--- /home/chtephan/toolchain.eclass 2005-08-12 22:59:43.000000000 +0200 +++ toolchain.eclass 2005-08-12 23:20:02.000000000 +0200 @@ -331,7 +331,9 @@ fi return 1 elif [[ $1 == "ssp" ]] ; then - [[ -z ${PP_VER} ]] && return 1 + if ! gcc_has_native_ssp ; then + [[ -z ${PP_VER} ]] && return 1 + fi hardened_gcc_is_stable ssp && return 0 if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then hardened_gcc_check_unsupported ssp && return 1 @@ -402,6 +404,16 @@ return 1 } +gcc_has_native_ssp() { + [[ ${GCCMAJOR} -lt 4 ]] && return 1 + + # gcc 4.1 and above have native ssp support + [[ ( ${GCCMAJOR} -gt 4 || ${GCCMINOR} -ge 1 ) ]] && return 0 + + # gcc 4.0 might have the gcc 4.1 ssp support backport applied + grep -q '^fstack-protector' ${S}/gcc/common.opt +} + has_libssp() { [[ -e /$(get_libdir)/libssp.so ]] && return 0 return 1 @@ -422,7 +434,7 @@ } want_boundschecking() { _want_stuff HTB_VER boundschecking ; } want_pie() { _want_stuff PIE_VER !nopie ; } -want_ssp() { _want_stuff PP_VER !nossp ; } +want_ssp() { gcc_has_native_ssp || _want_stuff PP_VER !nossp ; } want_split_specs() { [[ ${SPLIT_SPECS} == "true" ]] && want_pie @@ -455,18 +467,24 @@ local my_libc=${ROOT}/${libc_prefix}/${libc_file} - # Check for the libc to have the __guard symbols - if [[ -n $(readelf -s "${my_libc}" 2>/dev/null | \ - grep 'OBJECT.*GLOBAL.*__guard') ]] && \ - [[ -n $(readelf -s "${my_libc}" 2>/dev/null | \ - grep 'FUNC.*GLOBAL.*__stack_smash_handler') ]] - then + if [[ ${GCCMAJOR} -ge 4 ]] ; then + # Check for the libc to have the __stack_chk symbols + [[ -n $(readelf -s "${my_libc}" 2>/dev/null | \ + grep 'FUNC.*GLOBAL.*__stack_chk_fail') ]] && \ return 0 - elif is_crosscompile ; then - die "'${my_libc}' was detected w/out ssp, that sucks (a lot)" else - return 1 + # Check for the libc to have the __guard symbols + [[ -n $(readelf -s "${my_libc}" 2>/dev/null | \ + grep 'OBJECT.*GLOBAL.*__guard') ]] && \ + [[ -n $(readelf -s "${my_libc}" 2>/dev/null | \ + grep 'FUNC.*GLOBAL.*__stack_smash_handler') ]] && \ + return 0 fi + + is_crosscompile && \ + die "'${my_libc}' was detected w/out ssp, that sucks (a lot)" + + return 1 } # This is to make sure we don't accidentally try to enable support for a @@ -1209,6 +1227,11 @@ BOOT_CFLAGS=${BOOT_CFLAGS-"$(get_abi_CFLAGS) ${CFLAGS}"} fi + if S=${OLDS} gcc_has_native_ssp ; then + STAGE1_CFLAGS="${STAGE1_CFLAGS} -DTARGET_LIBC_PROVIDES_SSP" + BOOT_CFLAGS="${BOOT_CFLAGS} -DTARGET_LIBC_PROVIDES_SSP" + fi + pushd ${WORKDIR}/build einfo "Running make LDFLAGS=\"${LDFLAGS}\" STAGE1_CFLAGS=\"${STAGE1_CFLAGS}\" LIBPATH=\"${LIBPATH}\" BOOT_CFLAGS=\"${BOOT_CFLAGS}\" ${GCC_MAKE_TARGET}" @@ -1220,6 +1243,8 @@ ${GCC_MAKE_TARGET} \ || die "emake failed with ${GCC_MAKE_TARGET}" popd + + S=${OLDS} } # This function will add ${GCC_CONFIG_VER} to the names of all shared libraries in the @@ -1677,7 +1702,7 @@ [[ -n ${UCLIBC_VER} ]] && \ unpack ${PN}-${UCLIBC_GCC_VER}-uclibc-patches-${UCLIBC_VER}.tar.bz2 - if want_ssp ; then + if want_ssp && ! gcc_has_native_ssp; then if [[ -n ${PP_FVER} ]] ; then # The gcc 3.4 propolice versions are meant to be unpacked to ${S} pushd ${S:-$(gcc_get_s_dir)} > /dev/null @@ -1758,6 +1783,16 @@ # patch in ProPolice Stack Smashing protection do_gcc_SSP_patches() { + if gcc_has_native_ssp ; then + if [[ ${GCCMAJOR}.${GCCMINOR} == 4.0 ]] ; then + # Indicate that ssp support is a backport + release_version="${release_version}, ssp-4.1-backport" + fi + sed -e 's|^CRTSTUFF_CFLAGS = |CRTSTUFF_CFLAGS = -fno-stack-protector |'\ + -i gcc/Makefile.in || die "Failed to update crtstuff!" + return 0 + fi + # PARISC has no love ... it's our stack :( if [[ $(tc-arch) == "hppa" ]] || \ ! want_ssp || \