summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--system/gcc/001_all_default-ssp-strong.patch215
-rw-r--r--system/gcc/APKBUILD4
2 files changed, 2 insertions, 217 deletions
diff --git a/system/gcc/001_all_default-ssp-strong.patch b/system/gcc/001_all_default-ssp-strong.patch
deleted file mode 100644
index 95949eb00..000000000
--- a/system/gcc/001_all_default-ssp-strong.patch
+++ /dev/null
@@ -1,215 +0,0 @@
-# DP: Turn on -fstack-protector by default for C, C++, ObjC, ObjC++.
-# DP: Build libgcc using -fno-stack-protector.
-
----
- gcc/Makefile.in | 2 ++
- gcc/cp/lang-specs.h | 6 +++---
- gcc/doc/invoke.texi | 4 ++++
- gcc/gcc.c | 18 ++++++++++++++----
- gcc/objc/lang-specs.h | 10 +++++-----
- gcc/objcp/lang-specs.h | 8 ++++----
- 6 files changed, 32 insertions(+), 16 deletions(-)
-
-Index: b/gcc/gcc.c
-===================================================================
---- a/gcc/gcc.c
-+++ b/gcc/gcc.c
-@@ -858,6 +858,14 @@ proper position among the other output f
- #define LINK_GCC_C_SEQUENCE_SPEC "%G %L %G"
- #endif
-
-+#ifndef SSP_DEFAULT_SPEC
-+#ifdef TARGET_LIBC_PROVIDES_SSP
-+#define SSP_DEFAULT_SPEC "%{!fno-stack-protector:%{!fstack-protector-all:%{!ffreestanding:%{!nostdlib:%{!fstack-protector:-fstack-protector-strong}}}}}"
-+#else
-+#define SSP_DEFAULT_SPEC ""
-+#endif
-+#endif
-+
- #ifndef LINK_SSP_SPEC
- #ifdef TARGET_LIBC_PROVIDES_SSP
- #define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all" \
-@@ -1057,6 +1065,7 @@ static const char *cc1_spec = CC1_SPEC;
- static const char *cc1plus_spec = CC1PLUS_SPEC;
- static const char *link_gcc_c_sequence_spec = LINK_GCC_C_SEQUENCE_SPEC;
- static const char *link_ssp_spec = LINK_SSP_SPEC;
-+static const char *ssp_default_spec = SSP_DEFAULT_SPEC;
- static const char *asm_spec = ASM_SPEC;
- static const char *asm_final_spec = ASM_FINAL_SPEC;
- static const char *link_spec = LINK_SPEC;
-@@ -1112,7 +1121,7 @@ static const char *cpp_unique_options =
- static const char *cpp_options =
- "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\
- %{f*} %{g*:%{!g0:%{g*} %{!fno-working-directory:-fworking-directory}}} %{O*}\
-- %{undef} %{save-temps*:-fpch-preprocess}";
-+ %{undef} %{save-temps*:-fpch-preprocess} %(ssp_default)";
-
- /* This contains cpp options which are not passed when the preprocessor
- output will be used by another program. */
-@@ -1301,9 +1310,9 @@ static const struct compiler default_com
- %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \
- %(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\
- cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \
-- %(cc1_options)}\
-+ %(cc1_options) %(ssp_default)}\
- %{!save-temps*:%{!traditional-cpp:%{!no-integrated-cpp:\
-- cc1 %(cpp_unique_options) %(cc1_options)}}}\
-+ cc1 %(cpp_unique_options) %(cc1_options) %(ssp_default)}}}\
- %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 1},
- {"-",
- "%{!E:%e-E or -x required when input is from standard input}\
-@@ -1328,7 +1337,7 @@ static const struct compiler default_com
- %W{o*:--output-pch=%*}}%V}}}}}}}", 0, 0, 0},
- {".i", "@cpp-output", 0, 0, 0},
- {"@cpp-output",
-- "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
-+ "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %(ssp_default) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
- {".s", "@assembler", 0, 0, 0},
- {"@assembler",
- "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0},
-@@ -1560,6 +1569,7 @@ static struct spec_list static_specs[] =
- INIT_STATIC_SPEC ("cc1plus", &cc1plus_spec),
- INIT_STATIC_SPEC ("link_gcc_c_sequence", &link_gcc_c_sequence_spec),
- INIT_STATIC_SPEC ("link_ssp", &link_ssp_spec),
-+ INIT_STATIC_SPEC ("ssp_default", &ssp_default_spec),
- INIT_STATIC_SPEC ("endfile", &endfile_spec),
- INIT_STATIC_SPEC ("link", &link_spec),
- INIT_STATIC_SPEC ("lib", &lib_spec),
-Index: b/gcc/cp/lang-specs.h
-===================================================================
---- a/gcc/cp/lang-specs.h
-+++ b/gcc/cp/lang-specs.h
-@@ -46,7 +46,7 @@ along with GCC; see the file COPYING3.
- %(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\
- cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\
- %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
-- %(cc1_options) %2\
-+ %(cc1_options) %(ssp_default) %2\
- %{!fsyntax-only:-o %g.s \
- %{!fdump-ada-spec*:%{!o*:--output-pch=%i.gch}\
- %W{o*:--output-pch=%*}}%V}}}}",
-@@ -58,11 +58,11 @@ along with GCC; see the file COPYING3.
- %(cpp_options) %2 -o %{save-temps*:%b.ii} %{!save-temps*:%g.ii} \n}\
- cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}\
- %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
-- %(cc1_options) %2\
-+ %(cc1_options) %(ssp_default) %2\
- %{!fsyntax-only:%(invoke_as)}}}}",
- CPLUSPLUS_CPP_SPEC, 0, 0},
- {".ii", "@c++-cpp-output", 0, 0, 0},
- {"@c++-cpp-output",
- "%{!M:%{!MM:%{!E:\
-- cc1plus -fpreprocessed %i %(cc1_options) %2\
-+ cc1plus -fpreprocessed %i %(cc1_options) %(ssp_default) %2\
- %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
-Index: b/gcc/params.def
-===================================================================
---- a/gcc/params.def
-+++ b/gcc/params.def
-@@ -673,7 +673,7 @@ DEFPARAM (PARAM_INTEGER_SHARE_LIMIT,
- DEFPARAM (PARAM_SSP_BUFFER_SIZE,
- "ssp-buffer-size",
- "The lower bound for a buffer to be considered for stack smashing protection.",
-- 8, 1, 0)
-+ 4, 1, 0)
-
- DEFPARAM (PARAM_MIN_SIZE_FOR_STACK_SHARING,
- "min-size-for-stack-sharing",
-Index: b/gcc/objc/lang-specs.h
-===================================================================
---- a/gcc/objc/lang-specs.h
-+++ b/gcc/objc/lang-specs.h
-@@ -29,9 +29,9 @@ along with GCC; see the file COPYING3.
- %{traditional|traditional-cpp:\
- %eGNU Objective C no longer supports traditional compilation}\
- %{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
-- cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}\
-+ cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}}\
- %{!save-temps*:%{!no-integrated-cpp:\
-- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}}\
-+ cc1obj %(cpp_unique_options) %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}}}\
- %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
- {"@objective-c-header",
- "%{E|M|MM:cc1obj -E %{traditional|traditional-cpp:-traditional-cpp}\
-@@ -40,18 +40,18 @@ along with GCC; see the file COPYING3.
- %{traditional|traditional-cpp:\
- %eGNU Objective C no longer supports traditional compilation}\
- %{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
-- cc1obj -fpreprocessed %b.mi %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
-+ cc1obj -fpreprocessed %b.mi %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\
- -o %g.s %{!o*:--output-pch=%i.gch}\
- %W{o*:--output-pch=%*}%V}\
- %{!save-temps*:%{!no-integrated-cpp:\
-- cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
-+ cc1obj %(cpp_unique_options) %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\
- -o %g.s %{!o*:--output-pch=%i.gch}\
- %W{o*:--output-pch=%*}%V}}}}}", 0, 0, 0},
- {".mi", "@objective-c-cpp-output", 0, 0, 0},
- {"@objective-c-cpp-output",
-- "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
-+ "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\
- %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
- {"@objc-cpp-output",
- "%nobjc-cpp-output is deprecated; please use objective-c-cpp-output instead\n\
-- %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
-+ %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(ssp_default) %{print-objc-runtime-info} %{gen-decls}\
- %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
-Index: b/gcc/objcp/lang-specs.h
-===================================================================
---- a/gcc/objcp/lang-specs.h
-+++ b/gcc/objcp/lang-specs.h
-@@ -36,7 +36,7 @@ along with GCC; see the file COPYING3.
- %(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
- cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
- %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
-- %(cc1_options) %2\
-+ %(cc1_options) %(ssp_default) %2\
- -o %g.s %{!o*:--output-pch=%i.gch} %W{o*:--output-pch=%*}%V}}}",
- CPLUSPLUS_CPP_SPEC, 0, 0},
- {"@objective-c++",
-@@ -46,16 +46,16 @@ along with GCC; see the file COPYING3.
- %(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
- cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
- %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
-- %(cc1_options) %2\
-+ %(cc1_options) %(ssp_default) %2\
- %{!fsyntax-only:%(invoke_as)}}}}",
- CPLUSPLUS_CPP_SPEC, 0, 0},
- {".mii", "@objective-c++-cpp-output", 0, 0, 0},
- {"@objective-c++-cpp-output",
- "%{!M:%{!MM:%{!E:\
-- cc1objplus -fpreprocessed %i %(cc1_options) %2\
-+ cc1objplus -fpreprocessed %i %(cc1_options) %(ssp_default) %2\
- %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
- {"@objc++-cpp-output",
- "%nobjc++-cpp-output is deprecated; please use objective-c++-cpp-output instead\n\
- %{!M:%{!MM:%{!E:\
-- cc1objplus -fpreprocessed %i %(cc1_options) %2\
-+ cc1objplus -fpreprocessed %i %(cc1_options) %(ssp_default) %2\
- %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
-Index: b/gcc/doc/invoke.texi
-===================================================================
---- a/gcc/doc/invoke.texi
-+++ b/gcc/doc/invoke.texi
-@@ -9247,6 +9247,9 @@
- The minimum size of variables taking part in stack slot sharing when not
- optimizing. The default value is 32.
-
-+The Alpine Linux default is "4", to increase
-+the number of functions protected by the stack protector.
-+
- @item max-jump-thread-duplication-stmts
- Maximum number of statements allowed in a block that needs to be
- duplicated when threading jumps.
-@@ -10185,6 +10188,11 @@
- Like @option{-fstack-protector} but includes additional functions to
- be protected --- those that have local array definitions, or have
- references to local frame addresses.
-+
-+NOTE: In Alpine Linux,
-+@option{-fstack-protector-strong} is enabled by default for C,
-+C++, ObjC, ObjC++, if none of @option{-fno-stack-protector},
-+@option{-nostdlib}, nor @option{-ffreestanding} are found.
-
- @item -fstack-protector-explicit
- @opindex fstack-protector-explicit
diff --git a/system/gcc/APKBUILD b/system/gcc/APKBUILD
index f95655eb6..fdac8dbf6 100644
--- a/system/gcc/APKBUILD
+++ b/system/gcc/APKBUILD
@@ -146,7 +146,6 @@ source="https://ftp.gnu.org/gnu/gcc/gcc-$pkgver/gcc-$pkgver.tar.xz
0011-m68k.patch
0012-static-pie.patch
- 001_all_default-ssp-strong.patch
002_all_default-relro.patch
005_all_default-as-needed.patch
011_all_default-warn-format-security.patch
@@ -288,11 +287,13 @@ build() {
--enable-checking=release \
--disable-fixed-point \
--disable-libstdcxx-pch \
+ --disable-multiarch \
--disable-multilib \
--disable-werror \
$_symvers \
--enable-__cxa_atexit \
--enable-default-pie \
+ --enable-default-ssp \
--enable-cloog-backend \
--enable-languages=$_languages \
$_arch_configure \
@@ -535,7 +536,6 @@ b8207c1be82b20fdad2596bb0a60469db52257456d0925bacf48b44899f4c6ece93c501347e1ffe9
66085c5555e6b91b6874d1782d5a1dc0ab1792889f9400f48cde9483f82b51b9e3a5de1efbba21a19fc5e664334f2188d0c2bc988d42335efa26118b3c85cc7f 0010-ldbl128-config.patch
cd3ba928121e8578ba9f73215e4d81ee3ebbab33e00b04cdfd62b46d21f9536297ae12dc021aad6e56f3b28d9d544727331bbe6db1e3438d7b9545b2c3250906 0011-m68k.patch
45d5bc11a89e5af77503ca06eec52d6d84e6fea0be021aaee1bcc39f8dd3c7b4baa4200cfa2b0688faa0f207d005db89c029eff32f362207aa3d2365b2f2363e 0012-static-pie.patch
-a1335adc2fbee98e36c4437ff2587771b98ed4180726779020f65039498235626a411cdb0100dbd20cd19d12f0d94f9a21af179ff624676c28cead9d60598b5d 001_all_default-ssp-strong.patch
625c02e03c2f1db04da12cc6a086ec85790a031a13df36486243fd9569cd17f7c8ebeec91ac16cc1f87c3ec1ffe4c421153e98a9aeb5eea35943a6f015d81f50 002_all_default-relro.patch
02b725b220e540077efef741e9d457f9e004fe53ae642a138e214875d076a60f7c2f27de0ed9a4225db2030fc9c3d2c5b0414c895b9eec0f5f48fad70e2fb029 005_all_default-as-needed.patch
622fdbcbbf2feb86bd839af627ec3613c6d2c77b14d37d31165b19f73f45b3663a203efff5d224f194edb15eb62d3d5885e32f85d1b584f071e580fea4e12664 011_all_default-warn-format-security.patch