diff options
| author |   Magnus Granberg <zorry@gentoo.org> | 2012-08-01 20:35:36 +0200 |
|---|---|---|
| committer | Magnus Granberg <zorry@gentoo.org> | 2012-08-01 20:35:36 +0200 |
| commit | 0e28c5d8e6e028437340bd03b2d450dbe06bf03a (patch) | |
| tree | b937672becb8c6f1175c8554bd76bada25629d63 | |
| parent | updated upstream patches with doc and some testsuite fixes (diff) | |
| download | hardened-gccpatchset-0e28c5d8e6e028437340bd03b2d450dbe06bf03a.tar.gz hardened-gccpatchset-0e28c5d8e6e028437340bd03b2d450dbe06bf03a.tar.bz2 hardened-gccpatchset-0e28c5d8e6e028437340bd03b2d450dbe06bf03a.zip | |
updated upstream patches with small fixes
| -rw-r--r-- | upstream/config_all.patch | 3 | ||||
| -rw-r--r-- | upstream/config_i386.patch | 6 | ||||
| -rw-r--r-- | upstream/configure.ac.patch | 10 | ||||
| -rw-r--r-- | upstream/gcc.c.patch | 12 | ||||
| -rw-r--r-- | upstream/gcc_doc.patch | 14 |
5 files changed, 25 insertions, 20 deletions
diff --git a/upstream/config_all.patch b/upstream/config_all.patch index aa16b1b..3fe4824 100644 --- a/upstream/config_all.patch +++ b/upstream/config_all.patch @@ -1,10 +1,11 @@ --- a/gcc/config/linux.h 2011-07-07 17:38:34.000000000 +0200 +++ b/gcc/config/linux.h 2012-07-09 14:24:08.599281404 +0200 -@@ -104,3 +104,31 @@ see the files COPYING3 and COPYING.RUNTI +@@ -104,3 +104,32 @@ see the files COPYING3 and COPYING.RUNTI /* Whether we have Bionic libc runtime */ #undef TARGET_HAS_BIONIC #define TARGET_HAS_BIONIC (OPTION_BIONIC) + ++/* Needed by configure --enable-espf */ +#ifdef ENABLE_ESPF +#ifdef ENABLE_ESPF_PIE +#define ESPF_GCC_PIE_SPEC \ diff --git a/upstream/config_i386.patch b/upstream/config_i386.patch index 58ceebe..f8c10cb 100644 --- a/upstream/config_i386.patch +++ b/upstream/config_i386.patch @@ -1,20 +1,22 @@ --- a/gcc/config/i386/linux.h 2011-06-03 20:30:39.000000000 +0200 +++ b/gcc/config/i386/linux.h 2012-07-05 21:00:38.304691613 +0200 -@@ -22,3 +22,7 @@ along with GCC; see the file COPYING3. +@@ -22,3 +22,8 @@ along with GCC; see the file COPYING3. #define GNU_USER_LINK_EMULATION "elf_i386" #define GLIBC_DYNAMIC_LINKER "/lib/ld-linux.so.2" + ++/* Needed by configure --enable-espf */ +#ifdef ENABLE_ESPF +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS +#endif --- a/gcc/config/i386/linux64.h 2011-07-07 17:38:34.000000000 +0200 +++ b/gcc/config/i386/linux64.h 2012-07-05 20:59:39.342689855 +0200 -@@ -31,3 +31,7 @@ see the files COPYING3 and COPYING.RUNTI +@@ -31,3 +31,8 @@ see the files COPYING3 and COPYING.RUNTI #define GLIBC_DYNAMIC_LINKER32 "/lib/ld-linux.so.2" #define GLIBC_DYNAMIC_LINKER64 "/lib64/ld-linux-x86-64.so.2" #define GLIBC_DYNAMIC_LINKERX32 "/libx32/ld-linux-x32.so.2" + ++/* Needed by configure --enable-espf */ +#ifdef ENABLE_ESPF +#define DRIVER_SELF_SPECS ESPF_DRIVER_SELF_SPECS +#endif diff --git a/upstream/configure.ac.patch b/upstream/configure.ac.patch index 49a7e21..8fc9730 100644 --- a/upstream/configure.ac.patch +++ b/upstream/configure.ac.patch @@ -1,6 +1,6 @@ --- a/configure.ac 2012-02-02 11:20:32.000000000 +0100 +++ b/configure.ac 2012-07-01 00:44:27.845218414 +0200 -@@ -424,6 +424,35 @@ AC_ARG_ENABLE(libssp, +@@ -424,6 +424,36 @@ AC_ARG_ENABLE(libssp, ENABLE_LIBSSP=$enableval, ENABLE_LIBSSP=yes) @@ -9,7 +9,8 @@ +[AS_HELP_STRING([--enable-espf[=ARG]], + [Enable Stack protector, Position independent executable and + Fortify_source as default. If we have suppot for it when compiling. -+ Linux targets supported x86_64. @<:@ARG={all,pie,ssp,no}@:>@ ])], ++ Linux targets supported x86, x32 and x86_64. ++ @<:@ARG={all,pie,ssp,no}@:>@ ])], +set_enable_espf=$enableval, +set_enable_espf=no) +case "${set_enable_espf}" in @@ -50,7 +51,7 @@ # Enable --enable-checking in stage1 of the compiler. --- a/gcc/configure.ac 2012-02-22 12:27:45.000000000 +0100 +++ b/gcc/configure.ac 2012-07-01 00:43:14.054216215 +0200 -@@ -5193,6 +5193,155 @@ if test x"${LINKER_HASH_STYLE}" != x; th +@@ -5193,6 +5193,156 @@ if test x"${LINKER_HASH_STYLE}" != x; th [The linker hash style]) fi @@ -63,7 +64,8 @@ +[AS_HELP_STRING([--enable-espf[=ARG]], + [Enable Stack protector, Position independent executable and + Fortify_source as default. If we have suppot for it when compiling. -+ Linux targets supported x86_64. @<:@ARG={all,pie,ssp,no}@:>@ ])], ++ Linux targets supported x86, x32 and x86_64. ++ @<:@ARG={all,pie,ssp,no}@:>@ ])], +set_enable_espf=$enableval, +set_enable_espf=no) +case "${set_enable_espf}" in diff --git a/upstream/gcc.c.patch b/upstream/gcc.c.patch index 556f0a5..605cbb8 100644 --- a/upstream/gcc.c.patch +++ b/upstream/gcc.c.patch @@ -1,17 +1,17 @@ --- a/gcc/gcc.c 2012-02-28 18:31:38.000000000 +0100 -+++ b/gcc/gcc.c 2012-07-06 17:03:20.505842011 +0200 -@@ -756,9 +756,11 @@ static const char *cpp_unique_options = ++++ b/gcc/gcc.c 2012-08-01 03:10:01.060123826 +0200 +@@ -756,8 +756,12 @@ static const char *cpp_unique_options = %{!iplugindir*:%{fplugin*:%:find-plugindir()}}\ %{H} %C %{D*&U*&A*} %{i*} %Z %i\ %{fmudflap:-D_MUDFLAP -include mf-runtime.h}\ - %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h}\ - %{E|M|MM:%W{o*}}"; -- + %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h} " -+#ifdef ENABLE_ESPF_FORTIFY -+"%(espf_cpp_unique_options) " ++ /* Needed by configure --enable-espf */ ++ #ifdef ENABLE_ESPF_FORTIFY ++"%(espf_cpp_unique_options)" +#endif +"%{E|M|MM:%W{o*}}"; + /* This contains cpp options which are common with cc1_options and are passed only when preprocessing only to avoid duplication. We pass the cc1 spec - options to the preprocessor so that it the cc1 spec may manipulate diff --git a/upstream/gcc_doc.patch b/upstream/gcc_doc.patch index ba76d17..fc39347 100644 --- a/upstream/gcc_doc.patch +++ b/upstream/gcc_doc.patch @@ -55,7 +55,7 @@ that were used to generate code (@option{-fpie}, @option{-fPIE}, or model suboptions) when you specify this option. -+NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option is ++NOTE: With configure --enable-espf=@r{[}all@r{|}pie@r{]} this option is +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles}, @@ -68,7 +68,7 @@ @code{__pie__} and @code{__PIE__}. The macros have the value 1 for @option{-fpie} and 2 for @option{-fPIE}. -+NOTE: With configure --enable-espf=@r{[}all@r{|}ssp@r{]} this option is ++NOTE: With configure --enable-espf=@r{[}all@r{|}pie@r{]} this option is +enabled by default for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, +@option{-fno-pie}, @option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, +@option{-fno-pic}, @option{-nostdlib}, @option{-nostartfiles}, @@ -88,11 +88,11 @@ +@option{-D_FORTIFY_SOURCE=2}, @option{-Wformat} and +@option{-Wformat-security} will be turn on as default and depend on +if you use @samp{all} it will turn on @option{-fstack-protection}and -+@option{-fPIE} by default. if the support is there. If you use -+@samp{ssp} it will turn on @option{-fstack-protection} by default if the -+support is there. If you use @samp{pie} it will turn on @option{-fPIE} -+by default if the support is there. We only support x86-64-*-linux* as target -+for now. ++@option{-fPIE} and @option{-pie} by default. if the support is there. If you ++use @samp{ssp} it will turn on @option{-fstack-protection} by default if the ++support is there. If you use @samp{pie} it will turn on @option{-fPIE} and ++@option{-pie} by default if the support is there. We only support ++i?86*-*-linux*, x86_32*-*-linux* and x86_64*-*-linux* as target for now. + @item --disable-libquadmath Specify that the GCC quad-precision math library should not be built. |