--- /usr/portage/eclass/toolchain.eclass 2006-09-30 01:35:46 +0200 +++ ./toolchain.eclass 2006-10-04 21:17:57 +0200 @@ -379,6 +379,7 @@ fi return 1 elif [[ $1 == "ssp" ]] ; then + gcc_has_native_ssp && return 0 [[ -z ${PP_VER} ]] && return 1 hardened_gcc_is_stable ssp && return 0 if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then @@ -450,6 +451,16 @@ return 1 } +gcc_has_native_ssp() { + [[ ${GCCMAJOR} -lt 4 ]] && return 1 + + # gcc 4.1 and above have native ssp support + [[ ( ${GCCMAJOR} -gt 4 || ${GCCMINOR} -ge 1 ) ]] && return 0 + + # gcc 4.0 might have the gcc 4.1 ssp support backport applied + grep -q TARGET_LIBC_PROVIDES_SSP ${S}/gcc/gcc.c +} + has_libssp() { [[ -e /$(get_libdir)/libssp.so ]] && return 0 return 1 @@ -470,7 +481,7 @@ } want_boundschecking() { _want_stuff HTB_VER boundschecking ; } want_pie() { _want_stuff PIE_VER !nopie ; } -want_ssp() { _want_stuff PP_VER !nossp ; } +want_ssp() { gcc_has_native_ssp || _want_stuff PP_VER !nossp ; } want_split_specs() { [[ ${SPLIT_SPECS} == "true" ]] && want_pie @@ -592,11 +603,21 @@ popd > /dev/null eend $([[ -s ${WORKDIR}/build/${name}.specs ]] ; echo $?) } -create_vanilla_specs_file() { _create_specs_file hardened vanilla ; } -create_hardened_specs_file() { _create_specs_file !hardened hardened ${gcc_common_hard} -DEFAULT_PIE_SSP ; } -create_hardenednossp_specs_file() { _create_specs_file "" hardenednossp ${gcc_common_hard} -DEFAULT_PIE ; } -create_hardenednopie_specs_file() { _create_specs_file "" hardenednopie ${gcc_common_hard} -DEFAULT_SSP ; } -create_hardenednopiessp_specs_file() { _create_specs_file "" hardenednopiessp ${gcc_common_hard} ; } + +# requires the multi GCC_SPECS patch from kevquinn and pie-ssp >= 9.0.3 +__create_specs_file() { + # Usage: __create_specs_file + local uflag=$1 name=$2 flags=${*:3} + ebegin "Copying a ${name} gcc specs file" + cp ${GCC_FILESDIR}/${name}.specs "${WORKDIR}"/build/ || die "failed copying specs file" + eend $([[ -s ${WORKDIR}/build/${name}.specs ]] ; echo $?) +} + +create_vanilla_specs_file() { __create_specs_file hardened vanilla ; } +create_hardened_specs_file() { __create_specs_file !hardened hardened ${gcc_common_hard} -DEFAULT_PIE_SSP ; } +create_hardenednossp_specs_file() { __create_specs_file "" hardenednossp ${gcc_common_hard} -DEFAULT_PIE ; } +create_hardenednopie_specs_file() { __create_specs_file "" hardenednopie ${gcc_common_hard} -DEFAULT_SSP ; } +create_hardenednopiessp_specs_file() { __create_specs_file "" hardenednopiessp ${gcc_common_hard} ; } split_out_specs_files() { local s spec_list="hardenednopiessp vanilla" @@ -1021,6 +1042,19 @@ epatch "${WORKDIR}"/patch fi if [[ -n ${UCLIBC_VER} ]] ; then + if tc_version_is_at_least 4.1.2 ; then + if [[ ! -d libstdc++-v3/config/locale/uclibc ]] ; then + mkdir libstdc++-v3/config/locale/uclibc && + cp libstdc++-v3/config/locale/gnu/* \ + libstdc++-v3/config/locale/uclibc/ + # gcc-4.2.0 has this already + if [[ ! -d libstdc++-v3/config/os/uclibc ]] ; then + mkdir libstdc++-v3/config/os/uclibc && + cp libstdc++-v3/config/os/gnu-linux/* \ + libstdc++-v3/config/os/uclibc/ + fi + fi + fi guess_patch_type_in_dir "${WORKDIR}"/uclibc EPATCH_MULTI_MSG="Applying uClibc patches ..." \ epatch "${WORKDIR}"/uclibc @@ -1294,7 +1328,8 @@ # for statically linked apps but not dynamic # so use setjmp/longjmp exceptions by default if [[ ${CTARGET} == *-uclibc* ]] ; then - confgcc="${confgcc} --disable-__cxa_atexit --enable-target-optspace" + [[ ${GCCMAJOR} < 4 ]] && confgcc="${confgcc} --enable-sjlj-exceptions" + confgcc="${confgcc} --enable-__cxa_atexit --enable-target-optspace" [[ ${GCCMAJOR}.${GCCMINOR} == 3.3 ]] && \ confgcc="${confgcc} --enable-sjlj-exceptions" elif [[ ${CTARGET} == *-gnu* ]] ; then @@ -1315,6 +1350,12 @@ einfo "Configuring GCC with: ${confgcc//--/\n\t--} ${@} ${EXTRA_ECONF}" echo + if ! ( use build || use nocxx ) && [[ ${CTARGET} == *-uclibc* ]] ; then + pushd ${S}/libstdc++-v3 + [[ ${GCCMAJOR}.${GCCMINOR} < 3.4 ]] && autoconf + popd + fi + # Build in a separate build tree mkdir -p "${WORKDIR}"/build pushd "${WORKDIR}"/build > /dev/null @@ -1396,6 +1437,11 @@ BOOT_CFLAGS=${BOOT_CFLAGS-"$(get_abi_CFLAGS) ${CFLAGS}"} fi + if gcc_has_native_ssp ; then + STAGE1_CFLAGS="${STAGE1_CFLAGS} -DTARGET_LIBC_PROVIDES_SSP" + BOOT_CFLAGS="${BOOT_CFLAGS} -DTARGET_LIBC_PROVIDES_SSP" + fi + pushd "${WORKDIR}"/build einfo "Running make LDFLAGS=\"${LDFLAGS}\" STAGE1_CFLAGS=\"${STAGE1_CFLAGS}\" LIBPATH=\"${LIBPATH}\" BOOT_CFLAGS=\"${BOOT_CFLAGS}\" ${GCC_MAKE_TARGET}" @@ -1845,7 +1891,7 @@ [[ -n ${UCLIBC_VER} ]] && \ unpack gcc-${UCLIBC_GCC_VER}-uclibc-patches-${UCLIBC_VER}.tar.bz2 - if want_ssp ; then + if want_ssp && ! gcc_has_native_ssp; then if [[ -n ${PP_FVER} ]] ; then # The gcc 3.4 propolice versions are meant to be unpacked to ${S} pushd ${S:-$(gcc_get_s_dir)} > /dev/null @@ -1935,6 +1981,7 @@ return 0 fi + if ! gcc_has_native_ssp ; then local ssppatch local sspdocs @@ -1969,30 +2016,52 @@ if [[ ${PN} == "gcc" && ${sspdocs} == "no" ]] ; then epatch "${GCC_FILESDIR}"/pro-police-docs.patch fi +# gcc_has_native_ssp + fi # Don't build crtbegin/end with ssp sed -e 's|^CRTSTUFF_CFLAGS = |CRTSTUFF_CFLAGS = -fno-stack-protector |'\ -i gcc/Makefile.in || die "Failed to update crtstuff!" + # Don't build libgcc with ssp + sed -e 's|^LIBGCC2_CFLAGS = |LIBGCC2_CFLAGS = -fno-stack-protector |'\ + -i gcc/Makefile.in || die "Failed to update gcc!" + # if gcc in a stage3 defaults to ssp, is version 3.4.0 and a stage1 is built - # the build fails building timevar.o w/: + # the build fails building timevar.o (3.4.x) or ggc-common.o (4.x) w/: # cc1: stack smashing attack in function ix86_split_to_parts() - if use build && tc_version_is_at_least 3.4.0 ; then - if gcc -dumpspecs | grep -q "fno-stack-protector:" ; then - epatch "${GCC_FILESDIR}"/3.4.0/gcc-3.4.0-cc1-no-stack-protector.patch + # it fails also on normal update from 3.4.4 to 4.x + # this should be moved out of do_GCC_ssp_patches(), because it fails if gcc + # is hardened, but we build w/ nossp as well + if tc_version_is_at_least 3.4.0 ; then + # useless check + #if gcc -dumpspecs | grep -q "fno-stack-protector:" ; then + if tc_version_is_at_least 4.0.0 ; then + if [[ ${GCCMINOR} -lt 2 ]] ; then + epatch "${GCC_FILESDIR}"/4.0.2/gcc-4.0.2-cc1-no-stack-protector.patch + else + epatch "${GCC_FILESDIR}"/4.2.0/gcc-4.2.0-cc1-no-stack-protector.patch + fi + else + epatch "${GCC_FILESDIR}"/3.4.0/gcc-3.4.0-cc1-no-stack-protector.patch + fi + #fi + fi + + if gcc_has_native_ssp ; then + if [[ ${GCCMAJOR}.${GCCMINOR} == 4.0 ]] ; then + # Indicate that ssp support is a backport + release_version="${release_version}, ssp-4.1-backport" fi + else + release_version="${release_version}, ssp-${PP_FVER:-${PP_GCC_VER}-${PP_VER}}" fi - release_version="${release_version}, ssp-${PP_FVER:-${PP_GCC_VER}-${PP_VER}}" if want_libssp ; then update_gcc_for_libssp else update_gcc_for_libc_ssp fi - - # Don't build libgcc with ssp - sed -e 's|^\(LIBGCC2_CFLAGS.*\)$|\1 -fno-stack-protector|' \ - -i gcc/Makefile.in || die "Failed to update gcc!" } # If glibc or uclibc has been patched to provide the necessary symbols itself, @@ -2000,8 +2069,14 @@ update_gcc_for_libc_ssp() { if libc_has_ssp ; then einfo "Updating gcc to use SSP from libc ..." - sed -e 's|^\(LIBGCC2_CFLAGS.*\)$|\1 -D_LIBC_PROVIDES_SSP_|' \ + if ! gcc_has_native_ssp ; then + # we should better correct the configure check for this, uclibc ok + #sed -e 's|^LIBGCC2_CFLAGS = |LIBGCC2_CFLAGS = -DTARGET_LIBC_PROVIDES_SSP |'\ + #-i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" + #else + sed -e 's|^LIBGCC2_CFLAGS = |LIBGCC2_CFLAGS = -D_LIBC_PROVIDES_SSP_ |'\ -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" + fi fi }