_SPEC "" ++#endif ++ ++ ++ ++ ++ ++ ++ + /* -u* was put back because both BSD and SysV seem to support it. */ + /* %{static:} simply prevents an error message if the target machine + doesn't handle -static. */ +@@ -740,7 +764,7 @@ + #ifndef LINK_COMMAND_SPEC + #define LINK_COMMAND_SPEC "\ + %{!fsyntax-only:%{!c:%{!M:%{!MM:%{!E:%{!S:\ +- %(linker) %l " LINK_PIE_SPEC "%X %{o*} %{A} %{d} %{e*} %{m} %{N} %{n} %{r}\ ++ %(linker) %l %(link_pie) %(link_now) %X %{o*} %{A} %{d} %{e*} %{m} %{N} %{n} %{r}\ + %{s} %{t} %{u*} %{x} %{z} %{Z} %{!A:%{!nostdlib:%{!nostartfiles:%S}}}\ + %{static:} %{L*} %(mfwrap) %(link_libgcc) %o\ + %{fopenmp|ftree-parallelize-loops=*:%:include(libgomp.spec)%(link_gomp)} %(mflib)\ +@@ -772,7 +796,7 @@ + + static const char *asm_debug; + static const char *cpp_spec = CPP_SPEC; +-static const char *cc1_spec = CC1_SPEC; ++static const char *cc1_spec = CC1_SPEC CC1_GENTOO_HARDENED_SPEC; + static const char *cc1plus_spec = CC1PLUS_SPEC; + static const char *link_gcc_c_sequence_spec = LINK_GCC_C_SEQUENCE_SPEC; + static const char *link_ssp_spec = LINK_SSP_SPEC; +@@ -801,6 +825,14 @@ + static const char *startfile_pie_t_gen_spec = STARTFILE_PIE_T_GEN_SPEC; + static const char *startfile_pie_gen_spec = STARTFILE_PIE_GEN_SPEC; + static const char *endfile_pie_gen_spec = ENDFILE_PIE_GEN_SPEC; ++static const char *cc1_ssp_spec = CC1_SSP_SPEC; ++static const char *cc1_ssp_all_spec = CC1_SSP_ALL_SPEC; ++static const char *cc1_pie_spec = CC1_PIE_SPEC; ++static const char *cc1_strict_spec = CC1_STRICT_SPEC; ++static const char *link_now_spec = LINK_NOW_SPEC; ++static const char *link_pie_spec = LINK_PIE_SPEC; ++ ++ + + /* Standard options to cpp, cc1, and as, to reduce duplication in specs. + There should be no need to override these in target dependent files, +@@ -1643,6 +1675,14 @@ + INIT_STATIC_SPEC ("startfile_pie_t_gen", &startfile_pie_t_gen_spec), + INIT_STATIC_SPEC ("startfile_pie_gen", &startfile_pie_gen_spec), + INIT_STATIC_SPEC ("endfile_pie_gen", &endfile_pie_gen_spec), ++ INIT_STATIC_SPEC ("cc1_ssp", &cc1_ssp_spec), ++ INIT_STATIC_SPEC ("cc1_ssp_all", &cc1_ssp_all_spec), ++ INIT_STATIC_SPEC ("cc1_pie", &cc1_pie_spec), ++ /* INIT_STATIC_SPEC ("cc1_fortify", &cc1_fortify_spec), */ ++ INIT_STATIC_SPEC ("cc1_strict", &cc1_strict_spec), ++ /* INIT_STATIC_SPEC ("link_relro", &link_relro_spec), */ ++ INIT_STATIC_SPEC ("link_now", &link_now_spec), ++ INIT_STATIC_SPEC ("link_pie", &link_pie_spec), + }; + + #ifdef EXTRA_SPECS /* additional specs needed */ diff --git a/gcc-4.3.4/piepatch/30_all_gcc-4.3-crtbeginTS-fno-PIE.patch b/gcc-4.3.4/piepatch/30_all_gcc-4.3-crtbeginTS-fno-PIE.patch new file mode 100644 index 0000000..166a5fa --- /dev/null +++ b/gcc-4.3.4/piepatch/30_all_gcc-4.3-crtbeginTS-fno-PIE.patch @@ -0,0 +1,95 @@ + 2008-11-26 Magnus Granberg <zorry@ume.nu> + Peter S. Mazinger <ps.m@gmx.net> + + * gcc/config.gcc: Add crtbeginTS.o + * gcc/Makefile.in: Add -fnoPIE and crtbeginTS.o + * libgcc/config.host: Add crtbeginTS.o + * libgcc/Makefile.in: Add crtbeginTS.o + +--- gcc/config.gcc.zorry ++++ gcc/config.gcc +@@ -493,7 +493,7 @@ + ;; + *-*-linux* | frv-*-*linux* | *-*-kfreebsd*-gnu | *-*-knetbsd*-gnu) + # Must come before *-*-gnu* (because of *-*-linux-gnu* systems). +- extra_parts="crtbegin.o crtbeginS.o crtbeginT.o crtend.o crtendS.o" ++ extra_parts="crtbegin.o crtbeginS.o crtbeginT.o crtbeginTS.o crtend.o crtendS.o" + extra_options="${extra_options} linux.opt" + gas=yes + gnu_ld=yes +--- gcc/Makefile.in.zorry ++++ gcc/Makefile.in +@@ -1665,36 +1665,43 @@ + # constructors. + $(T)crtbegin.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \ + gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H) +- $(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \ ++ $(GCC_FOR_TARGET) -fno-PIE $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \ + -c $(srcdir)/crtstuff.c -DCRT_BEGIN \ + -o $(T)crtbegin$(objext) + + $(T)crtend.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \ + gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H) +- $(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \ ++ $(GCC_FOR_TARGET) -fno-PIE $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \ + -c $(srcdir)/crtstuff.c -DCRT_END \ + -o $(T)crtend$(objext) + + # These are versions of crtbegin and crtend for shared libraries. + $(T)crtbeginS.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \ + gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H) +- $(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS_S) \ ++ $(GCC_FOR_TARGET) -fno-PIE $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS_S) \ + -c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFS_O \ + -o $(T)crtbeginS$(objext) + + $(T)crtendS.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \ + gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H) +- $(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS_S) \ ++ $(GCC_FOR_TARGET) -fno-PIE $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS_S) \ + -c $(srcdir)/crtstuff.c -DCRT_END -DCRTSTUFFS_O \ + -o $(T)crtendS$(objext) + + # This is a version of crtbegin for -static links. + $(T)crtbeginT.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \ + gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H) +- $(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \ ++ $(GCC_FOR_TARGET) -fno-PIE $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \ + -c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O \ + -o $(T)crtbeginT$(objext) + ++# This is a version of crtbegin for -static -fPIE links. ++$(T)crtbeginTS.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \ ++ gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H) ++ $(GCC_FOR_TARGET) -fno-PIE $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS_S) \ ++ -c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O -DCRTSTUFFS_O \ ++ -o $(T)crtbeginTS$(objext) ++ + # Compile the start modules crt0.o and mcrt0.o that are linked with + # every program + $(T)crt0.o: s-crt0 ; @true +--- libgcc/config.host.zorry ++++ libgcc/config.host +@@ -164,7 +164,7 @@ + ;; + *-*-linux* | frv-*-*linux* | *-*-kfreebsd*-gnu | *-*-knetbsd*-gnu) + # Must come before *-*-gnu* (because of *-*-linux-gnu* systems). +- extra_parts="crtbegin.o crtbeginS.o crtbeginT.o crtend.o crtendS.o" ++ extra_parts="crtbegin.o crtbeginS.o crtbeginT.o crtbeginTS.o crtend.o crtendS.o" + ;; + *-*-gnu*) + ;; +--- libgcc/Makefile.in.zorry ++++ libgcc/Makefile.in +@@ -783,6 +783,11 @@ + crtbeginT.o: $(gcc_srcdir)/crtstuff.c + $(crt_compile) $(CRTSTUFF_T_CFLAGS) \ + -c $(gcc_srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O ++ ++# This is a version of crtbegin for -static -fPIE links. ++crtbeginTS.o: $(gcc_srcdir)/crtstuff.c ++ $(crt_compile) $(CRTSTUFF_T_CFLAGS_S) \ ++ -c $(gcc_srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O -DCRTSTUFFS_O + endif + + # Build extra startfiles in the libgcc directory. diff --git a/gcc-4.3.4/piepatch/README.Gentoo.patches b/gcc-4.3.4/piepatch/README.Gentoo.patches new file mode 100644 index 0000000..ef89a69 --- /dev/null +++ b/gcc-4.3.4/piepatch/README.Gentoo.patches @@ -0,0 +1,28 @@ + ================ + === W[hat]TF === + ================ + +Gentoo patchsets that have grown too large to keep on the rsync mirrors have +been moved to our cvs tree. From there, we bundle up all the whee little +patches into a tarball and distribute it via our public mirroring system. + +If you want specific info about a patch (like wtf it does or whose great idea +it was to change the code), read the patch ! We try to fill out the top of +them with useful info such as what it does, why it's needed, bug reports, +original creators, etc... For simple patches, we reserve the right to assume +your IQ is greater than absolute 0 and figure out what it does w/out an +explanation. If, by some miracle of science, it falls below the absolute 0 +mark, you should help mankind by finding some scientists and letting them +probe you with their ... erm ... probes. + + ================= + === W[here]TF === + ================= + +For those with CVS access, you want the 'src/patchsets' dir inside of the +'gentoo' cvs module. + +For those w/out CVS access, this URL should help you: +http://sources.gentoo.org/gentoo/src/patchsets/ + +It should be pretty easy to find your way around, you're a big boy after all. diff --git a/gcc-4.3.4/specs/README.Gentoo.patches b/gcc-4.3.4/specs/README.Gentoo.patches new file mode 100644 index 0000000..ef89a69 --- /dev/null +++ b/gcc-4.3.4/specs/README.Gentoo.patches @@ -0,0 +1,28 @@ + ================ + === W[hat]TF === + ================ + +Gentoo patchsets that have grown too large to keep on the rsync mirrors have +been moved to our cvs tree. From there, we bundle up all the whee little +patches into a tarball and distribute it via our public mirroring system. + +If you want specific info about a patch (like wtf it does or whose great idea +it was to change the code), read the patch ! We try to fill out the top of +them with useful info such as what it does, why it's needed, bug reports, +original creators, etc... For simple patches, we reserve the right to assume +your IQ is greater than absolute 0 and figure out what it does w/out an +explanation. If, by some miracle of science, it falls below the absolute 0 +mark, you should help mankind by finding some scientists and letting them +probe you with their ... erm ... probes. + + ================= + === W[here]TF === + ================= + +For those with CVS access, you want the 'src/patchsets' dir inside of the +'gentoo' cvs module. + +For those w/out CVS access, this URL should help you: +http://sources.gentoo.org/gentoo/src/patchsets/ + +It should be pretty easy to find your way around, you're a big boy after all. diff --git a/gcc-4.3.4/specs/hardenednopie.specs b/gcc-4.3.4/specs/hardenednopie.specs new file mode 100644 index 0000000..4cf8316 --- /dev/null +++ b/gcc-4.3.4/specs/hardenednopie.specs @@ -0,0 +1 @@ +%include <nopie.specs> diff --git a/gcc-4.3.4/specs/hardenednopiessp.specs b/gcc-4.3.4/specs/hardenednopiessp.specs new file mode 100644 index 0000000..fd8b63b --- /dev/null +++ b/gcc-4.3.4/specs/hardenednopiessp.specs @@ -0,0 +1,3 @@ +%include <nosspall.specs> +%include <nossp.specs> +%include <nopie.specs> diff --git a/gcc-4.3.4/specs/hardenednossp.specs b/gcc-4.3.4/specs/hardenednossp.specs new file mode 100644 index 0000000..d6f15fd --- /dev/null +++ b/gcc-4.3.4/specs/hardenednossp.specs @@ -0,0 +1,2 @@ +%include <nosspall.specs> +%include <nossp.specs> diff --git a/gcc-4.3.4/specs/nopie.specs b/gcc-4.3.4/specs/nopie.specs new file mode 100644 index 0000000..0115a08 --- /dev/null +++ b/gcc-4.3.4/specs/nopie.specs @@ -0,0 +1,24 @@ +*asm_pie: + + +*cc1_pie: + + +*crtfile_gen: +%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}} + +*crtfile_pie_gen: +%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s} } + +*endfile_pie_gen: +%{shared|pie:crtendS.o%s;:crtend.o%s} + +*startfile_pie_gen: +%{shared|pie:crtbeginS.o%s;:crtbegin.o%s} + +*startfile_pie_t_gen: +%{shared|pie:crtbeginS.o%s;static:crtbeginT.o%s;:crtbegin.o%s} + +*link_pie: +%{pie: -pie} + diff --git a/gcc-4.3.4/specs/nossp.specs b/gcc-4.3.4/specs/nossp.specs new file mode 100644 index 0000000..c41dc60 --- /dev/null +++ b/gcc-4.3.4/specs/nossp.specs @@ -0,0 +1,3 @@ +*cc1_ssp: + + diff --git a/gcc-4.3.4/specs/nosspall.specs b/gcc-4.3.4/specs/nosspall.specs new file mode 100644 index 0000000..34748c9 --- /dev/null +++ b/gcc-4.3.4/specs/nosspall.specs @@ -0,0 +1,3 @@ +*cc1_ssp_all: + + diff --git a/gcc-4.3.4/specs/nostrict.specs b/gcc-4.3.4/specs/nostrict.specs new file mode 100644 index 0000000..8c6e5fa --- /dev/null +++ b/gcc-4.3.4/specs/nostrict.specs @@ -0,0 +1,3 @@ +*cc1_strict: +%{!fstrict-overflow:-fno-strict-overflow} + diff --git a/gcc-4.3.4/specs/noznow.specs b/gcc-4.3.4/specs/noznow.specs new file mode 100644 index 0000000..0361995 --- /dev/null +++ b/gcc-4.3.4/specs/noznow.specs @@ -0,0 +1,3 @@ +*link_now: +%{nonow:} + diff --git a/gcc-4.3.4/specs/pie.specs b/gcc-4.3.4/specs/pie.specs new file mode 100644 index 0000000..ee2bbe2 --- /dev/null +++ b/gcc-4.3.4/specs/pie.specs @@ -0,0 +1,27 @@ +*asm_pie: +%{pie:-K PIC} %{!pie: %{!fpic:%{!fPIC:%{!fpie:%{!fPIE: %{!fno-pic:%{!fno-PIC:%{!fno-pie:%{!fno-PIE: \ +%{!shared: %{!nostdlib: %{!nostartfiles:%{!nopie:-K PIC} }}} }}}} }}}} } + +*cc1_pie: +%{pie:-fPIE} %{!pie: %{!fpic:%{!fPIC:%{!fpie:%{!fPIE: %{!fno-pic:%{!fno-PIC:%{!fno-pie:%{!fno-PIE: \ +%{!shared: %{!nostdlib: %{!nostartfiles: %{!nopie:-fPIE}}} } }}}} }}}} } + +*crtfile_gen: +%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}} + +*crtfile_pie_gen: +%{!shared: %{pg|p|profile:gcrt1.o%s} %{!pg:%{!p:%{fno-pie|fno-PIE|nopie:crt1.o%s;:Scrt1.o%s}}} } + +*endfile_pie_gen: +%{shared:crtendS.o%s} %{!shared:%{fno-pie|fno-PIE|nopie:crtend.o%s;:crtendS.o%s}} + +*startfile_pie_gen: +%{shared:crtbeginS.o%s} %{!shared:%{fno-pie|fno-PIE|nopie:crtbegin.o%s;:crtbeginS.o%s}} + +*startfile_pie_t_gen: +%{shared:crtbeginS.o%s} %{!shared:%{static: %{fno-pie|fno-PIE|nopie:crtbeginT.o%s;:crtbeginTS.o%s} } \ +%{!static: %{fno-pie|fno-PIE|nopie:crtbegin.o%s;:crtbeginS.o%s} }} + +*link_pie: +%{pie:-pie} %{!pie: %{!A: %{!fno-pie:%{!fno-PIE: %{!shared:%{!static:%{!r:%{!nostdlib:%{!nostartfiles:%{!nopie:-pie}}}}}}}}}} + diff --git a/gcc-4.3.4/specs/ssp.specs b/gcc-4.3.4/specs/ssp.specs new file mode 100644 index 0000000..89e3429 --- /dev/null +++ b/gcc-4.3.4/specs/ssp.specs @@ -0,0 +1,3 @@ +*cc1_ssp: +%{!nostdlib:%{!nodefaultlibs: %{!fno-stack-protector:%{!fstack-protector:%{!fstack-protector-all:-fstack-protector %(cc1_ssp_all) }}} }} + diff --git a/gcc-4.3.4/specs/sspall.specs b/gcc-4.3.4/specs/sspall.specs new file mode 100644 index 0000000..f6fc418 --- /dev/null +++ b/gcc-4.3.4/specs/sspall.specs @@ -0,0 +1,3 @@ +*cc1_ssp_all: +%{!fno-stack-protector-all:-fstack-protector-all} + diff --git a/gcc-4.3.4/specs/strict.specs b/gcc-4.3.4/specs/strict.specs new file mode 100644 index 0000000..f560a44 --- /dev/null +++ b/gcc-4.3.4/specs/strict.specs @@ -0,0 +1,3 @@ +*cc1_strict: + + diff --git a/gcc-4.3.4/specs/vanilla.specs b/gcc-4.3.4/specs/vanilla.specs new file mode 100644 index 0000000..e977e21 --- /dev/null +++ b/gcc-4.3.4/specs/vanilla.specs @@ -0,0 +1,5 @@ +%include <nopie.specs> +%include <strict.specs> +%include <noznow.specs> +%include <nosspall.specs> +%include <nossp.specs> diff --git a/gcc-4.3.4/specs/znow.specs b/gcc-4.3.4/specs/znow.specs new file mode 100644 index 0000000..9262262 --- /dev/null +++ b/gcc-4.3.4/specs/znow.specs @@ -0,0 +1,3 @@ +*link_now: +%{!nonow:-z now} + |