Hi
This patchset will add a new configure options --enable-default-pie.
With the new option enable will make it pass -fPIE and -pie from the gcc and
g++ frontend. Have only add the support for two targets but should work on
more targes. In configure.ac we add the new option. We can't compile the
compiler or the crt stuff with -fPIE it will brake the PCH and the crtbegin and
crtend files. The disabling is done in the Makefiles. The needed spec is added
to DRIVER_SELF_SPECS. We disable all the profiling test for the linking will
fail.Tested on x86_64 linux (Gentoo).
/Magnus Granberg
Changlog
2013-11-10 Magnus Granberg <zo...@gentoo.org>
/gcc
* config/gnu-user.h: Define PIE_DRIVER_SELF_SPECS for PIE
as default and GNU_DRIVER_SELF_SPECS.
* config/i386/gnu-user-common.h: Define DRIVER_SELF_SPECS
* configure.ac: Add new option that enable PIE as default.
* configure, config.in: Rebuild.
* Makefile.in: Disable PIE when building the compiler.
* doc/install.texi: Add the new configure option default PIE.
* doc/invoke.texi: Add note for the new configure option default PIE.
* testsuite/gcc/default-pie.c: New test for new configure option
--enale-default-pie
* testsuite/gcc.dg/other/anon5.C: Add skip test as it fail to link
on effective_target default_pie.
* testsuite/lib/target-supports.exp (check_profiling_available):
We can't use profiling on effective target default_pie.
(check_effective_target_pie): Add check_effective_target_default_pie.
/libgcc
* Makefile.in: Disable PIE when building the crtbegin/end files.
----
--- a/gcc/config/gnu-user.h 2013-08-20 10:31:40.000000000 +0200
+++ b/gcc/config/gnu-user.h 2013-10-23 22:01:42.337238981 +0200
@@ -134,3 +134,17 @@ see the files COPYING3 and COPYING.RUNTI
/* Additional libraries needed by -static-libtsan. */
#undef STATIC_LIBTSAN_LIBS
#define STATIC_LIBTSAN_LIBS "-ldl -lpthread"
+
+/* We use this to make the compiler use -fPIE as default and link
+ with -pie. */
+#ifdef ENABLE_DEFAULT_PIE
+#define PIE_DRIVER_SELF_SPECS \
+"%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \
+ shared|static|nostdlib|nostartfiles:;:-fPIE -pie}"
+#else
+#define PIE_DRIVER_SELF_SPECS ""
+#endif
+
+#ifndef GNU_DRIVER_SELF_SPECS
+#define GNU_DRIVER_SELF_SPECS PIE_DRIVER_SELF_SPECS
+#endif
--- a/gcc/config/i386/gnu-user-common.h 2013-01-10 21:38:27.000000000 +0100
+++ b/gcc/config/i386/gnu-user-common.h 2013-10-23 17:37:45.432767049 +0200
@@ -70,3 +70,8 @@ along with GCC; see the file COPYING3.
/* Static stack checking is supported by means of probes. */
#define STACK_CHECK_STATIC_BUILTIN 1
+
+/* Use GNU_DRIVER_SELF_SPECS. */
+#ifndef DRIVER_SELF_SPECS
+#define DRIVER_SELF_SPECS GNU_DRIVER_SELF_SPECS
+#endif
--- a/gcc/configure.ac 2013-09-25 18:10:35.000000000 +0200
+++ b/gcc/configure.ac 2013-10-22 21:26:56.287602139 +0200
@@ -5434,6 +5434,31 @@ if test x"${LINKER_HASH_STYLE}" != x; th
[The linker hash style])
fi
+# Check whether --enable-default-pie was given and target have the support.
+AC_ARG_ENABLE(default-pie,
+[AS_HELP_STRING([--enable-default-pie], [Enable Position independent executable as default.
+ If we have suppot for it when compiling and linking.
+ Linux targets supported i?86 and x86_64.])],
+enable_default_pie=$enableval,
+enable_default_pie=no)
+if test x$enable_default_pie = xyes; then
+ AC_MSG_CHECKING(if $target support to default with -fPIE and link with -pie as default)
+ enable_default_pie=no
+ case $target in
+ i?86*-*-linux* | x86_64*-*-linux*)
+ enable_default_pie=yes
+ ;;
+ *)
+ ;;
+ esac
+ AC_MSG_RESULT($enable_default_pie)
+fi
+if test x$enable_default_pie == xyes ; then
+ AC_DEFINE(ENABLE_DEFAULT_PIE, 1,
+ [Define if your target support default-pie and you have enable it.])
+fi
+AC_SUBST([enable_default_pie])
+
# Configure the subdirectories
# AC_CONFIG_SUBDIRS($subdirs)
--- a/gcc/Makefile.in 2013-10-02 21:52:27.000000000 +0200
+++ b/gcc/Makefile.in 2013-10-24 17:46:22.055357122 +0200
@@ -957,14 +957,23 @@ CONTEXT_H = context.h
# cross compiler which does not use the native headers and libraries.
INTERNAL_CFLAGS = -DIN_GCC @CROSS@
+# We don't want to compile the compiler with -fPIE, it make PCH fail.
+enable_default_pie = @enable_default_pie@
+ifeq ($(enable_default_pie),yes)
+NOPIE_CFLAGS = -fno-PIE
+else
+NOPIE_CFLAGS=
+endif
+
# This is the variable actually used when we compile. If you change this,
# you probably want to update BUILD_CFLAGS in configure.ac
-ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \
+ALL_CFLAGS = $(NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \
$(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@
# The C++ version.
-ALL_CXXFLAGS = $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) $(INTERNAL_CFLAGS) \
- $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) $(WARN_CXXFLAGS) @DEFS@
+ALL_CXXFLAGS = $(NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) \
+ $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) \
+ $(WARN_CXXFLAGS) @DEFS@
# Likewise. Put INCLUDES at the beginning: this way, if some autoconf macro
# puts -I options in CPPFLAGS, our include files in the srcdir will always
@@ -1805,6 +1814,7 @@ libgcc.mvars: config.status Makefile spe
echo GCC_CFLAGS = '$(GCC_CFLAGS)' >> tmp-libgcc.mvars
echo INHIBIT_LIBC_CFLAGS = '$(INHIBIT_LIBC_CFLAGS)' >> tmp-libgcc.mvars
echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
+ echo enable_default_pie = '$(enable_default_pie)' >> tmp-libgcc.mvars
mv tmp-libgcc.mvars libgcc.mvars
@@ -3460,6 +3470,9 @@ site.exp: ./config.status Makefile
@if test "@enable_lto@" = "yes" ; then \
echo "set ENABLE_LTO 1" >> ./site.tmp; \
fi
+ @if test "@enable_default_pie@" = "yes" ; then \
+ echo "set ENABLE_DEFAULT_PIE 1" >> ./site.tmp; \
+ fi
# If newlib has been configured, we need to pass -B to gcc so it can find
# newlib's crt0.o if it exists. This will cause a "path prefix not used"
# message if it doesn't, but the testsuite is supposed to ignore the message -
--- a/libgcc/Makefile.in 2011-11-22 04:01:02.000000000 +0100
+++ b/libgcc/Makefile.in 2012-06-29 00:15:04.534016511 +0200
@@ -275,11 +275,17 @@ override CFLAGS := $(filter-out -fprofil
INTERNAL_CFLAGS = $(CFLAGS) $(LIBGCC2_CFLAGS) $(HOST_LIBGCC2_CFLAGS) \
$(INCLUDES) @set_have_cc_tls@ @set_use_emutls@
+#Don't use -fPIE when compiling crtbegin/end.
+ifeq ($(enable_default_pie),yes)
+NOPIE_CFLAGS = -fno-PIE
+else
+NOPIE_CFLAGS=
+endif
# Options to use when compiling crtbegin/end.
CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
-finhibit-size-directive -fno-inline -fno-exceptions \
-fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
- -fno-stack-protector \
+ -fno-stack-protector $(NOPIE_CFLAGS) \
$(INHIBIT_LIBC_CFLAGS)
# Extra flags to use when compiling crt{begin,end}.o.
--- a/gcc/doc/install.texi 2013-10-01 19:29:40.000000000 +0200
+++ b/gcc/doc/install.texi 2013-11-09 15:40:20.831402110 +0100
@@ -1421,6 +1421,11 @@ do a @samp{make -C gcc gnatlib_and_tools
Specify that the run-time libraries for stack smashing protection
should not be built.
+@item --enable-default-pie
+We will turn on @option{-fPIE} and @option{-pie} as default when
+compileing and linking if the support is there. We only support
+i?86-*-linux* and x86-64-*-linux* as target for now.
+
@item --disable-libquadmath
Specify that the GCC quad-precision math library should not be built.
On some systems, the library is required to be linkable when building
--- a/gcc/doc/invoke.texi 2012-03-01 10:57:59.000000000 +0100
+++ b/gcc/doc/invoke.texi 2012-07-30 00:57:03.766847851 +0200
@@ -9457,6 +9480,12 @@ For predictable results, you must also s
that were used to generate code (@option{-fpie}, @option{-fPIE},
or model suboptions) when you specify this option.
+NOTE: With configure --enable-default-pie this option is enabled by default
+for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie},
+@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic},
+@option{-nostdlib}, @option{-nostartfiles}, @option{-shared},
+@option{-nodefaultlibs}, nor @option{static} are found.
+
@item -rdynamic
@opindex rdynamic
Pass the flag @option{-export-dynamic} to the ELF linker, on targets
@@ -19125,6 +19154,12 @@ used during linking.
@code{__pie__} and @code{__PIE__}. The macros have the value 1
for @option{-fpie} and 2 for @option{-fPIE}.
+NOTE: With configure --enable-default-pie this option is enabled by default
+for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie},
+@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic},
+@option{-nostdlib}, @option{-nostartfiles}, @option{-shared},
+@option{-nodefaultlibs}, nor @option{static} are found.
+
@item -fno-jump-tables
@opindex fno-jump-tables
Do not use jump tables for switch statements even where it would be
--- a/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:07:16.741479728 +0100
+++ b/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:05:07.801479218 +0100
@@ -0,0 +1,12 @@
+/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
+/* { dg-require-effective-target default_pie } */
+/* { dg-options "-O2" } */
+int foo (void);
+
+int
+main (void)
+{
+ return foo ();
+}
+
+/* { dg-final { scan-assembler "foo@PLT" } } */
--- a/gcc/testsuite/g++.dg/other/anon5.C 2012-11-10 15:34:42.000000000 +0100
+++ b/gcc/testsuite/g++.dg/other/anon5.C 2013-11-09 14:49:52.281390127 +0100
@@ -1,5 +1,6 @@
// PR c++/34094
// { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* } } } }
+// { dg-skip-if "" { default_pie } { "*" } { "" } }
// { dg-options "-g" }
// Ignore additional message on powerpc-ibm-aix
// { dg-prune-output "obtain more information" } */
--- a/gcc/testsuite/lib/target-supports.exp 2013-10-01 11:18:30.000000000 +0200
+++ b/gcc/testsuite/lib/target-supports.exp 2013-10-25 22:01:46.743388469 +0200
@@ -474,6 +474,11 @@ proc check_profiling_available { test_wh
}
}
+ # Profiling don't work with default -fPIE -pie.
+ if { [check_effective_target_default_pie] } {
+ return 0
+ }
+
# Support for -p on solaris2 relies on mcrt1.o which comes with the
# vendor compiler. We cannot reliably predict the directory where the
# vendor compiler (and thus mcrt1.o) is installed so we can't
@@ -839,6 +844,14 @@ proc check_effective_target_pie { } {
return 0
}
+# Return 1 if -pie, -fPIE are default enable, 0 otherwise.
+
+proc check_effective_target_default_pie { } {
+ global ENABLE_DEFAULT_PIE
+ return [info exists ENABLE_DEFAULT_PIE]
+ return 0
+}
+
# Return true if the target supports -mpaired-single (as used on MIPS).
proc check_effective_target_mpaired_single { } {
