diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/alpha/elf.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/alpha/elf.h --- gcc-4.3.1.orig/gcc/config/alpha/elf.h 2007-08-02 12:49:31.000000000 +0200 +++ gcc-4.3.1/gcc/config/alpha/elf.h 2008-06-10 05:50:16.000000000 +0200 @@ -362,12 +362,12 @@ #undef STARTFILE_SPEC #ifdef HAVE_LD_PIE #define STARTFILE_SPEC \ - "%{!shared: %{pg|p:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}}\ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + "%{!shared: %{pg|p:gcrt1.o%s} %{!pg:%{!p:%(crtfile_pie)}} }\ + crti.o%s %{shared:crtbeginS.o%s} %{!shared:%(startfile_pie_t)}" #else #define STARTFILE_SPEC \ "%{!shared: %{pg|p:gcrt1.o%s;:crt1.o%s}}\ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + crti.o%s %{static:crtbeginT.o%s;shared:crtbeginS.o%s;:crtbegin.o%s}" #endif /* Provide a ENDFILE_SPEC appropriate for ELF. Here we tack on the @@ -376,9 +376,15 @@ `main', followed by a normal ELF "finalizer" file, `crtn.o'. */ #undef ENDFILE_SPEC +#ifdef HAVE_LD_PIE #define ENDFILE_SPEC \ "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ - %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" + %{shared:crtendS.o%s} %{!shared:%(endfile_pie)} crtn.o%s" +#else +#define ENDFILE_SPEC \ + "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ + %{shared:crtendS.o%s;:crtend.o%s} crtn.o%s" +#endif /* We support #pragma. */ #define HANDLE_SYSV_PRAGMA 1 diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/i386/linux64.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/i386/linux64.h --- gcc-4.3.1.orig/gcc/config/i386/linux64.h 2007-08-02 12:49:31.000000000 +0200 +++ gcc-4.3.1/gcc/config/i386/linux64.h 2008-06-10 06:10:18.000000000 +0200 @@ -76,12 +76,21 @@ /* Similar to standard Linux, but adding -ffast-math support. */ #undef ENDFILE_SPEC +#ifdef HAVE_LD_PIE #define ENDFILE_SPEC \ "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ %{mpc32:crtprec32.o%s} \ %{mpc64:crtprec64.o%s} \ %{mpc80:crtprec80.o%s} \ %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" +#else +#define ENDFILE_SPEC \ + "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ + %{mpc32:crtprec32.o%s} \ + %{mpc64:crtprec64.o%s} \ + %{mpc80:crtprec80.o%s} \ + %{shared:crtendS.o%s} %{!shared:%(endfile_pie)} crtn.o%s" +#endif #if TARGET_64BIT_DEFAULT #define MULTILIB_DEFAULTS { "m64" } diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/i386/linux.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/i386/linux.h --- gcc-4.3.1/gcc/config/i386/linux.h 2007-11-28 02:04:27.000000000 +0100 +++ gcc-4.3.1/gcc/config/i386/linux.h 2008-06-10 06:11:35.000000000 +0200 @@ -118,12 +118,21 @@ /* Similar to standard Linux, but adding -ffast-math support. */ #undef ENDFILE_SPEC +#ifdef HAVE_LD_PIE +#define ENDFILE_SPEC \ + "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ + %{mpc32:crtprec32.o%s} \ + %{mpc64:crtprec64.o%s} \ + %{mpc80:crtprec80.o%s} \ + %{shared:crtendS.o%s} %{!shared:%(endfile_pie)} crtn.o%s" +#else #define ENDFILE_SPEC \ "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ %{mpc32:crtprec32.o%s} \ %{mpc64:crtprec64.o%s} \ %{mpc80:crtprec80.o%s} \ %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" +#endif /* A C statement (sans semicolon) to output to the stdio stream FILE the assembler definition of uninitialized global DECL named diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/ia64/linux.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/ia64/linux.h --- gcc-4.3.1/gcc/config/ia64/linux.h 2008-06-10 06:15:58.000000000 +0200 +++ gcc-4.3.1/gcc/config/ia64/linux.h 2008-06-10 05:50:16.000000000 +0200 @@ -22,19 +22,25 @@ #undef STARTFILE_SPEC #ifdef HAVE_LD_PIE #define STARTFILE_SPEC \ - "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}}\ - crti.o%s %{shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + "%{!shared: %{pg|p|profile:gcrt1.o%s} %{!pg:%{!p:%{!profile:%(crtfile_pie)}}} }\ + crti.o%s %{shared:crtbeginS.o%s} %{!shared:%(startfile_pie)}" #else #define STARTFILE_SPEC \ "%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}}\ - crti.o%s %{shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + crti.o%s %{shared:crtbeginS.o%s;:crtbegin.o%s}" #endif /* Similar to standard Linux, but adding -ffast-math support. */ #undef ENDFILE_SPEC +#ifdef HAVE_LD_PIE #define ENDFILE_SPEC \ "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ - %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" + %{shared:crtendS.o%s} %{!shared:%(endfile_pie)} crtn.o%s" +#else +#define ENDFILE_SPEC \ + "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ + %{shared:crtendS.o%s;:crtend.o%s} crtn.o%s" +#endif /* Define this for shared library support because it isn't in the main linux.h file. */ diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/linux.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/linux.h --- gcc-4.3.1/gcc/config/linux.h 2007-08-02 12:49:31.000000000 +0200 +++ gcc-4.3.1/gcc/config/linux.h 2008-06-10 05:50:16.000000000 +0200 @@ -40,12 +40,12 @@ #undef STARTFILE_SPEC #if defined HAVE_LD_PIE #define STARTFILE_SPEC \ - "%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + "%{!shared: %{pg|p|profile:gcrt1.o%s} %{!pg:%{!p:%{!profile:%(crtfile_pie)}}} } \ + crti.o%s %{shared:crtbeginS.o%s} %{!shared:%(startfile_pie_t)}" #else #define STARTFILE_SPEC \ "%{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}} \ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + crti.o%s %{static:crtbeginT.o%s;shared:crtbeginS.o%s;:crtbegin.o%s}" #endif /* Provide a ENDFILE_SPEC appropriate for GNU/Linux. Here we tack on @@ -55,8 +55,13 @@ GNU/Linux "finalizer" file, `crtn.o'. */ #undef ENDFILE_SPEC +#ifdef HAVE_LD_PIE #define ENDFILE_SPEC \ - "%{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" + "%{shared:crtendS.o%s} %{!shared:%(endfile_pie)} crtn.o%s" +#else +#define ENDFILE_SPEC \ + "%{shared:crtendS.o%s;:crtend.o%s} crtn.o%s" +#endif /* This is for -profile to use -lc_p instead of -lc. */ #ifndef CC1_SPEC diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/rs6000/linux64.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/rs6000/linux64.h --- gcc-4.3.1/gcc/config/rs6000/linux64.h 2007-08-02 12:49:31.000000000 +0200 +++ gcc-4.3.1/gcc/config/rs6000/linux64.h 2008-06-10 05:50:16.000000000 +0200 @@ -151,7 +151,7 @@ #endif #define ASM_SPEC32 "-a32 %{n} %{T} %{Ym,*} %{Yd,*} \ -%{mrelocatable} %{mrelocatable-lib} %{fpic:-K PIC} %{fPIC:-K PIC} \ +%{mrelocatable} %{mrelocatable-lib} %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_pie) \ %{memb} %{!memb: %{msdata: -memb} %{msdata=eabi: -memb}} \ %{!mlittle: %{!mlittle-endian: %{!mbig: %{!mbig-endian: \ %{mcall-freebsd: -mbig} \ diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/rs6000/sysv4.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/rs6000/sysv4.h --- gcc-4.3.1/gcc/config/rs6000/sysv4.h 2007-08-08 21:33:24.000000000 +0200 +++ gcc-4.3.1/gcc/config/rs6000/sysv4.h 2008-06-10 05:50:16.000000000 +0200 @@ -875,19 +875,25 @@ #ifdef HAVE_LD_PIE #define STARTFILE_LINUX_SPEC "\ -%{!shared: %{pg|p|profile:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}} \ +%{!shared: %{pg|p|profile:gcrt1.o%s} %{!pg:%{!p:%{!profile:%(crtfile_pie)}}} } \ %{mnewlib:ecrti.o%s;:crti.o%s} \ -%{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +%{shared:crtbeginS.o%s} %{!shared:%(startfile_pie_t)}" #else #define STARTFILE_LINUX_SPEC "\ %{!shared: %{pg|p|profile:gcrt1.o%s;:crt1.o%s}} \ %{mnewlib:ecrti.o%s;:crti.o%s} \ -%{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" +%{static:crtbeginT.o%s;shared:crtbeginS.o%s;:crtbegin.o%s}" #endif +#ifdef HAVE_LD_PIE #define ENDFILE_LINUX_SPEC "\ -%{shared|pie:crtendS.o%s;:crtend.o%s} \ +%{shared:crtendS.o%s} %{!shared:%(endfile_pie)} \ %{mnewlib:ecrtn.o%s;:crtn.o%s}" +#else +#define ENDFILE_LINUX_SPEC "\ +%{shared:crtendS.o%s;:crtend.o%s} \ +%{mnewlib:ecrtn.o%s;:crtn.o%s}" +#endif #define LINK_START_LINUX_SPEC "" diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/sparc/linux64.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/sparc/linux64.h --- gcc-4.3.1/gcc/config/sparc/linux64.h 2007-10-19 06:29:38.000000000 +0200 +++ gcc-4.3.1/gcc/config/sparc/linux64.h 2008-06-10 05:50:16.000000000 +0200 @@ -66,12 +66,12 @@ #ifdef HAVE_LD_PIE #define STARTFILE_SPEC \ - "%{!shared:%{pg|p:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}}\ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbeginS.o%s}" + "%{!shared: %{pg|p:gcrt1.o%s} %{!pg:%{!p:%(crtfile_pie)}} }\ + crti.o%s %{shared:crtbeginS.o%s} %{!shared:%(startfile_pie_t)}" #else #define STARTFILE_SPEC \ "%{!shared:%{pg|p:gcrt1.o%s;:crt1.o%s}}\ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbeginS.o%s}" + crti.o%s %{static:crtbeginT.o%s;shared:crtbeginS.o%s;:crtbeginS.o%s}" #endif /* Provide a ENDFILE_SPEC appropriate for GNU/Linux. Here we tack on @@ -81,10 +81,15 @@ GNU/Linux "finalizer" file, `crtn.o'. */ #undef ENDFILE_SPEC - +#ifdef HAVE_LD_PIE +#define ENDFILE_SPEC \ + "%{shared:crtendS.o%s} %{!shared:%(endfile_pie)} crtn.o%s\ + %{ffast-math|funsafe-math-optimizations:crtfastmath.o%s}" +#else #define ENDFILE_SPEC \ - "%{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s\ + "%{shared:crtendS.o%s;:crtend.o%s} crtn.o%s\ %{ffast-math|funsafe-math-optimizations:crtfastmath.o%s}" +#endif /* The GNU C++ standard library requires that these macros be defined. */ #undef CPLUSPLUS_CPP_SPEC @@ -281,7 +286,7 @@ %{T} \ %{Ym,*} \ %{Wa,*:%*} \ --s %{fpic|fPIC|fpie|fPIE:-K PIC} \ +-s %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_pie) \ %{mlittle-endian:-EL} \ %(asm_cpu) %(asm_arch) %(asm_relax)" diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/sparc/linux.h /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/config/sparc/linux.h --- gcc-4.3.1/gcc/config/sparc/linux.h 2007-08-02 12:49:31.000000000 +0200 +++ gcc-4.3.1/gcc/config/sparc/linux.h 2008-06-10 05:50:16.000000000 +0200 @@ -45,14 +45,14 @@ object constructed before entering `main'. */ #undef STARTFILE_SPEC -#if defined HAVE_LD_PIE +#ifdef HAVE_LD_PIE #define STARTFILE_SPEC \ - "%{!shared: %{pg|p:gcrt1.o%s;pie:Scrt1.o%s;:crt1.o%s}}\ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + "%{!shared: %{pg|p:gcrt1.o%s} %{!pg:%{!p:%(crtfile_pie)}} }\ + crti.o%s %{shared:crtbeginS.o%s} %{!shared:%(startfile_pie_t)}" #else #define STARTFILE_SPEC \ "%{!shared: %{pg|p:gcrt1.o%s;:crt1.o%s}}\ - crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" + crti.o%s %{static:crtbeginT.o%s;shared:crtbeginS.o%s;:crtbegin.o%s}" #endif /* Provide a ENDFILE_SPEC appropriate for GNU/Linux. Here we tack on @@ -62,9 +62,15 @@ GNU/Linux "finalizer" file, `crtn.o'. */ #undef ENDFILE_SPEC +#ifdef HAVE_LD_PIE #define ENDFILE_SPEC \ "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ - %{shared|pie:crtendS.o%s;:crtend.o%s} crtn.o%s" + %{shared:crtendS.o%s} %{!shared:%(endfile_pie)} crtn.o%s" +#else +#define ENDFILE_SPEC \ + "%{ffast-math|funsafe-math-optimizations:crtfastmath.o%s} \ + %{shared:crtendS.o%s;:crtend.o%s} crtn.o%s" +#endif /* This is for -profile to use -lc_p instead of -lc. */ #undef CC1_SPEC @@ -146,7 +152,7 @@ #undef ASM_SPEC #define ASM_SPEC \ "%{V} %{v:%{!V:-V}} %{!Qn:-Qy} %{n} %{T} %{Ym,*} %{Wa,*:%*} -s \ - %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_cpu) %(asm_relax)" + %{fpic|fPIC|fpie|fPIE:-K PIC} %(asm_pie) %(asm_cpu) %(asm_relax)" /* Same as sparc.h */ #undef DBX_REGISTER_NUMBER diff -ruN /var/tmp/portage/sys-devel/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/gcc.c /root/hardened/gcc-4.3.1-r1/work/gcc-4.3.1/gcc/gcc.c --- gcc-4.3.1/gcc/gcc.c 2008-06-10 06:16:06.000000000 +0200 +++ gcc-4.3.1/gcc/gcc.c 2008-06-10 05:50:16.000000000 +0200 @@ -704,11 +704,43 @@ #ifndef LINK_PIE_SPEC #ifdef HAVE_LD_PIE #define LINK_PIE_SPEC "%{pie:-pie} " +#define CC1_PIE_SPEC "%{pie:-fPIE}" +#define ASM_PIE_SPEC "%{pie:-K PIC}" #else #define LINK_PIE_SPEC "%{pie:} " +#define CC1_PIE_SPEC "" +#define ASM_PIE_SPEC "" #endif #endif +#ifndef CC1_HARDENED_SPEC +#define CC1_HARDENED_SPEC " %{!D__KERNEL__: %(cc1_pie) %(cc1_ssp) %(cc1_fortify) %(cc1_strict) }" +#endif +#ifndef CC1_SSP_SPEC +#define CC1_SSP_SPEC "" +#endif +#ifndef CC1_SSP_ALL_SPEC +#define CC1_SSP_ALL_SPEC "" +#endif +#ifndef CRTFILE_PIE_SPEC +#define CRTFILE_PIE_SPEC "%{static:crt1.o%s;pie:Scrt1.o%s;:crt1.o%s}" +#endif +#ifndef STARTFILE_PIE_SPEC +#define STARTFILE_PIE_SPEC "%{static:crtbegin.o%s;pie:crtbeginS.o%s;:crtbegin.o%s}" +#endif +#ifndef STARTFILE_PIE_T_SPEC +#define STARTFILE_PIE_T_SPEC "%{static:crtbeginT.o%s;pie:crtbeginS.o%s;:crtbegin.o%s}" +#endif +#ifndef ENDFILE_PIE_SPEC +#define ENDFILE_PIE_SPEC "%{pie:crtendS.o%s;:crtend.o%s}" +#endif +#ifndef LINK_RELRO_SPEC +#define LINK_RELRO_SPEC "%{norelro:}" +#endif +#ifndef LINK_NOW_SPEC +#define LINK_NOW_SPEC "%{nonow:}" +#endif + /* -u* was put back because both BSD and SysV seem to support it. */ /* %{static:} simply prevents an error message if the target machine doesn't handle -static. */ @@ -718,7 +750,7 @@ #ifndef LINK_COMMAND_SPEC #define LINK_COMMAND_SPEC "\ %{!fsyntax-only:%{!c:%{!M:%{!MM:%{!E:%{!S:\ - %(linker) %l " LINK_PIE_SPEC "%X %{o*} %{A} %{d} %{e*} %{m} %{N} %{n} %{r}\ + %(linker) %l %(link_pie) %(link_relro) %(link_now) %X %{o*} %{A} %{d} %{e*} %{m} %{N} %{n} %{r}\ %{s} %{t} %{u*} %{x} %{z} %{Z} %{!A:%{!nostdlib:%{!nostartfiles:%S}}}\ %{static:} %{L*} %(mfwrap) %(link_libgcc) %o\ %{fopenmp|ftree-parallelize-loops=*:%:include(libgomp.spec)%(link_gomp)} %(mflib)\ @@ -772,6 +804,17 @@ static const char *sysroot_spec = SYSROOT_SPEC; static const char *sysroot_suffix_spec = SYSROOT_SUFFIX_SPEC; static const char *sysroot_hdrs_suffix_spec = SYSROOT_HEADERS_SUFFIX_SPEC; +static const char *asm_pie_spec = ASM_PIE_SPEC; +static const char *cc1_ssp_spec = CC1_SSP_SPEC; +static const char *cc1_ssp_all_spec = CC1_SSP_ALL_SPEC; +static const char *cc1_pie_spec = CC1_PIE_SPEC; +static const char *crtfile_pie_spec = CRTFILE_PIE_SPEC; +static const char *endfile_pie_spec = ENDFILE_PIE_SPEC; +static const char *startfile_pie_spec = STARTFILE_PIE_SPEC; +static const char *startfile_pie_t_spec = STARTFILE_PIE_T_SPEC; +static const char *link_relro_spec = LINK_RELRO_SPEC; +static const char *link_now_spec = LINK_NOW_SPEC; +static const char *link_pie_spec = LINK_PIE_SPEC; /* Standard options to cpp, cc1, and as, to reduce duplication in specs. There should be no need to override these in target dependent files, @@ -1605,6 +1648,17 @@ INIT_STATIC_SPEC ("sysroot_spec", &sysroot_spec), INIT_STATIC_SPEC ("sysroot_suffix_spec", &sysroot_suffix_spec), INIT_STATIC_SPEC ("sysroot_hdrs_suffix_spec", &sysroot_hdrs_suffix_spec), + INIT_STATIC_SPEC ("asm_pie", &asm_pie_spec), + INIT_STATIC_SPEC ("cc1_ssp", &cc1_ssp_spec), + INIT_STATIC_SPEC ("cc1_ssp_all", &cc1_ssp_all_spec), + INIT_STATIC_SPEC ("cc1_pie", &cc1_pie_spec), + INIT_STATIC_SPEC ("crtfile_pie", &crtfile_pie_spec), + INIT_STATIC_SPEC ("endfile_pie", &endfile_pie_spec), + INIT_STATIC_SPEC ("startfile_pie", &startfile_pie_spec), + INIT_STATIC_SPEC ("startfile_pie_t", &startfile_pie_t_spec), + INIT_STATIC_SPEC ("link_relro", &link_relro_spec), + INIT_STATIC_SPEC ("link_now", &link_now_spec), + INIT_STATIC_SPEC ("link_pie", &link_pie_spec), }; #ifdef EXTRA_SPECS /* additional specs needed */