Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Magnus Granberg (zorry)" <zorry@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo commit in src/patchsets/gcc/8.1.0/gentoo: 13_all_default-ssp-fix.patch 35_all_i386_libgcc_note.GNU-stack.patch 55_all_extra-options.patch README.history
Date: Wed, 02 May 2018 22:52:35
Message-Id: 20180502225230.68F6A2D@oystercatcher.gentoo.org
1 zorry 18/05/02 22:52:30
2
3 Modified: 13_all_default-ssp-fix.patch README.history
4 Added: 35_all_i386_libgcc_note.GNU-stack.patch
5 55_all_extra-options.patch
6 Log:
7 Add more patches for gcc 8.1.0 patchset 1.1
8
9 Revision Changes Path
10 1.2 src/patchsets/gcc/8.1.0/gentoo/13_all_default-ssp-fix.patch
11
12 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/13_all_default-ssp-fix.patch?rev=1.2&view=markup
13 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/13_all_default-ssp-fix.patch?rev=1.2&content-type=text/plain
14 diff : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/13_all_default-ssp-fix.patch?r1=1.1&r2=1.2
15
16 Index: 13_all_default-ssp-fix.patch
17 ===================================================================
18 RCS file: /var/cvsroot/gentoo/src/patchsets/gcc/8.1.0/gentoo/13_all_default-ssp-fix.patch,v
19 retrieving revision 1.1
20 retrieving revision 1.2
21 diff -u -r1.1 -r1.2
22 --- 13_all_default-ssp-fix.patch 2 May 2018 22:17:17 -0000 1.1
23 +++ 13_all_default-ssp-fix.patch 2 May 2018 22:52:30 -0000 1.2
24 @@ -1,48 +1,32 @@
25 -We disable ssp on -nostdlib and -ffreestanding as we did on older gcc
26 -and change the buffer size.
27 +Disable ssp on -nostdlib, -nodefaultlibs and -ffreestanding
28 +Change the buffer size.
29
30 ---- a/gcc/c-family/c-opts.c
31 -+++ b/gcc/c-family/c-opts.c
32 -@@ -450,7 +450,14 @@
33 +--- a/gcc/gcc.c 2017-07-04 09:15:57.740793000 +0200
34 ++++ b/gcc/gcc.c 2018-03-02 13:58:44.387741114 +0100
35 +@@ -857,6 +857,12 @@ proper position among the other output f
36 + #define LINK_GCC_C_SEQUENCE_SPEC "%G %L %G"
37 + #endif
38
39 - case OPT_ffreestanding:
40 - value = !value;
41 -+ if (global_options.x_flag_stack_protect == -1)
42 -+ global_options.x_flag_stack_protect = 0;
43 - /* Fall through. */
44 ++#ifdef ENABLE_DEFAULT_SSP
45 ++#define NO_SSP_SPEC "%{nostdlib|nodefaultlibs|ffreestanding:-fno-stack-protector} "
46 ++#else
47 ++#define NO_SSP_SPEC ""
48 ++#endif
49 +
50 -+ case OPT_nostdlib:
51 -+ if (global_options.x_flag_stack_protect == -1)
52 -+ global_options.x_flag_stack_protect = 0;
53 -+
54 - case OPT_fhosted:
55 - flag_hosted = value;
56 - flag_no_builtin = !value;
57 ---- a/gcc/c-family/c.opt
58 -+++ b/gcc/c-family/c.opt
59 -@@ -1647,6 +1647,10 @@ nostdinc++
60 - C++ ObjC++
61 - Do not search standard system include directories for C++.
62 -
63 -+nostdlib
64 -+C ObjC C++ ObjC++
65 -+; Documented in common.opt
66 -+
67 - o
68 - C ObjC C++ ObjC++ Joined Separate
69 - ; Documented in common.opt
70 ---- a/gcc/gcc.c
71 -+++ b/gcc/gcc.c
72 -@@ -1145,6 +1145,7 @@
73 + #ifndef LINK_SSP_SPEC
74 + #ifdef TARGET_LIBC_PROVIDES_SSP
75 + #define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all" \
76 +@@ -1131,7 +1148,7 @@ static const char *cc1_options =
77 + %{-version:--version}\
78 %{-help=*:--help=%*}\
79 %{!fsyntax-only:%{S:%W{o*}%{!o*:-o %b.s}}}\
80 - %{fsyntax-only:-o %j} %{-param*}\
81 -+ %{nostdlib:-nostdlib}\
82 +- %{fsyntax-only:-o %j} %{-param*}\
83 ++ %{fsyntax-only:-o %j} %{-param*} " NO_SSP_SPEC "\
84 %{coverage:-fprofile-arcs -ftest-coverage}\
85 %{fprofile-arcs|fprofile-generate*|coverage:\
86 - %{!fprofile-update=single:\
87 ---- a/gcc/params.def
88 -+++ b/gcc/params.def
89 + %{!fprofile-update=singel:\
90 +--- a/gcc/params.def 2016-03-30 09:47:40.000000000 +0200
91 ++++ b/gcc/params.def 2016-09-19 12:56:58.443179039 +0200
92 @@ -673,7 +673,7 @@ DEFPARAM (PARAM_INTEGER_SHARE_LIMIT,
93 DEFPARAM (PARAM_SSP_BUFFER_SIZE,
94 "ssp-buffer-size",
95
96
97
98 1.2 src/patchsets/gcc/8.1.0/gentoo/README.history
99
100 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/README.history?rev=1.2&view=markup
101 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/README.history?rev=1.2&content-type=text/plain
102 diff : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/README.history?r1=1.1&r2=1.2
103
104 Index: README.history
105 ===================================================================
106 RCS file: /var/cvsroot/gentoo/src/patchsets/gcc/8.1.0/gentoo/README.history,v
107 retrieving revision 1.1
108 retrieving revision 1.2
109 diff -u -r1.1 -r1.2
110 --- README.history 2 May 2018 22:17:17 -0000 1.1
111 +++ README.history 2 May 2018 22:52:30 -0000 1.2
112 @@ -1,4 +1,8 @@
113 -1.0 05 May 2018
114 +1.1 03 May 2018
115 + U 13_all_default-ssp-fix.patch
116 + + 35_all_i386_libgcc_note.GNU-stack.patch
117 + + 55_all_extra-options.patch
118 +1.0 03 May 2018
119 + 92_all_sh-drop-sysroot-suffix.patch
120 + 10_all_default-fortify-source.patch
121 + 11_all_default-warn-format-security.patch
122
123
124
125 1.1 src/patchsets/gcc/8.1.0/gentoo/35_all_i386_libgcc_note.GNU-stack.patch
126
127 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/35_all_i386_libgcc_note.GNU-stack.patch?rev=1.1&view=markup
128 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/35_all_i386_libgcc_note.GNU-stack.patch?rev=1.1&content-type=text/plain
129
130 Index: 35_all_i386_libgcc_note.GNU-stack.patch
131 ===================================================================
132 --- a/libgcc/config/i386/resms64.h 2018-01-03 11:03:58.000000000 +0100
133 +++ b/libgcc/config/i386/resms64.h 2018-05-01 12:59:48.942833419 +0200
134 @@ -57,3 +57,6 @@ MS2SYSV_STUB_END(resms64_17)
135 MS2SYSV_STUB_END(resms64_18)
136
137 #endif /* __x86_64__ */
138 +#if defined(__linux__) && defined(__ELF__)
139 +.section .note.GNU-stack,"",%progbits
140 +#endif
141 --- a/libgcc/config/i386/resms64f.h 2018-01-03 11:03:58.000000000 +0100
142 +++ b/libgcc/config/i386/resms64f.h 2018-05-01 13:00:23.422832853 +0200
143 @@ -55,3 +55,6 @@ MS2SYSV_STUB_END(resms64f_16)
144 MS2SYSV_STUB_END(resms64f_17)
145
146 #endif /* __x86_64__ */
147 +#if defined(__linux__) && defined(__ELF__)
148 +.section .note.GNU-stack,"",%progbits
149 +#endif
150 --- a/libgcc/config/i386/resms64fx.h 2018-02-26 20:46:34.000000000 +0100
151 +++ b/libgcc/config/i386/resms64fx.h 2018-05-01 13:06:49.682826518 +0200
152 @@ -62,3 +62,6 @@ MS2SYSV_STUB_END(resms64fx_16)
153 MS2SYSV_STUB_END(resms64fx_17)
154
155 #endif /* __x86_64__ */
156 +#if defined(__linux__) && defined(__ELF__)
157 +.section .note.GNU-stack,"",%progbits
158 +#endif
159 --- a/libgcc/config/i386/resms64x.h 2018-02-26 20:46:34.000000000 +0100
160 +++ b/libgcc/config/i386/resms64x.h 2018-05-01 13:07:21.702825993 +0200
161 @@ -63,3 +63,6 @@ MS2SYSV_STUB_END(resms64x_17)
162 MS2SYSV_STUB_END(resms64x_18)
163
164 #endif /* __x86_64__ */
165 +#if defined(__linux__) && defined(__ELF__)
166 +.section .note.GNU-stack,"",%progbits
167 +#endif
168 --- a/libgcc/config/i386/savms64.h 2018-01-03 11:03:58.000000000 +0100
169 +++ b/libgcc/config/i386/savms64.h 2018-05-01 13:07:48.952825546 +0200
170 @@ -57,3 +57,6 @@ MS2SYSV_STUB_END(savms64_17)
171 MS2SYSV_STUB_END(savms64_18)
172
173 #endif /* __x86_64__ */
174 +#if defined(__linux__) && defined(__ELF__)
175 +.section .note.GNU-stack,"",%progbits
176 +#endif
177 --- a/libgcc/config/i386/savms64f.h 2018-01-03 11:03:58.000000000 +0100
178 +++ b/libgcc/config/i386/savms64f.h 2018-05-01 13:08:30.082824871 +0200
179 @@ -55,3 +55,6 @@ MS2SYSV_STUB_END(savms64f_16)
180 MS2SYSV_STUB_END(savms64f_17)
181
182 #endif /* __x86_64__ */
183 +#if defined(__linux__) && defined(__ELF__)
184 +.section .note.GNU-stack,"",%progbits
185 +#endif
186
187
188
189 1.1 src/patchsets/gcc/8.1.0/gentoo/55_all_extra-options.patch
190
191 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/55_all_extra-options.patch?rev=1.1&view=markup
192 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/8.1.0/gentoo/55_all_extra-options.patch?rev=1.1&content-type=text/plain
193
194 Index: 55_all_extra-options.patch
195 ===================================================================
196 On Hardened we add some options like -fstack-clash-protection and -z now
197
198 --- a/gcc/common.opt 2018-03-28 16:51:09.000000000 +0200
199 +++ a/gcc/common.opt 2018-04-30 15:35:55.274096877 +0200
200 @@ -2367,7 +2367,7 @@ Common Alias(fstack-check=, specific, no
201 Insert stack checking code into the program. Same as -fstack-check=specific.
202
203 fstack-clash-protection
204 -Common Report Var(flag_stack_clash_protection) Optimization
205 +Common Report Var(flag_stack_clash_protection) Optimization Init(-1)
206 Insert code to probe each page of stack space as it is allocated to protect
207 from stack-clash style attacks.
208
209 --- a/gcc/defaults.h 2018-01-03 11:03:58.000000000 +0100
210 +++ b/gcc/defaults.h 2018-05-01 12:41:29.522851451 +0200
211 @@ -1435,6 +1435,15 @@ see the files COPYING3 and COPYING.RUNTI
212 #define STACK_CHECK_MAX_VAR_SIZE (STACK_CHECK_MAX_FRAME_SIZE / 100)
213 #endif
214
215 +/* Default value for flag_clash_protector when flag_clash_protector is
216 + initialized to -1. */
217 +#ifdef ENABLE_ESP
218 +#define DEFAULT_FLAG_SCP 1
219 +#endif
220 +#ifndef DEFAULT_FLAG_SCP
221 +#define DEFAULT_FLAG_SCP 0
222 +#endif
223 +
224 /* By default, the C++ compiler will use function addresses in the
225 vtable entries. Setting this nonzero tells the compiler to use
226 function descriptors instead. The value of this macro says how
227 --- a/gcc/toplev.c 2018-02-13 17:18:37.000000000 +0100
228 +++ b/toplev.c 2018-04-30 16:46:37.244027303 +0200
229 @@ -1682,6 +1682,10 @@ process_options (void)
230
231 /* -fstack-clash-protection is not currently supported on targets
232 where the stack grows up. */
233 + if (flag_stack_clash_protection == -1)
234 + {
235 + flag_stack_clash_protection = DEFAULT_FLAG_SCP;
236 + }
237 if (flag_stack_clash_protection && !STACK_GROWS_DOWNWARD)
238 {
239 warning_at (UNKNOWN_LOCATION, 0,
240
241 --- a/libgcc/Makefile.in 2011-11-22 04:01:02.000000000 +0100
242 +++ b/libgcc/Makefile.in 2011-12-25 15:18:22.449610631 +0100
243 @@ -225,7 +225,7 @@ endif
244 LIBGCC2_DEBUG_CFLAGS = -g
245 LIBGCC2_CFLAGS = -O2 $(LIBGCC2_INCLUDES) $(GCC_CFLAGS) $(HOST_LIBGCC2_CFLAGS) \
246 $(LIBGCC2_DEBUG_CFLAGS) -DIN_LIBGCC2 \
247 - -fbuilding-libgcc -fno-stack-protector \
248 + -fbuilding-libgcc -fno-stack-protector -fno-stack-clash-protection \
249 $(INHIBIT_LIBC_CFLAGS)
250
251 # Additional options to use when compiling libgcc2.a.
252 @@ -279,7 +290,7 @@ INTERNAL_CFLAGS = $(CFLAGS) $(LIBGCC2_CF
253 -finhibit-size-directive -fno-inline -fno-exceptions \
254 -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
255 -fbuilding-libgcc -fno-stack-protector $(FORCE_EXPLICIT_EH_REGISTRY) \
256 - $(INHIBIT_LIBC_CFLAGS)
257 + -fno-stack-clash-protection $(INHIBIT_LIBC_CFLAGS)
258
259 # Extra flags to use when compiling crt{begin,end}.o.
260 CRTSTUFF_T_CFLAGS =
261 --- a/gcc/gcc.c 2016-02-19 23:18:38.000000000 +0100
262 +++ b/gcc/gcc.c 2016-05-02 22:56:10.185721270 +0200
263 @@ -868,6 +868,12 @@ proper position among the other output f
264 #endif
265 #endif
266
267 +#ifdef EXTRA_OPTIONS
268 +#define LINK_NOW_SPEC "%{!nonow:-z now} "
269 +#else
270 +#define LINK_NOW_SPEC ""
271 +#endif
272 +
273 #ifdef ENABLE_DEFAULT_PIE
274 #define NO_PIE_SPEC "no-pie|static"
275 #define PIE_SPEC NO_PIE_SPEC "|r|shared:;"
276 @@ -1013,7 +1020,7 @@ proper position among the other output f
277 %(linker) " \
278 LINK_PLUGIN_SPEC \
279 "%{flto|flto=*:%<fcompare-debug*} \
280 - %{flto} %{fno-lto} %{flto=*} %l " LINK_PIE_SPEC \
281 + %{flto} %{fno-lto} %{flto=*} %l " LINK_PIE_SPEC LINK_NOW_SPEC \
282 "%{fuse-ld=*:-fuse-ld=%*} " LINK_COMPRESS_DEBUG_SPEC \
283 "%X %{o*} %{e*} %{N} %{n} %{r}\
284 %{s} %{t} %{u*} %{z} %{Z} %{!nostdlib:%{!nostartfiles:%S}} \
Report Message
Find on MARC Find on Google Groups