fredag 07 september 2012 18.52.11 skrev du:
> On Fri, 7 Sep 2012, Magnus Granberg wrote:
> > * Makefile.in Add
> > -fno-stack-protector when
> >
> > needed for espf.
>
> Toplevel Makefile.in is a generated file. You need to patch Makefile.def
> or Makefile.tpl and regenerate Makefile.in.
>
> I'm surprised this passes bootstrap, since I wouldn't expect bootstrap to
> avoid -Wformat-security warnings, and all the previous patch submissions I
> recall to avoid such warnings have been incorrect (you can't just change
> error (msg) to error ("%s", msg) when the reason the code is written how
> it is is that no-argument formats such as %< and %> may appear in msg and
> need interpreting).
Have updated Makefile and configure patch and it bootstrap with --enable-werror
did't have that enable last time. Have new changelog to.
Thank you for the help.
Gentoo Hardened Project
Magnus Granberg
2012-09-10 Magnus Granberg <zo...@gentoo.org
* configure.ac Add new configure
options espf.
* Makefile.tpl Add
-fno-stack-protector when
needed for espf.
* configure Regenerated
* Makefile.in Likewise.
gcc/
* configure.ac Add new configure options espf.
Add -Wno-format-security to warn flags.
* configure Regenerated
* config.in Regenerated
* Makefile.in Add -fno-PIE when needed for
espf.
* config/gnu-user.h Define
ESPF_GCC_PIE_SPEC,
ESPF_GCC_SSP_SPEC, ESPF_CPP_UNIQUE_OPTIONS_SPEC,
ESPF_DRIVER_SELF_SPECS and ESPF_EXTRA_SPECS.
* config/i386/gnu-user64.h Define DRIVER_SELF_SPECS.
* config/i386/gnu-user.h Add ESPF_EXTRA_SPECS to
SUBTARGET_EXTRA_SPECS when needed. Define
DRIVER_SELF_SPECS.
* config/i386/i386.h Add ESPF_EXTRA_SPECS to
SUBTARGET_EXTRA_SPECS when needed.
* gcc.c Add espf_cpp_unique_options
to cpp_unique_options when needed.
* c-family/c-common.c Enable warn_format when espf is
enable.
* c-family/c-format.c Enable warn_format_security when
needed by espf.
libgcc/
* libgcc/Makefile.in Add -fno-PIE when needed for
espf.
libcpp/
* configure.ac Add -Wno-format-security to
warn
flags.
* configure Regenerated
* config.in Regenerated
2012-09-10 Magnus Granberg <zo...@gentoo.org>
Kees Cook <k...@ubuntu.com>
gcc/doc/
* invoke.texi Add notes to -Wformat,
-Wformat-security, -O2, -fstack-protector, -fPIE and
-pie for espf.
* install.texi Add new configure options
2012-08-26 Magnus Granberg <zo...@gentoo.org>
Kees Cook <k...@ubuntu.com>
gcc/testsuite
* gcc.dg/charset/builtin2.c Add
-Wno-format when effective_target is espf.
* gcc.dg/format/format.exp Likewise.
* gcc.dg/pr30473.c Likewise.
* gcc.dg/pr38902.c Likewise.
* gcc.dg/ipa/ipa-sra-1.c Likewise.
* gcc.dg/torture/tls/tls-test.c Likewise.
* g++.dg/abi/pragma-pack1.C Likewise.
* g++.dg/cpp0x/constexpr-tuple.C Likewise.
* lib/target-supports.exp Add
check_effective_target_espf.
* gcc.c-torture/execute/memset-1.x New file
* gcc.c-torture/execute/vprintf-chk-1.x Likewise.
* gcc.c-torture/execute/vfprintf-chk-1.x Likewise.
* gcc.dg/stack-usage-1.c Add -fno-stack-protector
when effective_target is espf.
* gcc.dg/superblock.c Likewise.
* gcc.dg/20021014-1.c Add -fno-PIE when
effective_target is espf.
* gcc.dg/nest.c Likewise.
* gcc.dg/nested-func-4.c Likewise.
* gcc.dg/pr32450.c Likewise.
* gcc.dg/pr43643.c Likewise.
* g++.dg/other/anon5.C Likewise.
* g++.old-deja/g++.law/profile1.C Likewise.
* gcc.dg/tree-ssa/ssa-store-ccp-3.c Skip the test.
2012-08-27 Magnus Granberg <zo...@gentoo.org>
Kees Cook <k...@ubuntu.com>
gcc/testsuite/
PR 39537
* g++.dg/ext/align1.C Remove printf
* g++.old-deja/g++.law/operators28.C Fix format-string/type.
* gcc.dg/torture/matrix-2.c Likewise.
* gcc.dg/packed-vla.c Likewise.
* g++.dg/opt/alias2.C Likewise.
* g++.old-deja/g++.abi/vbase1.C Likewise.
* g++.old-deja/g++.brendan/template8.C Likewise.
* g++.old-deja/g++.eh/ptr1.C
Likewise.
* g++.old-deja/g++.jason/access23.C Likewise.
* g++.old-deja/g++.law/cvt8.C Likewise.
* g++.old-deja/g++.mike/net35.C Likewise.
* g++.old-deja/g++.mike/offset1.C
Likewise.
* g++.old-deja/g++.mike/p12306.C
Likewise.
* g++.old-deja/g++.mike/p3579.C Likewise.
* g++.old-deja/g++.mike/p3708a.C
Likewise.
* g++.old-deja/g++.mike/p3708b.C
Likewise.
* g++.old-deja/g++.mike/p3708.C Likewise.
* g++.old-deja/g++.mike/p646.C Likewise.
* g++.old-deja/g++.mike/p710.C Likewise.
* g++.old-deja/g++.mike/p789a.C Likewise.
* g++.old-deja/g++.mike/pmf2.C Likewise.
* g++.old-deja/g++.mike/temp.C Likewise.
* g++.old-deja/g++.other/temporary1.C Likewise.
* g++.old-deja/g++.other/virtual8.C Likewise.
* g++.old-deja/g++.pt/memtemp23.C Likewise.
* g++.old-deja/g++.pt/memtemp24.C Likewise.
* g++.old-deja/g++.pt/memtemp25.C Likewise.
* g++.old-deja/g++.pt/memtemp26.C Likewise.
* g++.old-deja/g++.pt/t39.C
Likewise.
* g++.old-deja/g++.robertl/eb17.C
Likewise.
--- a/configure.ac 2012-02-02 11:20:32.000000000 +0100
+++ b/configure.ac 2012-07-01 00:44:27.845218414 +0200
@@ -424,6 +424,36 @@ AC_ARG_ENABLE(libssp,
ENABLE_LIBSSP=$enableval,
ENABLE_LIBSSP=yes)
+# Check whether --enable-espf was given and target have the support.
+AC_ARG_ENABLE([espf],
+[AS_HELP_STRING([--enable-espf[=ARG]],
+ [Enable Stack protector, Position independent executable and
+ Fortify_source as default. If we have suppot for it when compiling.
+ Linux targets supported i?86 and x86_64.
+ @<:@ARG={all,pie,ssp,no}@:>@ ])],
+set_enable_espf=$enableval,
+set_enable_espf=no)
+case "${set_enable_espf}" in
+ all|pie|ssp)
+ case $target in
+ i?86*-*-linux* | x86_64*-*-linux*)
+ enable_espf=yes
+ ;;
+ *)
+ enable_espf=no
+ AC_MSG_WARN([*** --enable-espf is not supported on this $target target.])
+ ;;
+ esac
+ ;;
+ no)
+ enable_espf=no
+ ;;
+ *)
+ AC_MSG_ERROR([invalid --enable-espf argument])
+ ;;
+esac
+AC_SUBST([enable_espf])
+
# Save it here so that, even in case of --enable-libgcj, if the Java
# front-end isn't enabled, we still get libgcj disabled.
libgcj_saved=$libgcj
@@ -3213,6 +3242,11 @@ if test "$GCC" = yes -a "$ENABLE_BUILD_W
CFLAGS="$saved_CFLAGS"
fi
+# Disable -fstack-protector on stage1
+if test x$enable_espf = xyes; then
+ stage1_cflags="$stage1_cflags -fno-stack-protector"
+fi
+
AC_SUBST(stage1_cflags)
# Enable --enable-checking in stage1 of the compiler.
--- a/gcc/configure.ac 2012-02-22 12:27:45.000000000 +0100
+++ b/gcc/configure.ac 2012-07-01 00:43:14.054216215 +0200
@@ -342,7 +342,8 @@ GCC_STDINT_TYPES
# So, we only use -pedantic if we can disable those warnings.
ACX_PROG_CC_WARNING_OPTS(
- m4_quote(m4_do([-W -Wall -Wno-narrowing -Wwrite-strings -Wcast-qual])), [loose_warn])
+ m4_quote(m4_do([-W -Wall -Wno-narrowing -Wwrite-strings -Wcast-qual \
+ -Wno-format-security])), [loose_warn])
ACX_PROG_CC_WARNING_OPTS(
m4_quote(m4_do([-Wstrict-prototypes -Wmissing-prototypes])),
[c_loose_warn])
@@ -5193,6 +5193,156 @@ if test x"${LINKER_HASH_STYLE}" != x; th
[The linker hash style])
fi
+# --------------
+# Espf checks
+# --------------
+
+# Check whether --enable-espf was given and target have the support.
+AC_ARG_ENABLE([espf],
+[AS_HELP_STRING([--enable-espf[=ARG]],
+ [Enable Stack protector, Position independent executable and
+ Fortify_source as default. If we have suppot for it when compiling.
+ Linux targets supported i?86 and x86_64.
+ @<:@ARG={all,pie,ssp,no}@:>@ ])],
+set_enable_espf=$enableval,
+set_enable_espf=no)
+case "${set_enable_espf}" in
+ all|pie|ssp)
+ AC_MSG_CHECKING(if $target support espf)
+ case $target in
+ i?86*-*-linux* | x86_64*-*-linux*)
+ enable_espf=yes
+ AC_DEFINE(ENABLE_ESPF, 1,
+ [Define if your target support espf and you have enable it.])
+ ;;
+ *)
+ enable_espf=no
+ AC_MSG_WARN([*** --enable-espf is not supported on this $target target.])
+ ;;
+ esac
+ AC_MSG_RESULT($enable_espf)
+ ;;
+ no)
+ enable_espf=no
+ ;;
+ *)
+ AC_MSG_ERROR([invalid --enable-espf argument])
+ ;;
+esac
+AC_SUBST([enable_espf])
+if test x$enable_espf = xyes ; then
+
+# Check for FORTIFY_SOURCE support in target C library.
+ AC_CACHE_CHECK(for _FORTIFY_SOURCE support in target C library,
+ gcc_cv_libc_provides_fortify,
+ [gcc_cv_libc_provides_fortify=no
+ case "$target" in
+ *-*-linux*)
+ [# glibc 2.8 and later provides _FORTIFY_SOURCE.
+ # uClibc 0.9.32 and later provides _FORTIFY_SOURCE.
+ if test -f $target_header_dir/features.h; then
+ if $EGREP '^[ ]*#[ ]*define[ ]+__GLIBC__[ ]+2' \
+ $target_header_dir/features.h > /dev/null \
+ && $EGREP '^[ ]*#[ ]*define[ ]+__GLIBC_MINOR__[ ]+([1-9][0-9]|[8-9])' \
+ $target_header_dir/features.h > /dev/null; then
+ gcc_cv_libc_provides_fortify=yes
+ elif $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC__[ ]+1' \
+ $target_header_dir/features.h > /dev/null; then
+ if test -f $target_header_dir/bits/uClibc_config.h && \
+ $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_SUBLEVEL__[ ]+([3-9][2-9]|[4-9][0-9])' \
+ $target_header_dir/bits/uClibc_config.h > /dev/null; then
+ gcc_cv_libc_provides_fortify=yes
+ else
+ gcc_cv_libc_provides_fortify=no
+ fi
+ fi
+ fi]
+ ;;
+ *) gcc_cv_libc_provides_fortify=no ;;
+ esac])
+
+ AC_MSG_CHECKING(if we can default to use -fPIE and link with -pie)
+ enable_espf_pie=no
+ if test x$gcc_cv_ld_pie = xyes ;then
+ if test x$set_enable_espf = xall || test x$set_enable_espf = xpie; then
+ saved_LDFLAGS="$LDFLAGS"
+ saved_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -fPIE -Werror"
+ LDFLAGS="$LDFLAGS -fPIE -pie"
+ AC_TRY_LINK(,,
+ [AC_MSG_RESULT([yes]); enable_espf_pie=yes],)
+ LDFLAGS="$saved_LDFLAGS"
+ CFLAGS="$saved_CFLAGS"
+ fi
+ fi
+ if test x$enable_espf_pie = xyes ; then
+ AC_DEFINE(ENABLE_ESPF_PIE, 1,
+ [Define if your compiler will default to use -fPIE and link with -pie.])
+ else
+ AC_MSG_RESULT([no])
+ fi
+
+ AC_MSG_CHECKING(if we can default to use -fstack-protector)
+ ssp_link_test=no
+ enable_espf_ssp=no
+ if test x$gcc_cv_libc_provides_ssp = xyes && test x$set_have_as_tls = xyes; then
+ if $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC__[ ]+1' \
+ $target_header_dir/features.h > /dev/null; then
+ if test -f $target_header_dir/bits/uClibc_config.h && \
+ $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_SUBLEVEL__[ ]+([3-9][2-9]|[4-9][0-9])' \
+ $target_header_dir/bits/uClibc_config.h > /dev/null && \
+ $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_HAS_TLS__[ ]+1' \
+ $target_header_dir/bits/uClibc_config.h > /dev/null; then
+ ssp_link_test=yes
+ fi
+ else
+ ssp_link_test=yes
+ fi
+ fi
+ if test x$ssp_link_test=xyes; then
+ if test x$set_enable_espf = xall || test x$set_enable_espf = xssp; then
+ saved_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -O2 -fstack-protector -Werror"
+ AC_TRY_LINK(,,
+ [AC_MSG_RESULT([yes]); enable_espf_ssp=yes],)
+ CFLAGS="$saved_CFLAGS"
+ fi
+ fi
+ if test x$enable_espf_ssp = xyes ; then
+ AC_DEFINE(ENABLE_ESPF_SSP, 1,
+ [Define if your compiler will default to use -fstack-protector.])
+ else
+ AC_MSG_RESULT([no])
+ fi
+
+ AC_MSG_CHECKING(if we can default to use -D_FORTIFY_SOURCE=2)
+ if test x$gcc_cv_libc_provides_fortify = xyes; then
+ saved_CFLAGS="$CFLAGS"
+ saved_CPPFLAGS="$CPPFLAGS"
+ CFLAGS="$CFLAGS -O2 -Werror"
+ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2"
+ AC_TRY_LINK([
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+ ],[
+ open ("/tmp/foo", O_WRONLY | O_CREAT);
+ ],
+ [AC_MSG_RESULT([no]); enable_espf_fortify=no],
+ [AC_MSG_RESULT([yes]); enable_espf_fortify=yes])
+ CFLAGS="$saved_CFLAGS"
+ CPPFLAGS="$saved_CPPFLAGS"
+ else
+ AC_MSG_RESULT([no])
+ enable_espf_fortify=no
+ fi
+ if test x$enable_espf_fortify = xyes ; then
+ AC_DEFINE(ENABLE_ESPF_FORTIFY, 1,
+ [Define if your compiler will default to use -D_FORTIFY_SOURCE=2.])
+ fi
+
+fi
+
# Configure the subdirectories
# AC_CONFIG_SUBDIRS($subdirs)
--- a/libcpp/configure.ac 2012-02-14 11:02:21.000000000 +0100
+++ b/libcpp/configure.ac 2012-09-10 01:27:54.618064325 +0200
@@ -34,7 +34,7 @@ AC_CHECK_PROGS([AUTOHEADER], [autoheader
# See config/warnings.m4 for details.
ACX_PROG_CC_WARNING_OPTS([-W -Wall -Wno-narrowing -Wwrite-strings \
- -Wmissing-format-attribute], [warn])
+ -Wmissing-format-attribute -Wno-format-security], [warn])
ACX_PROG_CC_WARNING_OPTS([-Wstrict-prototypes -Wmissing-prototypes \
-Wold-style-definition -Wc++-compat], [c_warn])
ACX_PROG_CC_WARNING_ALMOST_PEDANTIC([-Wno-long-long])
--- a/Makefile.tpl 2012-01-02 11:59:04.000000000 +0100
+++ b/Makefile.tpl 2012-06-29 00:11:30.886010145 +0200
@@ -362,9 +362,17 @@ WINDRES_FOR_BUILD = @WINDRES_FOR_BUILD@
BUILD_PREFIX = @BUILD_PREFIX@
BUILD_PREFIX_1 = @BUILD_PREFIX_1@
+# Disable SSP on BOOT_CFLAGS, LIBCFLAGS and LIBCXXFLAGS
+enable_espf = @enable_espf@
+ifeq ($(enable_espf),yes)
+ESPF_NOSSP_CFLAGS = -fno-stack-protector
+else
+ESPF_NOSSP_CFLAGS=
+endif
+
# Flags to pass to stage2 and later makes. They are defined
# here so that they can be overridden by Makefile fragments.
-BOOT_CFLAGS= -g -O2
+BOOT_CFLAGS= -g -O2 $(ESPF_NOSSP_CFLAGS)
BOOT_LDFLAGS=
BOOT_ADAFLAGS=-gnatpg -gnata
@@ -410,9 +418,9 @@ GNATMAKE = @GNATMAKE@
CFLAGS = @CFLAGS@
LDFLAGS = @LDFLAGS@
-LIBCFLAGS = $(CFLAGS)
+LIBCFLAGS = $(CFLAGS) $(ESPF_NOSSP_CFLAGS)
CXXFLAGS = @CXXFLAGS@
-LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates
+LIBCXXFLAGS = $(CXXFLAGS) -fno-implicit-templates $(ESPF_NOSSP_CFLAGS)
GOCFLAGS = $(CFLAGS)
TFLAGS =
--- a/gcc/Makefile.in 2012-02-11 09:50:23.000000000 +0100
+++ b/gcc/Makefile.in 2012-06-29 00:07:45.230003420 +0200
@@ -973,14 +973,23 @@ LIBFUNCS_H = libfuncs.h $(HASHTAB_H)
# cross compiler which does not use the native headers and libraries.
INTERNAL_CFLAGS = -DIN_GCC @CROSS@
+# We don't want to compile the compiler with -fPIE, it make PCH fail.
+enable_espf = @enable_espf@
+ifeq ($(enable_espf),yes)
+ESPF_NOPIE_CFLAGS = -fno-PIE
+else
+ESPF_NOPIE_CFLAGS=
+endif
+
# This is the variable actually used when we compile. If you change this,
# you probably want to update BUILD_CFLAGS in configure.ac
-ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \
+ALL_CFLAGS = $(ESPF_NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \
$(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@
# The C++ version.
-ALL_CXXFLAGS = $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) $(INTERNAL_CFLAGS) \
- $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) $(WARN_CXXFLAGS) @DEFS@
+ALL_CXXFLAGS =$(ESPF_NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) \
+ $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) \
+ $(WARN_CXXFLAGS) @DEFS@
# Likewise. Put INCLUDES at the beginning: this way, if some autoconf macro
# puts -I options in CPPFLAGS, our include files in the srcdir will always
@@ -1815,6 +1824,7 @@ libgcc.mvars: config.status Makefile spe
echo GCC_CFLAGS = '$(GCC_CFLAGS)' >> tmp-libgcc.mvars
echo INHIBIT_LIBC_CFLAGS = '$(INHIBIT_LIBC_CFLAGS)' >> tmp-libgcc.mvars
echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
+ echo enable_espf = '$(enable_espf)' >> tmp-libgcc.mvars
mv tmp-libgcc.mvars libgcc.mvars
@@ -4893,6 +4903,9 @@ site.exp: ./config.status Makefile
@if test "@enable_lto@" = "yes" ; then \
echo "set ENABLE_LTO 1" >> ./site.tmp; \
fi
+ @if test "@enable_espf@" = "yes" ; then \
+ echo "set ENABLE_ESPF 1" >> ./site.tmp; \
+ fi
# If newlib has been configured, we need to pass -B to gcc so it can find
# newlib's crt0.o if it exists. This will cause a "path prefix not used"
# message if it doesn't, but the testsuite is supposed to ignore the message -
--- a/libgcc/Makefile.in 2011-11-22 04:01:02.000000000 +0100
+++ b/libgcc/Makefile.in 2012-06-29 00:15:04.534016511 +0200
@@ -275,11 +275,16 @@ override CFLAGS := $(filter-out -fprofil
INTERNAL_CFLAGS = $(CFLAGS) $(LIBGCC2_CFLAGS) $(HOST_LIBGCC2_CFLAGS) \
$(INCLUDES) @set_have_cc_tls@ @set_use_emutls@
+ifeq ($(enable_espf),yes)
+ESPF_NOPIE_CFLAGS = -fno-PIE
+else
+ESPF_NOPIE_CFLAGS=
+endif
# Options to use when compiling crtbegin/end.
CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
-finhibit-size-directive -fno-inline -fno-exceptions \
-fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
- -fno-stack-protector \
+ -fno-stack-protector $(ESPF_NOPIE_CFLAGS) \
$(INHIBIT_LIBC_CFLAGS)
# Extra flags to use when compiling crt{begin,end}.o.
