configure: Implement --enable-host-pie

This patch implements the --enable-host-pie configure option which
makes the compiler executables PIE.  This can be used to enhance
protection against ROP attacks, and can be viewed as part of a wider
trend to harden binaries.

It is similar to the option --enable-host-shared, except that --e-h-s
won't add -shared to the linker flags whereas --e-h-p will add -pie.
It is different from --enable-default-pie because that option just
adds an implicit -fPIE/-pie when the compiler is invoked, but the
compiler itself isn't PIE.

Since r12-5768-gfe7c3ecf, PCH works well with PIE, so there are no PCH
regressions.

When building the compiler, the build process may use various in-tree
libraries; these need to be built with -fPIE so that it's possible to
use them when building a PIE.  For instance, when --with-included-gettext
is in effect, intl object files must be compiled with -fPIE.  Similarly,
when building in-tree gmp, isl, mpfr and mpc, they must be compiled with
-fPIE.

I plan to add an option to link with -Wl,-z,now.

ChangeLog:

	* Makefile.def: Pass $(PICFLAG) to AM_CFLAGS for gmp, mpfr, mpc, and
	isl.
	* Makefile.in: Regenerate.
	* Makefile.tpl: Set PICFLAG.
	* configure.ac (--enable-host-pie): New check.  Set PICFLAG after this
	check.
	* configure: Regenerate.

c++tools/ChangeLog:

	* Makefile.in: Rename PIEFLAG to PICFLAG.  Set LD_PICFLAG.  Use it.
	Use pic/libiberty.a if PICFLAG is set.
	* configure.ac (--enable-default-pie): Set PICFLAG instead of PIEFLAG.
	(--enable-host-pie): New check.
	* configure: Regenerate.

fixincludes/ChangeLog:

	* Makefile.in: Set and use PICFLAG and LD_PICFLAG.  Use the "pic"
	build of libiberty if PICFLAG is set.
	* configure.ac:
	* configure: Regenerate.

gcc/ChangeLog:

	* Makefile.in: Set LD_PICFLAG.  Use it.  Set enable_host_pie.
	Remove NO_PIE_CFLAGS and NO_PIE_FLAG.  Pass LD_PICFLAG to
	ALL_LINKERFLAGS.  Use the "pic" build of libiberty if --enable-host-pie.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
	check.
	* configure: Regenerate.
	* doc/install.texi: Document --enable-host-pie.

gcc/d/ChangeLog:

	* Make-lang.in: Remove NO_PIE_CFLAGS.

intl/ChangeLog:

	* Makefile.in: Use @PICFLAG@ in COMPILE as well.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libcody/ChangeLog:

	* Makefile.in: Pass LD_PICFLAG to LDFLAGS.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
	check.
	* configure: Regenerate.

libcpp/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libdecnumber/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libiberty/ChangeLog:

	* configure.ac: Also set shared when enable_host_pie.
	* configure: Regenerate.

zlib/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

2 files changed, 42 insertions, 7 deletions

diff --git a/zlib/configure b/zlib/configure
index e35ac6e..77be6c2 100755
--- a/zlib/configure
+++ b/zlib/configure
@@ -635,6 +635,8 @@ am__EXEEXT_TRUE
 LTLIBOBJS
 LIBOBJS
 PICFLAG
+enable_host_pie
+enable_host_shared
 TARGET_LIBRARY_FALSE
 TARGET_LIBRARY_TRUE
 toolexeclibdir
@@ -778,6 +780,7 @@ with_gnu_ld
 enable_libtool_lock
 with_toolexeclibdir
 enable_host_shared
+enable_host_pie
 '
       ac_precious_vars='build_alias
 host_alias
@@ -1420,6 +1423,7 @@ Optional Features:
                           optimize for fast installation [default=yes]
   --disable-libtool-lock  avoid locking (might break parallel builds)
   --enable-host-shared    build host code as shared libraries
+  --enable-host-pie       build host code as PIE
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -10759,7 +10763,7 @@ else
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 10762 "configure"
+#line 10778 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -10865,7 +10869,7 @@ else
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 10868 "configure"
+#line 10884 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -11548,15 +11552,31 @@ else
   multilib_arg=
 fi
 
+# Enable --enable-host-shared.
 # Check whether --enable-host-shared was given.
 if test "${enable_host_shared+set}" = set; then :
-  enableval=$enable_host_shared; PICFLAG=-fPIC
+  enableval=$enable_host_shared;
+fi
+
+
+
+# Enable --enable-host-pie.
+# Check whether --enable-host-pie was given.
+if test "${enable_host_pie+set}" = set; then :
+  enableval=$enable_host_pie;
+fi
+
+
+
+if test x$enable_host_shared = xyes; then
+  PICFLAG=-fPIC
+elif test x$enable_host_pie = xyes; then
+  PICFLAG=-fPIE
 else
   PICFLAG=
 fi
 
 
-
 ac_config_files="$ac_config_files Makefile"
 
 cat >confcache <<\_ACEOF
diff --git a/zlib/configure.ac b/zlib/configure.ac
index be1cfe2..adf7aad 100644
--- a/zlib/configure.ac
+++ b/zlib/configure.ac
@@ -122,11 +122,26 @@ else
   multilib_arg=
 fi
 
+# Enable --enable-host-shared.
 AC_ARG_ENABLE(host-shared,
 [AS_HELP_STRING([--enable-host-shared],
-		[build host code as shared libraries])],
-[PICFLAG=-fPIC], [PICFLAG=])
-AC_SUBST(PICFLAG)
+		[build host code as shared libraries])])
+AC_SUBST(enable_host_shared)
+
+# Enable --enable-host-pie.
+AC_ARG_ENABLE(host-pie,
+[AS_HELP_STRING([--enable-host-pie],
+		[build host code as PIE])])
+AC_SUBST(enable_host_pie)
+
+if test x$enable_host_shared = xyes; then
+  PICFLAG=-fPIC
+elif test x$enable_host_pie = xyes; then
+  PICFLAG=-fPIE
+else
+  PICFLAG=
+fi
 
+AC_SUBST(PICFLAG)
 AC_CONFIG_FILES([Makefile])
 AC_OUTPUT