Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 100689 | Differences between
and this patch

Collapse All | Expand All

(-)toolchain.eclass (-12 / +43 lines)
Lines 331-337 Link Here
331
		fi
331
		fi
332
		return 1
332
		return 1
333
	elif [[ $1 == "ssp" ]] ; then
333
	elif [[ $1 == "ssp" ]] ; then
334
		[[ -z ${PP_VER} ]] && return 1
334
		if ! gcc_has_native_ssp ; then
335
			[[ -z ${PP_VER} ]] && return 1
336
		fi
335
		hardened_gcc_is_stable ssp && return 0
337
		hardened_gcc_is_stable ssp && return 0
336
		if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then
338
		if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then
337
			hardened_gcc_check_unsupported ssp && return 1
339
			hardened_gcc_check_unsupported ssp && return 1
Lines 402-407 Link Here
402
	return 1
404
	return 1
403
}
405
}
404
406
407
gcc_has_native_ssp() {
408
	[[ ${GCCMAJOR} -lt 4 ]] && return 1
409
410
	# gcc 4.1 and above have native ssp support
411
	[[ ( ${GCCMAJOR} -gt 4 || ${GCCMINOR} -ge 1 ) ]] && return 0
412
413
	# gcc 4.0 might have the gcc 4.1 ssp support backport applied
414
	grep -q '^fstack-protector' ${S}/gcc/common.opt
415
}
416
405
has_libssp() {
417
has_libssp() {
406
	[[ -e /$(get_libdir)/libssp.so ]] && return 0
418
	[[ -e /$(get_libdir)/libssp.so ]] && return 0
407
	return 1
419
	return 1
Lines 422-428 Link Here
422
}
434
}
423
want_boundschecking() { _want_stuff HTB_VER boundschecking ; }
435
want_boundschecking() { _want_stuff HTB_VER boundschecking ; }
424
want_pie() { _want_stuff PIE_VER !nopie ; }
436
want_pie() { _want_stuff PIE_VER !nopie ; }
425
want_ssp() { _want_stuff PP_VER !nossp ; }
437
want_ssp() { gcc_has_native_ssp || _want_stuff PP_VER !nossp ; }
426
438
427
want_split_specs() {
439
want_split_specs() {
428
	[[ ${SPLIT_SPECS} == "true" ]] && want_pie
440
	[[ ${SPLIT_SPECS} == "true" ]] && want_pie
Lines 455-472 Link Here
455
467
456
	local my_libc=${ROOT}/${libc_prefix}/${libc_file}
468
	local my_libc=${ROOT}/${libc_prefix}/${libc_file}
457
469
458
	# Check for the libc to have the __guard symbols
470
	if [[ ${GCCMAJOR} -ge 4 ]] ; then
459
	if  [[ -n $(readelf -s "${my_libc}" 2>/dev/null | \
471
		# Check for the libc to have the __stack_chk symbols
460
	            grep 'OBJECT.*GLOBAL.*__guard') ]] && \
472
		[[ -n $(readelf -s "${my_libc}" 2>/dev/null | \
461
	    [[ -n $(readelf -s "${my_libc}" 2>/dev/null | \
473
		            grep 'FUNC.*GLOBAL.*__stack_chk_fail') ]] && \
462
	            grep 'FUNC.*GLOBAL.*__stack_smash_handler') ]]
463
	then
464
		return 0
474
		return 0
465
	elif is_crosscompile ; then
466
		die "'${my_libc}' was detected w/out ssp, that sucks (a lot)"
467
	else
475
	else
468
		return 1
476
		# Check for the libc to have the __guard symbols
477
		[[ -n $(readelf -s "${my_libc}" 2>/dev/null | \
478
		        grep 'OBJECT.*GLOBAL.*__guard') ]] && \
479
		[[ -n $(readelf -s "${my_libc}" 2>/dev/null | \
480
		        grep 'FUNC.*GLOBAL.*__stack_smash_handler') ]] && \
481
		return 0
469
	fi
482
	fi
483
484
	is_crosscompile && \
485
		die "'${my_libc}' was detected w/out ssp, that sucks (a lot)"
486
487
	return 1
470
}
488
}
471
489
472
# This is to make sure we don't accidentally try to enable support for a
490
# This is to make sure we don't accidentally try to enable support for a
Lines 1209-1214 Link Here
1209
		BOOT_CFLAGS=${BOOT_CFLAGS-"$(get_abi_CFLAGS) ${CFLAGS}"}
1227
		BOOT_CFLAGS=${BOOT_CFLAGS-"$(get_abi_CFLAGS) ${CFLAGS}"}
1210
	fi
1228
	fi
1211
1229
1230
	if S=${OLDS} gcc_has_native_ssp ; then
1231
		STAGE1_CFLAGS="${STAGE1_CFLAGS} -DTARGET_LIBC_PROVIDES_SSP"
1232
		BOOT_CFLAGS="${BOOT_CFLAGS} -DTARGET_LIBC_PROVIDES_SSP"
1233
	fi
1234
1212
	pushd ${WORKDIR}/build
1235
	pushd ${WORKDIR}/build
1213
	einfo "Running make LDFLAGS=\"${LDFLAGS}\" STAGE1_CFLAGS=\"${STAGE1_CFLAGS}\" LIBPATH=\"${LIBPATH}\" BOOT_CFLAGS=\"${BOOT_CFLAGS}\" ${GCC_MAKE_TARGET}"
1236
	einfo "Running make LDFLAGS=\"${LDFLAGS}\" STAGE1_CFLAGS=\"${STAGE1_CFLAGS}\" LIBPATH=\"${LIBPATH}\" BOOT_CFLAGS=\"${BOOT_CFLAGS}\" ${GCC_MAKE_TARGET}"
1214
1237
Lines 1677-1683 Link Here
1677
	[[ -n ${UCLIBC_VER} ]] && \
1700
	[[ -n ${UCLIBC_VER} ]] && \
1678
		unpack ${PN}-${UCLIBC_GCC_VER}-uclibc-patches-${UCLIBC_VER}.tar.bz2
1701
		unpack ${PN}-${UCLIBC_GCC_VER}-uclibc-patches-${UCLIBC_VER}.tar.bz2
1679
1702
1680
	if want_ssp ; then
1703
	if want_ssp && ! gcc_has_native_ssp; then
1681
		if [[ -n ${PP_FVER} ]] ; then
1704
		if [[ -n ${PP_FVER} ]] ; then
1682
			# The gcc 3.4 propolice versions are meant to be unpacked to ${S}
1705
			# The gcc 3.4 propolice versions are meant to be unpacked to ${S}
1683
			pushd ${S:-$(gcc_get_s_dir)} > /dev/null
1706
			pushd ${S:-$(gcc_get_s_dir)} > /dev/null
Lines 1758-1763 Link Here
1758
1781
1759
# patch in ProPolice Stack Smashing protection
1782
# patch in ProPolice Stack Smashing protection
1760
do_gcc_SSP_patches() {
1783
do_gcc_SSP_patches() {
1784
	if gcc_has_native_ssp ; then
1785
		if [[ ${GCCMAJOR}.${GCCMINOR} == 4.0 ]] ; then
1786
			# Indicate that ssp support is a backport
1787
			release_version="${release_version}, ssp-4.1-backport"
1788
		fi
1789
		return 0
1790
	fi
1791
1761
	# PARISC has no love ... it's our stack :(
1792
	# PARISC has no love ... it's our stack :(
1762
	if [[ $(tc-arch) == "hppa" ]] || \
1793
	if [[ $(tc-arch) == "hppa" ]] || \
1763
	   ! want_ssp || \
1794
	   ! want_ssp || \

Return to bug 100689