aboutsummaryrefslogtreecommitdiff
path: root/libcody/Makefile.in
AgeCommit message (Collapse)AuthorFilesLines
2023-06-15configure: Implement --enable-host-pieMarek Polacek1-1/+1
[ This is my third attempt to add this configure option. The first version was approved but it came too late in the development cycle. The second version was also approved, but I had to revert it: <https://gcc.gnu.org/pipermail/gcc-patches/2022-November/607082.html>. I've fixed the problem (by moving $(PICFLAG) from INTERNAL_CFLAGS to ALL_COMPILERFLAGS). Another change is that since r13-4536 I no longer need to touch Makefile.def, so this patch is simplified. ] This patch implements the --enable-host-pie configure option which makes the compiler executables PIE. This can be used to enhance protection against ROP attacks, and can be viewed as part of a wider trend to harden binaries. It is similar to the option --enable-host-shared, except that --e-h-s won't add -shared to the linker flags whereas --e-h-p will add -pie. It is different from --enable-default-pie because that option just adds an implicit -fPIE/-pie when the compiler is invoked, but the compiler itself isn't PIE. Since r12-5768-gfe7c3ecf, PCH works well with PIE, so there are no PCH regressions. When building the compiler, the build process may use various in-tree libraries; these need to be built with -fPIE so that it's possible to use them when building a PIE. For instance, when --with-included-gettext is in effect, intl object files must be compiled with -fPIE. Similarly, when building in-tree gmp, isl, mpfr and mpc, they must be compiled with -fPIE. With this patch and --enable-host-pie used to configure gcc: $ file gcc/cc1{,plus,obj,gm2} gcc/f951 gcc/lto1 gcc/cpp gcc/go1 gcc/rust1 gcc/gnat1 gcc/cc1: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=98e22cde129d304aa6f33e61b1c39e144aeb135e, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/cc1plus: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=859d1ea37e43dfe50c18fd4e3dd9a34bb1db8f77, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/cc1obj: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=1964f8ecee6163182bc26134e2ac1f324816e434, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/cc1gm2: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=a396672c7ff913d21855829202e7b02ecf42ff4c, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/f951: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=59c523db893186547ac75c7a71f48be0a461c06b, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/lto1: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=084a7b77df7be2d63c2d4c655b5bbc3fcdb6038d, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/cpp: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=3503bf8390d219a10d6653b8560aa21158132168, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/go1: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=988cc673af4fba5dcb482f4b34957b99050a68c5, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/rust1: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=b6a5d3d514446c4dcdee0707f086ab9b274a8a3c, for GNU/Linux 3.2.0, with debug_info, not stripped gcc/gnat1: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=bb11ccdc2c366fe3fe0980476bcd8ca19b67f9dc, for GNU/Linux 3.2.0, with debug_info, not stripped I plan to add an option to link with -Wl,-z,now. Bootstrapped on x86_64-pc-linux-gnu with --with-included-gettext --enable-host-pie as well as without --enable-host-pie. Also tested on a Debian system where the system gcc was configured with --enable-default-pie. Co-Authored by: Iain Sandoe <iain@sandoe.co.uk> ChangeLog: * configure.ac (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. c++tools/ChangeLog: * Makefile.in: Rename PIEFLAG to PICFLAG. Set LD_PICFLAG. Use it. Use pic/libiberty.a if PICFLAG is set. * configure.ac (--enable-default-pie): Set PICFLAG instead of PIEFLAG. (--enable-host-pie): New check. * configure: Regenerate. fixincludes/ChangeLog: * Makefile.in: Set and use PICFLAG and LD_PICFLAG. Use the "pic" build of libiberty if PICFLAG is set. * configure.ac: * configure: Regenerate. gcc/ChangeLog: * Makefile.in: Set LD_PICFLAG. Use it. Set enable_host_pie. Remove NO_PIE_CFLAGS and NO_PIE_FLAG. Pass LD_PICFLAG to ALL_LINKERFLAGS. Use the "pic" build of libiberty if --enable-host-pie. * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG and LD_PICFLAG after this check. * configure: Regenerate. * doc/install.texi: Document --enable-host-pie. gcc/ada/ChangeLog: * gcc-interface/Make-lang.in (ALL_ADAFLAGS): Remove NO_PIE_CFLAGS. Add PICFLAG. Use PICFLAG when building ada/b_gnat1.o and ada/b_gnatb.o. * gcc-interface/Makefile.in: Use pic/libiberty.a if PICFLAG is set. Remove NO_PIE_FLAG. gcc/m2/ChangeLog: * Make-lang.in: New var, GM2_PICFLAGS. Use it. gcc/d/ChangeLog: * Make-lang.in: Remove NO_PIE_CFLAGS. intl/ChangeLog: * Makefile.in: Use @PICFLAG@ in COMPILE as well. * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. libcody/ChangeLog: * Makefile.in: Pass LD_PICFLAG to LDFLAGS. * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG and LD_PICFLAG after this check. * configure: Regenerate. libcpp/ChangeLog: * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. libdecnumber/ChangeLog: * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. libiberty/ChangeLog: * configure.ac: Also set shared when enable_host_pie. * configure: Regenerate. zlib/ChangeLog: * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate.
2022-11-22Revert "configure: Implement --enable-host-pie"Marek Polacek1-1/+1
This reverts commit 251c72a68af3a8b0638705b73ef120ffdf0053eb.
2022-11-22configure: Implement --enable-host-pieMarek Polacek1-1/+1
This patch implements the --enable-host-pie configure option which makes the compiler executables PIE. This can be used to enhance protection against ROP attacks, and can be viewed as part of a wider trend to harden binaries. It is similar to the option --enable-host-shared, except that --e-h-s won't add -shared to the linker flags whereas --e-h-p will add -pie. It is different from --enable-default-pie because that option just adds an implicit -fPIE/-pie when the compiler is invoked, but the compiler itself isn't PIE. Since r12-5768-gfe7c3ecf, PCH works well with PIE, so there are no PCH regressions. When building the compiler, the build process may use various in-tree libraries; these need to be built with -fPIE so that it's possible to use them when building a PIE. For instance, when --with-included-gettext is in effect, intl object files must be compiled with -fPIE. Similarly, when building in-tree gmp, isl, mpfr and mpc, they must be compiled with -fPIE. I plan to add an option to link with -Wl,-z,now. ChangeLog: * Makefile.def: Pass $(PICFLAG) to AM_CFLAGS for gmp, mpfr, mpc, and isl. * Makefile.in: Regenerate. * Makefile.tpl: Set PICFLAG. * configure.ac (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. c++tools/ChangeLog: * Makefile.in: Rename PIEFLAG to PICFLAG. Set LD_PICFLAG. Use it. Use pic/libiberty.a if PICFLAG is set. * configure.ac (--enable-default-pie): Set PICFLAG instead of PIEFLAG. (--enable-host-pie): New check. * configure: Regenerate. fixincludes/ChangeLog: * Makefile.in: Set and use PICFLAG and LD_PICFLAG. Use the "pic" build of libiberty if PICFLAG is set. * configure.ac: * configure: Regenerate. gcc/ChangeLog: * Makefile.in: Set LD_PICFLAG. Use it. Set enable_host_pie. Remove NO_PIE_CFLAGS and NO_PIE_FLAG. Pass LD_PICFLAG to ALL_LINKERFLAGS. Use the "pic" build of libiberty if --enable-host-pie. * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG and LD_PICFLAG after this check. * configure: Regenerate. * doc/install.texi: Document --enable-host-pie. gcc/d/ChangeLog: * Make-lang.in: Remove NO_PIE_CFLAGS. intl/ChangeLog: * Makefile.in: Use @PICFLAG@ in COMPILE as well. * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. libcody/ChangeLog: * Makefile.in: Pass LD_PICFLAG to LDFLAGS. * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG and LD_PICFLAG after this check. * configure: Regenerate. libcpp/ChangeLog: * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. libdecnumber/ChangeLog: * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate. libiberty/ChangeLog: * configure.ac: Also set shared when enable_host_pie. * configure: Regenerate. zlib/ChangeLog: * configure.ac (--enable-host-shared): Don't set PICFLAG here. (--enable-host-pie): New check. Set PICFLAG after this check. * configure: Regenerate.
2022-06-03libcody: fix nonportable shell code in revision.stamp build ruleAlexandre Oliva1-2/+2
Two non-portable shell constructs have been long present in libcody's build rule for revision.stamp: $() instead of ``, and += to append to a shell variable. The former seems to work even when bash is operating as /bin/sh, but += doesn't, and it ends up trying to run revision+=M as a command name, and issuing an error as that command is (hopefully) not found. This patch replaces both constructs with more portable ones. for libcody/ChangeLog * Makefile.in (revision.stamp): Replace $() and += with more portable shell constructs.
2021-11-01libcody: add mostlyclean Makefile targetMartin Liska1-6/+14
PR other/102657 libcody/ChangeLog: * Makefile.in: Add mostlyclean Makefile target.
2021-01-12libcody: Simplify configure [PR 98414, 98509]Nathan Sidwell1-86/+35
Libcody's configurey was overly 'clever'. That didn't play well with GCC's structure. This removes lots of that overengineering, using libcpp as an example. libcody/ * Makefile.in: Remove auto parallelize, swallow Makesub.in. Don't check compiler name here. * Makesub.in: Delete. * build-aux/config.guess: Delete. * build-aux/config.sub: Delete. * build-aux/install-sh: Delete. * dox.cfg.in: Delete. * gdbinit.in: Delete. * internal.hh (BuildNote): Delete. * fatal.cc (BuildNote): Delete. * config.m4: Remove unneeded fns. * configure.ac: Remove unneccessary checks and configures. * configure: Rebuilt. * config.h.in: Rebuilt.
2020-12-23libcody: Remove testsuite [PR 98318]Nathan Sidwell1-1/+1
libcody's testsuite is not very portable, and is testing a host library, so will do weird things on cross compiling, I think. Let's just drop it. libcody/ * Makefile.in (LDFLAGS): Drop -L.. * tests/01-serialize/connect.cc: Delete. * tests/01-serialize/decoder.cc: Delete. * tests/01-serialize/encoder.cc: Delete. * tests/02-comms/client-1.cc: Delete. * tests/02-comms/pivot-1.cc: Delete. * tests/02-comms/server-1.cc: Delete. * tests/Makesub.in: Delete. * tests/jouster: Delete.
2020-12-21libcody: Add ranlibNathan Sidwell1-0/+1
Add RANLIB. libcody/ * Makefile.in (RANLIB): New var. * Makesub.in (libcody.a): Apply RANLIB. * configure.ac: Call AC_PROG_RANLIB. * configure: Rebuilt.
2020-12-17libcody: Allow PIC [PR 98324]Nathan Sidwell1-1/+1
While this doesn't fix 98324, it was an omission. Cribbed code from libcpp to build libcody as PIC. libcody/ * configure.ac: Add --enable-host-shared. * Makefile.in: Add FLAGPIC. * configure: Regenerated.
2020-12-15libcody: Work with older gccsNathan Sidwell1-1/+5
Older GCCs don't have all the exciting options we have now. let's just turn them off. libcody/ * Makefile.in: Disable some flags.
2020-12-15Add libcodyNathan Sidwell1-0/+187
In order to separate compiler from build system, C++ Modules, as implemented in GCC introduces a communication channel between those two entities. This is implemented by libcody. It is anticipated that other implementations will also implement this protocol, or use libcody to provide it. * Makefile.def: Add libcody. * configure.ac: Add libcody. * Makefile.in: Regenerated. * configure: Regenerated. gcc/ * Makefile.in (CODYINC, CODYLIB, CODYLIB_H): New. Use them. libcody/ * configure.ac: New. * CMakeLists.txt: New. * CODING.md: New. * CONTRIB.md: New. * LICENSE: New. * LICENSE.gcc: New. * Makefile.in: New. * Makesub.in: New. * README.md: New. * buffer.cc: New. * build-aux/config.guess: New. * build-aux/config.sub: New. * build-aux/install-sh: New. * client.cc: New. * cmake/libcody-config-ix.cmake * cody.hh: New. * config.h.in: New. * config.m4: New. * configure: New. * configure.ac: New. * dox.cfg.in: New. * fatal.cc: New. * gdbinit.in: New. * internal.hh: New. * netclient.cc: New. * netserver.cc: New. * packet.cc: New. * resolver.cc: New. * server.cc: New. * tests/01-serialize/connect.cc: New. * tests/01-serialize/decoder.cc: New. * tests/01-serialize/encoder.cc: New. * tests/02-comms/client-1.cc: New. * tests/02-comms/pivot-1.cc: New. * tests/02-comms/server-1.cc: New. * tests/Makesub.in: New. * tests/jouster: New.
generated by cgit v1.1 at 2024-10-03 18:05:55 +0000