Created attachment 320544 [details] modified 06_all_gcc46_esp.h.patch from piepatches gcc could use -fvisibility=hidden with -fPIE
It seems that it isn't already needed.
I was wrong. It is still needed. Hardened gcc 4.7.1 should, but doesn't use -fvisibility=hidden if -fno-PIE isn't used.
-fvisibility-hidden is not a flag that you enable globally.
Non-hardened gcc has -fvisibility=hidden enabled globally. Also hardened gcc with enable -fvisibility=hidden with -fno-PIE.
Also hardened gcc enable -fvisibility=hidden with -fno-PIE.
Created attachment 320558 [details] modified specs file previous modified patch can't be used. gcc has to dump specs file with -dumpspecs after compilation at line 168 "-fPIE" has to be replaced with "-fPIE -fvisibility=hidden" modified specs file has to be stored in directory /usr/lib/gcc/x86_64-pc-linux-gnu/4.7.1
(In reply to comment #4) > Non-hardened gcc has -fvisibility=hidden enabled globally. > Also hardened gcc with enable -fvisibility=hidden with -fno-PIE. (In reply to comment #5) > Also hardened gcc enable -fvisibility=hidden with -fno-PIE. What do you get if you add -fPIE -pie to the command line for the no hardened one?
-fPIE -pie disabled -fvisibility=hidden with non-hardened one
this is something to suggest on the upstream gcc-patches@gcc.gnu.org list
I opened upstream bug http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54182
Why it has to fixed upstream? Vanilla GCC is broken and doesn't use PIE by default. Gentoo Hardened fixed it. Why Gentoo Hardened can't fix also -fvisibility=hidden?
Upstream doesn't want to fix it.