--- a/configure.ac 2011-11-29 22:36:43.000000000 +0100 +++ b/configure.ac 2011-12-07 23:29:26.125712475 +0100 @@ -419,6 +419,24 @@ if test "${ENABLE_LIBADA}" != "yes" ; th noconfigdirs="$noconfigdirs gnattools" fi +# Check whether --enable-espf was given and target have the support. +AC_ARG_ENABLE([espf], +[AS_HELP_STRING([--enable-espf], + [Enable Stack protector, Position independent executable as + default if we have suppot for it when compiling. + Linux targets supported i*86, x86_64 and x86_x32.])], +[ + case $target in + i?86*-*-linux* | x86_??*-*-linux*) + enable_espf=yes + ;; + *) + AC_MSG_WARN([*** --enable-espf is not supported on this $target target.]) + ;; + esac +]) +AC_SUBST([enable_espf]) + AC_ARG_ENABLE(libssp, [AS_HELP_STRING([--enable-libssp], [build libssp directory])], ENABLE_LIBSSP=$enableval, @@ -3211,6 +3230,11 @@ if test "$GCC" = yes -a "$ENABLE_BUILD_W CFLAGS="$saved_CFLAGS" fi +# Disable -fstack-protector on stage1 +if test x$enable_espf = xyes; then + stage1_cflags="$stage1_cflags -fno-stack-protector" +fi + AC_SUBST(stage1_cflags) # Enable --enable-checking in stage1 of the compiler. --- a/gcc/configure.ac 2011-11-18 11:52:32.000000000 +0100 +++ b/gcc/configure.ac 2012-04-04 16:18:00.269968226 +0200 @@ -5130,6 +5146,148 @@ if test x"${LINKER_HASH_STYLE}" != x; th [The linker hash style]) fi +# -------------- +# Espf checks +# -------------- + +# Check whether --enable-espf was given and target have the support. +AC_ARG_ENABLE([espf], +[AS_HELP_STRING([--enable-espf], + [Enable Stack protector, Position independent executable and + Fortify_sources as default if we have suppot for it when compiling. + Linux targets supported i*86, x86_64, and x86_x32.])], + set_enable_espf=$enableval, + set_enable_espf=no) +if test $set_enable_espf = yes ; then + AC_MSG_CHECKING(if $target support espf) +if test $set_enable_espf = yes ; then + case "$target" in + i?86*-*-linux* | x86_??*-*-linux*) + enable_espf=yes + AC_DEFINE(ENABLE_ESPF, 1, + [Define if your target support espf and you have enable it.]) + ;; + *) + enable_espf=no + ;; + esac +else + enable_espf=no +fi +AC_MSG_RESULT($enable_espf) +fi +AC_SUBST([enable_espf]) +if test $enable_espf = yes ; then + +# Check for FORTIFY_SOURCES support in target C library. + AC_CACHE_CHECK(for _FORTIFY_SOURCES support in target C library, + gcc_cv_libc_provides_fortify, + [gcc_cv_libc_provides_fortify=no + case "$target" in + *-*-linux*) + [# glibc 2.8 and later provides _FORTIFY_SOURCES. + # uClibc 0.9.32 and later provides _FORTIFY_SOURCES. + if test -f $target_header_dir/features.h; then + if $EGREP '^[ ]*#[ ]*define[ ]+__GLIBC__[ ]+2' \ + $target_header_dir/features.h > /dev/null \ + && $EGREP '^[ ]*#[ ]*define[ ]+__GLIBC_MINOR__[ ]+([1-9][0-9]|[8-9])' \ + $target_header_dir/features.h > /dev/null; then + gcc_cv_libc_provides_fortify=yes + elif $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC__[ ]+1' \ + $target_header_dir/features.h > /dev/null; then + if test -f $target_header_dir/bits/uClibc_config.h && \ + $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_SUBLEVEL__[ ]+([3-9][2-9]|[4-9][0-9])' \ + $target_header_dir/bits/uClibc_config.h > /dev/null; then + gcc_cv_libc_provides_fortify=yes + else + gcc_cv_libc_provides_fortify=no + fi + fi + fi] + ;; + *) gcc_cv_libc_provides_fortify=no ;; + esac]) + + AC_MSG_CHECKING(if we can default to use -fPIE and link with -pie) + if test x$gcc_cv_ld_pie = xyes; then + saved_LDFLAGS="$LDFLAGS" + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fPIE -Werror" + LDFLAGS="$LDFLAGS -fPIE -pie" + AC_TRY_LINK(,, + [AC_MSG_RESULT([yes]); enable_espf_pie=yes], + [AC_MSG_RESULT([no]); enable_espf_pie=no]) + LDFLAGS="$saved_LDFLAGS" + CFLAGS="$saved_CFLAGS" + else + AC_MSG_RESULT([no]) + enable_espf_pie=no + fi + + if test $enable_espf_pie = yes ; then + AC_DEFINE(ENABLE_ESPF_PIE, 1, + [Define if your compiler will default to use -fPIE and link with -pie.]) + fi + + AC_MSG_CHECKING(if we can default to use -fstack-protector) + ssp_link_test=no + if test x$gcc_cv_libc_provides_ssp = xyes && test x$set_have_as_tls = yes; then + if $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC__[ ]+1' \ + $target_header_dir/features.h > /dev/null; then + if test -f $target_header_dir/bits/uClibc_config.h && \ + $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_SUBLEVEL__[ ]+([3-9][2-9]|[4-9][0-9])' \ + $target_header_dir/bits/uClibc_config.h > /dev/null && \ + $EGREP '^[ ]*#[ ]*define[ ]+__UCLIBC_HAS_TLS__[ ]+1' \ + $target_header_dir/bits/uClibc_config.h > /dev/null; then + ssp_link_test=yes + fi + else + ssp_link_test=yes + fi + fi + if test x$ssp_link_test=xyes ; then + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -O2 -fstack-protector -Werror" + AC_TRY_LINK(,, + [AC_MSG_RESULT([yes]); enable_espf_ssp=yes], + [AC_MSG_RESULT([no]); enable_espf_ssp=no]) + CFLAGS="$saved_CFLAGS" + else + AC_MSG_RESULT([no]) + enable_espf_ssp=no + fi + if test $enable_espf_ssp = yes ; then + AC_DEFINE(ENABLE_ESPF_SSP, 1, + [Define if your compiler will default to use -fstack-protector.]) + fi + + AC_MSG_CHECKING(if we can default to use -D_FORTIFY_SOURCES=2) + if test x$gcc_cv_libc_provides_fortify = xyes; then + saved_CFLAGS="$CFLAGS" + saved_CPPFLAGS="$CPPFLAGS" + CFLAGS="$CFLAGS -O2 -Werror" + CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCES=2" + AC_TRY_LINK([ + #include + #include + #include + ],[ + open ("/tmp/foo", O_WRONLY | O_CREAT); + ], + [AC_MSG_RESULT([no]); enable_espf_fortify=no], + [AC_MSG_RESULT([yes]); enable_espf_fortify=yes]) + CFLAGS="$saved_CFLAGS" + CPPFLAGS="$saved_CPPFLAGS" + else + [AC_MSG_RESULT([no]); enable_espf_fortify=no] + fi + if test x$enable_espf_fortify = xyes ; then + AC_DEFINE(ENABLE_ESPF_FORTIFY, 1, + [Define if your compiler will default to use -D_FORTIFY_SOURCES=2.]) + fi + +fi + # Configure the subdirectories # AC_CONFIG_SUBDIRS($subdirs)