Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 366646 Details for
Bug 484714
sys-devel/gcc: enable -fstack-protector by default
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Updated default_ssp patch
09_all_default-ssp.patch (text/plain), 10.89 KB, created by
Magnus Granberg
on 2013-12-31 16:48:34 UTC
(
hide
)
Description:
Updated default_ssp patch
Filename:
MIME Type:
Creator:
Magnus Granberg
Created:
2013-12-31 16:48:34 UTC
Size:
10.89 KB
patch
obsolete
>2013-12-31 Magnus Granberg <zorry@gentoo.org> > > Patch orig: Debian/Ubuntu > # 484714 > We Add -fstack-protector as default > >--- a/configure.ac 2013-02-05 23:36:20.000000000 +0100 >+++ b/configure.ac 2013-12-30 22:22:47.241772166 +0100 >@@ -3238,6 +3238,9 @@ case $build in > esac ;; > esac > >+# Needed when we build with -fstack-protector as default. >+stage1_cflags="$stage1_cflags -fno-stack-protector" >+ > AC_SUBST(stage1_cflags) > > # Enable --enable-checking in stage1 of the compiler. >--- a/configure 2013-02-05 23:36:20.000000000 +0100 >+++ b/configure 2013-12-30 22:57:04.301738428 +0100 >@@ -14453,7 +14453,8 @@ case $build in > esac ;; > esac > >- >+# Needed when we build with -fstack-protector as default. >+stage1_cflags="$stage1_cflags -fno-stack-protector" > > # Enable --enable-checking in stage1 of the compiler. > # Check whether --enable-stage1-checking was given. >--- a/Makefile.in 2013-01-14 17:15:21.000000000 +0100 >+++ b/Makefile.in 2013-12-30 22:26:24.381768605 +0100 >@@ -362,7 +362,7 @@ BUILD_PREFIX_1 = @BUILD_PREFIX_1@ > > # Flags to pass to stage2 and later makes. They are defined > # here so that they can be overridden by Makefile fragments. >-BOOT_CFLAGS= -g -O2 >+BOOT_CFLAGS= -g -O2 -fno-stack-protector > BOOT_LDFLAGS= > BOOT_ADAFLAGS= -gnatpg > >@@ -408,9 +408,9 @@ GNATMAKE = @GNATMAKE@ > > CFLAGS = @CFLAGS@ > LDFLAGS = @LDFLAGS@ >-LIBCFLAGS = $(CFLAGS) >+LIBCFLAGS = $(CFLAGS) -fno-stack-protector > CXXFLAGS = @CXXFLAGS@ >-LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates >+LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates -fno-stack-protector > GOCFLAGS = $(CFLAGS) > > TFLAGS = >--- a/gcc/doc/invoke.texi 2009-12-21 >+++ b/gcc/doc/invoke.texi 2009-12-21 >@@ -8111,6 +8111,10 @@ > when a function is entered and then checked when the function exits. > If a guard check fails, an error message is printed and the program exits. > >+NOTE: In Gentoo Gcc 4.8.2 and later versions this option is enabled by default >+for C, C++, ObjC, ObjC++, if none of @option{-fno-stack-protector}, >+@option{-nostdlib}, nor @option{-ffreestanding} are found. >+ > @item -fstack-protector-all > @opindex fstack-protector-all >--- a/gcc/cp/lang-specs.h >+++ b/gcc/cp/lang-specs.h >@@ -46,7 +46,7 @@ along with GCC; see the file COPYING3. If not see > %(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\ > cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\ > %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ >- %(cc1_options) %2\ >+ %(cc1_options) %(ssp_default) %2\ > %{!fsyntax-only:%{!fdump-ada-spec*:-o %g.s %{!o*:--output-pch=%i.gch}\ > %W{o*:--output-pch=%*}}%V}}}}", > CPLUSPLUS_CPP_SPEC, 0, 0}, >@@ -57,11 +57,11 @@ along with GCC; see the file COPYING3. If not see > %(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\ > cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\ > %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ >- %(cc1_options) %2\ >+ %(cc1_options) %(ssp_default) %2\ > %{!fsyntax-only:%(invoke_as)}}}}", > CPLUSPLUS_CPP_SPEC, 0, 0}, > {".ii", "@c++-cpp-output", 0, 0, 0}, > {"@c++-cpp-output", > "%{!M:%{!MM:%{!E:\ >- cc1plus -fpreprocessed %i %(cc1_options) %2\ >+ cc1plus -fpreprocessed %i %(cc1_options) %(ssp_default) %2\ > %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, >--- a/gcc/gcc.c >+++ b/gcc/gcc.c >@@ -651,6 +651,14 @@ proper position among the other output files. */ > #define LINK_GCC_C_SEQUENCE_SPEC "%G %L %G" > #endif > >+#ifndef SSP_DEFAULT_SPEC >+#if defined ( TARGET_LIBC_PROVIDES_SSP ) && defined ( EFAULT_SSP ) >+#define SSP_DEFAULT_SPEC "%{fno-stack-protector|fstack-protector-all|ffreestanding|nostdlib:;:-fstack-protector}" >+#else >+#define SSP_DEFAULT_SPEC "" >+#endif >+#endif >+ > #ifndef LINK_SSP_SPEC > #ifdef TARGET_LIBC_PROVIDES_SSP > #define LINK_SSP_SPEC "%{fstack-protector:}" >@@ -777,6 +785,7 @@ static const char *cc1_spec = CC1_SPEC; > static const char *cc1plus_spec = CC1PLUS_SPEC; > static const char *link_gcc_c_sequence_spec = LINK_GCC_C_SEQUENCE_SPEC; > static const char *link_ssp_spec = LINK_SSP_SPEC; >+static const char *ssp_default_spec = SSP_DEFAULT_SPEC; > static const char *asm_spec = ASM_SPEC; > static const char *asm_final_spec = ASM_FINAL_SPEC; > static const char *link_spec = LINK_SPEC; >@@ -835,7 +844,7 @@ static const char *cpp_unique_options = > static const char *cpp_options = > "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\ > %{f*} %{g*:%{!g0:%{g*} %{!fno-working-directory:-fworking-directory}}} %{O*}\ >- %{undef} %{save-temps*:-fpch-preprocess}"; >+ %{undef} %{save-temps*:-fpch-preprocess} %(ssp_default)"; > > /* This contains cpp options which are not passed when the preprocessor > output will be used by another program. */ >@@ -1015,9 +1024,9 @@ static const struct compiler default_compilers[] = > %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \ > %(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\ > cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \ >- %(cc1_options)}\ >+ %(cc1_options) %(ssp_default)}\ > %{!save-temps*:%{!traditional-cpp:%{!no-integrated-cpp:\ >- cc1 %(cpp_unique_options) %(cc1_options)}}}\ >+ cc1 %(cpp_unique_options) %(cc1_options) %(ssp_default)}}}\ > %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 1}, > {"-", > "%{!E:%e-E or -x required when input is from standard input}\ >@@ -1040,7 +1049,7 @@ static const struct compiler default_compilers[] = > %W{o*:--output-pch=%*}}%V}}}}}}", 0, 0, 0}, > {".i", "@cpp-output", 0, 0, 0}, > {"@cpp-output", >- "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, >+ "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %(ssp_default) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, > {".s", "@assembler", 0, 0, 0}, > {"@assembler", > "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0}, >@@ -1267,6 +1276,7 @@ static struct spec_list static_specs[] = > INIT_STATIC_SPEC ("cc1plus", &cc1plus_spec), > INIT_STATIC_SPEC ("link_gcc_c_sequence", &link_gcc_c_sequence_spec), > INIT_STATIC_SPEC ("link_ssp", &link_ssp_spec), >+ INIT_STATIC_SPEC ("ssp_default", &ssp_default_spec), > INIT_STATIC_SPEC ("endfile", &endfile_spec), > INIT_STATIC_SPEC ("link", &link_spec), > INIT_STATIC_SPEC ("lib", &lib_spec), >--- a/gcc/objc/lang-specs.h >+++ b/gcc/objc/lang-specs.h >@@ -29,9 +29,9 @@ along with GCC; see the file COPYING3. If not see > %{traditional|traditional-cpp:\ > %eGNU Objective C no longer supports traditional compilation}\ > %{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\ >- cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}\ >+ cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}}\ > %{!save-temps*:%{!no-integrated-cpp:\ >- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}}\ >+ cc1obj %(cpp_unique_options) %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}}}\ > %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, > {"@objective-c-header", > "%{E|M|MM:cc1obj -E %{traditional|traditional-cpp:-traditional-cpp}\ >@@ -40,18 +40,18 @@ along with GCC; see the file COPYING3. If not see > %{traditional|traditional-cpp:\ > %eGNU Objective C no longer supports traditional compilation}\ > %{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\ >- cc1obj -fpreprocessed %b.mi %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ >+ cc1obj -fpreprocessed %b.mi %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\ > -o %g.s %{!o*:--output-pch=%i.gch}\ > %W{o*:--output-pch=%*}%V}\ > %{!save-temps*:%{!no-integrated-cpp:\ >- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ >+ cc1obj %(cpp_unique_options) %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\ > -o %g.s %{!o*:--output-pch=%i.gch}\ > %W{o*:--output-pch=%*}%V}}}}}", 0, 0, 0}, > {".mi", "@objective-c-cpp-output", 0, 0, 0}, > {"@objective-c-cpp-output", >- "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ >+ "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\ > %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, > {"@objc-cpp-output", > "%nobjc-cpp-output is deprecated; please use objective-c-cpp-output instead\n\ >- %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\ >+ %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\ > %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, >--- a/gcc/objcp/lang-specs.h >+++ b/gcc/objcp/lang-specs.h >@@ -36,7 +36,7 @@ along with GCC; see the file COPYING3. If not see > %(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\ > cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\ > %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ >- %(cc1_options) %2\ >+ %(cc1_options) %(ssp_default) %2\ > -o %g.s %{!o*:--output-pch=%i.gch} %W{o*:--output-pch=%*}%V}}}", > CPLUSPLUS_CPP_SPEC, 0, 0}, > {"@objective-c++", >@@ -46,16 +46,16 @@ along with GCC; see the file COPYING3. If not see > %(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\ > cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\ > %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\ >- %(cc1_options) %2\ >+ %(cc1_options) %(ssp_default) %2\ > %{!fsyntax-only:%(invoke_as)}}}}", > CPLUSPLUS_CPP_SPEC, 0, 0}, > {".mii", "@objective-c++-cpp-output", 0, 0, 0}, > {"@objective-c++-cpp-output", > "%{!M:%{!MM:%{!E:\ >- cc1objplus -fpreprocessed %i %(cc1_options) %2\ >+ cc1objplus -fpreprocessed %i %(cc1_options) %(ssp_default) %2\ > %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, > {"@objc++-cpp-output", > "%nobjc++-cpp-output is deprecated; please use objective-c++-cpp-output instead\n\ > %{!M:%{!MM:%{!E:\ >- cc1objplus -fpreprocessed %i %(cc1_options) %2\ >+ cc1objplus -fpreprocessed %i %(cc1_options) %(ssp_default) %2\ > %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, >--- a/gcc/params.def >+++ b/gcc/params.def >@@ -662,7 +662,7 @@ DEFPARAM (PARAM_INTEGER_SHARE_LIMIT, > DEFPARAM (PARAM_SSP_BUFFER_SIZE, > "ssp-buffer-size", > "The lower bound for a buffer to be considered for stack smashing protection", >- 8, 1, 0) >+ 4, 1, 0) > > /* When we thread through a block we have to make copies of the > statements within the block. Clearly for large blocks the code
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=366646">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 484714
:
358566
|
366644
|
366646
|
366682
